Jump to content

Waxingcrescent

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral
  1. C:\Documents and Settings\Käyttäjä\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\41\24159169-380586c8 multiple threats cleaned by deleting - quarantined C:\Documents and Settings\Käyttäjä\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\53\3925b535-6a76414d multiple threats cleaned by deleting - quarantined C:\Documents and Settings\Käyttäjä\Omat tiedostot\Downloads\SpyHunter 4.12.13.4202_inamsoftwares.com_onhax.com_softexellence.com.rar a variant of Win32/HackTool.Patcher.T application deleted - quarantined C:\Program Files\Enigma Software Group\SpyHunter\Patch\SND.rar a variant of Win32/HackTool.Patcher.T application deleted - quarantined C:\Program Files\Enigma Software Group\SpyHunter\Patch\SND\patch.exe a variant of Win32/HackTool.Patcher.T application cleaned by deleting - quarantined C:\System Volume Information\_restore{2ABC3CFE-7EDB-483A-911A-AE06198072C1}\RP1298\A0111893.exe a variant of Win32/Somoto.A application cleaned by deleting - quarantined C:\System Volume Information\_restore{2ABC3CFE-7EDB-483A-911A-AE06198072C1}\RP1298\A0111905.dll a variant of Win32/bProtector.A application cleaned by deleting - quarantined C:\System Volume Information\_restore{2ABC3CFE-7EDB-483A-911A-AE06198072C1}\RP1298\A0111909.exe a variant of Win32/bProtector.A application cleaned by deleting - quarantined C:\System Volume Information\_restore{2ABC3CFE-7EDB-483A-911A-AE06198072C1}\RP1298\A0111910.exe a variant of Win32/bProtector.A application cleaned by deleting - quarantined C:\System Volume Information\_restore{2ABC3CFE-7EDB-483A-911A-AE06198072C1}\RP1298\A0111945.exe a variant of Win32/Bundled.Toolbar.Ask.C application cleaned by deleting - quarantined
  2. https://www.virustotal.com/fi/file/e6ef0e1262a2e51c20f6aace20af43a36d07f7e8d47cef4f4d1e72d0199dbaeb/analysis/1371928108/
  3. ComboFix 13-06-22.01 - Käyttäjä 22.06.2013 18:59:56.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.358.1035.18.2045.1566 [GMT 3:00] Sijainti: d:\sõõdetõõs tõõ balrog nyt\ComboFix.exe AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((((((((((((((((((((( Muut poistot )))))))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Käyttäjä\Application Data\Microsoft\~DFK51c46c3.tmp c:\documents and settings\Käyttäjä\Application Data\Microsoft\1eaadjc.dll c:\documents and settings\Käyttäjä\Application Data\Microsoft\bass.dll c:\documents and settings\Käyttäjä\Application Data\Microsoft\kfgresk.dll c:\documents and settings\Käyttäjä\Application Data\Microsoft\mjcriu.dll c:\documents and settings\Käyttäjä\Application Data\Microsoft\peaadje.dll c:\documents and settings\Käyttäjä\Application Data\Microsoft\qwadjb.dll c:\documents and settings\Käyttäjä\Application Data\Microsoft\rsaadjd.dll c:\windows\apppatch\AppLoc.exe c:\windows\apppatch\AppLocA.exe c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb c:\windows\apppatch\unins000.dat c:\windows\apppatch\unins000.exe E:\install.exe . . ((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2013-05-22 to 2013-06-22 ))))))))))))))))) . . 2013-06-22 12:41 . 2013-06-22 12:41 -------- d-----w- c:\windows\ERUNT 2013-06-22 12:41 . 2013-06-22 12:41 -------- d-----w- C:\JRT 2013-06-22 10:10 . 2013-06-22 10:10 -------- d-----w- c:\documents and settings\Käyttäjä\Application Data\AVG2013 2013-06-22 10:09 . 2013-06-22 10:09 -------- d-----w- c:\documents and settings\Käyttäjä\Application Data\TuneUp Software 2013-06-22 10:08 . 2013-06-22 10:08 -------- d-----w- C:\$AVG 2013-06-22 10:08 . 2013-06-22 10:09 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2013 2013-06-22 10:04 . 2013-06-22 10:38 -------- d-----w- c:\documents and settings\Käyttäjä\Local Settings\Application Data\Avg2013 2013-06-22 10:04 . 2013-06-22 10:04 -------- d-----w- c:\documents and settings\Käyttäjä\Local Settings\Application Data\MFAData 2013-06-22 09:10 . 2013-06-22 09:11 -------- d-----w- c:\program files\ERUNT 2013-06-22 08:58 . 2013-06-22 08:58 -------- d-----w- c:\program files\Common Files\Java 2013-06-22 08:58 . 2013-06-22 08:58 144896 ----a-w- c:\windows\system32\javacpl.cpl 2013-06-22 08:58 . 2013-06-22 08:58 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-06-22 08:30 . 2013-06-22 08:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable) 2013-06-22 07:49 . 2013-06-22 07:49 -------- d-----w- c:\documents and settings\Käyttäjä\Application Data\Malwarebytes 2013-06-22 07:48 . 2013-06-22 07:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2013-06-22 07:48 . 2013-04-04 11:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-20 09:08 . 2013-06-20 09:08 -------- d-----w- c:\program files\Microsoft Chart Controls 2013-06-20 09:06 . 2013-06-20 09:07 -------- d-----w- C:\Documents 2013-06-20 09:04 . 2013-06-20 09:04 -------- d-----w- c:\program files\Hi-Rez Studios 2013-06-19 11:40 . 2013-06-20 09:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Hi-Rez Studios 2013-06-19 11:21 . 2013-06-19 11:21 -------- d-----w- C:\ProgramData 2013-06-19 10:46 . 2013-06-19 10:47 -------- d-----w- c:\documents and settings\Käyttäjä\Local Settings\Application Data\Akamai 2013-06-19 10:46 . 2013-06-19 10:46 -------- d-----w- C:\AeriaGames 2013-06-17 20:11 . 2013-05-28 13:05 163328 ----a-w- c:\windows\system32\FlashPlayerUpdateService.exe 2013-06-14 12:19 . 2013-05-09 08:58 229648 ----a-w- c:\windows\system32\aswBoot.exe 2013-06-14 12:18 . 2013-06-14 12:18 -------- d-----w- c:\program files\AVAST Software 2013-06-14 12:17 . 2013-06-22 10:20 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software 2013-06-14 11:44 . 2013-06-14 11:44 -------- d-----w- c:\program files\Enigma Software Group 2013-06-14 11:43 . 2013-06-14 12:06 -------- d-----w- c:\windows\46B04D534E344388B6EE80FAB66AEF9B.TMP 2013-06-14 11:08 . 2013-06-14 11:38 -------- d-----w- c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP 2013-06-14 09:46 . 2013-06-14 11:05 -------- d-----w- c:\windows\E89498D814304A2BA76A4A71326981E9.TMP 2013-06-13 18:49 . 2013-06-18 12:59 -------- d-----w- c:\documents and settings\Käyttäjä\Application Data\TS3Client 2013-06-11 09:46 . 2013-06-11 09:46 -------- d-----w- c:\program files\TeamSpeak 3 Client 2013-06-08 15:48 . 2013-06-08 15:48 -------- d-----w- c:\documents and settings\Käyttäjä\Local Settings\Application Data\Razer 2013-06-08 11:50 . 2013-06-08 11:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Razer 2013-06-08 11:50 . 2013-06-08 11:50 -------- d-----w- c:\program files\Razer 2013-06-08 00:51 . 2013-06-08 00:51 -------- d-----w- c:\documents and settings\Kõyttõjõ 2013-06-06 15:54 . 2013-06-06 15:54 -------- d-----w- c:\program files\Dropbox 2013-06-06 15:52 . 2013-06-22 15:20 -------- d-----w- c:\documents and settings\Käyttäjä\Application Data\Dropbox 2013-06-06 15:28 . 2013-06-06 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan 2013-06-06 15:28 . 2013-06-06 15:28 -------- d-----w- c:\program files\McAfee Security Scan 2013-06-03 11:07 . 2013-06-03 11:07 -------- d-----w- c:\documents and settings\Käyttäjä\Application Data\ShanghaiAlice 2013-05-27 16:51 . 2013-05-27 16:51 -------- d-----w- c:\documents and settings\Käyttäjä\Local Settings\Application Data\NBGI 2013-05-27 16:40 . 2013-05-27 16:40 -------- d-----w- c:\windows\system32\xlive 2013-05-27 16:40 . 2013-05-27 16:40 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2013-05-26 10:43 . 2013-05-26 10:43 -------- d-----w- c:\documents and settings\Käyttäjä\Local Settings\Application Data\DTClient 2013-05-26 10:39 . 2013-05-26 10:39 -------- d-----w- c:\documents and settings\LocalService\Application Data\DAEMON Tools Ultra 2013-05-26 10:38 . 2013-05-26 10:38 24704 ----a-w- c:\windows\system32\drivers\dtscsibus.sys 2013-05-26 10:38 . 2013-05-26 10:39 -------- d-----w- c:\documents and settings\Käyttäjä\Application Data\DAEMON Tools Ultra 2013-05-26 10:38 . 2013-05-26 10:38 -------- d-----w- c:\program files\DAEMON Tools Ultra 2013-05-26 10:37 . 2013-05-26 10:38 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Ultra 2013-05-26 10:21 . 2013-06-19 13:17 -------- d-----w- C:\Gamez 2013-05-26 10:08 . 2013-06-22 12:41 -------- d-----w- c:\documents and settings\Käyttäjä\Application Data\Skype 2013-05-26 10:08 . 2013-05-26 10:08 -------- d-----w- c:\program files\Common Files\Skype 2013-05-26 10:08 . 2013-05-26 10:08 -------- d-----r- c:\program files\Skype 2013-05-25 22:52 . 2013-05-25 22:52 -------- d-----w- c:\documents and settings\All Users\Application Data\ASign 2013-05-25 22:14 . 2013-05-25 22:14 -------- d-----w- c:\documents and settings\Käyttäjä\Application Data\Nitroplus . . . (((((((((((((((((((((((((((((((((((( Find3M-raportti )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-22 08:58 . 2012-06-20 16:19 867240 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-06-22 08:58 . 2011-04-01 14:55 789416 ----a-w- c:\windows\system32\deployJava1.dll 2013-06-12 15:57 . 2012-04-13 10:49 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-06-12 15:57 . 2011-05-17 10:30 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-27 17:13 . 2009-08-18 08:30 564632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll 2013-05-27 17:13 . 2009-08-18 08:24 22240 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-05-25 13:18 . 2011-05-30 13:32 139832 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2013-05-25 13:17 . 2011-05-30 13:51 281768 ----a-w- c:\windows\system32\PnkBstrB.xtr 2013-05-25 13:17 . 2011-05-30 13:31 281768 ----a-w- c:\windows\system32\PnkBstrB.exe 2013-05-22 15:26 . 2011-05-30 13:31 281768 ----a-w- c:\windows\system32\PnkBstrB.ex0 2013-05-07 22:27 . 2010-01-05 12:32 920064 ----a-w- c:\windows\system32\wininet.dll 2013-05-07 22:27 . 2010-01-05 12:31 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-05-07 22:27 . 2010-01-05 12:31 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2013-05-07 21:53 . 2010-01-05 12:31 385024 ----a-w- c:\windows\system32\html.iec 2013-05-03 05:39 . 2010-01-05 12:35 2152448 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-03 05:39 . 2009-08-04 17:23 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-05-02 15:28 . 2011-03-31 12:30 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-04-18 12:32 . 2013-04-14 07:39 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2013-04-12 14:01 . 2010-01-05 12:35 1876608 ----a-w- c:\windows\system32\win32k.sys 2013-03-28 23:53 . 2013-03-28 23:53 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2012-01-30 12:39 . 2011-04-01 10:43 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2010-01-05 . 0DE6E64FFFCEB9D65FE4DAD3BDE081BE . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . (((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet ))))))))))))))))))))))))))))))))))))))))))))) . . *Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\documents and settings\Käyttäjä\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\documents and settings\Käyttäjä\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\documents and settings\Käyttäjä\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-06-05 17:17 130736 ----a-w- c:\documents and settings\Käyttäjä\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Akamai NetSession Interface"="c:\documents and settings\Käyttäjä\Local Settings\Application Data\Akamai\netsession_win.exe" [2013-01-26 4480768] "DAEMON Tools Lite"="d:\daemon tools lite\DTLite.exe" [2013-03-14 3672640] "DAEMON Tools Ultra Agent"="c:\program files\DAEMON Tools Ultra\DTAgent.exe" [2013-05-23 3123744] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-13 131072] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-13 163840] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-13 135168] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-28 4408368] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_3"="advpack.dll" [2010-01-05 128512] . c:\documents and settings\Käyttäjä\Käynnistä-valikko\Ohjelmat\Käynnistys\ Dropbox.lnk - c:\documents and settings\Käyttäjä\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808] ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE %SystemRoot%\ERDNT\AutoBackup\#Date# /noconfirmdelete /noprogresswindow [2005-10-20 38912] . c:\documents and settings\All Users\Käynnistä-valikko\Ohjelmat\Käynnistys\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.285\SSScheduler.exe [2012-9-5 271808] . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\mIRC\\mirc.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\WINDOWS\\system32\\javaw.exe"= "c:\\Program Files\\Java\\jre7\\bin\\java.exe"= "c:\\Documents and Settings\\Käyttäjä\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"= "c:\\Program Files\\Steam\\Steam.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "d:\\Hikihyry\\SteamApps\\common\\dota 2 beta\\dota.exe"= "d:\\Hikihyry\\SteamApps\\common\\Half-Life\\hl.exe"= "c:\\Documents and Settings\\Käyttäjä\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\Steam\\SteamApps\\lari1994\\dedicated server\\hlds.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "57964:TCP"= 57964:TCP:Pando Media Booster "57964:UDP"= 57964:UDP:Pando Media Booster "1039:TCP"= 1039:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface . P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\Hi-Rez Studios\HiPatchService.exe [20.6.2013 12:04 9216] R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [8.2.2013 4:37 60216] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [8.2.2013 4:37 245048] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [8.2.2013 4:37 39224] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [29.3.2013 2:53 208184] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [1.3.2013 10:32 22328] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [8.2.2013 4:37 170808] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [21.3.2013 3:08 182072] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [14.4.2013 10:39 242240] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [18.4.2013 4:34 283136] R3 Disc Soft Bus Service;Disc Soft Bus Service;c:\program files\DAEMON Tools Ultra\DiscSoftBusService.exe [23.5.2013 14:32 632352] R3 dtscsibus;DAEMON Tools Virtual SCSI Bus;c:\windows\system32\drivers\dtscsibus.sys [26.5.2013 13:38 24704] S1 mowfegbz;mowfegbz;\??\c:\windows\system32\drivers\mowfegbz.sys --> c:\windows\system32\drivers\mowfegbz.sys [?] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [14.5.2013 0:54 4937264] S2 dualshock3;DUALSHOCK3 Controller HID Minidriver (USB) Beta;c:\windows\system32\drivers\dualshock3.sys [24.1.2012 16:21 11392] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [19.4.2013 15:14 161384] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [1.9.2011 16:07 33792] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.285\McCHSvc.exe [5.9.2012 18:56 234776] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [10.12.2011 4:35 98672] S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [10.12.2011 4:35 14960] S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [10.12.2011 4:35 124016] S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [10.12.2011 4:35 117872] S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [10.12.2011 4:35 25456] S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [10.12.2011 4:35 113904] S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [10.12.2011 4:35 123504] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-06-20 15:21 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe . 'Ajoitetut tehtävät'-kansion sisältö . 2013-06-22 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 13:05] . 2013-06-22 c:\windows\Tasks\AdobeFlashPlayerUpdate 2.job - c:\windows\system32\FlashPlayerUpdateService.exe [2013-06-17 13:05] . 2013-06-22 c:\windows\Tasks\AdobeFlashPlayerUpdate.job - c:\windows\system32\FlashPlayerUpdateService.exe [2013-06-17 13:05] . 2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2000-12-31 21:15] . 2013-06-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2000-12-31 21:15] . . ------- Täydentävä tarkistus ------- . uInternet Settings,ProxyOverride = <local> TCP: DhcpNameServer = 62.241.198.246 62.241.198.245 FF - ProfilePath - c:\documents and settings\Käyttäjä\Application Data\Mozilla\Firefox\Profiles\1opcxgf4.default\ . - - - - POISTETUT JÄMÄRIVIT - - - - . HKCU-Run-MediaGet2 - c:\documents and settings\Käyttäjä\Local Settings\Application Data\MediaGet2\mediaget.exe HKLM-Run-UnlockerAssistant - c:\program files\Unlocker\UnlockerAssistant.exe AddRemove-MeldaProduction MFreeEffectsBundle 7 - d:\hoh\SAMPLES\Plugins\Effects\MFreeEffectsBundle 7\setup.exe AddRemove-Unofficial Oblivion Patch_is1 - c:\gamez\Oblivion\Unofficial Oblivion Patch\unins000.exe AddRemove-uTorrent - c:\program files\uTorrent\uTorrent.exe AddRemove-{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1 - c:\windows\AppPatch\unins000.exe AddRemove-“Œ•û_—ì•_ ‘ÌŒ±”Å_is1 - c:\gamez\Touhou\Touhou 13\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-06-22 19:05 Windows 5.1.2600 Service Pack 3 NTFS . tarkistaa piilotettuja prosesseja ... . tarkistaa piilotettuja käynnistysarvoja ... . tarkistaa piilotettuja tiedostoja ... . tarkistus on valmis piilotetut tiedostot: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LUKITUT REKISTERIAVAIMET --------------------- . [HKEY_USERS\S-1-5-21-583907252-2000478354-1177238915-1003\Software\SecuROM\License information*] "datasecu"=hex:04,a3,c7,12,24,14,eb,62,8f,c1,a9,8a,a3,2e,b6,7c,ca,86,48,41,87, b0,b2,6f,85,96,53,0e,5d,44,d6,0b,fc,9a,44,3a,17,42,cd,62,2a,2b,58,af,cd,42,\ "rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*] "b049C053C7D38EE4AB9A00CB3B5D2472"="C?\\Program Files\\Common Files\\Microsoft Shared\\Web Folders\\PUBPLACE.HTT" . Valmistumisajankohta: 2013-06-22 19:08:08 ComboFix-quarantined-files.txt 2013-06-22 16:08 . Ennen ajoa: 10 408 132 608 tavua vapaana Ajon jälkeen: 11 438 690 304 tavua vapaana . WindowsXP-KB310994-SP2-Pro-BootDisk-FIN.EXE [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn . - - End Of File - - 2A44C8A2D0C194F1506428505BD31FAE 6573D157A3DFFD65292C07911AC353A2
  4. HRUPPROG.DIE.NOW and the txt file still show up when I reboot. Other than that haven't noticed anything happening yet.
  5. Here they are. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Microsoft Windows XP x86 Ran by K„ytt„j„ on la 22.06.2013 at 15:42:03,12 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{806C1D1B-7631-4AF7-BCD2-AC25A6F0F976} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\ytd video downloader" Successfully deleted: [Folder] "C:\WINDOWS\system32\ai_recyclebin" ~~~ FireFox Successfully deleted: [File] C:\Documents and Settings\K„ytt„j„\Application Data\mozilla\firefox\profiles\1opcxgf4.default\invalidprefs.js ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on la 22.06.2013 at 15:46:06,18 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v2.303 - Logfile created 06/22/2013 at 15:52:08 # Updated 08/06/2013 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Käyttäjä - KALEVO # Boot Mode : Normal # Running from : D:\Säädetääs tää balrog nyt\AdwCleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** ***** [Registry] ***** ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Registry is clean. -\\ Mozilla Firefox v9.0.1 (fi) File : C:\Documents and Settings\Käyttäjä\Application Data\Mozilla\Firefox\Profiles\1opcxgf4.default\prefs.js [OK] File is clean. -\\ Google Chrome v27.0.1453.116 File : C:\Documents and Settings\Käyttäjä\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] File is clean. -\\ Opera v12.15.1748.0 File : C:\Documents and Settings\Käyttäjä\Application Data\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[s1].txt - [358 octets] - [22/06/2013 13:37:31] AdwCleaner[s2].txt - [9667 octets] - [22/06/2013 13:39:38] AdwCleaner[s3].txt - [1128 octets] - [22/06/2013 15:52:08] ########## EOF - C:\AdwCleaner[s3].txt - [1188 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Tietokantaversio: v2013.06.22.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Käyttäjä :: KALEVO [järjestelmänvalvoja] 22.6.2013 15:59:37 mbam-log-2013-06-22 (15-59-37).txt Tarkistustyyppi: Pikatarkistus Tarkistussuodattimia valittu: Muisti | Käynnistys | Rekisteri | Tietojärjestelmä | Heuristinen/Ylimäärinen | Heuristinen/Shuriken | Mahdollisesti haitallinen ohjelma | Mahdollisesti haitallinen muutos Käytöstä poistetut tarkistusvalinnat: Vertaisverkko (Peer-to-Peer) Tarkistettuja kohteita: 218988 Kulunut aika: 11 minuutti(a), 25 sekunti(a) Epäilyttäviä muistiprosesseja: 0 (Ei haitallisia kohteita) Epäilyttäviä muistimoduuleja: 0 (Ei haitallisia kohteita) Epäilyttäviä rekisteriavaimia: 0 (Ei haitallisia kohteita) Epäilyttäviä rekisteriarvoja: 0 (Ei haitallisia kohteita) Epäilyttäviä rekisterikohteita: 0 (Ei haitallisia kohteita) Epäilyttäviä kansioita: 0 (Ei haitallisia kohteita) Epäilyttäviä tiedostoja: 0 (Ei haitallisia kohteita) (loppu) RogueKiller V8.6.1 [Jun 19 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Käyttäjä [Admin rights] Mode : Scan -- Date : 06/22/2013 16:17:41 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 5 ¤¤¤ [HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND [HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 activate.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: HDT722516DLA380 41N3148LEN +++++ --- User --- [MBR] 4dc7de83604acf95d894e4681c15cd62 [bSP] 86a1d96a16b0d0f21fa050c54406b100 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 51199 Mo 1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 104856255 | Size: 101418 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: HDT722516DLA380 41N3148LEN +++++ --- User --- [MBR] e4630627ce5bb90f9a333d0fbb7278d3 [bSP] deea64bc8810fd8c994ebf3f77e44202 : Legit.B MBR Code Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_06222013_161741.txt >> DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2 Run by Käyttäjä at 16:19:24 on 2013-06-22 Microsoft Windows XP Professional 5.1.2600.3.1252.358.1035.18.2045.1251 [GMT 3:00] . AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . ============== Running Processes ================ . C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Program Files\Hi-Rez Studios\HiPatchService.exe C:\Documents and Settings\Käyttäjä\Local Settings\Application Data\Akamai\netsession_win.exe C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe C:\Documents and Settings\Käyttäjä\Application Data\Dropbox\bin\Dropbox.exe C:\Documents and Settings\Käyttäjä\Local Settings\Application Data\Akamai\netsession_win.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Opera\opera.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uProxyOverride = <local> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [MediaGet2] c:\documents and settings\käyttäjä\local settings\application data\mediaget2\mediaget.exe --minimized uRun: [Akamai NetSession Interface] "c:\documents and settings\käyttäjä\local settings\application data\akamai\netsession_win.exe" uRun: [DAEMON Tools Lite] "d:\daemon tools lite\DTLite.exe" -autorun uRun: [DAEMON Tools Ultra Agent] "c:\program files\daemon tools ultra\DTAgent.exe" -autorun mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N StartupFolder: c:\docume~1\kyttj~1\kynnis~1\ohjelmat\kynnis~1\dropbox.lnk - c:\documents and settings\käyttäjä\application data\dropbox\bin\Dropbox.exe StartupFolder: c:\docume~1\kyttj~1\kynnis~1\ohjelmat\kynnis~1\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE StartupFolder: c:\docume~1\alluse~1\kynnis~1\ohjelmat\kynnis~1\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.285\SSScheduler.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: ForceClassicControlPanel = dword:1 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe TCP: NameServer = 62.241.198.246 62.241.198.245 TCP: Interfaces\{E51F6B59-8549-4628-885A-6D16836651D2} : DHCPNameServer = 62.241.198.246 62.241.198.245 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\käyttäjä\application data\mozilla\firefox\profiles\1opcxgf4.default\ . ============= SERVICES / DRIVERS =============== . P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\hi-rez studios\HiPatchService.exe [2013-6-20 9216] R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-3-29 208184] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-4-14 242240] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136] R3 Disc Soft Bus Service;Disc Soft Bus Service;c:\program files\daemon tools ultra\DiscSoftBusService.exe [2013-5-23 632352] R3 dtscsibus;DAEMON Tools Virtual SCSI Bus;c:\windows\system32\drivers\dtscsibus.sys [2013-5-26 24704] S1 mowfegbz;mowfegbz;\??\c:\windows\system32\drivers\mowfegbz.sys --> c:\windows\system32\drivers\mowfegbz.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 dualshock3;DUALSHOCK3 Controller HID Minidriver (USB) Beta;c:\windows\system32\drivers\dualshock3.sys [2012-1-24 11392] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-4-19 161384] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2011-9-1 33792] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.285\McCHSvc.exe [2012-9-5 234776] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [2011-12-10 98672] S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [2011-12-10 14960] S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [2011-12-10 124016] S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [2011-12-10 117872] S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [2011-12-10 25456] S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [2011-12-10 113904] S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [2011-12-10 123504] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2013-06-22 12:41:59 -------- d-----w- c:\windows\ERUNT 2013-06-22 12:41:11 -------- d-----w- C:\JRT 2013-06-22 10:10:01 -------- d-----w- c:\documents and settings\käyttäjä\application data\AVG2013 2013-06-22 10:09:06 -------- d-----w- c:\documents and settings\käyttäjä\application data\TuneUp Software 2013-06-22 10:08:05 -------- d--h--w- C:\$AVG 2013-06-22 10:08:04 -------- d-----w- c:\documents and settings\all users\application data\AVG2013 2013-06-22 08:58:43 144896 ----a-w- c:\windows\system32\javacpl.cpl 2013-06-22 08:58:38 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-06-22 08:51:10 -------- d-----w- c:\windows\system32\appmgmt 2013-06-22 08:30:23 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes' Anti-Malware (portable) 2013-06-22 07:49:24 -------- d-----w- c:\documents and settings\käyttäjä\application data\Malwarebytes 2013-06-22 07:48:51 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2013-06-22 07:48:45 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-20 09:08:42 -------- d-----w- c:\program files\Microsoft Chart Controls 2013-06-20 09:06:50 -------- d-----w- C:\Documents 2013-06-20 09:04:26 -------- d-----w- c:\program files\Hi-Rez Studios 2013-06-19 11:40:41 -------- d-----w- c:\documents and settings\all users\application data\Hi-Rez Studios 2013-06-19 11:21:53 -------- d-----w- C:\ProgramData 2013-06-19 10:46:19 -------- d-----w- C:\AeriaGames 2013-06-17 20:11:30 163328 ----a-w- c:\windows\system32\FlashPlayerUpdateService.exe 2013-06-14 12:18:10 -------- d-----w- c:\program files\AVAST Software 2013-06-14 12:17:52 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software 2013-06-14 11:44:34 -------- d-----w- c:\program files\Enigma Software Group 2013-06-14 11:43:45 -------- d-----w- c:\windows\46B04D534E344388B6EE80FAB66AEF9B.TMP 2013-06-14 11:08:01 -------- d-----w- c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP 2013-06-14 09:46:07 -------- d-----w- c:\windows\E89498D814304A2BA76A4A71326981E9.TMP 2013-06-13 18:49:31 -------- d-----w- c:\documents and settings\käyttäjä\application data\TS3Client 2013-06-11 09:46:41 -------- d-----w- c:\program files\TeamSpeak 3 Client 2013-06-06 15:54:29 -------- d-----w- c:\program files\Dropbox 2013-06-06 15:52:26 -------- d-----w- c:\documents and settings\käyttäjä\application data\Dropbox 2013-06-06 15:28:36 -------- d-----w- c:\documents and settings\all users\application data\McAfee Security Scan 2013-06-06 15:28:24 -------- d-----w- c:\program files\McAfee Security Scan 2013-06-03 11:07:42 -------- d-----w- c:\documents and settings\käyttäjä\application data\ShanghaiAlice 2013-05-27 16:40:23 -------- d-----w- c:\windows\system32\xlive 2013-05-27 16:40:13 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2013-05-26 10:38:49 24704 ----a-w- c:\windows\system32\drivers\dtscsibus.sys 2013-05-26 10:38:42 -------- d-----w- c:\documents and settings\käyttäjä\application data\DAEMON Tools Ultra 2013-05-26 10:38:22 -------- d-----w- c:\program files\DAEMON Tools Ultra 2013-05-26 10:37:44 -------- d-----w- c:\documents and settings\all users\application data\DAEMON Tools Ultra 2013-05-26 10:21:24 -------- d-----w- C:\Gamez 2013-05-26 10:08:18 -------- d-----w- c:\documents and settings\käyttäjä\application data\Skype 2013-05-26 10:08:08 -------- d-----r- c:\program files\Skype 2013-05-25 22:52:09 -------- d-----w- c:\documents and settings\all users\application data\ASign 2013-05-25 22:14:18 -------- d-----w- c:\documents and settings\käyttäjä\application data\Nitroplus . ==================== Find3M ==================== . 2013-06-22 08:58:18 867240 ----a-w- c:\windows\system32\npdeployJava1.dll 2013-06-22 08:58:17 789416 ----a-w- c:\windows\system32\deployJava1.dll 2013-06-12 15:57:23 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-06-12 15:57:23 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-25 22:27:28 1174979 ----a-w- c:\windows\apppatch\unins000.exe 2013-05-25 13:18:27 139832 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2013-05-25 13:17:43 281768 ----a-w- c:\windows\system32\PnkBstrB.xtr 2013-05-25 13:17:43 281768 ----a-w- c:\windows\system32\PnkBstrB.exe 2013-05-22 15:26:12 281768 ----a-w- c:\windows\system32\PnkBstrB.ex0 2013-05-07 22:27:13 920064 ----a-w- c:\windows\system32\wininet.dll 2013-05-07 22:27:12 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-05-07 22:27:12 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2013-05-07 21:53:29 385024 ----a-w- c:\windows\system32\html.iec 2013-05-03 05:39:10 2152448 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-03 05:39:10 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-04-18 12:32:21 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2013-04-12 14:01:35 1876608 ----a-w- c:\windows\system32\win32k.sys 2013-03-28 23:53:48 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys . ============= FINISH: 16:19:37,57 ===============
  6. So I woke up this morning and booted up the computer. And instantly after starting up it opens "C:\documents" which included HRUPPROG.DIE.NOW and a text file which had the number 100. After googling a little I found the stickied thread here, downloaded the Anti-Malware and did as told. After rebooting the HRUPPROG files we're still there so I'm doing as told and made this Thread. I hope to get help soon as the stuff read about this googling is making me worry. Here is the Attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 30.3.2011 12:43:40 System Uptime: 22.6.2013 11:05:17 (0 hours ago) . Motherboard: IBM | | IBM Processor: Intel® Pentium® 4 CPU 3.40GHz | LGA775/PSC/TJS | 3391/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 50 GiB total, 6,235 GiB free. D: is FIXED (NTFS) - 99 GiB total, 89,952 GiB free. E: is FIXED (NTFS) - 233 GiB total, 200,553 GiB free. F: is FIXED (FAT32) - 466 GiB total, 114,148 GiB free. G: is CDROM () H: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Device ID: ACPI\NSC1200\5&244C37A5&0 Manufacturer: Name: PNP Device ID: ACPI\NSC1200\5&244C37A5&0 Service: . Class GUID: {4D36E968-E325-11CE-BFC1-08002BE10318} Description: ATI Technologies, Inc. 3D RAGE PRO AGP Device ID: ROOT\DISPLAY\0000 Manufacturer: ATI Technologies, Inc. Name: ATI Technologies, Inc. 3D RAGE PRO AGP PNP Device ID: ROOT\DISPLAY\0000 Service: atirage3 . ==== System Restore Points =================== . RP1265: 11.6.2013 17:27:11 - Software Distribution Service 3.0 RP1266: 12.6.2013 14:17:30 - Software Distribution Service 3.0 RP1267: 12.6.2013 17:28:36 - Software Distribution Service 3.0 RP1268: 14.6.2013 11:52:40 - Software Distribution Service 3.0 RP1269: 14.6.2013 12:47:07 - Asennettu SpyHunter RP1270: 14.6.2013 14:05:18 - Poistettu SpyHunter RP1271: 14.6.2013 14:05:36 - Installed SpyHunter RP1272: 14.6.2013 14:09:29 - Removed SpyHunter RP1273: 14.6.2013 14:10:50 - Installed SpyHunter RP1274: 14.6.2013 14:13:22 - Removed SpyHunter RP1275: 14.6.2013 14:14:49 - Installed SpyHunter RP1276: 14.6.2013 14:17:22 - Removed SpyHunter RP1277: 14.6.2013 14:19:47 - Installed SpyHunter RP1278: 14.6.2013 14:38:33 - Removed SpyHunter RP1279: 14.6.2013 14:44:33 - Asennettu SpyHunter RP1280: 14.6.2013 15:06:16 - Poistettu SpyHunter RP1281: 14.6.2013 15:18:10 - avast! Free Antivirus Asennus RP1282: 14.6.2013 17:02:57 - Software Distribution Service 3.0 RP1283: 15.6.2013 17:24:30 - Software Distribution Service 3.0 RP1284: 16.6.2013 17:23:47 - Software Distribution Service 3.0 RP1285: 17.6.2013 17:23:02 - Software Distribution Service 3.0 RP1286: 18.6.2013 17:24:26 - Software Distribution Service 3.0 RP1287: 19.6.2013 14:58:04 - Removed Aeria Ignite RP1288: 19.6.2013 16:24:19 - Software Distribution Service 3.0 RP1289: 19.6.2013 17:07:15 - Software Distribution Service 3.0 RP1290: 20.6.2013 12:04:23 - Installed Hi-Rez Studios Games RP1291: 20.6.2013 12:08:22 - Installed DirectX RP1292: 20.6.2013 17:29:42 - Software Distribution Service 3.0 RP1293: 21.6.2013 17:29:16 - Software Distribution Service 3.0 . ==== Installed Programs ====================== . 7-Zip 9.20 Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Reader XI - Suomi Akamai NetSession Interface µTorrent avast! Free Antivirus Bamboo Dock BOSS BrowserProtect Bundled software uninstaller CCleaner Combined Community Codec Pack 2011-11-11 Counter-Strike DAEMON Tools Lite DAEMON Tools Ultra Day of Defeat Dedicated Server Deus Ex Devil May Cry 3 Special Edition Dota 2 Dropbox Google Chrome Google Update Helper HF pAppLoc version 0.8 Hi-Rez Studios Authenticate and Update Service Hotfix-päivitys Windows XP:lle (KB2443685) Hotfix-päivitys Windows XP:lle (KB2570791) Hotfix-päivitys Windows XP:lle (KB2633952) Hotfix-päivitys Windows XP:lle (KB2756822) Hotfix-päivitys Windows XP:lle (KB2779562) Hotfix-päivitys Windows XP:lle (KB952287) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB976002-v5) Intel® Graphics Media Accelerator Driver Intel® PRO Network Connections Drivers Java 7 Update 21 Java Auto Updater Malwarebytes Anti-Malware versio 1.75.0.1300 McAfee Security Scan Plus MeldaProduction MFreeEffectsBundle 7 Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - FIN Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - FIN Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 Language Pack - fin Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 3.5:n kielitukipaketti - FI Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile FIN Language Pack Microsoft .NET Framework 4 Client Profilen suomen kielipaketti Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended FIN Language Pack Microsoft .NET Framework 4 Extendedin suomen kielipaketti Microsoft Antimalware Service FI-FI Language Pack Microsoft Application Error Reporting Microsoft Chart Controls for Microsoft .NET Framework 3.5 Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office File Validation Add-In Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word 2007 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Client FI-FI Language Pack Microsoft Security Essentials Microsoft Software Update for Web Folders (English) 12 Microsoft Windows Application Compatibility Database Microsoft Windowsin Tietoturvapäivitys (KB2564958) Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft WSE 3.0 Runtime Microsoft XNA Framework Redistributable 3.1 Microsoft XNA Framework Redistributable 4.0 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 mIRC Mozilla Firefox 9.0.1 (x86 fi) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NVIDIA-ohjauspaneeli 266.58 NVIDIA Grafiikkaohjain 266.58 NVIDIA Install Application NVIDIA nView 135.50 NVIDIA nView Desktop Manager NVIDIA PhysX NVIDIA PhysX-järjestelmäohjelmisto 9.10.0514 Oblivion Oblivion - Horse Armor Pack Oblivion - Knights of the Nine Oblivion - Mehrunes Razor Oblivion - Orrery Oblivion - Spell Tomes Oblivion - Thieves Den Oblivion - Vile Lair Oblivion - Wizard's Tower Oblivion mod manager 1.1.12 “Œ•û_—ì•_ ‘ÌŒ±”Å ver 0.01a OpenAL Opera 12.15 piaip AppLocale Päivitys Windows Internet Explorer 8:lle (KB976662) Päivitys Windows XP:lle (KB2141007) Päivitys Windows XP:lle (KB2345886) Päivitys Windows XP:lle (KB2541763) Päivitys Windows XP:lle (KB2607712) Päivitys Windows XP:lle (KB2616676) Päivitys Windows XP:lle (KB2641690) Päivitys Windows XP:lle (KB2661254-v2) Päivitys Windows XP:lle (KB2718704) Päivitys Windows XP:lle (KB2736233) Päivitys Windows XP:lle (KB2749655) Päivitys Windows XP:lle (KB898461) Päivitys Windows XP:lle (KB951978) Päivitys Windows XP:lle (KB955759) Päivitys Windows XP:lle (KB961503) Päivitys Windows XP:lle (KB968389) Päivitys Windows XP:lle (KB971029) Päivitys Windows XP:lle (KB971737) Päivitys Windows XP:lle (KB973687) Prince of Persia T2T Razer Game Booster Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profilen suomen kielipaketti (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profilen suomen kielipaketti (KB2518870) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Skype™ 6.3 Steam Suojauspäivitys ohjelmistolle Windows XP (KB941569) Suojauspäivitys Windows Internet Explorer 8:lle (KB2482017) Suojauspäivitys Windows Internet Explorer 8:lle (KB2497640) Suojauspäivitys Windows Internet Explorer 8:lle (KB2510531) Suojauspäivitys Windows Internet Explorer 8:lle (KB2530548) Suojauspäivitys Windows Internet Explorer 8:lle (KB2544521) Suojauspäivitys Windows Internet Explorer 8:lle (KB2559049) Suojauspäivitys Windows Internet Explorer 8:lle (KB2586448) Suojauspäivitys Windows Internet Explorer 8:lle (KB2618444) Suojauspäivitys Windows Internet Explorer 8:lle (KB2647516) Suojauspäivitys Windows Internet Explorer 8:lle (KB2675157) Suojauspäivitys Windows Internet Explorer 8:lle (KB2699988) Suojauspäivitys Windows Internet Explorer 8:lle (KB2722913) Suojauspäivitys Windows Internet Explorer 8:lle (KB2744842) Suojauspäivitys Windows Internet Explorer 8:lle (KB2761465) Suojauspäivitys Windows Internet Explorer 8:lle (KB2792100) Suojauspäivitys Windows Internet Explorer 8:lle (KB2797052) Suojauspäivitys Windows Internet Explorer 8:lle (KB2799329) Suojauspäivitys Windows Internet Explorer 8:lle (KB2809289) Suojauspäivitys Windows Internet Explorer 8:lle (KB2817183) Suojauspäivitys Windows Internet Explorer 8:lle (KB2829530) Suojauspäivitys Windows Internet Explorer 8:lle (KB2838727) Suojauspäivitys Windows Internet Explorer 8:lle (KB2847204) Suojauspäivitys Windows Internet Explorer 8:lle (KB981332) Suojauspäivitys Windows Media Playerille (KB2378111) Suojauspäivitys Windows Media Playerille (KB975558) Suojauspäivitys Windows Media Playerille (KB978695) Suojauspäivitys Windows XP:lle (KB2079403) Suojauspäivitys Windows XP:lle (KB2115168) Suojauspäivitys Windows XP:lle (KB2121546) Suojauspäivitys Windows XP:lle (KB2229593) Suojauspäivitys Windows XP:lle (KB2259922) Suojauspäivitys Windows XP:lle (KB2296011) Suojauspäivitys Windows XP:lle (KB2347290) Suojauspäivitys Windows XP:lle (KB2360937) Suojauspäivitys Windows XP:lle (KB2387149) Suojauspäivitys Windows XP:lle (KB2393802) Suojauspäivitys Windows XP:lle (KB2412687) Suojauspäivitys Windows XP:lle (KB2419632) Suojauspäivitys Windows XP:lle (KB2423089) Suojauspäivitys Windows XP:lle (KB2440591) Suojauspäivitys Windows XP:lle (KB2443105) Suojauspäivitys Windows XP:lle (KB2476490) Suojauspäivitys Windows XP:lle (KB2476687) Suojauspäivitys Windows XP:lle (KB2478960) Suojauspäivitys Windows XP:lle (KB2478971) Suojauspäivitys Windows XP:lle (KB2479628) Suojauspäivitys Windows XP:lle (KB2479943) Suojauspäivitys Windows XP:lle (KB2483185) Suojauspäivitys Windows XP:lle (KB2485376) Suojauspäivitys Windows XP:lle (KB2485663) Suojauspäivitys Windows XP:lle (KB2503658) Suojauspäivitys Windows XP:lle (KB2503665) Suojauspäivitys Windows XP:lle (KB2506212) Suojauspäivitys Windows XP:lle (KB2506223) Suojauspäivitys Windows XP:lle (KB2507618) Suojauspäivitys Windows XP:lle (KB2507938) Suojauspäivitys Windows XP:lle (KB2508272) Suojauspäivitys Windows XP:lle (KB2508429) Suojauspäivitys Windows XP:lle (KB2509553) Suojauspäivitys Windows XP:lle (KB2511455) Suojauspäivitys Windows XP:lle (KB2524375) Suojauspäivitys Windows XP:lle (KB2535512) Suojauspäivitys Windows XP:lle (KB2536276-v2) Suojauspäivitys Windows XP:lle (KB2536276) Suojauspäivitys Windows XP:lle (KB2544893-v2) Suojauspäivitys Windows XP:lle (KB2544893) Suojauspäivitys Windows XP:lle (KB2555917) Suojauspäivitys Windows XP:lle (KB2562937) Suojauspäivitys Windows XP:lle (KB2566454) Suojauspäivitys Windows XP:lle (KB2567053) Suojauspäivitys Windows XP:lle (KB2567680) Suojauspäivitys Windows XP:lle (KB2570222) Suojauspäivitys Windows XP:lle (KB2570947) Suojauspäivitys Windows XP:lle (KB2584146) Suojauspäivitys Windows XP:lle (KB2585542) Suojauspäivitys Windows XP:lle (KB2592799) Suojauspäivitys Windows XP:lle (KB2598479) Suojauspäivitys Windows XP:lle (KB2603381) Suojauspäivitys Windows XP:lle (KB2618451) Suojauspäivitys Windows XP:lle (KB2619339) Suojauspäivitys Windows XP:lle (KB2620712) Suojauspäivitys Windows XP:lle (KB2621440) Suojauspäivitys Windows XP:lle (KB2624667) Suojauspäivitys Windows XP:lle (KB2631813) Suojauspäivitys Windows XP:lle (KB2633171) Suojauspäivitys Windows XP:lle (KB2639417) Suojauspäivitys Windows XP:lle (KB2641653) Suojauspäivitys Windows XP:lle (KB2646524) Suojauspäivitys Windows XP:lle (KB2647518) Suojauspäivitys Windows XP:lle (KB2653956) Suojauspäivitys Windows XP:lle (KB2655992) Suojauspäivitys Windows XP:lle (KB2659262) Suojauspäivitys Windows XP:lle (KB2660465) Suojauspäivitys Windows XP:lle (KB2661637) Suojauspäivitys Windows XP:lle (KB2676562) Suojauspäivitys Windows XP:lle (KB2685939) Suojauspäivitys Windows XP:lle (KB2686509) Suojauspäivitys Windows XP:lle (KB2691442) Suojauspäivitys Windows XP:lle (KB2695962) Suojauspäivitys Windows XP:lle (KB2698365) Suojauspäivitys Windows XP:lle (KB2705219) Suojauspäivitys Windows XP:lle (KB2707511) Suojauspäivitys Windows XP:lle (KB2709162) Suojauspäivitys Windows XP:lle (KB2712808) Suojauspäivitys Windows XP:lle (KB2718523) Suojauspäivitys Windows XP:lle (KB2719985) Suojauspäivitys Windows XP:lle (KB2723135) Suojauspäivitys Windows XP:lle (KB2724197) Suojauspäivitys Windows XP:lle (KB2727528) Suojauspäivitys Windows XP:lle (KB2731847) Suojauspäivitys Windows XP:lle (KB2753842-v2) Suojauspäivitys Windows XP:lle (KB2753842) Suojauspäivitys Windows XP:lle (KB2757638) Suojauspäivitys Windows XP:lle (KB2758857) Suojauspäivitys Windows XP:lle (KB2761226) Suojauspäivitys Windows XP:lle (KB2770660) Suojauspäivitys Windows XP:lle (KB2778344) Suojauspäivitys Windows XP:lle (KB2779030) Suojauspäivitys Windows XP:lle (KB2780091) Suojauspäivitys Windows XP:lle (KB2799494) Suojauspäivitys Windows XP:lle (KB2802968) Suojauspäivitys Windows XP:lle (KB2807986) Suojauspäivitys Windows XP:lle (KB2808735) Suojauspäivitys Windows XP:lle (KB2813170) Suojauspäivitys Windows XP:lle (KB2820197) Suojauspäivitys Windows XP:lle (KB2820917) Suojauspäivitys Windows XP:lle (KB2829361) Suojauspäivitys Windows XP:lle (KB2839229) Suojauspäivitys Windows XP:lle (KB923561) Suojauspäivitys Windows XP:lle (KB923789) Suojauspäivitys Windows XP:lle (KB970430) Suojauspäivitys Windows XP:lle (KB972270) Suojauspäivitys Windows XP:lle (KB973525) Suojauspäivitys Windows XP:lle (KB975254) Suojauspäivitys Windows XP:lle (KB975467) Suojauspäivitys Windows XP:lle (KB975560) Suojauspäivitys Windows XP:lle (KB975562) Suojauspäivitys Windows XP:lle (KB975713) Suojauspäivitys Windows XP:lle (KB977816) Suojauspäivitys Windows XP:lle (KB977914) Suojauspäivitys Windows XP:lle (KB978338) Suojauspäivitys Windows XP:lle (KB978542) Suojauspäivitys Windows XP:lle (KB978601) Suojauspäivitys Windows XP:lle (KB978706) Suojauspäivitys Windows XP:lle (KB979309) Suojauspäivitys Windows XP:lle (KB979482) Suojauspäivitys Windows XP:lle (KB979687) Suojauspäivitys Windows XP:lle (KB980195) Suojauspäivitys Windows XP:lle (KB980232) Suojauspäivitys Windows XP:lle (KB980436) Suojauspäivitys Windows XP:lle (KB981322) Suojauspäivitys Windows XP:lle (KB981997) Suojauspäivitys Windows XP:lle (KB982132) Suojauspäivitys Windows XP:lle (KB982214) Suojauspäivitys Windows XP:lle (KB982665) TeamSpeak 3 Client Unofficial Oblivion Patch v3.4.3 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition WebFldrs XP Windows Genuine Advantage Notifications (KB905474) Windows Live ID Sign-in Assistant WinRAR 4.00 (32-bit) VLC media player 2.0.6 XML Paper Specification Shared Components Language Pack 1.0 YTD Video Downloader 4.0 . ==== Event Viewer Messages From Past Week ======== . 22.6.2013 11:06:26, error: Service Control Manager [7000] - Palvelua DUALSHOCK3 Controller HID Minidriver (USB) Beta ei voi käynnistää. Virhekoodi on Palvelua ei voi käynnistää, koska se on poistettu käytöstä tai siihen ei liity käytössä olevia laitteita. 22.6.2013 10:14:49, error: Service Control Manager [7000] - Palvelua DUALSHOCK3 Controller HID Minidriver (USB) Beta ei voi käynnistää. Virhekoodi on Palvelua ei voi käynnistää, koska se on poistettu käytöstä tai siihen ei liity käytössä olevia laitteita. 19.6.2013 17:16:50, error: Service Control Manager [7000] - Palvelua DUALSHOCK3 Controller HID Minidriver (USB) Beta ei voi käynnistää. Virhekoodi on Palvelua ei voi käynnistää, koska se on poistettu käytöstä tai siihen ei liity käytössä olevia laitteita. 19.6.2013 16:31:41, error: Service Control Manager [7000] - Palvelua DUALSHOCK3 Controller HID Minidriver (USB) Beta ei voi käynnistää. Virhekoodi on Palvelua ei voi käynnistää, koska se on poistettu käytöstä tai siihen ei liity käytössä olevia laitteita. 19.6.2013 16:03:02, error: Service Control Manager [7000] - Palvelua DUALSHOCK3 Controller HID Minidriver (USB) Beta ei voi käynnistää. Virhekoodi on Palvelua ei voi käynnistää, koska se on poistettu käytöstä tai siihen ei liity käytössä olevia laitteita. 19.6.2013 15:44:10, error: Service Control Manager [7000] - Palvelua DUALSHOCK3 Controller HID Minidriver (USB) Beta ei voi käynnistää. Virhekoodi on Palvelua ei voi käynnistää, koska se on poistettu käytöstä tai siihen ei liity käytössä olevia laitteita. 19.6.2013 15:29:07, error: Service Control Manager [7000] - Palvelua DUALSHOCK3 Controller HID Minidriver (USB) Beta ei voi käynnistää. Virhekoodi on Palvelua ei voi käynnistää, koska se on poistettu käytöstä tai siihen ei liity käytössä olevia laitteita. 19.6.2013 15:20:35, error: Service Control Manager [7000] - Palvelua DUALSHOCK3 Controller HID Minidriver (USB) Beta ei voi käynnistää. Virhekoodi on Palvelua ei voi käynnistää, koska se on poistettu käytöstä tai siihen ei liity käytössä olevia laitteita. . ==== End Of File =========================== And here is the dds.txt DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2 Run by Käyttäjä at 11:11:15 on 2013-06-22 Microsoft Windows XP Professional 5.1.2600.3.1252.358.1035.18.2045.957 [GMT 3:00] . AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes ================ . C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Program Files\Hi-Rez Studios\HiPatchService.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Documents and Settings\Käyttäjä\Local Settings\Application Data\Akamai\netsession_win.exe C:\Documents and Settings\Käyttäjä\Local Settings\Application Data\Akamai\netsession_win.exe C:\Program Files\Opera\opera.exe C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Käyttäjä\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uProxyOverride = <local> uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [MediaGet2] c:\documents and settings\käyttäjä\local settings\application data\mediaget2\mediaget.exe --minimized uRun: [Akamai NetSession Interface] "c:\documents and settings\käyttäjä\local settings\application data\akamai\netsession_win.exe" uRun: [DAEMON Tools Lite] "d:\daemon tools lite\DTLite.exe" -autorun uRun: [DAEMON Tools Ultra Agent] "c:\program files\daemon tools ultra\DTAgent.exe" -autorun mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N StartupFolder: c:\docume~1\kyttj~1\kynnis~1\ohjelmat\kynnis~1\dropbox.lnk - c:\documents and settings\käyttäjä\application data\dropbox\bin\Dropbox.exe StartupFolder: c:\docume~1\alluse~1\kynnis~1\ohjelmat\kynnis~1\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.285\SSScheduler.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: ForceClassicControlPanel = dword:1 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe TCP: NameServer = 62.241.198.246 62.241.198.245 TCP: Interfaces\{E51F6B59-8549-4628-885A-6D16836651D2} : DHCPNameServer = 62.241.198.246 62.241.198.245 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs= c:\docume~1\alluse~1\applic~1\browse~1\261339~1.144\{c16c1~1\browse~1.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\käyttäjä\application data\mozilla\firefox\profiles\1opcxgf4.default\ . ============= SERVICES / DRIVERS =============== . P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\hi-rez studios\HiPatchService.exe [2013-6-20 9216] R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-6-14 49376] R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-6-14 174664] R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 195296] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-6-14 765736] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-6-14 368944] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-4-14 242240] R1 MpKsl87123e27;MpKsl87123e27;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b2dc96a8-77b8-4145-a54b-1f3956f49a4a}\MpKsl87123e27.sys [2013-6-22 29904] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-6-14 29816] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-6-14 66336] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-6-14 46808] R2 BrowserProtect;BrowserProtect;c:\documents and settings\all users\application data\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-6-4 3085264] R3 Disc Soft Bus Service;Disc Soft Bus Service;c:\program files\daemon tools ultra\DiscSoftBusService.exe [2013-5-23 632352] R3 dtscsibus;DAEMON Tools Virtual SCSI Bus;c:\windows\system32\drivers\dtscsibus.sys [2013-5-26 24704] S1 mowfegbz;mowfegbz;\??\c:\windows\system32\drivers\mowfegbz.sys --> c:\windows\system32\drivers\mowfegbz.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 dualshock3;DUALSHOCK3 Controller HID Minidriver (USB) Beta;c:\windows\system32\drivers\dualshock3.sys [2012-1-24 11392] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-4-19 161384] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2011-9-1 33792] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.285\McCHSvc.exe [2012-9-5 234776] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [2011-12-10 98672] S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [2011-12-10 14960] S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [2011-12-10 124016] S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [2011-12-10 117872] S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [2011-12-10 25456] S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [2011-12-10 113904] S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [2011-12-10 123504] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2013-06-22 08:06:47 60872 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b2dc96a8-77b8-4145-a54b-1f3956f49a4a}\offreg.dll 2013-06-22 08:06:16 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b2dc96a8-77b8-4145-a54b-1f3956f49a4a}\MpKsl87123e27.sys 2013-06-22 07:49:24 -------- d-----w- c:\documents and settings\käyttäjä\application data\Malwarebytes 2013-06-22 07:48:51 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2013-06-22 07:48:45 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-21 14:29:21 7068072 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b2dc96a8-77b8-4145-a54b-1f3956f49a4a}\mpengine.dll 2013-06-20 14:29:55 7068072 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-06-20 09:08:42 -------- d-----w- c:\program files\Microsoft Chart Controls 2013-06-20 09:06:50 -------- d-----w- C:\Documents 2013-06-20 09:04:26 -------- d-----w- c:\program files\Hi-Rez Studios 2013-06-19 11:40:41 -------- d-----w- c:\documents and settings\all users\application data\Hi-Rez Studios 2013-06-19 11:21:53 -------- d-----w- C:\ProgramData 2013-06-19 10:46:19 -------- d-----w- C:\AeriaGames 2013-06-17 20:11:30 163328 ----a-w- c:\windows\system32\FlashPlayerUpdateService.exe 2013-06-17 20:11:26 -------- d-----w- c:\documents and settings\käyttäjä\application data\File Scout 2013-06-14 12:19:48 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-06-14 12:19:48 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-06-14 12:19:47 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-06-14 12:19:46 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-06-14 12:18:52 41664 ----a-w- c:\windows\avastSS.scr 2013-06-14 12:18:10 -------- d-----w- c:\program files\AVAST Software 2013-06-14 12:17:52 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software 2013-06-14 11:44:34 -------- d-----w- c:\program files\Enigma Software Group 2013-06-14 11:43:45 -------- d-----w- c:\windows\46B04D534E344388B6EE80FAB66AEF9B.TMP 2013-06-14 11:08:01 -------- d-----w- c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP 2013-06-14 09:46:07 -------- d-----w- c:\windows\E89498D814304A2BA76A4A71326981E9.TMP 2013-06-13 18:49:31 -------- d-----w- c:\documents and settings\käyttäjä\application data\TS3Client 2013-06-11 09:46:41 -------- d-----w- c:\program files\TeamSpeak 3 Client 2013-06-06 15:54:29 -------- d-----w- c:\program files\Dropbox 2013-06-06 15:52:26 -------- d-----w- c:\documents and settings\käyttäjä\application data\Dropbox 2013-06-06 15:28:36 -------- d-----w- c:\documents and settings\all users\application data\McAfee Security Scan 2013-06-06 15:28:24 -------- d-----w- c:\program files\McAfee Security Scan 2013-06-03 11:07:42 -------- d-----w- c:\documents and settings\käyttäjä\application data\ShanghaiAlice 2013-05-27 16:40:23 -------- d-----w- c:\windows\system32\xlive 2013-05-27 16:40:13 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2013-05-26 10:39:58 -------- d-----w- c:\documents and settings\all users\application data\BrowserProtect 2013-05-26 10:39:48 -------- d-----w- c:\documents and settings\käyttäjä\application data\BabSolution 2013-05-26 10:39:07 -------- d-----w- c:\documents and settings\käyttäjä\application data\Babylon 2013-05-26 10:39:07 -------- d-----w- c:\documents and settings\all users\application data\Babylon 2013-05-26 10:38:49 24704 ----a-w- c:\windows\system32\drivers\dtscsibus.sys 2013-05-26 10:38:42 -------- d-----w- c:\documents and settings\käyttäjä\application data\DAEMON Tools Ultra 2013-05-26 10:38:22 -------- d-----w- c:\program files\DAEMON Tools Ultra 2013-05-26 10:37:44 -------- d-----w- c:\documents and settings\all users\application data\DAEMON Tools Ultra 2013-05-26 10:21:24 -------- d-----w- C:\Gamez 2013-05-26 10:08:18 -------- d-----w- c:\documents and settings\käyttäjä\application data\Skype 2013-05-26 10:08:08 -------- d-----r- c:\program files\Skype 2013-05-25 22:52:09 -------- d-----w- c:\documents and settings\all users\application data\ASign 2013-05-25 22:14:18 -------- d-----w- c:\documents and settings\käyttäjä\application data\Nitroplus . ==================== Find3M ==================== . 2013-06-12 15:57:23 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-06-12 15:57:23 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-25 22:27:28 1174979 ----a-w- c:\windows\apppatch\unins000.exe 2013-05-25 13:18:27 139832 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2013-05-25 13:17:43 281768 ----a-w- c:\windows\system32\PnkBstrB.xtr 2013-05-25 13:17:43 281768 ----a-w- c:\windows\system32\PnkBstrB.exe 2013-05-22 15:26:12 281768 ----a-w- c:\windows\system32\PnkBstrB.ex0 2013-05-07 22:27:13 920064 ----a-w- c:\windows\system32\wininet.dll 2013-05-07 22:27:12 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-05-07 22:27:12 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2013-05-07 21:53:29 385024 ----a-w- c:\windows\system32\html.iec 2013-05-03 05:39:10 2152448 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-03 05:39:10 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-04-18 12:32:21 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2013-04-12 14:01:35 1876608 ----a-w- c:\windows\system32\win32k.sys 2013-04-04 02:35:08 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . ============= FINISH: 11:12:49,17 =============== DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2 Run by Käyttäjä at 11:11:15 on 2013-06-22 Microsoft Windows XP Professional 5.1.2600.3.1252.358.1035.18.2045.957 [GMT 3:00] . AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes ================ . C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Program Files\Hi-Rez Studios\HiPatchService.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Documents and Settings\Käyttäjä\Local Settings\Application Data\Akamai\netsession_win.exe C:\Documents and Settings\Käyttäjä\Local Settings\Application Data\Akamai\netsession_win.exe C:\Program Files\Opera\opera.exe C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Käyttäjä\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uProxyOverride = <local> uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [MediaGet2] c:\documents and settings\käyttäjä\local settings\application data\mediaget2\mediaget.exe --minimized uRun: [Akamai NetSession Interface] "c:\documents and settings\käyttäjä\local settings\application data\akamai\netsession_win.exe" uRun: [DAEMON Tools Lite] "d:\daemon tools lite\DTLite.exe" -autorun uRun: [DAEMON Tools Ultra Agent] "c:\program files\daemon tools ultra\DTAgent.exe" -autorun mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N StartupFolder: c:\docume~1\kyttj~1\kynnis~1\ohjelmat\kynnis~1\dropbox.lnk - c:\documents and settings\käyttäjä\application data\dropbox\bin\Dropbox.exe StartupFolder: c:\docume~1\alluse~1\kynnis~1\ohjelmat\kynnis~1\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.285\SSScheduler.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: ForceClassicControlPanel = dword:1 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe TCP: NameServer = 62.241.198.246 62.241.198.245 TCP: Interfaces\{E51F6B59-8549-4628-885A-6D16836651D2} : DHCPNameServer = 62.241.198.246 62.241.198.245 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs= c:\docume~1\alluse~1\applic~1\browse~1\261339~1.144\{c16c1~1\browse~1.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\käyttäjä\application data\mozilla\firefox\profiles\1opcxgf4.default\ . ============= SERVICES / DRIVERS =============== . P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\hi-rez studios\HiPatchService.exe [2013-6-20 9216] R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-6-14 49376] R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-6-14 174664] R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 195296] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-6-14 765736] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-6-14 368944] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-4-14 242240] R1 MpKsl87123e27;MpKsl87123e27;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b2dc96a8-77b8-4145-a54b-1f3956f49a4a}\MpKsl87123e27.sys [2013-6-22 29904] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-6-14 29816] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-6-14 66336] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-6-14 46808] R2 BrowserProtect;BrowserProtect;c:\documents and settings\all users\application data\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-6-4 3085264] R3 Disc Soft Bus Service;Disc Soft Bus Service;c:\program files\daemon tools ultra\DiscSoftBusService.exe [2013-5-23 632352] R3 dtscsibus;DAEMON Tools Virtual SCSI Bus;c:\windows\system32\drivers\dtscsibus.sys [2013-5-26 24704] S1 mowfegbz;mowfegbz;\??\c:\windows\system32\drivers\mowfegbz.sys --> c:\windows\system32\drivers\mowfegbz.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 dualshock3;DUALSHOCK3 Controller HID Minidriver (USB) Beta;c:\windows\system32\drivers\dualshock3.sys [2012-1-24 11392] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-4-19 161384] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2011-9-1 33792] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.285\McCHSvc.exe [2012-9-5 234776] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [2011-12-10 98672] S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [2011-12-10 14960] S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [2011-12-10 124016] S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [2011-12-10 117872] S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [2011-12-10 25456] S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [2011-12-10 113904] S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [2011-12-10 123504] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2013-06-22 08:06:47 60872 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b2dc96a8-77b8-4145-a54b-1f3956f49a4a}\offreg.dll 2013-06-22 08:06:16 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b2dc96a8-77b8-4145-a54b-1f3956f49a4a}\MpKsl87123e27.sys 2013-06-22 07:49:24 -------- d-----w- c:\documents and settings\käyttäjä\application data\Malwarebytes 2013-06-22 07:48:51 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2013-06-22 07:48:45 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-21 14:29:21 7068072 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b2dc96a8-77b8-4145-a54b-1f3956f49a4a}\mpengine.dll 2013-06-20 14:29:55 7068072 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-06-20 09:08:42 -------- d-----w- c:\program files\Microsoft Chart Controls 2013-06-20 09:06:50 -------- d-----w- C:\Documents 2013-06-20 09:04:26 -------- d-----w- c:\program files\Hi-Rez Studios 2013-06-19 11:40:41 -------- d-----w- c:\documents and settings\all users\application data\Hi-Rez Studios 2013-06-19 11:21:53 -------- d-----w- C:\ProgramData 2013-06-19 10:46:19 -------- d-----w- C:\AeriaGames 2013-06-17 20:11:30 163328 ----a-w- c:\windows\system32\FlashPlayerUpdateService.exe 2013-06-17 20:11:26 -------- d-----w- c:\documents and settings\käyttäjä\application data\File Scout 2013-06-14 12:19:48 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-06-14 12:19:48 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-06-14 12:19:47 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-06-14 12:19:46 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-06-14 12:18:52 41664 ----a-w- c:\windows\avastSS.scr 2013-06-14 12:18:10 -------- d-----w- c:\program files\AVAST Software 2013-06-14 12:17:52 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software 2013-06-14 11:44:34 -------- d-----w- c:\program files\Enigma Software Group 2013-06-14 11:43:45 -------- d-----w- c:\windows\46B04D534E344388B6EE80FAB66AEF9B.TMP 2013-06-14 11:08:01 -------- d-----w- c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP 2013-06-14 09:46:07 -------- d-----w- c:\windows\E89498D814304A2BA76A4A71326981E9.TMP 2013-06-13 18:49:31 -------- d-----w- c:\documents and settings\käyttäjä\application data\TS3Client 2013-06-11 09:46:41 -------- d-----w- c:\program files\TeamSpeak 3 Client 2013-06-06 15:54:29 -------- d-----w- c:\program files\Dropbox 2013-06-06 15:52:26 -------- d-----w- c:\documents and settings\käyttäjä\application data\Dropbox 2013-06-06 15:28:36 -------- d-----w- c:\documents and settings\all users\application data\McAfee Security Scan 2013-06-06 15:28:24 -------- d-----w- c:\program files\McAfee Security Scan 2013-06-03 11:07:42 -------- d-----w- c:\documents and settings\käyttäjä\application data\ShanghaiAlice 2013-05-27 16:40:23 -------- d-----w- c:\windows\system32\xlive 2013-05-27 16:40:13 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2013-05-26 10:39:58 -------- d-----w- c:\documents and settings\all users\application data\BrowserProtect 2013-05-26 10:39:48 -------- d-----w- c:\documents and settings\käyttäjä\application data\BabSolution 2013-05-26 10:39:07 -------- d-----w- c:\documents and settings\käyttäjä\application data\Babylon 2013-05-26 10:39:07 -------- d-----w- c:\documents and settings\all users\application data\Babylon 2013-05-26 10:38:49 24704 ----a-w- c:\windows\system32\drivers\dtscsibus.sys 2013-05-26 10:38:42 -------- d-----w- c:\documents and settings\käyttäjä\application data\DAEMON Tools Ultra 2013-05-26 10:38:22 -------- d-----w- c:\program files\DAEMON Tools Ultra 2013-05-26 10:37:44 -------- d-----w- c:\documents and settings\all users\application data\DAEMON Tools Ultra 2013-05-26 10:21:24 -------- d-----w- C:\Gamez 2013-05-26 10:08:18 -------- d-----w- c:\documents and settings\käyttäjä\application data\Skype 2013-05-26 10:08:08 -------- d-----r- c:\program files\Skype 2013-05-25 22:52:09 -------- d-----w- c:\documents and settings\all users\application data\ASign 2013-05-25 22:14:18 -------- d-----w- c:\documents and settings\käyttäjä\application data\Nitroplus . ==================== Find3M ==================== . 2013-06-12 15:57:23 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-06-12 15:57:23 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-25 22:27:28 1174979 ----a-w- c:\windows\apppatch\unins000.exe 2013-05-25 13:18:27 139832 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2013-05-25 13:17:43 281768 ----a-w- c:\windows\system32\PnkBstrB.xtr 2013-05-25 13:17:43 281768 ----a-w- c:\windows\system32\PnkBstrB.exe 2013-05-22 15:26:12 281768 ----a-w- c:\windows\system32\PnkBstrB.ex0 2013-05-07 22:27:13 920064 ----a-w- c:\windows\system32\wininet.dll 2013-05-07 22:27:12 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-05-07 22:27:12 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2013-05-07 21:53:29 385024 ----a-w- c:\windows\system32\html.iec 2013-05-03 05:39:10 2152448 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-03 05:39:10 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-04-18 12:32:21 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2013-04-12 14:01:35 1876608 ----a-w- c:\windows\system32\win32k.sys 2013-04-04 02:35:08 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . ============= FINISH: 11:12:49,17 =============== DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2 Run by Käyttäjä at 11:11:15 on 2013-06-22 Microsoft Windows XP Professional 5.1.2600.3.1252.358.1035.18.2045.957 [GMT 3:00] . AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes ================ . C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Program Files\Hi-Rez Studios\HiPatchService.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\All Users\Application Data\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Documents and Settings\Käyttäjä\Local Settings\Application Data\Akamai\netsession_win.exe C:\Documents and Settings\Käyttäjä\Local Settings\Application Data\Akamai\netsession_win.exe C:\Program Files\Opera\opera.exe C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Käyttäjä\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uProxyOverride = <local> uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [MediaGet2] c:\documents and settings\käyttäjä\local settings\application data\mediaget2\mediaget.exe --minimized uRun: [Akamai NetSession Interface] "c:\documents and settings\käyttäjä\local settings\application data\akamai\netsession_win.exe" uRun: [DAEMON Tools Lite] "d:\daemon tools lite\DTLite.exe" -autorun uRun: [DAEMON Tools Ultra Agent] "c:\program files\daemon tools ultra\DTAgent.exe" -autorun mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N StartupFolder: c:\docume~1\kyttj~1\kynnis~1\ohjelmat\kynnis~1\dropbox.lnk - c:\documents and settings\käyttäjä\application data\dropbox\bin\Dropbox.exe StartupFolder: c:\docume~1\alluse~1\kynnis~1\ohjelmat\kynnis~1\mcafee~1.lnk - c:\program files\mcafee security scan\3.0.285\SSScheduler.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: ForceClassicControlPanel = dword:1 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe TCP: NameServer = 62.241.198.246 62.241.198.245 TCP: Interfaces\{E51F6B59-8549-4628-885A-6D16836651D2} : DHCPNameServer = 62.241.198.246 62.241.198.245 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs= c:\docume~1\alluse~1\applic~1\browse~1\261339~1.144\{c16c1~1\browse~1.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\käyttäjä\application data\mozilla\firefox\profiles\1opcxgf4.default\ . ============= SERVICES / DRIVERS =============== . P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files\hi-rez studios\HiPatchService.exe [2013-6-20 9216] R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-6-14 49376] R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-6-14 174664] R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 195296] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-6-14 765736] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-6-14 368944] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-4-14 242240] R1 MpKsl87123e27;MpKsl87123e27;c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b2dc96a8-77b8-4145-a54b-1f3956f49a4a}\MpKsl87123e27.sys [2013-6-22 29904] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-6-14 29816] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-6-14 66336] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-6-14 46808] R2 BrowserProtect;BrowserProtect;c:\documents and settings\all users\application data\browserprotect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-6-4 3085264] R3 Disc Soft Bus Service;Disc Soft Bus Service;c:\program files\daemon tools ultra\DiscSoftBusService.exe [2013-5-23 632352] R3 dtscsibus;DAEMON Tools Virtual SCSI Bus;c:\windows\system32\drivers\dtscsibus.sys [2013-5-26 24704] S1 mowfegbz;mowfegbz;\??\c:\windows\system32\drivers\mowfegbz.sys --> c:\windows\system32\drivers\mowfegbz.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 dualshock3;DUALSHOCK3 Controller HID Minidriver (USB) Beta;c:\windows\system32\drivers\dualshock3.sys [2012-1-24 11392] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-4-19 161384] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2011-9-1 33792] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.285\McCHSvc.exe [2012-9-5 234776] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [2011-12-10 98672] S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [2011-12-10 14960] S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [2011-12-10 124016] S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [2011-12-10 117872] S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [2011-12-10 25456] S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [2011-12-10 113904] S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [2011-12-10 123504] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2013-06-22 08:06:47 60872 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b2dc96a8-77b8-4145-a54b-1f3956f49a4a}\offreg.dll 2013-06-22 08:06:16 29904 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b2dc96a8-77b8-4145-a54b-1f3956f49a4a}\MpKsl87123e27.sys 2013-06-22 07:49:24 -------- d-----w- c:\documents and settings\käyttäjä\application data\Malwarebytes 2013-06-22 07:48:51 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2013-06-22 07:48:45 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-06-21 14:29:21 7068072 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{b2dc96a8-77b8-4145-a54b-1f3956f49a4a}\mpengine.dll 2013-06-20 14:29:55 7068072 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-06-20 09:08:42 -------- d-----w- c:\program files\Microsoft Chart Controls 2013-06-20 09:06:50 -------- d-----w- C:\Documents 2013-06-20 09:04:26 -------- d-----w- c:\program files\Hi-Rez Studios 2013-06-19 11:40:41 -------- d-----w- c:\documents and settings\all users\application data\Hi-Rez Studios 2013-06-19 11:21:53 -------- d-----w- C:\ProgramData 2013-06-19 10:46:19 -------- d-----w- C:\AeriaGames 2013-06-17 20:11:30 163328 ----a-w- c:\windows\system32\FlashPlayerUpdateService.exe 2013-06-17 20:11:26 -------- d-----w- c:\documents and settings\käyttäjä\application data\File Scout 2013-06-14 12:19:48 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-06-14 12:19:48 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2013-06-14 12:19:47 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2013-06-14 12:19:46 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-06-14 12:18:52 41664 ----a-w- c:\windows\avastSS.scr 2013-06-14 12:18:10 -------- d-----w- c:\program files\AVAST Software 2013-06-14 12:17:52 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software 2013-06-14 11:44:34 -------- d-----w- c:\program files\Enigma Software Group 2013-06-14 11:43:45 -------- d-----w- c:\windows\46B04D534E344388B6EE80FAB66AEF9B.TMP 2013-06-14 11:08:01 -------- d-----w- c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP 2013-06-14 09:46:07 -------- d-----w- c:\windows\E89498D814304A2BA76A4A71326981E9.TMP 2013-06-13 18:49:31 -------- d-----w- c:\documents and settings\käyttäjä\application data\TS3Client 2013-06-11 09:46:41 -------- d-----w- c:\program files\TeamSpeak 3 Client 2013-06-06 15:54:29 -------- d-----w- c:\program files\Dropbox 2013-06-06 15:52:26 -------- d-----w- c:\documents and settings\käyttäjä\application data\Dropbox 2013-06-06 15:28:36 -------- d-----w- c:\documents and settings\all users\application data\McAfee Security Scan 2013-06-06 15:28:24 -------- d-----w- c:\program files\McAfee Security Scan 2013-06-03 11:07:42 -------- d-----w- c:\documents and settings\käyttäjä\application data\ShanghaiAlice 2013-05-27 16:40:23 -------- d-----w- c:\windows\system32\xlive 2013-05-27 16:40:13 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2013-05-26 10:39:58 -------- d-----w- c:\documents and settings\all users\application data\BrowserProtect 2013-05-26 10:39:48 -------- d-----w- c:\documents and settings\käyttäjä\application data\BabSolution 2013-05-26 10:39:07 -------- d-----w- c:\documents and settings\käyttäjä\application data\Babylon 2013-05-26 10:39:07 -------- d-----w- c:\documents and settings\all users\application data\Babylon 2013-05-26 10:38:49 24704 ----a-w- c:\windows\system32\drivers\dtscsibus.sys 2013-05-26 10:38:42 -------- d-----w- c:\documents and settings\käyttäjä\application data\DAEMON Tools Ultra 2013-05-26 10:38:22 -------- d-----w- c:\program files\DAEMON Tools Ultra 2013-05-26 10:37:44 -------- d-----w- c:\documents and settings\all users\application data\DAEMON Tools Ultra 2013-05-26 10:21:24 -------- d-----w- C:\Gamez 2013-05-26 10:08:18 -------- d-----w- c:\documents and settings\käyttäjä\application data\Skype 2013-05-26 10:08:08 -------- d-----r- c:\program files\Skype 2013-05-25 22:52:09 -------- d-----w- c:\documents and settings\all users\application data\ASign 2013-05-25 22:14:18 -------- d-----w- c:\documents and settings\käyttäjä\application data\Nitroplus . ==================== Find3M ==================== . 2013-06-12 15:57:23 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-06-12 15:57:23 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-05-25 22:27:28 1174979 ----a-w- c:\windows\apppatch\unins000.exe 2013-05-25 13:18:27 139832 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2013-05-25 13:17:43 281768 ----a-w- c:\windows\system32\PnkBstrB.xtr 2013-05-25 13:17:43 281768 ----a-w- c:\windows\system32\PnkBstrB.exe 2013-05-22 15:26:12 281768 ----a-w- c:\windows\system32\PnkBstrB.ex0 2013-05-07 22:27:13 920064 ----a-w- c:\windows\system32\wininet.dll 2013-05-07 22:27:12 43520 ----a-w- c:\windows\system32\licmgr10.dll 2013-05-07 22:27:12 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2013-05-07 21:53:29 385024 ----a-w- c:\windows\system32\html.iec 2013-05-03 05:39:10 2152448 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-03 05:39:10 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-05-02 15:28:50 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-04-18 12:32:21 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2013-04-12 14:01:35 1876608 ----a-w- c:\windows\system32\win32k.sys 2013-04-04 02:35:08 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll . ============= FINISH: 11:12:49,17 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.