Jump to content

Recommended Posts

Hey.

 

Can I please ask you this?

I have gotten some nasty malware - not sure but it may have been a part of an update for JAVA, but unsure.
One thing is certain and that is I NEED HELP to get this out of the system.

Any gurus on the subject? Thanks a lot for any reply!

 

---------------------------------------------------------------------

Added some logs:

---------------------------------------------------------------------
FRST:
---------
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014
Ran by Rune (administrator) on RUNESTASJON-PC on 10-02-2014 22:18:34
Running from K:\Movables
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.seolinkrobot.com)
Skype Click to Call (x32 Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SmartFTP Client Setup Files 4.1 (x64) (remove only) (x32 Version: 4.1 - SmartSoft Ltd)
Spelling Dictionaries Support For Adobe Reader 9 (x32 Version: 9.0.0 - Adobe Systems Incorporated)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
SWF Components (x32 Version: 1.0.0 - Keyword Rockstar, Inc.)
TweetAdder4 (x32 Version: 4.0.130521 - TweetAdder.com)
Unity Web Player (HKCU Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Uplay (x32 Version: 2.0 - Ubisoft)
Vegas Pro 11.0 (x32 Version: 11.0.370 - Sony)
Video Components (x32 Version: 1.0.0 - Keyword Rockstar, Inc.)
Viral Meme Maker version 1.0.5 (x32 Version: 1.0.5 - )
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
Webroot SecureAnywhere (x32 Version: 8.0.4.46 - Webroot)
WebTablet IE Plugin (x32 Version: 1.1.0.4 - Wacom Technology Corp.)
WebTablet Netscape Plugin (x32 Version: 1.1.0.3 - Wacom Technology Corp.)
WP Auto Links (x32 Version: 1.0.0 - Reilly Labs)
==================== Restore Points  =========================
05-02-2014 19:05:40 Driver Booster : NVIDIA GeForce GT 520
07-02-2014 14:59:54 Removed Trapcode Suite 64-bit
08-02-2014 14:14:34 Windows Update
09-02-2014 12:08:05 AA11
09-02-2014 12:08:51 AA11
09-02-2014 12:11:11 AA11
09-02-2014 12:49:17 Installed AVG 2014
09-02-2014 12:49:24 Installed AVG 2014
10-02-2014 19:46:20 Removed AVG 2014
10-02-2014 19:48:44 Removed AVG 2014
10-02-2014 19:50:56 avast! antivirus system restore point
10-02-2014 20:48:45 Removed Java 7 Update 51
==================== Hosts content: ==========================
2012-04-15 19:32 - 2012-04-15 19:01 - 00001811 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
==================== Scheduled Tasks (whitelisted) =============
Task: {0C5CB6C2-A7C8-4C43-AD05-E01609C88053} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {4611432B-BF01-4324-859B-9393CEDEE758} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {6E64468E-11C6-40EA-AB11-6FB2D5B78135} - System32\Tasks\AdobeAAMUpdater-1.0-Runestasjon-PC-Rune => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {9B7A4555-2ADC-4C1B-AAC7-B38AABE18625} - System32\Tasks\Run RoboForm TaskBar Icon => E:\Programs\Roboform\RoboTaskBarIcon.exe [2013-12-01] (Siber Systems)
Task: {A74AB3BC-35D3-47A3-B333-22896AC721A8} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-892377978-1441931877-1165036963-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-31] (RealNetworks, Inc.)
Task: {AC1A2C52-A321-41E8-808E-CA3BCC6069A9} - System32\Tasks\Run RoboForm Process => E:\Programs\Roboform\Identities.exe [2013-12-01] (Siber Systems)
Task: {AD3370DC-C03A-4597-A7C5-3AD6D82FC3B6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {E88F3D95-9D88-4362-A46A-B16EA0FB3117} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {F6FB6E80-7085-4A4D-8EF9-98B4A17C039A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNMLMJMHMKJNJHMPMCNOJOJMJMJCNLMNMMMKMCNNJLMLJPMCNJJJMMMGMJJMMIMHMIMIMPMOMJNJICMIMCNGMCNNMFMGMCNOMOMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMEKMICNJJCKFMKMGMOMJNHICMIJKJKIIJNMJNBJCMNKKIBJKJPNKLDJDJGJBJIJMIKJBJJNKJCMJNNICMJNDJCMKJBJ"
Task: {F77DFB73-8DCA-4BA0-8387-973893A2A661} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-892377978-1441931877-1165036963-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-31] (RealNetworks, Inc.)
Task: {FB352FED-08AA-41C5-8663-8CFD39DFE055} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMLMKMNMNMLMMMLJGMCNKJGMNJLMCNLMJMLMPMCNGMPMLMOMCNLJJJLMMMIMOMKMIMJJJJPMMJJNJICMJMCNOMPMCNNMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMEKMICNJJCKFMNMMMJNHICMEKMICNJJCKJNBJCMNKKIBJKJJNKJCMJNNICMJNDJCMKJBJ"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () E:\Programs\Filezilla\FileZilla FTP Client\fzshellext_64.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 02857808 _____ () E:\Programs\Telenor\mobilt bredband\mobilt bredband.exe
2014-02-10 22:10 - 2014-02-10 22:10 - 01166132 _____ () E:\Temp Downloads\adwcleaner(2).exe
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-06 12:07 - 2011-05-06 12:07 - 00460144 _____ () C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll
2011-05-06 12:07 - 2011-05-06 12:07 - 04317184 _____ () C:\Program Files (x86)\Flip Video\FlipShare\Core.dll
2011-05-06 12:02 - 2011-05-06 12:02 - 00737280 _____ () C:\Program Files (x86)\Flip Video\FlipShare\qca2.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 08351744 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtGui4.dll
2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtNetwork4.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtSql4.dll
2010-10-25 23:06 - 2010-10-25 23:06 - 00364544 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtXml4.dll
2010-10-26 07:34 - 2010-10-26 07:34 - 11853824 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtWebKit4.dll
2010-10-25 23:37 - 2010-10-25 23:37 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\phonon4.dll
2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\boost_serialization-vc80-mt-1_43.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoFoundation.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoNet.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoXML.dll
2011-05-06 11:58 - 2011-05-06 11:58 - 01085440 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtCore4.dll
2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtNetwork4.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtSql4.dll
2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\boost_serialization-vc80-mt-1_43.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoFoundation.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNet.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00175616 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNetSSL.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00291840 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoUtil.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoXML.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00110592 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoCrypto.dll
2014-01-27 21:43 - 2014-01-27 21:43 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-11-11 23:08 - 2011-11-11 23:08 - 02145304 _____ () E:\Programs\Logitech Webcam\LWS\Webcam Software\QtCore4.dll
2011-11-11 23:08 - 2011-11-11 23:08 - 07956504 _____ () E:\Programs\Logitech Webcam\LWS\Webcam Software\QtGui4.dll
2011-11-11 23:08 - 2011-11-11 23:08 - 00342552 _____ () E:\Programs\Logitech Webcam\LWS\Webcam Software\QtXml4.dll
2011-11-11 23:08 - 2011-11-11 23:08 - 00029208 _____ () E:\Programs\Logitech Webcam\LWS\Webcam Software\imageformats\QGif4.dll
2011-11-11 23:08 - 2011-11-11 23:08 - 00128536 _____ () E:\Programs\Logitech Webcam\LWS\Webcam Software\imageformats\QJpeg4.dll
2013-08-17 08:38 - 2013-08-17 08:38 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f60b3ee2de3f41a024920486d46d49f2\IsdiInterop.ni.dll
2012-02-23 06:12 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 01384448 ____R () E:\Programs\Telenor\mobilt bredband\OSCSettingsLibU_vc90.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 01995776 _____ () E:\Programs\Telenor\mobilt bredband\QtDeclarative4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 01116160 _____ () E:\Programs\Telenor\mobilt bredband\QtScript4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 02142720 _____ () E:\Programs\Telenor\mobilt bredband\QtCore4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00184320 _____ () E:\Programs\Telenor\mobilt bredband\QtSql4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 02530304 _____ () E:\Programs\Telenor\mobilt bredband\QtXmlPatterns4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00916480 _____ () E:\Programs\Telenor\mobilt bredband\QtNetwork4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00335360 _____ () E:\Programs\Telenor\mobilt bredband\QtXml4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 07793152 _____ () E:\Programs\Telenor\mobilt bredband\QtGui4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00860160 ____R () E:\Programs\Telenor\mobilt bredband\NDISAPI.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00063312 _____ () E:\Programs\Telenor\mobilt bredband\LicenseRegistration.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00416768 ____R () E:\Programs\Telenor\mobilt bredband\sqldrivers\qsqlite4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00027648 _____ () E:\Programs\Telenor\mobilt bredband\imageformats\qico4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00121344 _____ () E:\Programs\Telenor\mobilt bredband\imageformats\qjpeg4.dll
2014-02-06 21:18 - 2014-02-06 21:18 - 03583600 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-10 20:57 - 2014-02-10 20:57 - 01013248 _____ () C:\Users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default\extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}\platform\WINNT_x86-msvc\components\wrxpcom.dll
2014-02-05 22:59 - 2014-02-05 22:59 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/10/2014 09:36:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/10/2014 09:08:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/10/2014 08:52:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/10/2014 08:49:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/10/2014 08:46:32 PM) (Source: Application Error) (User: )
Description: Faulting application name: avgui.exe, version: 14.0.0.4330, time stamp: 0x52dfa8b0
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x4c24448d
Faulting process id: 0x1478
Faulting application start time: 0xavgui.exe0
Faulting application path: avgui.exe1
Faulting module path: avgui.exe2
Report Id: avgui.exe3
Error: (02/10/2014 08:25:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/09/2014 08:07:12 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location I:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
Error: (02/09/2014 07:57:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (02/10/2014 09:38:41 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069
Error: (02/10/2014 09:38:41 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (02/10/2014 09:38:15 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Error: (02/10/2014 09:34:34 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 16%
Total physical RAM: 16360.88 MB
Available physical RAM: 13627.02 MB
Total Pagefile: 32719.94 MB
Available Pagefile: 29908.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.79 GB) (Free:34.16 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:931.39 GB) (Free:616.67 GB) NTFS
Drive k: () (Fixed) (Total:29.8 GB) (Free:25.44 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 713ADFE5)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=125 MB) - (Type=42)
Partition 3: (Not Active) - (Size=931 GB) - (Type=42)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 713ADFFD)
Partition 1: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 30 GB) (Disk ID: D05815ED)
Partition 1: (Not Active) - (Size=30 GB) - (Type=0C)
==================== End Of Log ============================
ASWMBR:
-------
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-02-10 22:28:23
-----------------------------
22:28:23.830  OS Version: Windows x64 6.1.7601 Service Pack 1
22:28:23.830  Number of processors: 4 586 0x2A07
22:28:23.830  ComputerName: RUNESTASJON-PC  UserName: Rune
22:28:35.491  Initialize success
22:30:31.542  AVAST engine defs: 14021001
22:30:55.546  Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
22:30:55.546  Disk 0 Vendor: ST1000DM CC46 Size: 953869MB BusType: 3
22:30:55.556  Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
22:30:55.556  Disk 1 Vendor: OCZ-AGIL 2.15 Size: 114473MB BusType: 3
22:30:55.566  Disk 1 MBR read successfully
22:30:55.576  Disk 1 MBR scan
22:30:55.576  Disk 1 Windows 7 default MBR code
22:30:55.586  Disk 1 Partition 1 00  07  HPFS/NTFS NTFS  114471 MB offset 2048
22:30:55.606  Disk 1 scanning C:\Windows\system32\drivers
22:30:58.846  Service scanning
22:31:06.986  Modules scanning
22:31:06.986  Disk 1 trace - called modules:
22:31:06.996  ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
22:31:07.006  1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa80103d3060]
22:31:07.006  3 CLASSPNP.SYS[fffff88001efb43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800dfd6050]
22:31:07.197  AVAST engine scan C:\Windows
22:31:07.657  AVAST engine scan C:\Windows\system32
22:32:28.338  AVAST engine scan C:\Windows\system32\drivers
22:32:31.089  AVAST engine scan C:\Users\Rune
22:33:24.845  AVAST engine scan C:\ProgramData
22:33:33.076  Scan finished successfully
22:34:18.371  Disk 1 MBR has been saved successfully to "C:\Users\Rune\Desktop\Mother\Avastlog\MBR.dat"
22:34:18.371  The log file has been saved successfully to "C:\Users\Rune\Desktop\Mother\Avastlog\aswMBR.txt"
 

Link to post
Share on other sites

  • Replies 67
  • Created
  • Last Reply

Top Posters In This Topic

Just read your post.

 

This machine has been setup for me by a friend and I must admit that I am not all that computer savvy myself but use Google for my AV searches.

Will give him a call to see what is not "kosher" if anything. I cannot read code so I am terribly sorry if I have given you something that you did not want.

 

Will delete anything that is not ok with you guys.

Would be very grateful if you gave me some pointers as to where to start. The only thing I can guess must be a torrent software which I will delete from my system ASAP.

 

Terribly sorry if that is what causing a conflict here.

 

- On a side note:

 

The malware I have is acting like this:

 

Slower internet connection.

Pop ups x2:

One in the bottom of the screen stating how many percentage of "safety" the current webpage I visit is on - like a trust guard.

And one in the lower right corner stating that I have low disc space. ( I do not have low disc space by the way. )

 

Thanks for your help - really appreciate it!

Link to post
Share on other sites

Adobe After Effects CS5.5 (x32 Version: 10.5 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Dreamweaver CS5.5 (x32 Version: 11.5 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Illustrator CS5.1 (x32 Version: 15.1 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (x32 Version: 12.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (x32 Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
 

 

 

 
2012-04-15 19:32 - 2012-04-15 19:01 - 00001811 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net

 

 

 

Link to post
Share on other sites

These you can keep, the rest uninstall:

Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)

Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)

Then...............

Please go to the link below, download and run Fixit:

http://support.microsoft.com/kb/972034 <---reset host file fixit

Last.......

Please download and run RogueKiller 32 Bit to your desktop.

RogueKiller 64 Bit <---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

General Forum P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running, please create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

Ok. Should be better now. Here is the first step and log:

 

--------------------------------

RogueKiller V8.8.7 _x64_ [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Rune [Admin rights]
Mode : Scan -- Date : 02/12/2014 16:24:15
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : BLSyndicationSystem (C:\Users\Rune\Desktop\Social Syndication\SociSynd_Submitter.exe [x][x]) -> FOUND
[RUN][sUSP PATH] HKUS\S-1-5-21-892377978-1441931877-1165036963-1000\[...]\Run : BLSyndicationSystem (C:\Users\Rune\Desktop\Social Syndication\SociSynd_Submitter.exe [x][x]) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000DM003-9YN162 +++++
--- User ---
[MBR] 41eca58f1c190b0e980e2c10f0390f30
[bSP] 5a6957a2bc7b9a71fb8291bf0d3e1c81 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 63 | Size: 0 Mo
1 - [ACTIVE] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 2048 | Size: 125 Mo
2 - [XXXXXX] LINUX-SWP (0x42) [VISIBLE] Offset (sectors): 258048 | Size: 953742 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) OCZ-AGILITY3 +++++
--- User ---
[MBR] b8825ed2e992a3d4876bb78db86f34c7
[bSP] c5f622ee7ce8e0136bad8c44ce41e68c : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 114471 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE3 @ USB) StoreJet Transcend USB Device +++++
--- User ---
[MBR] 16083d832a185440785700628c0347f4
[bSP] 21cd240dc894aa1afce793cdbe816c78 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 64 | Size: 953867 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )

Finished : << RKreport[0]_S_02122014_162415.txt >>



 

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428
Run by Rune at 16:56:48 on 2014-02-12
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.16361.14339 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files\WTouch\WTouchService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Windows\system32\IProsetMonitor.exe
E:\Programs\Telenor\mobilt bredband\Sesam\BIN\SecMIPService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Pen_Tablet.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\Explorer.EXE
C:\Program Files\WTouch\WTouchUser.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
E:\Programs\Roboform\robotaskbaricon.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
E:\Programs\Logitech Webcam\LWS\Webcam Software\LWS.exe
E:\Programs\Office\Office12\ONENOTEM.EXE
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\Pen_Tablet.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
E:\Temp Downloads\RogueKillerX64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

mWinlogon: Userinit = userinit.exe,
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - E:\Programs\Roboform\roboform.dll
BHO: Dragon NaturallySpeaking Rich Internet Application Support - Extension: {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - E:\Programs\Dragon Nuance Naturally Speaking 12\Program\ieShim.dll
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - E:\Programs\Roboform\roboform.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Programs\Roboform\roboform.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} -
uRun: [DAEMON Tools Lite] "E:\Programs\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [AdobeBridge] <no file>
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [LWS] E:\Programs\Logitech Webcam\LWS\Webcam Software\LWS.exe -hide
mRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
mRun: [DNS7reminder] "E:\Programs\Dragon Nuance Naturally Speaking 12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
StartupFolder: C:\Users\Rune\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - E:\Programs\Office\Office12\ONENOTEM.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Customize Menu - E:\Programs\Roboform\RoboFormComCustomizeIEMenu.html
IE: E&ksporter til Microsoft Excel - E:\Programs\Office\Office12\EXCEL.EXE/3000
IE: Save Forms - E:\Programs\Roboform\RoboFormComSavePass.html
IE: Show RoboForm Toolbar - E:\Programs\Roboform\RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - E:\Programs\Office\Office12\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - E:\Programs\Roboform\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - E:\Programs\Roboform\roboform.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - E:\Programs\Roboform\roboform.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.



TCP: NameServer = 193.213.112.4 130.67.15.198
TCP: Interfaces\{49DD153C-27E0-4694-BB87-A39878C313ED} : DHCPNameServer = 193.213.112.4 130.67.15.198
TCP: Interfaces\{8EB4E54D-45EE-4A93-872C-29B4FDDCC2B7} : DHCPNameServer = 193.213.112.4 130.67.15.198
TCP: Interfaces\{DE2C8EFC-1269-48E1-BFBE-E68E135B8FB5} : DHCPNameServer = 193.213.112.4 130.67.15.198
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - E:\Programs\Roboform\RoboForm-x64.dll
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -
x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Programs\Roboform\RoboForm-x64.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} -
x64-Run: [RtHDVCpl] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - E:\Programs\Roboform\RoboForm-x64.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - E:\Programs\Roboform\RoboForm-x64.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -
x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - E:\Programs\Roboform\RoboForm-x64.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.type - 1
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Users\Rune\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\Rune\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: E:\Programs\DRAGON~1\Program\npDgnRia.dll
FF - plugin: E:\Programs\VLC\npvlc.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mv91xx;mv91xx;C:\Windows\System32\drivers\mv91xx.sys [2010-11-22 303408]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-3-11 283200]
R2 DragonSvc;Dragon Service;C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [2013-10-15 311184]
R2 FlipShareServer;FlipShare Server;C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2011-5-6 1085440]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-2-23 13592]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-2-23 133800]
R2 SesamService;Sesam Control Service;E:\Programs\Telenor\mobilt bredband\Sesam\BIN\SecMIPService.exe [2009-2-17 1237800]
R2 TabletServicePen;TabletServicePen;C:\Windows\System32\Pen_Tablet.exe [2013-3-15 5556520]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R2 WTouchService;WTouch Service;C:\Program Files\WTouch\WTouchService.exe [2013-3-15 127784]
R3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2010-3-20 13952]
R3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2010-8-27 138752]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2014-2-5 181760]
R3 wtsmpadap;Sesam Virtual Adapter;C:\Windows\System32\drivers\wtsmpadap.sys [2009-1-31 56104]
R3 WtSmpFlt;Sesam Adapter;C:\Windows\System32\drivers\wtsmpflt.sys [2009-1-31 383784]
R3 XENfiltv;XENfiltv;C:\Windows\System32\drivers\XENfiltv.sys [2009-7-31 25600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-2-5 2151200]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2010-3-20 114560]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-13 111616]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech HD Webcam C310(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\System32\drivers\wacmoumonitor.sys [2013-3-15 18216]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-2-23 1255736]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\System32\Notepad.exe %1 [default=Edit - 'Open' doesn't exist]
.
=============== Created Last 30 ================
.
2014-02-12 13:39:27    --------    d-----w-    C:\Users\Rune\AppData\Roaming\Local
2014-02-10 21:18:21    --------    d-----w-    C:\FRST
2014-02-10 19:57:32    10395072    ----a-w-    C:\Program Files (x86)\Common Files\wruninstall.exe
2014-02-10 19:57:31    --------    d-----w-    C:\Users\Rune\AppData\Local\lptmp1562496268
2014-02-09 12:49:37    --------    d-----w-    C:\Users\Rune\AppData\Roaming\TuneUp Software
2014-02-09 12:46:14    --------    d--h--w-    C:\ProgramData\Common Files
2014-02-09 12:46:14    --------    d-----w-    C:\Users\Rune\AppData\Local\MFAData
2014-02-09 12:46:14    --------    d-----w-    C:\ProgramData\MFAData
2014-02-09 12:25:12    --------    d-----w-    C:\Windows\ERUNT
2014-02-08 21:40:39    --------    d-----w-    C:\Windows\pss
2014-02-08 14:14:41    10315576    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8EB90C22-ECC7-40CB-9B5D-FF2F72D61A20}\mpengine.dll
2014-02-05 22:13:01    181760    ----a-w-    C:\Windows\System32\drivers\nusb3xhc.sys
2014-02-05 22:12:24    99800    ----a-w-    C:\Windows\System32\drivers\TeeDriverx64.sys
2014-02-05 22:12:24    1795952    ----a-w-    C:\Windows\System32\WdfCoInstaller01011.dll
2014-02-05 22:04:52    35840    ----a-w-    C:\Windows\System32\mv91xxm.dll
2014-02-05 22:04:52    321896    ----a-w-    C:\Windows\System32\drivers\mvs91xx.sys
2014-02-05 22:04:52    14696    ----a-w-    C:\Windows\System32\drivers\mvxxmm.sys
2014-02-05 19:07:45    123704    ----a-w-    C:\Windows\System32\drivers\jraid.sys
2014-02-05 19:07:23    31520    ----a-w-    C:\Windows\System32\nvhdap64.dll
2014-02-05 19:07:23    196384    ----a-w-    C:\Windows\System32\drivers\nvhda64v.sys
2014-02-05 19:07:23    1510176    ----a-w-    C:\Windows\System32\nvhdagenco64.dll
2014-02-05 19:03:27    34080    ----a-w-    C:\Windows\System32\SmartDefragBootTime.exe
2014-02-05 19:02:12    121856    ----a-w-    C:\Windows\System32\IObitSmartDefragExtension.dll
2014-02-05 19:01:31    --------    d-----w-    C:\Users\Rune\AppData\Local\Google
2014-02-05 18:45:07    --------    d-----w-    C:\ProgramData\ProductData
2014-02-05 18:45:07    --------    d-----w-    C:\Program Files (x86)\IObit
2014-02-05 18:44:55    --------    d-----w-    C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-05 18:44:53    --------    d-----w-    C:\ProgramData\IObit
2014-02-05 18:43:05    --------    d-----w-    C:\Users\Rune\AppData\Roaming\IObit
2014-01-27 22:00:45    --------    d-----w-    C:\Users\Rune\AppData\Local\My Games
2014-01-27 21:35:37    281688    ----a-w-    C:\Windows\SysWow64\PnkBstrB.xtr
2014-01-27 21:35:32    --------    d-----w-    C:\Users\Rune\AppData\Local\PunkBuster
2014-01-27 20:43:33    --------    d-----w-    C:\Users\Rune\AppData\Local\Ubisoft Game Launcher
2014-01-27 20:43:22    281688    ----a-w-    C:\Windows\SysWow64\PnkBstrB.ex0
2014-01-15 13:16:12    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2014-01-15 13:16:12    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2014-01-15 13:16:12    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2014-01-15 13:16:11    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 13:16:11    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2014-01-15 13:16:11    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-01-15 13:16:11    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 13:16:11    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2014-01-15 13:16:10    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
.
==================== Find3M  ====================
.
2014-02-05 19:05:58    9619872    ----a-w-    C:\Windows\SysWow64\nvopencl.dll
2013-12-18 05:13:56    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
.
============= FINISH: 16:56:55.74 ===============
 

Link to post
Share on other sites

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 2/23/2012 5:56:58 AM
System Uptime: 2/12/2014 4:13:58 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer INC. |  | SABERTOOTH P67
Processor: Intel® Core i5-2500 CPU @ 3.30GHz | LGA1155 | 3301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 36.226 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 931 GiB total, 618.453 GiB free.
F: is CDROM ()
G: is CDROM (CDFS)
H: is Removable
I: is FIXED (FAT32) - 931 GiB total, 579.685 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP253: 2/9/2014 1:08:51 PM - AA11
RP254: 2/9/2014 1:11:11 PM - AA11
RP255: 2/9/2014 1:49:17 PM - Installed AVG 2014
RP256: 2/9/2014 1:49:24 PM - Installed AVG 2014
RP257: 2/10/2014 8:46:20 PM - Removed AVG 2014
RP258: 2/10/2014 8:48:44 PM - Removed AVG 2014
RP259: 2/10/2014 8:50:56 PM - avast! antivirus system restore point
RP260: 2/10/2014 9:48:45 PM - Removed Java 7 Update 51
RP261: 2/12/2014 2:20:43 PM - Removed Vegas Pro 11.0
RP262: 2/12/2014 2:37:03 PM - Removed Adobe Community Help
RP263: 2/12/2014 2:46:22 PM - Removed Adobe Reader XI (11.0.06).
RP264: 2/12/2014 2:50:08 PM - Removed Adobe Widget Browser
RP265: 2/12/2014 2:51:08 PM - Removed Adobe Story
RP266: 2/12/2014 2:56:53 PM - Removed Final Effects Complete 6.0.0 64Bit
RP267: 2/12/2014 2:58:16 PM - Removed Spelling Dictionaries Support For Adobe Reader 9.
RP268: 2/12/2014 3:00:15 PM - Removed Vegas Pro 11.0
RP269: 2/12/2014 3:04:36 PM - Removed Apple Application Support
RP270: 2/12/2014 3:05:15 PM - Removed Apple Mobile Device Support
RP271: 2/12/2014 3:05:23 PM - Removed Apple Software Update
RP272: 2/12/2014 3:05:34 PM - Removed Bonjour
RP273: 2/12/2014 3:06:26 PM - Removed iTunes
RP274: 2/12/2014 4:12:47 PM - Installed Microsoft Fix it 50267
.
==== Installed Programs ======================
.
7-Zip 9.22 (x64 edition)
7-Zip 9.22beta
Bamboo
Beach Millions Traffic Attractor
CameraHelperMsi
Camtasia Studio 6
Citrix Online Launcher
Clip Juicer
DAEMON Tools Lite
Dragon NaturallySpeaking 12
erLT
FBAppsNinja
FileZilla Client 3.5.3
FlipShare
FreeMind
G_Insider_Premium 2.0.0.0
GoToMeeting 6.0.0.1259
GreenSamba
Intel® Control Center
Intel® Management Engine Components
Intel® Network Connections 15.6.25.0
Intel® Rapid Storage Technology
JMicron JMB36X Driver
KickAssBots Domain Bot Beta V 1.4.1 version 1.4.1
Lead Finder Jack
Left 4 Dead 2
Logitech Webcam Software
lookinglink
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.75.0.1300
Market Samurai
Marvel Heroes
marvell 91xx driver
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Office Excel MUI (Norwegian (Bokmål)) 2007
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (Norwegian (Bokmål)) 2007
Microsoft Office PowerPoint MUI (Norwegian (Bokmål)) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Norwegian (Bokmål)) 2007
Microsoft Office Proof (Norwegian (Nynorsk)) 2007
Microsoft Office Proofing (Norwegian (Bokmål)) 2007
Microsoft Office Shared 64-bit MUI (Norwegian (Bokmål)) 2007
Microsoft Office Shared MUI (Norwegian (Bokmål)) 2007
Microsoft Office Word MUI (Norwegian (Bokmål)) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
mobilt bredband
Mozilla Firefox 27.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT Redists
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NVIDIA 3D Vision Controller Driver 310.70
NVIDIA Control Panel 331.82
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Update 1.11.3
NVIDIA Update Components
Pamela Pro 4.8
PAYDAY 2
PAYDAY: The Heist
PDF Pop Up Magic
Pinball Arcade
QR Code Machine 1.5
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
RoboForm 7-9-2-5 (All Users)
Rockstar Power Suite
ScummVM 1.5.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
SEO Link Dominator - fast Indexer and Pinger
SEO Link Robot - Fast Indexer 2.0.2.0
Skype Click to Call
Skype™ 6.11
SmartFTP Client Setup Files 4.1 (x64) (remove only)
Steam
SWF Components
TweetAdder4
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Uplay
Video Components
Viral Meme Maker version 1.0.5
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player 2.1.2
WebTablet IE Plugin
WebTablet Netscape Plugin
WP Auto Links
.
==== Event Viewer Messages From Past Week ========
.
2/9/2014 1:51:04 PM, Error: Service Control Manager [7024]  - The AVG Firewall service terminated with service-specific error %%-536805289.
2/12/2014 4:16:25 PM, Error: Service Control Manager [7038]  - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:  Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
2/12/2014 4:16:25 PM, Error: Service Control Manager [7000]  - The NVIDIA Update Service Daemon service failed to start due to the following error:  The service did not start due to a logon failure.
2/12/2014 4:15:14 PM, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
2/12/2014 3:04:58 PM, Error: Service Control Manager [7000]  - The Apple Mobile Device service failed to start due to the following error:  The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
2/12/2014 2:46:15 PM, Error: Service Control Manager [7031]  - The WRSVC service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
2/10/2014 9:34:34 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
2/10/2014 9:34:34 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/10/2014 9:34:34 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2/10/2014 9:34:34 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
2/10/2014 9:34:34 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
2/10/2014 9:34:33 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/10/2014 9:34:27 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/10/2014 9:34:07 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD CSC DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
2/10/2014 9:34:07 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
2/10/2014 9:34:07 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
2/10/2014 9:34:07 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
2/10/2014 9:34:07 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
2/10/2014 9:34:07 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
2/10/2014 9:34:07 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
2/10/2014 9:34:07 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
2/10/2014 9:34:07 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
2/10/2014 9:34:07 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
.
==== End Of File ===========================
 

Link to post
Share on other sites

Start with this:

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner from HERE or HERE to your desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a FULL Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

MrC

Link to post
Share on other sites

# AdwCleaner v3.018 - Report created 12/02/2014 at 17:29:39
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Rune - RUNESTASJON-PC
# Running from : C:\Users\Rune\Desktop\adw\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v27.0 (en-US)

[ File : C:\Users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default\prefs.js ]


*************************

AdwCleaner[R3].txt - [774 octets] - [12/02/2014 17:22:12]
AdwCleaner[s2].txt - [696 octets] - [12/02/2014 17:29:39]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [755 octets] ##########

_________________________________________________________________________________________________________

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.12.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Rune :: RUNESTASJON-PC [administrator]

2/12/2014 5:35:42 PM
mbam-log-2014-02-12 (17-35-42).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 576716
Time elapsed: 35 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

Link to post
Share on other sites

Next:

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

Hey, Is this the file you want?

Or do I need to into dos mode and c: and so on?

 

 

ComboFix 14-02-12.01 - Rune 02/12/2014  18:59:59.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.16361.12210 [GMT 1:00]
Running from: c:\users\Rune\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Local
c:\users\Rune\AppData\Roaming\Local
c:\users\Rune\AppData\Roaming\Local\Temp\lptmp1059393488\lp_languages.zip
c:\users\Rune\AppData\Roaming\ubot
c:\users\Rune\AppData\Roaming\WTouch
c:\users\Rune\AppData\Roaming\WTouch\WTouch.xml
c:\users\Rune\g2mdlhlpx.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-12 to 2014-02-12  )))))))))))))))))))))))))))))))
.
.
2014-02-12 18:03 . 2014-02-12 18:03    --------    d-----w-    c:\users\Rune\AppData\Roaming\WTouch
2014-02-12 18:02 . 2014-02-12 18:02    --------    d-----w-    c:\programdata\Local
2014-02-12 18:01 . 2014-02-12 18:01    --------    d-----w-    c:\users\UpdatusUser\AppData\Local\temp
2014-02-12 16:22 . 2014-02-12 16:29    --------    d-----w-    C:\AdwCleaner
2014-02-10 21:18 . 2014-02-10 21:18    --------    d-----w-    C:\FRST
2014-02-10 19:57 . 2014-02-10 19:57    10395072    ----a-w-    c:\program files (x86)\Common Files\wruninstall.exe
2014-02-10 19:57 . 2014-02-10 20:37    --------    d-----w-    c:\users\Rune\AppData\Local\lptmp1562496268
2014-02-09 12:49 . 2014-02-09 12:49    --------    d-----w-    c:\users\Rune\AppData\Roaming\TuneUp Software
2014-02-09 12:46 . 2014-02-10 19:49    --------    d-----w-    c:\programdata\MFAData
2014-02-09 12:46 . 2014-02-09 12:46    --------    d--h--w-    c:\programdata\Common Files
2014-02-09 12:46 . 2014-02-09 12:46    --------    d-----w-    c:\users\Rune\AppData\Local\MFAData
2014-02-09 12:25 . 2014-02-09 12:25    --------    d-----w-    c:\windows\ERUNT
2014-02-09 12:07 . 2014-02-09 12:07    --------    d-----w-    c:\programdata\Lavasoft
2014-02-08 14:14 . 2013-12-04 03:28    10315576    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{8EB90C22-ECC7-40CB-9B5D-FF2F72D61A20}\mpengine.dll
2014-02-05 22:13 . 2014-02-05 22:13    181760    ----a-w-    c:\windows\system32\drivers\nusb3xhc.sys
2014-02-05 22:12 . 2014-02-05 22:12    99800    ----a-w-    c:\windows\system32\drivers\TeeDriverx64.sys
2014-02-05 22:12 . 2014-02-05 22:12    1795952    ----a-w-    c:\windows\system32\WdfCoInstaller01011.dll
2014-02-05 22:04 . 2014-02-05 22:04    35840    ----a-w-    c:\windows\system32\mv91xxm.dll
2014-02-05 22:04 . 2014-02-05 22:04    321896    ----a-w-    c:\windows\system32\drivers\mvs91xx.sys
2014-02-05 22:04 . 2014-02-05 22:04    14696    ----a-w-    c:\windows\system32\drivers\mvxxmm.sys
2014-02-05 19:07 . 2014-02-05 19:07    123704    ----a-w-    c:\windows\system32\drivers\jraid.sys
2014-02-05 19:07 . 2014-02-05 19:07    31520    ----a-w-    c:\windows\system32\nvhdap64.dll
2014-02-05 19:07 . 2014-02-05 19:07    196384    ----a-w-    c:\windows\system32\drivers\nvhda64v.sys
2014-02-05 19:07 . 2014-02-05 19:07    1510176    ----a-w-    c:\windows\system32\nvhdagenco64.dll
2014-02-05 19:03 . 2013-11-19 15:52    34080    ----a-w-    c:\windows\system32\SmartDefragBootTime.exe
2014-02-05 19:02 . 2014-01-08 14:54    121856    ----a-w-    c:\windows\system32\IObitSmartDefragExtension.dll
2014-02-05 19:01 . 2014-02-05 19:01    --------    d-----w-    c:\users\Rune\AppData\Local\Google
2014-02-05 18:45 . 2014-02-09 10:29    --------    d-----w-    c:\program files (x86)\IObit
2014-02-05 18:45 . 2014-02-05 18:45    --------    d-----w-    c:\programdata\ProductData
2014-02-05 18:44 . 2014-02-05 18:44    --------    d-----w-    c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-05 18:44 . 2014-02-05 22:14    --------    d-----w-    c:\programdata\IObit
2014-02-05 18:43 . 2014-02-05 19:02    --------    d-----w-    c:\users\Rune\AppData\Roaming\IObit
2014-01-27 22:00 . 2014-01-27 22:00    --------    d-----w-    c:\users\Rune\AppData\Local\My Games
2014-01-27 21:35 . 2014-02-05 22:20    281688    ----a-w-    c:\windows\SysWow64\PnkBstrB.xtr
2014-01-27 21:35 . 2014-01-27 21:35    --------    d-----w-    c:\users\Rune\AppData\Local\PunkBuster
2014-01-27 20:43 . 2014-01-27 22:09    --------    d-----w-    c:\users\Rune\AppData\Local\Ubisoft Game Launcher
2014-01-27 20:43 . 2014-02-03 22:52    281688    ----a-w-    c:\windows\SysWow64\PnkBstrB.ex0
2014-01-27 20:43 . 2014-01-27 20:43    --------    d-----w-    c:\program files (x86)\Ubisoft
2014-01-15 13:16 . 2013-11-27 01:41    343040    ----a-w-    c:\windows\system32\drivers\usbhub.sys
2014-01-15 13:16 . 2013-11-27 01:41    53248    ----a-w-    c:\windows\system32\drivers\usbehci.sys
2014-01-15 13:16 . 2013-11-27 01:41    325120    ----a-w-    c:\windows\system32\drivers\usbport.sys
2014-01-15 13:16 . 2013-11-27 01:41    99840    ----a-w-    c:\windows\system32\drivers\usbccgp.sys
2014-01-15 13:16 . 2013-11-27 01:41    25600    ----a-w-    c:\windows\system32\drivers\usbohci.sys
2014-01-15 13:16 . 2013-11-27 01:41    30720    ----a-w-    c:\windows\system32\drivers\usbuhci.sys
2014-01-15 13:16 . 2013-11-27 01:41    7808    ----a-w-    c:\windows\system32\drivers\usbd.sys
2014-01-15 13:16 . 2013-11-26 10:32    3156480    ----a-w-    c:\windows\system32\win32k.sys
2014-01-15 13:16 . 2013-11-26 11:40    376768    ----a-w-    c:\windows\system32\drivers\netio.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 19:05 . 2013-02-25 22:32    1436528    ----a-w-    c:\windows\system32\nvumdshimx.dll
2014-02-05 19:05 . 2013-02-25 22:32    18293608    ----a-w-    c:\windows\system32\nvwgf2umx.dll
2014-02-05 19:05 . 2013-02-25 22:32    15862272    ----a-w-    c:\windows\SysWow64\nvwgf2um.dll
2014-02-05 19:05 . 2013-02-25 22:32    2697248    ----a-w-    c:\windows\SysWow64\nvapi.dll
2014-02-05 19:05 . 2013-02-25 22:32    3069608    ----a-w-    c:\windows\system32\nvapi64.dll
2014-01-16 15:58 . 2012-02-23 03:49    86054176    ----a-w-    c:\windows\system32\MRT.exe
2013-12-18 05:13 . 2010-11-21 03:27    270496    ------w-    c:\windows\system32\MpSigStub.exe
2013-11-26 11:54 . 2013-12-13 02:00    23183360    ----a-w-    c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-13 02:00    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-13 02:00    4096    ----a-w-    c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-13 02:00    66048    ----a-w-    c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-13 02:00    48640    ----a-w-    c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-13 02:00    2764288    ----a-w-    c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-13 02:00    53760    ----a-w-    c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-13 02:00    33792    ----a-w-    c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-13 02:00    2724864    ----a-w-    c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-13 02:00    574976    ----a-w-    c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-13 02:00    139264    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-13 02:00    111616    ----a-w-    c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-13 02:00    708608    ----a-w-    c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-13 02:00    218624    ----a-w-    c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-13 02:00    5769216    ----a-w-    c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-13 02:00    553472    ----a-w-    c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-13 02:00    4243968    ----a-w-    c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-13 02:00    1995264    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-13 02:00    12996608    ----a-w-    c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-13 02:00    1928192    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-13 02:00    2334208    ----a-w-    c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-13 02:00    1395200    ----a-w-    c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-13 02:00    817664    ----a-w-    c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-13 02:00    1820160    ----a-w-    c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 12:53    417792    ----a-w-    c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 12:53    465920    ----a-w-    c:\windows\system32\WMPhoto.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="e:\programs\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2011-10-12 2068856]
"RoboForm"="e:\programs\Roboform\RoboTaskBarIcon.exe" [2013-12-01 109784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-04-30 284440]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
"LWS"="e:\programs\Logitech Webcam\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\\isuspm.exe" [2011-10-12 2068856]
"DNS7reminder"="e:\programs\Dragon Nuance Naturally Speaking 12\Ereg\Ereg.exe" [2010-10-27 328992]
.
c:\users\Rune\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper og Launcher.lnk - e:\programs\Office\Office12\ONENOTEM.EXE /tsr [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys;c:\windows\SYSNATIVE\DRIVERS\wacmoumonitor.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
S0 mv91xx;mv91xx;c:\windows\system32\DRIVERS\mv91xx.sys;c:\windows\SYSNATIVE\DRIVERS\mv91xx.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [x]
S2 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [x]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
S2 SesamService;Sesam Control Service;e:\programs\Telenor\mobilt bredband\Sesam\BIN\SecMIPService.exe;e:\programs\Telenor\mobilt bredband\Sesam\BIN\SecMIPService.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe;c:\windows\SYSNATIVE\Pen_Tablet.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 WTouchService;WTouch Service;c:\program files\WTouch\WTouchService.exe;c:\program files\WTouch\WTouchService.exe [x]
S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 wtsmpadap;Sesam Virtual Adapter;c:\windows\system32\DRIVERS\wtsmpadap.sys;c:\windows\SYSNATIVE\DRIVERS\wtsmpadap.sys [x]
S3 WtSmpFlt;Sesam Adapter;c:\windows\system32\DRIVERS\wtsmpflt.sys;c:\windows\SYSNATIVE\DRIVERS\wtsmpflt.sys [x]
S3 XENfiltv;XENfiltv;c:\windows\system32\drivers\XENfiltv.sys;c:\windows\SYSNATIVE\drivers\XENfiltv.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-02-05 7205592]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&ksporter til Microsoft Excel - e:\programs\Office\Office12\EXCEL.EXE/3000


TCP: DhcpNameServer = 193.213.112.4 130.67.15.198
FF - ProfilePath - c:\users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.type - 1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-BLSyndicationSystem - c:\users\Rune\Desktop\Social Syndication\SociSynd_Submitter.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-892377978-1441931877-1165036963-1000_Classes\CLSID]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-892377978-1441931877-1165036963-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-892377978-1441931877-1165036963-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}]
@DACL=(02 0000)
@="GoToMeeting Outlook COM Addin"
.
[HKEY_USERS\S-1-5-21-892377978-1441931877-1165036963-1000_Classes\CLSID\{A33A4C68-79F4-15CC-89D9-0BE4B0FDC9C2}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-892377978-1441931877-1165036963-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Flip Video\FlipShare\FlipShareService.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Completion time: 2014-02-12  19:04:12 - machine was rebooted
ComboFix-quarantined-files.txt  2014-02-12 18:04
.
Pre-Run: 38,793,805,824 bytes free
Post-Run: 38,649,487,360 bytes free
.
- - End Of File - - 2DEC819A959703AB17BF9A69F7700FE2
 

Link to post
Share on other sites

I get this message:

 

An unexpected error is keeping you from copying the file. If you continue to recieve this error, you can use the error code to search for help with this problem: Error 0x80030002: install.rdf could not be found

install.rdf

type rdf file

date modified 1/23/2014 11:53 AM

Size 2,15kb

 

Googling it t says something about mapple story cannot be played . Do not know what this is.

 

______________________________________________

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2014
Ran by Rune (administrator) on RUNESTASJON-PC on 12-02-2014 21:20:25
Running from C:\Users\Rune\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
() C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
() C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Swisscom) E:\Programs\Telenor\mobilt bredband\Sesam\BIN\SecMIPService.exe
(Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchUser.exe
(Wacom Technology, Corp.) C:\Windows\system32\WTablet\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
() E:\Programs\Telenor\mobilt bredband\mobilt bredband.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7205592 2014-02-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [LWS] - E:\Programs\Logitech Webcam\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [iSUSPM] - C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] - E:\Programs\Dragon Nuance Naturally Speaking 12\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKU\S-1-5-21-892377978-1441931877-1165036963-1000\...\Run: [DAEMON Tools Lite] - E:\Programs\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-892377978-1441931877-1165036963-1000\...\Run: [iSUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKU\S-1-5-21-892377978-1441931877-1165036963-1000\...\Run: [RoboForm] - E:\Programs\Roboform\RoboTaskBarIcon.exe [109784 2013-12-01] (Siber Systems)
Startup: C:\Users\Rune\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper og Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper og Launcher.lnk -> E:\Programs\Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall Webroot RunOnce.lnk
ShortcutTarget: Uninstall Webroot RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x50503E8CEDF1CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - E:\Programs\Roboform\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar64.dll No File
BHO-x32: RoboForm Toolbar Helper - {724d43a9-0d85-11d4-9908-00400523e39a} - E:\Programs\Roboform\roboform.dll (Siber Systems Inc.)
BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - E:\Programs\Dragon Nuance Naturally Speaking 12\Program\ieShim.dll (Nuance Communications, Inc.)
BHO-x32: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll No File
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Programs\Roboform\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll No File
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - E:\Programs\Roboform\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll No File
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - E:\Programs\Roboform\RoboForm-x64.dll (Siber Systems Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 193.213.112.4 130.67.15.198

FireFox:
========
FF ProfilePath: C:\Users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "type", 1
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - E:\Programs\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - E:\Programs\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin - E:\Programs\DRAGON~1\Program\npDgnRia.dll (Nuance Communications Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Rune\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Rune\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default\searchplugins\wot-safe-search.xml
FF Extension: SeoQuake - C:\Users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default\Extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74} [2013-10-13]
FF Extension: Webroot Password Manager - C:\Users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}_deleted [2014-02-10]
FF Extension: WOT - C:\Users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-29]
FF Extension: Disconnect - C:\Users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default\Extensions\2.0@disconnect.me.xpi [2013-10-07]
FF Extension: S3 Firefox Organizer(S3Fox) - C:\Users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default\Extensions\{7CEA821D-3DAB-4238-B424-BF7324531750}.xpi [2012-04-25]
FF Extension: lookinglink - C:\Users\Rune\AppData\Roaming\Mozilla\Firefox\Profiles\st0cn8zi.default\Extensions\{7f6d153f-9819-4c98-96fb-5c6aa213f0ea}.xpi [2014-02-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-06]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - E:\Programs\Dragon Nuance Naturally Speaking 12\Program\ffShim.xpi
FF Extension: No Name - E:\Programs\Dragon Nuance Naturally Speaking 12\Program\ffShim.xpi [2013-10-15]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - E:\Programs\Roboform\Firefox
FF Extension: RoboForm Toolbar for Firefox - E:\Programs\Roboform\Firefox [2012-04-19]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - E:\Programs\Dragon Nuance Naturally Speaking 12\Program\chromeShim.crx [2013-10-15]

==================== Services (Whitelisted) =================

R2 FlipShare Service; C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe [460144 2011-05-06] ()
R2 FlipShareServer; C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [1085440 2011-05-06] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 SesamService; E:\Programs\Telenor\mobilt bredband\Sesam\BIN\SecMIPService.exe [1237800 2009-02-17] (Swisscom)
R2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127784 2009-11-24] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-11] (DT Soft Ltd)
R3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [138752 2010-08-27] (Huawei Technologies Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2014-02-05] (Intel Corporation)
R3 wtsmpadap; C:\Windows\System32\DRIVERS\wtsmpadap.sys [56104 2009-01-31] (Swisscom)
R3 WtSmpFlt; C:\Windows\System32\DRIVERS\wtsmpflt.sys [383784 2009-01-31] (Swisscom)
R3 XENfiltv; C:\Windows\System32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-12 21:20 - 2014-02-12 21:26 - 00011635 _____ () C:\Users\Rune\Desktop\FRST.txt
2014-02-12 21:18 - 2014-02-12 21:18 - 02152448 _____ (Farbar) C:\Users\Rune\Desktop\FRST64.exe
2014-02-12 21:18 - 2014-02-12 21:18 - 00017355 _____ () C:\Users\Rune\Desktop\FXQQkY2_.htm
2014-02-12 19:04 - 2014-02-12 19:04 - 00018024 _____ () C:\ComboFix.txt
2014-02-12 19:03 - 2014-02-12 19:03 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\WTouch
2014-02-12 18:59 - 2014-02-12 19:04 - 00000000 ____D () C:\Qoobox
2014-02-12 18:59 - 2014-02-12 19:03 - 00000000 ____D () C:\Windows\erdnt
2014-02-12 18:59 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-02-12 18:59 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-02-12 18:59 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-02-12 18:59 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-02-12 18:59 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-02-12 18:59 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-02-12 18:59 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-02-12 18:59 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-02-12 18:51 - 2014-02-12 18:51 - 05180679 ____R (Swearware) C:\Users\Rune\Desktop\ComboFix.exe
2014-02-12 18:49 - 2014-02-12 18:51 - 00000000 ____D () C:\Users\Rune\Desktop\Combo
2014-02-12 17:22 - 2014-02-12 17:29 - 00000000 ____D () C:\AdwCleaner
2014-02-12 17:20 - 2014-02-12 17:21 - 00000000 ____D () C:\Users\Rune\Desktop\adw
2014-02-12 16:57 - 2014-02-12 16:57 - 00003964 _____ () C:\Users\Rune\Desktop\attach.zip
2014-02-12 16:56 - 2014-02-12 16:56 - 00017852 _____ () C:\Users\Rune\Desktop\dds.txt
2014-02-12 16:56 - 2014-02-12 16:56 - 00013805 _____ () C:\Users\Rune\Desktop\attach.txt
2014-02-12 16:55 - 2014-02-12 16:55 - 00688992 ____R (Swearware) C:\Users\Rune\Desktop\dds.com
2014-02-12 16:24 - 2014-02-12 16:24 - 00002780 _____ () C:\Users\Rune\Desktop\RKreport[0]_S_02122014_162415.txt
2014-02-10 22:18 - 2014-02-12 21:20 - 00000000 ____D () C:\FRST
2014-02-10 20:57 - 2014-02-12 14:53 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-10 20:57 - 2014-02-10 21:37 - 00000000 ____D () C:\Users\Rune\AppData\Local\lptmp1562496268
2014-02-09 22:07 - 2014-02-09 22:07 - 00000038 _____ () C:\Users\Rune\AppData\Roaming\mbam.context.scan
2014-02-09 13:49 - 2014-02-09 13:49 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\TuneUp Software
2014-02-09 13:46 - 2014-02-10 20:49 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-09 13:46 - 2014-02-09 13:46 - 00000000 ____D () C:\Users\Rune\AppData\Local\MFAData
2014-02-09 13:25 - 2014-02-09 13:25 - 00000000 ____D () C:\Windows\ERUNT
2014-02-09 13:08 - 2014-02-09 13:08 - 00003132 _____ () C:\Windows\System32\Tasks\{1241CD9C-F1E2-41FE-8316-EF883A1DB809}
2014-02-09 13:07 - 2014-02-09 13:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-02-09 13:05 - 2014-02-12 19:02 - 00316850 _____ () C:\Windows\PFRO.log
2014-02-09 13:05 - 2014-02-12 19:02 - 00002250 _____ () C:\Windows\setupact.log
2014-02-09 13:05 - 2014-02-09 13:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-09 11:29 - 2014-02-09 11:29 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-02-08 22:40 - 2014-02-10 21:35 - 00000000 ____D () C:\Windows\pss
2014-02-06 21:18 - 2014-02-06 21:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-05 23:19 - 2014-02-06 16:02 - 00003148 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-02-05 23:14 - 2014-02-05 23:14 - 00003158 _____ () C:\Windows\System32\Tasks\Game_Booster_AutoUpdate
2014-02-05 23:13 - 2014-02-05 23:13 - 00181760 _____ (Renesas Electronics Corporation) C:\Windows\system32\Drivers\nusb3xhc.sys
2014-02-05 23:12 - 2014-02-05 23:12 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-02-05 23:12 - 2014-02-05 23:12 - 00099800 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-02-05 23:12 - 2014-02-05 23:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-02-05 23:04 - 2014-02-05 23:04 - 00321896 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\Drivers\mvs91xx.sys
2014-02-05 23:04 - 2014-02-05 23:04 - 00035840 _____ (<Marvell>) C:\Windows\system32\mv91xxm.dll
2014-02-05 23:04 - 2014-02-05 23:04 - 00014696 _____ (Marvell Semiconductor Inc.) C:\Windows\system32\Drivers\mvxxmm.sys
2014-02-05 20:17 - 2014-02-05 20:17 - 66252800 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-02-05 20:17 - 2014-02-05 20:17 - 00167936 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-02-05 20:17 - 2014-02-05 20:17 - 00061440 _____ () C:\Windows\system32\config\SAM.iobit
2014-02-05 20:17 - 2014-02-05 20:17 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-02-05 20:12 - 2014-02-05 20:12 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-02-05 20:11 - 2014-02-05 20:11 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-02-05 20:11 - 2014-02-05 20:11 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 14153984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 05753112 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-02-05 20:11 - 2014-02-05 20:11 - 03899648 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 03760344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-02-05 20:11 - 2014-02-05 20:11 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01922304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-02-05 20:11 - 2014-02-05 20:11 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00912184 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-05 20:11 - 2014-02-05 20:11 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-02-05 20:07 - 2014-02-05 20:07 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2014-02-05 20:07 - 2014-02-05 20:07 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-05 20:07 - 2014-02-05 20:07 - 00123704 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2014-02-05 20:07 - 2014-02-05 20:07 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-05 20:05 - 2014-02-05 20:05 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-05 20:03 - 2013-11-19 16:52 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2014-02-05 20:02 - 2014-01-08 15:54 - 00121856 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2014-02-05 20:01 - 2014-02-05 20:01 - 00000000 ____D () C:\Users\Rune\AppData\Local\Google
2014-02-05 19:45 - 2014-02-09 11:29 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-05 19:45 - 2014-02-05 19:45 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-05 19:44 - 2014-02-05 23:14 - 00000000 ____D () C:\ProgramData\IObit
2014-02-05 19:44 - 2014-02-05 19:44 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-05 19:43 - 2014-02-05 20:02 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\IObit
2014-01-31 13:07 - 2014-01-31 14:19 - 00189440 _____ () C:\Users\Rune\Documents\cross country ski goggles.msam
2014-01-27 23:00 - 2014-01-27 23:00 - 00000000 ____D () C:\Users\Rune\AppData\Local\My Games
2014-01-27 22:35 - 2014-02-05 23:20 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-01-27 22:35 - 2014-01-27 22:35 - 00000000 ____D () C:\Users\Rune\AppData\Local\PunkBuster
2014-01-27 22:34 - 2014-01-27 22:34 - 00000000 ____D () C:\Users\Rune\Documents\My Games
2014-01-27 21:43 - 2014-02-03 23:52 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-27 21:43 - 2014-01-27 23:09 - 00000000 ____D () C:\Users\Rune\AppData\Local\Ubisoft Game Launcher
2014-01-27 21:43 - 2014-01-27 21:43 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-27 21:43 - 2014-01-27 21:43 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-01-16 18:22 - 2014-01-16 18:22 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-15 14:16 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 14:16 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 14:16 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 14:16 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 14:16 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 14:16 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 14:16 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 14:16 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 14:16 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 00:09 - 2014-01-14 00:09 - 00013405 _____ () C:\Users\Rune\Documents\hijackthis.log

==================== One Month Modified Files and Folders =======

2014-02-12 21:26 - 2014-02-12 21:20 - 00011635 _____ () C:\Users\Rune\Desktop\FRST.txt
2014-02-12 21:20 - 2014-02-10 22:18 - 00000000 ____D () C:\FRST
2014-02-12 21:18 - 2014-02-12 21:18 - 02152448 _____ (Farbar) C:\Users\Rune\Desktop\FRST64.exe
2014-02-12 21:18 - 2014-02-12 21:18 - 00017355 _____ () C:\Users\Rune\Desktop\FXQQkY2_.htm
2014-02-12 21:16 - 2012-02-23 05:56 - 01648452 _____ () C:\Windows\WindowsUpdate.log
2014-02-12 19:09 - 2009-07-14 05:45 - 00024096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-12 19:09 - 2009-07-14 05:45 - 00024096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-12 19:07 - 2009-07-14 06:13 - 00816032 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 19:04 - 2014-02-12 19:04 - 00018024 _____ () C:\ComboFix.txt
2014-02-12 19:04 - 2014-02-12 18:59 - 00000000 ____D () C:\Qoobox
2014-02-12 19:04 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-12 19:03 - 2014-02-12 19:03 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\WTouch
2014-02-12 19:03 - 2014-02-12 18:59 - 00000000 ____D () C:\Windows\erdnt
2014-02-12 19:03 - 2013-03-15 20:22 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\WTablet
2014-02-12 19:03 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-02-12 19:02 - 2014-02-09 13:05 - 00316850 _____ () C:\Windows\PFRO.log
2014-02-12 19:02 - 2014-02-09 13:05 - 00002250 _____ () C:\Windows\setupact.log
2014-02-12 19:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-12 19:01 - 2012-02-23 05:56 - 00000000 ____D () C:\Users\Rune
2014-02-12 18:51 - 2014-02-12 18:51 - 05180679 ____R (Swearware) C:\Users\Rune\Desktop\ComboFix.exe
2014-02-12 18:51 - 2014-02-12 18:49 - 00000000 ____D () C:\Users\Rune\Desktop\Combo
2014-02-12 17:29 - 2014-02-12 17:22 - 00000000 ____D () C:\AdwCleaner
2014-02-12 17:21 - 2014-02-12 17:20 - 00000000 ____D () C:\Users\Rune\Desktop\adw
2014-02-12 16:57 - 2014-02-12 16:57 - 00003964 _____ () C:\Users\Rune\Desktop\attach.zip
2014-02-12 16:56 - 2014-02-12 16:56 - 00017852 _____ () C:\Users\Rune\Desktop\dds.txt
2014-02-12 16:56 - 2014-02-12 16:56 - 00013805 _____ () C:\Users\Rune\Desktop\attach.txt
2014-02-12 16:55 - 2014-02-12 16:55 - 00688992 ____R (Swearware) C:\Users\Rune\Desktop\dds.com
2014-02-12 16:24 - 2014-02-12 16:24 - 00002780 _____ () C:\Users\Rune\Desktop\RKreport[0]_S_02122014_162415.txt
2014-02-12 15:07 - 2012-03-12 20:58 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\Real
2014-02-12 15:07 - 2012-03-12 20:58 - 00000000 ____D () C:\Program Files (x86)\Real
2014-02-12 15:06 - 2014-01-03 15:54 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-12 15:00 - 2012-03-12 19:38 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-02-12 15:00 - 2012-03-04 22:53 - 00000000 ____D () C:\Users\Rune\AppData\Local\Sony
2014-02-12 14:57 - 2013-10-07 19:33 - 00000000 ____D () C:\Program Files (x86)\Boris Fx, Inc
2014-02-12 14:53 - 2014-02-10 20:57 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-12 14:50 - 2012-02-23 06:27 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-12 14:48 - 2012-03-03 18:58 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\Skype
2014-02-12 14:46 - 2012-02-23 06:27 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-12 14:45 - 2012-02-23 05:47 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\Adobe
2014-02-12 14:43 - 2012-03-04 22:37 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-02-10 21:37 - 2014-02-10 20:57 - 00000000 ____D () C:\Users\Rune\AppData\Local\lptmp1562496268
2014-02-10 21:35 - 2014-02-08 22:40 - 00000000 ____D () C:\Windows\pss
2014-02-10 20:52 - 2014-01-12 21:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-10 20:49 - 2014-02-09 13:46 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-09 22:07 - 2014-02-09 22:07 - 00000038 _____ () C:\Users\Rune\AppData\Roaming\mbam.context.scan
2014-02-09 13:49 - 2014-02-09 13:49 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\TuneUp Software
2014-02-09 13:46 - 2014-02-09 13:46 - 00000000 ____D () C:\Users\Rune\AppData\Local\MFAData
2014-02-09 13:25 - 2014-02-09 13:25 - 00000000 ____D () C:\Windows\ERUNT
2014-02-09 13:08 - 2014-02-09 13:08 - 00003132 _____ () C:\Windows\System32\Tasks\{1241CD9C-F1E2-41FE-8316-EF883A1DB809}
2014-02-09 13:07 - 2014-02-09 13:07 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-02-09 13:05 - 2014-02-09 13:05 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-09 11:29 - 2014-02-09 11:29 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-02-09 11:29 - 2014-02-05 19:45 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-02-08 22:28 - 2012-04-25 02:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-07 16:44 - 2012-03-20 08:09 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\vlc
2014-02-07 16:00 - 2012-02-23 06:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-07 00:22 - 2012-04-15 20:06 - 00000132 _____ () C:\Users\Rune\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-02-06 21:18 - 2014-02-06 21:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 16:02 - 2014-02-05 23:19 - 00003148 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-02-05 23:20 - 2014-01-27 22:35 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-05 23:14 - 2014-02-05 23:14 - 00003158 _____ () C:\Windows\System32\Tasks\Game_Booster_AutoUpdate
2014-02-05 23:14 - 2014-02-05 19:44 - 00000000 ____D () C:\ProgramData\IObit
2014-02-05 23:13 - 2014-02-05 23:13 - 00181760 _____ (Renesas Electronics Corporation) C:\Windows\system32\Drivers\nusb3xhc.sys
2014-02-05 23:12 - 2014-02-05 23:12 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-02-05 23:12 - 2014-02-05 23:12 - 00099800 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-02-05 23:12 - 2014-02-05 23:12 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-02-05 23:04 - 2014-02-05 23:04 - 00321896 _____ (Marvell Semiconductor, Inc.) C:\Windows\system32\Drivers\mvs91xx.sys
2014-02-05 23:04 - 2014-02-05 23:04 - 00035840 _____ (<Marvell>) C:\Windows\system32\mv91xxm.dll
2014-02-05 23:04 - 2014-02-05 23:04 - 00014696 _____ (Marvell Semiconductor Inc.) C:\Windows\system32\Drivers\mvxxmm.sys
2014-02-05 20:17 - 2014-02-05 20:17 - 66252800 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-02-05 20:17 - 2014-02-05 20:17 - 00167936 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-02-05 20:17 - 2014-02-05 20:17 - 00061440 _____ () C:\Windows\system32\config\SAM.iobit
2014-02-05 20:17 - 2014-02-05 20:17 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-02-05 20:12 - 2014-02-05 20:12 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-02-05 20:12 - 2012-02-23 06:08 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-02-05 20:11 - 2014-02-05 20:11 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-02-05 20:11 - 2014-02-05 20:11 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 14153984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 05753112 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-02-05 20:11 - 2014-02-05 20:11 - 03899648 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 03760344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-02-05 20:11 - 2014-02-05 20:11 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01922304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-02-05 20:11 - 2014-02-05 20:11 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00912184 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-05 20:11 - 2014-02-05 20:11 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-02-05 20:11 - 2014-02-05 20:11 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-02-05 20:07 - 2014-02-05 20:07 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2014-02-05 20:07 - 2014-02-05 20:07 - 00196384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-02-05 20:07 - 2014-02-05 20:07 - 00123704 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2014-02-05 20:07 - 2014-02-05 20:07 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-02-05 20:06 - 2012-02-23 06:31 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-05 20:06 - 2012-02-23 06:31 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-02-05 20:05 - 2014-02-05 20:05 - 30361888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 22951200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 18208624 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 15218504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 12613408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-05 20:05 - 2014-02-05 20:05 - 11600432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 11514624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 09691888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 09619872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433182.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433182.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00707360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00657184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00609568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00562464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-02-05 20:05 - 2014-02-05 20:05 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-02-05 20:05 - 2013-02-25 23:32 - 18293608 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-02-05 20:05 - 2013-02-25 23:32 - 15862272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-05 20:05 - 2013-02-25 23:32 - 03069608 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-02-05 20:05 - 2013-02-25 23:32 - 02697248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-02-05 20:05 - 2013-02-25 23:32 - 01436528 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-02-05 20:05 - 2011-05-21 15:01 - 00023754 _____ () C:\Windows\system32\nvinfo.pb
2014-02-05 20:02 - 2014-02-05 19:43 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\IObit
2014-02-05 20:01 - 2014-02-05 20:01 - 00000000 ____D () C:\Users\Rune\AppData\Local\Google
2014-02-05 19:55 - 2013-08-18 23:10 - 00000000 ____D () C:\Windows\Minidump
2014-02-05 19:55 - 2012-02-23 05:49 - 00000000 ____D () C:\Windows\Panther
2014-02-05 19:53 - 2012-10-15 23:09 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\FileZilla
2014-02-05 19:53 - 2012-03-11 03:55 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\DAEMON Tools Lite
2014-02-05 19:45 - 2014-02-05 19:45 - 00000000 ____D () C:\ProgramData\ProductData
2014-02-05 19:45 - 2014-01-03 15:54 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\Apple Computer
2014-02-05 19:44 - 2014-02-05 19:44 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-03 23:52 - 2014-01-27 21:43 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-02-03 17:01 - 2012-02-23 07:41 - 00000000 ____D () C:\Users\Rune\AppData\Local\Adobe
2014-01-31 14:19 - 2014-01-31 13:07 - 00189440 _____ () C:\Users\Rune\Documents\cross country ski goggles.msam
2014-01-31 13:15 - 2012-09-14 13:39 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\GInsider
2014-01-27 23:09 - 2014-01-27 21:43 - 00000000 ____D () C:\Users\Rune\AppData\Local\Ubisoft Game Launcher
2014-01-27 23:00 - 2014-01-27 23:00 - 00000000 ____D () C:\Users\Rune\AppData\Local\My Games
2014-01-27 22:35 - 2014-01-27 22:35 - 00000000 ____D () C:\Users\Rune\AppData\Local\PunkBuster
2014-01-27 22:34 - 2014-01-27 22:34 - 00000000 ____D () C:\Users\Rune\Documents\My Games
2014-01-27 21:43 - 2014-01-27 21:43 - 00000000 ____D () C:\Users\Rune\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-01-27 21:43 - 2014-01-27 21:43 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-01-16 18:23 - 2013-10-22 12:45 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-16 18:22 - 2014-01-16 18:22 - 00005175 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 17:16 - 2009-07-14 05:45 - 04877264 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 17:00 - 2013-08-15 17:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 16:58 - 2012-02-23 04:49 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 00:09 - 2014-01-14 00:09 - 00013405 _____ () C:\Users\Rune\Documents\hijackthis.log

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-08 15:16

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2014
Ran by Rune at 2014-02-12 21:26:16
Running from C:\Users\Rune\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.22 (x64 edition) (Version: 9.22.00.0 - Igor Pavlov)
7-Zip 9.22beta (x32 Version:  - )
Bamboo (x32 Version:  - Wacom Technology Corp.)
Beach Millions Traffic Attractor (x32 Version: 3.3 - OTC Publishing)
Beach Millions Traffic Attractor (x32 Version: 3.3 - OTC Publishing) Hidden
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
Camtasia Studio 6 (x32 Version: 6.0.2 - TechSmith Corporation)
Citrix Online Launcher (x32 Version: 1.0.162 - Citrix)
Clip Juicer (x32 Version: 1.0.0 - Nick Amaral)
DAEMON Tools Lite (x32 Version: 4.45.3.0297 - DT Soft Ltd)
Dragon NaturallySpeaking 12 (x32 Version: 12.50.000 - Nuance Communications Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FBAppsNinja (x32 Version: 2.0.4 - FBAppsNinja.com)
FileZilla Client 3.5.3 (x32 Version: 3.5.3 - FileZilla Project)
FlipShare (x32 Version: 5.12.3.0 - Flip Video)
FreeMind (x32 Version: 0.9.0 - )
G_Insider_Premium 2.0.0.0 (x32 Version:  - Antification)
GoToMeeting 6.0.0.1259 (HKCU Version: 6.0.0.1259 - CitrixOnline)
GreenSamba (x32 Version:  - )
Intel® Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0 - Intel)
Intel® Network Connections 15.6.25.0 (Version: 15.6.25.0 - Intel) Hidden
Intel® Rapid Storage Technology (x32 Version: 10.5.0.1026 - Intel Corporation)
JMicron JMB36X Driver (x32 Version: 1.17.58.2 - JMicron Technology Corp.)
KickAssBots Domain Bot Beta V 1.4.1 version 1.4.1 (x32 Version: 1.4.1 - KickAssBots)
Lead Finder Jack (x32 Version: 1.1.39 - GuideTrade LLC)
Left 4 Dead 2 (x32 Version:  - Valve)
Logitech Webcam Software (x32 Version: 2.0 - Logitech Inc.)
lookinglink (Version: 2014.02.03.223422 - lookinglink)
LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Market Samurai (x32 Version: 0.93.06 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.06 - Alliance Software Pty Ltd) Hidden
Marvel Heroes (x32 Version:  - Gazillion Entertainment)
marvell 91xx driver (x32 Version: 1.0.0.1051 - Marvell)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Norwegian (Bokmål)) 2007 (x32 Version: 12.0.4518.1022 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Norwegian (Bokmål)) 2007 (x32 Version: 12.0.4518.1022 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Norwegian (Bokmål)) 2007 (x32 Version: 12.0.4518.1022 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Norwegian (Bokmål)) 2007 (x32 Version: 12.0.4518.1022 - Microsoft Corporation) Hidden
Microsoft Office Proof (Norwegian (Nynorsk)) 2007 (x32 Version: 12.0.4518.1022 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Norwegian (Bokmål)) 2007 (x32 Version: 12.0.4518.1022 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Norwegian (Bokmål)) 2007 (Version: 12.0.4518.1022 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Norwegian (Bokmål)) 2007 (x32 Version: 12.0.4518.1022 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Norwegian (Bokmål)) 2007 (x32 Version: 12.0.4518.1022 - Microsoft Corporation) Hidden
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (x32 Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
mobilt bredband (Version: 2.3.1.343 - Option) Hidden
mobilt bredband (x32 Version: 2.3.1.343 - Option)
Mozilla Firefox 27.0 (x86 en-US) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (x32 Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 310.70 (Version: 310.70 - NVIDIA Corporation)
NVIDIA Control Panel 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Pamela Pro 4.8 (x32 Version: 4.8 - Scendix Software-Vertriebsges. mbH)
PAYDAY 2 (x32 Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (x32 Version:  - Overkill)
PDF Pop Up Magic (x32 Version: 0 - Ken Sar)
Pinball Arcade (x32 Version:  - FarSight Studios)
QR Code Machine 1.5 (x32 Version: 1.5 - 1CheckOutCart.com)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
RoboForm 7-9-2-5 (All Users) (x32 Version: 7-9-2-5 - Siber Systems)
Rockstar Power Suite (HKCU Version: 2.0.0.29 - Rockstar Power Suite)
ScummVM 1.5.0 (x32 Version:  - The ScummVM Team)
SEO Link Dominator - fast Indexer and Pinger (Version: 1.0.5 - stephenhawkins)
SEO Link Robot - Fast Indexer 2.0.2.0 (Version: 2.0.2.0 - http://www.seolinkrobot.com)
Skype Click to Call (x32 Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SmartFTP Client Setup Files 4.1 (x64) (remove only) (x32 Version: 4.1 - SmartSoft Ltd)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
SWF Components (x32 Version: 1.0.0 - Keyword Rockstar, Inc.)
TweetAdder4 (x32 Version: 4.0.130521 - TweetAdder.com)
Unity Web Player (HKCU Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Uplay (x32 Version: 2.0 - Ubisoft)
Video Components (x32 Version: 1.0.0 - Keyword Rockstar, Inc.)
Viral Meme Maker version 1.0.5 (x32 Version: 1.0.5 - )
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
WebTablet IE Plugin (x32 Version: 1.1.0.4 - Wacom Technology Corp.)
WebTablet Netscape Plugin (x32 Version: 1.1.0.3 - Wacom Technology Corp.)
WP Auto Links (x32 Version: 1.0.0 - Reilly Labs)

==================== Restore Points  =========================

09-02-2014 12:08:51 AA11
09-02-2014 12:11:11 AA11
09-02-2014 12:49:17 Installed AVG 2014
09-02-2014 12:49:24 Installed AVG 2014
10-02-2014 19:46:20 Removed AVG 2014
10-02-2014 19:48:44 Removed AVG 2014
10-02-2014 19:50:56 avast! antivirus system restore point
10-02-2014 20:48:45 Removed Java 7 Update 51
12-02-2014 13:20:43 Removed Vegas Pro 11.0
12-02-2014 13:37:03 Removed Adobe Community Help
12-02-2014 13:46:22 Removed Adobe Reader XI (11.0.06).
12-02-2014 13:50:08 Removed Adobe Widget Browser
12-02-2014 13:51:08 Removed Adobe Story
12-02-2014 13:56:53 Removed Final Effects Complete 6.0.0 64Bit
12-02-2014 13:58:16 Removed Spelling Dictionaries Support For Adobe Reader 9.
12-02-2014 14:00:15 Removed Vegas Pro 11.0
12-02-2014 14:04:36 Removed Apple Application Support
12-02-2014 14:05:15 Removed Apple Mobile Device Support
12-02-2014 14:05:23 Removed Apple Software Update
12-02-2014 14:05:34 Removed Bonjour
12-02-2014 14:06:26 Removed iTunes
12-02-2014 15:12:47 Installed Microsoft Fix it 50267

==================== Hosts content: ==========================

2012-04-15 19:32 - 2014-02-12 19:03 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0C5CB6C2-A7C8-4C43-AD05-E01609C88053} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {4611432B-BF01-4324-859B-9393CEDEE758} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {9B7A4555-2ADC-4C1B-AAC7-B38AABE18625} - System32\Tasks\Run RoboForm TaskBar Icon => E:\Programs\Roboform\RoboTaskBarIcon.exe [2013-12-01] (Siber Systems)
Task: {A74AB3BC-35D3-47A3-B333-22896AC721A8} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-892377978-1441931877-1165036963-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {AC1A2C52-A321-41E8-808E-CA3BCC6069A9} - System32\Tasks\Run RoboForm Process => E:\Programs\Roboform\Identities.exe [2013-12-01] (Siber Systems)
Task: {E88F3D95-9D88-4362-A46A-B16EA0FB3117} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {F6FB6E80-7085-4A4D-8EF9-98B4A17C039A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNMLMJMHMKJNJHMPMCNOJOJMJMJCNLMNMMMKMCNNJLMLJPMCNJJJMMMGMJJMMIMHMIMIMPMOMJNJICMIMCNGMCNNMFMGMCNOMOMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMEKMICNJJCKFMKMGMOMJNHICMIJKJKIIJNMJNBJCMNKKIBJKJPNKLDJDJGJBJIJMIKJBJJNKJCMJNNICMJNDJCMKJBJ"
Task: {F77DFB73-8DCA-4BA0-8387-973893A2A661} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-892377978-1441931877-1165036963-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {FB352FED-08AA-41C5-8663-8CFD39DFE055} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMLMKMNMNMLMMMLJGMCNKJGMNJLMCNLMJMLMPMCNGMPMLMOMCNLJJJLMMMIMOMKMIMJJJJPMMJJNJICMJMCNOMPMCNNMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMEKMICNJJCKFMNMMMJNHICMEKMICNJJCKJNBJCMNKKIBJKJJNKJCMJNNICMJNDJCMKJBJ"

==================== Loaded Modules (whitelisted) =============

2011-04-13 00:03 - 2011-04-13 00:03 - 02857808 _____ () E:\Programs\Telenor\mobilt bredband\mobilt bredband.exe
2011-05-06 12:07 - 2011-05-06 12:07 - 00460144 _____ () C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll
2011-05-06 12:07 - 2011-05-06 12:07 - 04317184 _____ () C:\Program Files (x86)\Flip Video\FlipShare\Core.dll
2011-05-06 12:02 - 2011-05-06 12:02 - 00737280 _____ () C:\Program Files (x86)\Flip Video\FlipShare\qca2.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 08351744 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtGui4.dll
2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtNetwork4.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtSql4.dll
2010-10-25 23:06 - 2010-10-25 23:06 - 00364544 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtXml4.dll
2010-10-26 07:34 - 2010-10-26 07:34 - 11853824 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtWebKit4.dll
2010-10-25 23:37 - 2010-10-25 23:37 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\phonon4.dll
2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\boost_serialization-vc80-mt-1_43.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoFoundation.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoNet.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoXML.dll
2011-05-06 11:58 - 2011-05-06 11:58 - 01085440 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
2010-10-25 23:06 - 2010-10-25 23:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtCore4.dll
2010-10-25 23:08 - 2010-10-25 23:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtNetwork4.dll
2010-10-25 23:23 - 2010-10-25 23:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\QtSql4.dll
2010-05-20 12:49 - 2010-05-20 12:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\boost_serialization-vc80-mt-1_43.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoFoundation.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNet.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00175616 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNetSSL.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00291840 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoUtil.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoXML.dll
2010-05-17 08:47 - 2010-05-17 08:47 - 00110592 _____ () C:\Program Files (x86)\Flip Video\FlipShareServer\PocoCrypto.dll
2013-08-17 08:38 - 2013-08-17 08:38 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f60b3ee2de3f41a024920486d46d49f2\IsdiInterop.ni.dll
2012-02-23 06:12 - 2011-04-30 09:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 01384448 ____R () E:\Programs\Telenor\mobilt bredband\OSCSettingsLibU_vc90.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 01995776 _____ () E:\Programs\Telenor\mobilt bredband\QtDeclarative4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 01116160 _____ () E:\Programs\Telenor\mobilt bredband\QtScript4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 02142720 _____ () E:\Programs\Telenor\mobilt bredband\QtCore4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00184320 _____ () E:\Programs\Telenor\mobilt bredband\QtSql4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 02530304 _____ () E:\Programs\Telenor\mobilt bredband\QtXmlPatterns4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00916480 _____ () E:\Programs\Telenor\mobilt bredband\QtNetwork4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00335360 _____ () E:\Programs\Telenor\mobilt bredband\QtXml4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 07793152 _____ () E:\Programs\Telenor\mobilt bredband\QtGui4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00860160 ____R () E:\Programs\Telenor\mobilt bredband\NDISAPI.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00063312 _____ () E:\Programs\Telenor\mobilt bredband\LicenseRegistration.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00416768 ____R () E:\Programs\Telenor\mobilt bredband\sqldrivers\qsqlite4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00027648 _____ () E:\Programs\Telenor\mobilt bredband\imageformats\qico4.dll
2011-04-13 00:03 - 2011-04-13 00:03 - 00121344 _____ () E:\Programs\Telenor\mobilt bredband\imageformats\qjpeg4.dll
2014-02-06 21:18 - 2014-02-06 21:18 - 03583600 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/12/2014 09:12:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/12/2014 09:12:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/12/2014 09:12:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/12/2014 09:12:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1"1".
Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="x86",type="win32",version="9.0.30729.1" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/12/2014 09:12:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/12/2014 09:11:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/12/2014 07:02:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/12/2014 05:30:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/12/2014 04:14:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/12/2014 03:04:58 PM) (Source: Microsoft-Windows-RestartManager) (User: Runestasjon-PC)
Description: Application or service 'Apple Mobile Device' could not be restarted.


System errors:
=============
Error: (02/12/2014 08:14:12 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (02/12/2014 07:04:44 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (02/12/2014 07:04:44 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (02/12/2014 07:01:49 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (02/12/2014 07:01:34 PM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (02/12/2014 07:00:49 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (02/12/2014 05:32:55 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (02/12/2014 05:32:55 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (02/12/2014 05:31:50 PM) (Source: Service Control Manager) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/12/2014 04:16:25 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-02-12 19:01:34.217
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-12 19:01:34.170
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 16360.88 MB
Available physical RAM: 14035.27 MB
Total Pagefile: 32719.94 MB
Available Pagefile: 30325.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:36.07 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:931.39 GB) (Free:618.45 GB) NTFS
Drive g: (mobilt bredbånd) (CDROM) (Total:0.05 GB) (Free:0 GB) CDFS
Drive i: (Transcend) (Fixed) (Total:931.28 GB) (Free:579.69 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 713ADFE5)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=125 MB) - (Type=42)
Partition 3: (Not Active) - (Size=931 GB) - (Type=42)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 713ADFFD)
Partition 1: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 00583005)
Partition 1: (Active) - (Size=932 GB) - (Type=0C)

==================== End Of Log ============================

Link to post
Share on other sites

Not sure about my connection speed either. It seems to me as if it is uploading something every now and then. Small short uploads. I do not upload anything myself right now so it shouldn't be displaying any uploading. This reading is from my mobile broadband software. It is what caused me to look into this in the first place. May be another way of knowing for sure though.

Link to post
Share on other sites

Mister C. Just thought I should mention it that I am in GMT+1 and time here now is 10:20 and I will propably be up just a couple of more hours max. If I don't see a new post today I will check back tomorrow morning.

Thanks again for being the super awesome helper that you are - you guys really make a difference for those who are in the need. so, thanks again.

Link to post
Share on other sites

See if you can uninstall this from your add/remove programs:

lookinglink (Version: 2014.02.03.223422 - lookinglink)

 

Download the attached fixlist.txt to the same folder as FRST.

Run FRST.exe and click Fix only once and wait

The tool will create a log  (Fixlog.txt) in the folder, please post it to your reply.

 

Let me know how it is, MrC

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.