Jump to content

L00N3R

Malware Hunters
  • Posts

    921
  • Joined

Reputation

0 Neutral
  1. Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 04/08/2020 Protection Event Time: 22:21 Log File: 1dc9255a-d690-11ea-a546-74d4351f2542.json -Software Information- Version: 4.1.2.73 Components Version: 1.0.990 Update Package Version: 1.0.27937 Licence: Trial -System Information- OS: Windows 10 (Build 19041.388) CPU: x64 File System: NTFS User: System -Blocked Website Details- Malicious Website: 1 , C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0 -Website Data- Category: Phishing Domain: utzcertified.org IP Address: 95.170.87.53 Port: 443 Type: Outbound File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (end) Hi! Guessing that this is a false positive? https://www.virustotal.com/gui/url/cf94a6eb1c7c2072d95432ae2c1c03779e367e5cf0208a7217f909beda087f4a/detection Cheers!
  2. Just adding in - it also happens when you right click a grammatical error and select "Manage language"
  3. Yes, finally a user interface that looks modern, professional and clean! I feel it really shows how you are listening to your community. I like the flat Windows 8 look - I don't like Win 8 itself but its design is whats modern now. I don't get all the fuzz about the smiley face. It doesn't look too silly to me, Avast previously used a smiley in their UI I remember. Also, it kind of fits with the Malwarebytes home page, with mascots including a smiling figure and a terminator robot. To me, Malwarebytes finally has that "professional" feel again
  4. False positive https://www.virustotal.com/en-gb/file/8caa3beb8d255171317185cea1fad3b4ac2aaf1203476e5cd75574b38f34a894/analysis/1376052918/ MD5Checksum.7z
  5. 109.163.230.69 / wtso.net is blocked by MBAM. Is this a false positive? It's clean by Virustotal.
  6. Could you make an exception for this website? Thanks
  7. No, it's the uninstaller for Dropbox folder sync http://satyadeepk.in/dropbox-folder-sync/
  8. Everything is running fine now. Thanks for the help
  9. Eset log (Very short though, but it was the right location): ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK Security check: Results of screen317's Security Check version 0.99.7 Windows 7 (UAC is enabled) Internet Explorer 8 `````````````````````````````` Antivirus/Firewall Check: ESET Online Scanner v3 WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Java 6 Update 29 Out of date Java installed! Adobe Reader X (10.1.1) - Norsk ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSMpEng.exe Microsoft Security Essentials msseces.exe Microsoft Security Client Antimalware MsMpEng.exe Microsoft Security Client Antimalware NisSrv.exe ``````````End of Log````````````
  10. ComboFix 11-10-17.02 - USERNAME 18.10.2011 9:01.2.2 - x64 Microsoft Windows 7 Enterprise 6.1.7601.1.1252.47.1044.18.1982.969 [GMT 2:00] Kjører fra: d:\USERNAME\Desktop\ComboFix.exe AV: Microsoft Forefront Endpoint Protection 2010 *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Forefront Endpoint Protection 2010 *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((( Filer Opprettet Fra 2011-09-18 til 2011-10-18 ))))))))))))))))))))))))))))))))) . . 2011-10-18 07:06 . 2011-10-18 07:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-10-18 06:56 . 2011-10-18 06:56 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2B29AA69-EA6A-4636-BC18-AF7C9D49411D}\offreg.dll 2011-10-18 06:56 . 2011-09-13 00:26 9049936 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2B29AA69-EA6A-4636-BC18-AF7C9D49411D}\mpengine.dll 2011-10-14 12:03 . 2011-10-14 12:03 -------- d-----w- c:\users\USERNAME\AppData\Roaming\LolClient 2011-10-13 13:19 . 2011-10-13 13:18 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8037D578-0C93-4413-83F2-22330A210D39}\gapaengine.dll 2011-10-13 13:02 . 2011-09-06 03:03 3138048 ----a-w- c:\windows\system32\win32k.sys 2011-10-13 13:01 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll 2011-10-13 13:01 . 2011-08-17 05:25 108032 ----a-w- c:\windows\system32\psisrndr.ax 2011-10-13 13:01 . 2011-08-17 04:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll 2011-10-13 13:01 . 2011-08-17 04:19 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax 2011-10-13 13:00 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll 2011-10-13 13:00 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll 2011-10-13 13:00 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll 2011-10-13 13:00 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll 2011-10-13 08:45 . 2011-10-13 08:45 -------- d-----w- c:\program files (x86)\iFinger 2011-10-11 20:23 . 2008-07-31 08:41 68616 ----a-w- c:\windows\SysWow64\XAPOFX1_1.dll 2011-10-11 20:23 . 2008-07-31 08:40 509448 ----a-w- c:\windows\SysWow64\XAudio2_2.dll 2011-10-11 20:23 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll 2011-10-11 20:23 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll 2011-10-11 20:23 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll 2011-10-11 20:19 . 2011-10-11 20:19 -------- d-----w- C:\Riot Games 2011-10-11 08:07 . 2011-10-18 07:06 -------- d-----w- c:\users\USERNAME\AppData\Local\PMB Files 2011-10-11 08:07 . 2011-10-14 11:55 -------- d-----w- c:\programdata\PMB Files 2011-10-11 08:07 . 2011-10-11 08:07 -------- d-----w- c:\program files (x86)\Pando Networks 2011-10-08 18:51 . 2011-10-08 18:51 -------- d-----w- c:\program files (x86)\SystemRequirementsLab 2011-10-08 18:51 . 2011-10-08 18:51 -------- d-----w- c:\users\USERNAME\SystemRequirementsLab 2011-10-08 15:45 . 2011-10-08 15:45 -------- d-----w- c:\program files\CCleaner 2011-10-07 17:16 . 2011-10-07 17:16 -------- d-----w- c:\users\USERNAME\AppData\Roaming\GameRanger 2011-10-07 16:44 . 2011-10-07 16:44 -------- d-----w- c:\program files (x86)\Elaborate Bytes 2011-10-01 19:49 . 2011-10-17 15:39 -------- d-----w- c:\users\USERNAME\AppData\Local\Spotify 2011-10-01 19:49 . 2011-10-17 15:43 -------- d-----w- c:\users\USERNAME\AppData\Roaming\Spotify 2011-09-30 08:43 . 2011-09-30 08:43 -------- d-----w- c:\users\USERNAME\AppData\Local\Apple Computer 2011-09-30 08:43 . 2011-09-30 08:43 -------- d-----w- c:\users\USERNAME\AppData\Roaming\Apple Computer 2011-09-30 08:42 . 2011-09-30 08:42 -------- d-----w- c:\program files (x86)\Safari 2011-09-30 08:42 . 2011-09-30 08:42 -------- d-----w- c:\programdata\Apple Computer 2011-09-30 08:41 . 2011-09-30 08:41 -------- d-----w- c:\program files (x86)\Common Files\Apple 2011-09-30 08:41 . 2011-09-30 08:41 -------- d-----w- c:\users\USERNAME\AppData\Local\Apple 2011-09-30 08:41 . 2011-09-30 08:41 -------- d-----w- c:\program files (x86)\Apple Software Update 2011-09-30 08:41 . 2011-09-30 08:41 -------- d-----w- c:\programdata\Apple 2011-09-28 09:50 . 2011-09-28 10:21 -------- d-----w- c:\users\USERNAME\AppData\Roaming\.purple 2011-09-28 09:50 . 2011-09-28 09:50 -------- d-----w- c:\program files (x86)\Pidgin 2011-09-28 09:47 . 2011-09-28 09:48 -------- d-----w- c:\program files (x86)\Windows Live 2011-09-28 09:45 . 2011-09-28 09:45 -------- d-----w- c:\users\USERNAME\AppData\Local\Windows Live 2011-09-28 09:45 . 2011-09-28 09:45 -------- d-----w- c:\program files (x86)\Common Files\Windows Live 2011-09-28 07:05 . 2011-09-30 16:13 134104 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll 2011-09-25 14:27 . 2011-09-25 14:27 -------- d-----w- c:\programdata\Hewlett-Packard 2011-09-25 14:27 . 2009-07-14 01:41 230400 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll 2011-09-25 10:55 . 2011-09-25 10:55 -------- d-----w- c:\program files (x86)\NoVirusThanks 2011-09-21 10:59 . 2011-10-07 12:20 -------- d-----w- c:\program files (x86)\Google 2011-09-21 10:14 . 2011-09-21 10:15 -------- d-----w- c:\users\USERNAME\AppData\Roaming\Mount&Blade Warband 2011-09-21 10:08 . 2011-09-21 10:08 -------- d-----w- c:\program files (x86)\VirusTotalUploader2 2011-09-21 09:58 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll 2011-09-21 09:58 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\SysWow64\D3DX9_41.dll 2011-09-21 09:56 . 2011-09-21 10:01 -------- d-----w- c:\program files (x86)\Mount&Blade Warband 2011-09-19 06:59 . 2010-02-25 15:51 29696 ----a-w- c:\windows\system32\drivers\tap0901.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-13 08:12 . 2011-06-24 09:33 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-09-28 09:46 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-09-17 10:21 . 2011-09-03 20:42 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2011-09-14 13:58 . 2011-08-23 10:46 274616 ----a-w- c:\windows\system32\drivers\keyscrambler.sys 2011-09-13 00:26 . 2011-06-28 13:12 9049936 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-09-03 20:42 . 2011-09-03 20:42 53248 ----a-r- c:\users\USERNAME\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe 2011-08-25 10:17 . 2011-08-25 10:17 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2011-08-25 10:17 . 2011-08-25 10:17 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2011-08-25 10:17 . 2011-08-25 10:17 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2011-08-25 10:17 . 2011-08-25 10:17 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2011-08-25 10:17 . 2011-08-25 10:17 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2011-08-25 10:17 . 2011-08-25 10:17 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2011-08-25 10:17 . 2011-08-25 10:17 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2011-08-25 10:17 . 2011-08-25 10:17 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2011-08-25 10:17 . 2011-08-25 10:17 367104 ----a-w- c:\windows\SysWow64\html.iec 2011-08-25 10:17 . 2011-08-25 10:17 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2011-08-25 10:17 . 2011-08-25 10:17 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2011-08-25 10:17 . 2011-08-25 10:17 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2011-08-25 10:17 . 2011-08-25 10:17 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2011-08-25 10:17 . 2011-08-25 10:17 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2011-08-25 10:17 . 2011-08-25 10:17 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2011-08-25 10:17 . 2011-08-25 10:17 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2011-08-25 10:17 . 2011-08-25 10:17 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2011-08-25 10:17 . 2011-08-25 10:17 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2011-08-25 10:17 . 2011-08-25 10:17 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2011-08-25 10:17 . 2011-08-25 10:17 222208 ----a-w- c:\windows\system32\msls31.dll 2011-08-25 10:17 . 2011-08-25 10:17 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2011-08-25 10:17 . 2011-08-25 10:17 12288 ----a-w- c:\windows\system32\mshta.exe 2011-08-25 10:17 . 2011-08-25 10:17 114176 ----a-w- c:\windows\system32\admparse.dll 2011-08-25 10:17 . 2011-08-25 10:17 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2011-08-25 10:17 . 2011-08-25 10:17 49664 ----a-w- c:\windows\system32\imgutil.dll 2011-08-25 10:17 . 2011-08-25 10:17 48640 ----a-w- c:\windows\system32\mshtmler.dll 2011-08-25 10:17 . 2011-08-25 10:17 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2011-08-25 10:17 . 2011-08-25 10:17 111616 ----a-w- c:\windows\system32\iesysprep.dll 2011-08-25 10:17 . 2011-08-25 10:17 85504 ----a-w- c:\windows\system32\iesetup.dll 2011-08-25 10:17 . 2011-08-25 10:17 76800 ----a-w- c:\windows\system32\tdc.ocx 2011-08-25 10:17 . 2011-08-25 10:17 448512 ----a-w- c:\windows\system32\html.iec 2011-08-25 10:17 . 2011-08-25 10:17 30720 ----a-w- c:\windows\system32\licmgr10.dll 2011-08-25 10:17 . 2011-08-25 10:17 1492992 ----a-w- c:\windows\system32\inetcpl.cpl 2011-08-25 10:17 . 2011-08-25 10:17 603648 ----a-w- c:\windows\system32\vbscript.dll 2011-08-25 10:17 . 2011-08-25 10:17 165888 ----a-w- c:\windows\system32\iexpress.exe 2011-08-25 10:17 . 2011-08-25 10:17 160256 ----a-w- c:\windows\system32\wextract.exe 2011-08-15 12:32 . 2011-09-14 10:04 224048 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2011-08-15 12:32 . 2011-09-14 10:04 128816 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2011-08-15 12:32 . 2011-08-15 12:32 165680 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys 2011-08-15 12:32 . 2011-08-15 12:32 146736 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2011-08-15 12:32 . 2011-08-15 12:32 320816 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll 2011-07-26 17:49 . 2011-07-26 17:49 37888 ----a-w- c:\windows\system32\drivers\taphss.sys . . ((((((((((((((((((((((((((((( SnapShot@2011-10-09_12.49.24 ))))))))))))))))))))))))))))))))))))))))) . - 2011-08-25 10:17 . 2011-08-25 10:17 72704 c:\windows\SysWOW64\mshtmled.dll + 2011-10-14 13:01 . 2011-09-01 02:23 72704 c:\windows\SysWOW64\mshtmled.dll - 2011-08-25 10:17 . 2011-08-25 10:17 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll + 2011-10-14 13:01 . 2011-09-01 02:26 66048 c:\windows\SysWOW64\migration\WininetPlugin.dll + 2011-10-14 13:01 . 2011-09-01 02:26 65024 c:\windows\SysWOW64\jsproxy.dll - 2011-08-25 10:17 . 2011-08-25 10:17 65024 c:\windows\SysWOW64\jsproxy.dll + 2011-06-23 17:10 . 2011-10-15 13:08 30546 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2011-10-18 06:44 37000 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin - 2009-07-14 09:17 . 2011-10-09 08:29 75124 c:\windows\system32\perfc014.dat + 2009-07-14 09:17 . 2011-10-18 06:46 75124 c:\windows\system32\perfc014.dat + 2011-10-14 13:01 . 2011-09-01 05:12 96256 c:\windows\system32\mshtmled.dll - 2011-08-25 10:17 . 2011-08-25 10:17 96256 c:\windows\system32\mshtmled.dll + 2011-10-14 13:01 . 2011-09-01 05:15 86528 c:\windows\system32\migration\WininetPlugin.dll - 2011-08-25 10:17 . 2011-08-25 10:17 86528 c:\windows\system32\migration\WininetPlugin.dll - 2011-08-25 10:17 . 2011-08-25 10:17 85504 c:\windows\system32\jsproxy.dll + 2011-10-14 13:01 . 2011-09-01 05:15 85504 c:\windows\system32\jsproxy.dll - 2011-07-21 14:01 . 2011-10-08 15:45 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-07-21 14:01 . 2011-10-16 13:41 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-07-21 14:01 . 2011-10-16 13:41 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-07-21 14:01 . 2011-10-08 15:45 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2011-10-08 15:45 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2011-10-16 13:41 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:46 . 2011-10-18 06:49 88816 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat + 2011-07-21 10:43 . 2011-07-21 10:43 27648 c:\windows\Installer\1367eb9.msp - 2011-06-23 16:57 . 2011-09-26 18:21 34144 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe + 2011-06-23 16:57 . 2011-10-13 13:02 34144 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe - 2011-06-23 16:57 . 2011-09-26 18:21 42848 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe + 2011-06-23 16:57 . 2011-10-13 13:02 42848 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe - 2011-06-23 16:57 . 2011-09-26 18:21 19296 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2011-06-23 16:57 . 2011-10-13 13:02 19296 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2011-10-13 08:45 . 2011-10-13 08:45 19790 c:\windows\Installer\{87A7E808-D6BE-40E6-97FD-AAAC0F39A886}\iFinger.exe + 2011-08-23 10:44 . 2011-10-18 06:44 6684 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-573178753-3869741976-1425505419-177982_UserData.bin + 2011-10-18 06:41 . 2011-10-18 06:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2011-10-09 08:24 . 2011-10-09 08:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2011-10-18 06:41 . 2011-10-18 06:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-10-09 08:24 . 2011-10-09 08:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2011-08-25 10:17 . 2011-08-25 10:17 231936 c:\windows\SysWOW64\url.dll + 2011-10-14 13:01 . 2011-09-01 02:27 231936 c:\windows\SysWOW64\url.dll + 2011-10-13 08:12 . 2011-10-13 08:12 247968 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11c_Plugin.exe + 2011-10-13 08:12 . 2011-10-13 08:12 247968 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe + 2011-10-13 08:12 . 2011-10-13 08:12 335520 c:\windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.dll - 2011-08-25 10:17 . 2011-08-25 10:17 716800 c:\windows\SysWOW64\jscript.dll + 2011-10-14 13:01 . 2011-09-01 02:24 716800 c:\windows\SysWOW64\jscript.dll - 2009-07-13 23:26 . 2009-07-14 01:15 361472 c:\windows\SysWOW64\IME\IMEJP10\IMJPAPI.DLL + 2011-10-10 13:02 . 2011-07-27 04:27 361472 c:\windows\SysWOW64\IME\IMEJP10\IMJPAPI.DLL - 2011-08-25 10:17 . 2011-08-25 10:17 176640 c:\windows\SysWOW64\ieui.dll + 2011-10-14 13:01 . 2011-09-01 02:21 176640 c:\windows\SysWOW64\ieui.dll + 2011-06-27 07:55 . 2011-10-12 17:34 315668 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin + 2011-06-23 23:28 . 2011-10-17 15:28 254866 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin - 2011-08-25 10:17 . 2011-08-25 10:17 237056 c:\windows\system32\url.dll + 2011-10-14 13:01 . 2011-09-01 05:16 237056 c:\windows\system32\url.dll + 2009-07-14 09:17 . 2011-10-18 06:46 450310 c:\windows\system32\perfh014.dat - 2009-07-14 09:17 . 2011-10-09 08:29 450310 c:\windows\system32\perfh014.dat + 2009-07-14 02:36 . 2011-10-18 06:46 609290 c:\windows\system32\perfh009.dat - 2009-07-14 02:36 . 2011-10-09 08:29 609290 c:\windows\system32\perfh009.dat + 2009-07-14 02:36 . 2011-10-18 06:46 104568 c:\windows\system32\perfc009.dat - 2009-07-14 02:36 . 2011-10-09 08:29 104568 c:\windows\system32\perfc009.dat - 2011-08-25 10:17 . 2011-08-25 10:17 818176 c:\windows\system32\jscript.dll + 2011-10-14 13:01 . 2011-09-01 05:14 818176 c:\windows\system32\jscript.dll + 2011-10-10 13:02 . 2011-07-27 05:33 546304 c:\windows\system32\IME\IMEJP10\IMJPAPI.DLL - 2009-07-13 23:40 . 2009-07-14 01:41 546304 c:\windows\system32\IME\IMEJP10\IMJPAPI.DLL - 2011-08-25 10:17 . 2011-08-25 10:17 248320 c:\windows\system32\ieui.dll + 2011-10-14 13:01 . 2011-09-01 05:08 248320 c:\windows\system32\ieui.dll + 2009-07-14 04:45 . 2011-10-13 14:47 376024 c:\windows\system32\FNTCACHE.DAT + 2009-07-14 05:01 . 2011-10-17 17:13 385756 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2011-10-08 22:44 385756 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-08-21 21:19 . 2011-08-21 21:19 133120 c:\windows\Installer\96e82c.msp + 2011-06-19 21:33 . 2011-06-19 21:33 407552 c:\windows\Installer\1367eb1.msp + 2011-10-14 12:08 . 2011-10-14 12:08 371272 c:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe - 2011-10-07 12:01 . 2011-10-07 12:01 371272 c:\windows\Installer\{AA59DDE4-B672-4621-A016-4C248204957A}\SkypeIcon.exe + 2011-06-23 16:57 . 2011-10-13 13:02 415584 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe - 2011-06-23 16:57 . 2011-09-26 18:21 415584 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2011-06-23 16:57 . 2011-10-13 13:02 303456 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2011-06-23 16:57 . 2011-09-26 18:21 303456 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2011-06-23 16:57 . 2011-09-26 18:21 571232 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe + 2011-06-23 16:57 . 2011-10-13 13:02 571232 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe + 2011-06-23 16:57 . 2011-10-13 13:02 326496 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe - 2011-06-23 16:57 . 2011-09-26 18:21 326496 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe + 2011-06-23 16:57 . 2011-10-13 13:02 469856 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe - 2011-06-23 16:57 . 2011-09-26 18:21 469856 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe - 2011-06-23 16:57 . 2011-09-26 18:21 178528 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe + 2011-06-23 16:57 . 2011-10-13 13:02 178528 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe + 2011-10-13 13:01 . 2011-08-17 05:28 315392 c:\windows\ehome\Microsoft.MediaCenter.Interop.dll - 2011-06-27 09:34 . 2010-11-20 13:44 315392 c:\windows\ehome\Microsoft.MediaCenter.Interop.dll + 2011-10-13 14:47 . 2011-10-13 14:47 522240 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\3563d3f83c115eae9c5387cc7b0d1b7d\Microsoft.MediaCenter.Interop.ni.dll + 2011-10-13 13:01 . 2011-08-17 05:28 315392 c:\windows\assembly\GAC_64\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll - 2011-06-27 09:34 . 2010-11-20 13:44 315392 c:\windows\assembly\GAC_64\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll + 2011-10-14 13:01 . 2011-09-01 02:28 1126912 c:\windows\SysWOW64\wininet.dll - 2011-08-25 10:17 . 2011-08-25 10:17 1126912 c:\windows\SysWOW64\wininet.dll + 2011-10-14 13:01 . 2011-09-01 02:28 1102848 c:\windows\SysWOW64\urlmon.dll - 2011-08-25 10:17 . 2011-08-25 10:17 1102848 c:\windows\SysWOW64\urlmon.dll + 2011-06-24 09:33 . 2011-10-13 08:12 8522400 c:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll + 2011-10-14 13:01 . 2011-09-01 02:35 1798144 c:\windows\SysWOW64\jscript9.dll + 2011-10-14 13:01 . 2011-09-01 02:23 1791488 c:\windows\SysWOW64\iertutil.dll - 2011-08-25 10:17 . 2011-08-25 10:17 1791488 c:\windows\SysWOW64\iertutil.dll + 2011-10-14 13:01 . 2011-09-01 02:33 9704960 c:\windows\SysWOW64\ieframe.dll - 2011-08-25 10:17 . 2011-08-25 10:17 1389056 c:\windows\system32\wininet.dll + 2011-10-14 13:01 . 2011-09-01 05:17 1389056 c:\windows\system32\wininet.dll - 2011-08-25 10:17 . 2011-08-25 10:17 1344512 c:\windows\system32\urlmon.dll + 2011-10-14 13:01 . 2011-09-01 05:18 1344512 c:\windows\system32\urlmon.dll + 2011-10-14 13:01 . 2011-09-01 05:24 2309120 c:\windows\system32\jscript9.dll + 2011-10-14 13:01 . 2011-09-01 05:12 2143744 c:\windows\system32\iertutil.dll + 2009-07-14 04:45 . 2011-10-15 12:56 6834469 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat - 2009-07-14 04:45 . 2011-10-07 15:35 6834469 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat + 2011-08-25 13:59 . 2011-10-17 09:16 5958756 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-573178753-3869741976-1425505419-177982-4096.dat + 2011-07-21 10:34 . 2011-07-21 10:34 3456000 c:\windows\Installer\96e860.msp + 2011-07-21 10:45 . 2011-07-21 10:45 3809792 c:\windows\Installer\96e846.msp + 2011-08-21 21:18 . 2011-08-21 21:18 1585152 c:\windows\Installer\96e825.msp + 2011-07-21 10:51 . 2011-07-21 10:51 9623040 c:\windows\Installer\1367e7b.msp + 2011-07-21 10:41 . 2011-07-21 10:41 8413696 c:\windows\Installer\1367e61.msp + 2011-06-23 16:57 . 2011-10-13 13:02 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe - 2011-06-23 16:57 . 2011-09-26 18:21 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2011-06-23 16:57 . 2011-10-13 13:02 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2011-06-23 16:57 . 2011-09-26 18:21 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2011-06-23 16:57 . 2011-10-13 13:02 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2011-06-23 16:57 . 2011-09-26 18:21 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2011-06-23 16:57 . 2011-09-26 18:21 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\Icon.9D6CC272.FB07.4CCF.BA62.C793BD18F37A.exe + 2011-06-23 16:57 . 2011-10-13 13:02 1858400 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\Icon.9D6CC272.FB07.4CCF.BA62.C793BD18F37A.exe - 2011-06-23 16:57 . 2011-09-26 18:21 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\Icon.58599A6F.C47E.4F6A.9B74.130813500B46.exe + 2011-06-23 16:57 . 2011-10-13 13:02 1479520 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\Icon.58599A6F.C47E.4F6A.9B74.130813500B46.exe - 2011-06-23 16:57 . 2011-09-26 18:21 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\Icon.0ABA67DE.B9F7.4720.83BA.38B0FED98479.exe + 2011-06-23 16:57 . 2011-10-13 13:02 3792736 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\Icon.0ABA67DE.B9F7.4720.83BA.38B0FED98479.exe - 2011-06-23 16:57 . 2011-09-26 18:21 1449312 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2011-06-23 16:57 . 2011-10-13 13:02 1449312 c:\windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2011-10-15 14:30 . 2011-10-15 14:30 1142784 c:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\006437adec3104e688788eea08c535fd\Microsoft.MediaCenter.Shell.ni.dll + 2011-10-14 13:01 . 2011-09-01 02:36 12275200 c:\windows\SysWOW64\mshtml.dll + 2009-07-14 02:34 . 2011-10-15 12:53 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT - 2009-07-14 02:34 . 2011-08-30 14:38 10747904 c:\windows\system32\SMI\Store\Machine\SCHEMA.DAT + 2011-10-14 13:01 . 2011-09-01 05:34 17781760 c:\windows\system32\mshtml.dll + 2011-06-24 09:13 . 2011-10-10 13:02 49062856 c:\windows\system32\MRT.exe - 2011-08-25 10:17 . 2011-08-25 10:17 10886144 c:\windows\system32\ieframe.dll + 2011-10-14 13:00 . 2011-09-01 05:24 10886144 c:\windows\system32\ieframe.dll + 2011-08-23 10:22 . 2011-10-17 09:16 33435484 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-573178753-3869741976-1425505419-177982-8192.dat + 2011-10-14 12:07 . 2011-10-14 12:07 18452480 c:\windows\Installer\494f48b.msi + 2011-07-21 10:36 . 2011-07-21 10:36 66808320 c:\windows\Installer\1367e97.msp + 2010-03-12 22:05 . 2010-03-12 22:05 11121528 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OARTCONV.DLL + 2010-03-13 13:08 . 2010-03-13 13:08 20516712 c:\windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OART.DLL + 2011-10-15 14:31 . 2011-10-15 14:31 25470976 c:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\5e125ecb8c921809c2d3ba09e5c77c9e\ehshell.ni.dll + 2011-10-13 08:44 . 2011-10-13 08:44 123099648 c:\windows\Installer\463d45.msi . -- Snapshot resatt til dagens dato -- . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F.lux"="c:\users\USERNAME\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656] "Steam"="c:\program files (x86)\Steam\steam.exe" [2011-09-08 1242448] "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-10-11 3077528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] "QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2011-05-13 318520] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "DefaultLogonDomain"= Akershus-FK . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-573178753-3869741976-1425505419-177982\Scripts\Logon\0\0] "Script"=\\akershus-fk.no\NETLOGON\Undervisning\LOGON00-Rettigheter bærbare til elever IV.bat . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 gupdate;Google-oppdatering-tjenesten (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-21 136176] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x] R3 gupdatem;Google-oppdatering-tjenesten (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-21 136176] R3 IntcDAud;Intel® Skjermlyd;c:\windows\system32\DRIVERS\IntcDAud.sys [x] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x] R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [x] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 RTLE8023x64;Realtek 10/100/1000 PCI-E NIC Family NDIS XP(x64) Driver;c:\windows\system32\DRIVERS\Rtenic64.sys [x] R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [x] R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-05-13 317496] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x] S3 KeyScrambler;KeyScrambler;c:\windows\system32\drivers\keyscrambler.sys [x] S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] . . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) . 2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-21 10:59] . 2011-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-21 10:59] . 2011-10-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-573178753-3869741976-1425505419-177982Core.job - c:\users\USERNAME\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-30 10:25] . 2011-10-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-573178753-3869741976-1425505419-177982UA.job - c:\users\USERNAME\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-30 10:25] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 1436224] "SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-06-23 1744152] . ------- Tilleggsskanning ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://portalen.akershus-fk.no mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> IE: E&ksporter til Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd til OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 148.83.249.50 148.83.249.51 DPF: DirectEdit - hxxps://support.itslearning.com/browsertest/components/DirectEdit.CAB FF - ProfilePath - c:\users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\psm2bo5w.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.itslearning.com/index.aspx?CustomerId=124&Username=sigsve FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?q= . - - - - TOMME PEKERE FJERNET - - - - . Wow6432Node-HKCU-Run-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe . . . --------------------- LÅSTE REGISTERNØKLER --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Tidspunkt ferdig: 2011-10-18 09:09:00 ComboFix-quarantined-files.txt 2011-10-18 07:09 ComboFix2.txt 2011-10-09 12:51 . Pre-Run: 9 049 726 976 byte ledig Post-Run: 8 876 912 640 byte ledig . - - End Of File - - 2F7359DD68A1CA280B3AA89F0A4FC05A . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26 Run by USERNAME at 9:09:58 on 2011-10-18 Microsoft Windows 7 Enterprise 6.1.7601.1.1252.47.1044.18.1982.794 [GMT 2:00] . AV: Microsoft Forefront Endpoint Protection 2010 *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Forefront Endpoint Protection 2010 *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Program Files\Sandboxie\SbieSvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\WizMouse\WizMouse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\notepad.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://portalen.akershus-fk.no uInternet Settings,ProxyOverride = <local> BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: KeyScramblerBHO Class: {2b9f5787-88a5-4945-90e7-c4b18563bc5e} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll BHO: Påloggingshjelp for Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll uRun: [F.lux] "C:\Users\USERNAME\Local Settings\Apps\F.lux\flux.exe" /noshow uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: DefaultLogonDomain = Akershus-FK IE: E&ksporter til Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd til OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - {B745F984-EF2E-40D6-A9AC-D8CED7230E61} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll DPF: DirectEdit - hxxps://support.itslearning.com/browsertest/components/DirectEdit.CAB DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 148.83.249.50 148.83.249.51 TCP: Interfaces\{F57E8DEF-B6C9-4922-A539-91F6FD186B73} : DhcpNameServer = 148.83.249.50 148.83.249.51 TCP: Interfaces\{F57E8DEF-B6C9-4922-A539-91F6FD186B73}\14B6562737865737D264B402759664960274A6563747 : DhcpNameServer = 148.83.249.50 148.83.249.51 TCP: Interfaces\{F57E8DEF-B6C9-4922-A539-91F6FD186B73}\35C65647E65627E6564747 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{F57E8DEF-B6C9-4922-A539-91F6FD186B73}\84A656D6D656 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{F57E8DEF-B6C9-4922-A539-91F6FD186B73}\D4E294E255E2C4 : DhcpNameServer = 192.168.0.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {2B9F5787-88A5-4945-90E7-C4B18563BC5E} {9030D464-4C02-4ABF-8ECC-5164760863C6} {B4F3A835-0E21-4959-BA22-42B3008E02FF} {DBC80044-A445-435b-BC74-9C25C1C588A9} mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\USERNAME\AppData\Roaming\Mozilla\Firefox\Profiles\psm2bo5w.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.itslearning.com/index.aspx?CustomerId=124&Username=sigsve FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?q= . ============= SERVICES / DRIVERS =============== . R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952] R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264] R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2011-5-13 317496] R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?] R3 KeyScrambler;KeyScrambler;C:\Windows\system32\drivers\keyscrambler.sys --> C:\Windows\system32\drivers\keyscrambler.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?] R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-8-27 156288] S2 gupdate;Google-oppdatering-tjenesten (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-21 136176] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] S3 gupdatem;Google-oppdatering-tjenesten (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-21 136176] S3 IntcDAud;Intel® Skjermlyd;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?] S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\drivers\nusb3hub.sys --> C:\Windows\system32\drivers\nusb3hub.sys [?] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\drivers\nusb3xhc.sys --> C:\Windows\system32\drivers\nusb3xhc.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?] S3 RTLE8023x64;Realtek 10/100/1000 PCI-E NIC Family NDIS XP(x64) Driver;C:\Windows\system32\DRIVERS\Rtenic64.sys --> C:\Windows\system32\DRIVERS\Rtenic64.sys [?] S3 StorSvc;Oppbevaringstjeneste;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992] S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\system32\drivers\Synth3dVsc.sys --> C:\Windows\system32\drivers\Synth3dVsc.sys [?] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2011-10-18 06:56:11 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2B29AA69-EA6A-4636-BC18-AF7C9D49411D}\offreg.dll 2011-10-18 06:56:09 9049936 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2B29AA69-EA6A-4636-BC18-AF7C9D49411D}\mpengine.dll 2011-10-14 12:03:53 -------- d-----w- C:\Users\USERNAME\AppData\Roaming\LolClient 2011-10-13 13:19:12 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8037D578-0C93-4413-83F2-22330A210D39}\gapaengine.dll 2011-10-13 13:02:14 3138048 ----a-w- C:\Windows\System32\win32k.sys 2011-10-13 13:01:22 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax 2011-10-13 13:01:22 613888 ----a-w- C:\Windows\System32\psisdecd.dll 2011-10-13 13:01:22 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll 2011-10-13 13:01:22 108032 ----a-w- C:\Windows\System32\psisrndr.ax 2011-10-13 13:00:30 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll 2011-10-13 13:00:29 861696 ----a-w- C:\Windows\System32\oleaut32.dll 2011-10-13 13:00:29 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll 2011-10-13 13:00:29 331776 ----a-w- C:\Windows\System32\oleacc.dll 2011-10-13 08:45:26 -------- d-----w- C:\Program Files (x86)\iFinger 2011-10-11 20:23:51 68616 ----a-w- C:\Windows\SysWow64\XAPOFX1_1.dll 2011-10-11 20:23:51 509448 ----a-w- C:\Windows\SysWow64\XAudio2_2.dll 2011-10-11 20:23:51 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll 2011-10-11 20:23:51 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll 2011-10-11 20:23:50 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll 2011-10-11 20:19:20 -------- d-----w- C:\Riot Games 2011-10-11 08:07:25 -------- d-----w- C:\Users\USERNAME\AppData\Local\PMB Files 2011-10-11 08:07:23 -------- d-----w- C:\ProgramData\PMB Files 2011-10-11 08:07:09 -------- d-----w- C:\Program Files (x86)\Pando Networks 2011-10-09 12:42:38 98816 ----a-w- C:\Windows\sed.exe 2011-10-09 12:42:38 518144 ----a-w- C:\Windows\SWREG.exe 2011-10-09 12:42:38 256000 ----a-w- C:\Windows\PEV.exe 2011-10-09 12:42:38 208896 ----a-w- C:\Windows\MBR.exe 2011-10-08 18:51:56 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab 2011-10-08 18:51:48 -------- d-----w- C:\Users\USERNAME\SystemRequirementsLab 2011-10-08 15:45:34 -------- d-----w- C:\Program Files\CCleaner 2011-10-07 17:16:31 -------- d-----w- C:\Users\USERNAME\AppData\Roaming\GameRanger 2011-10-07 16:44:09 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes 2011-10-01 19:49:53 -------- d-----w- C:\Users\USERNAME\AppData\Local\Spotify 2011-10-01 19:49:38 -------- d-----w- C:\Users\USERNAME\AppData\Roaming\Spotify 2011-09-30 08:43:08 -------- d-----w- C:\Users\USERNAME\AppData\Local\Apple Computer 2011-09-30 08:41:39 -------- d-----w- C:\Users\USERNAME\AppData\Local\Apple 2011-09-28 09:50:59 -------- d-----w- C:\Users\USERNAME\AppData\Roaming\.purple 2011-09-28 09:50:37 -------- d-----w- C:\Program Files (x86)\Pidgin 2011-09-28 09:45:58 -------- d-----w- C:\Users\USERNAME\AppData\Local\Windows Live 2011-09-28 09:45:57 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2011-09-28 07:05:25 134104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll 2011-09-25 14:27:28 230400 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzppw71.dll 2011-09-25 10:55:31 -------- d-----w- C:\Program Files (x86)\NoVirusThanks 2011-09-21 10:14:42 -------- d-----w- C:\Users\USERNAME\AppData\Roaming\Mount&Blade Warband 2011-09-21 10:08:40 -------- d-----w- C:\Program Files (x86)\VirusTotalUploader2 2011-09-21 09:58:51 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll 2011-09-21 09:58:46 4178264 ----a-w- C:\Windows\SysWow64\D3DX9_41.dll 2011-09-21 09:56:52 -------- d-----w- C:\Program Files (x86)\Mount&Blade Warband 2011-09-19 06:59:13 29696 ----a-w- C:\Windows\System32\drivers\tap0901.sys . ==================== Find3M ==================== . 2011-10-13 08:12:37 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-09-17 10:21:24 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys 2011-09-14 13:58:46 274616 ----a-w- C:\Windows\System32\drivers\keyscrambler.sys 2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll 2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll 2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2011-09-01 02:35:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll 2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll 2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-08-15 12:32:10 224048 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys 2011-08-15 12:32:10 165680 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys 2011-08-15 12:32:10 146736 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys 2011-08-15 12:32:10 128816 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys 2011-08-15 12:32:08 320816 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll 2011-07-26 17:49:12 37888 ----a-w- C:\Windows\System32\drivers\taphss.sys . ============= FINISH: 9:10:18,68 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.