Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Web & Email Web & Email
Search Search
Search for:
Tech Support Guy > > >

Something's happened to my computer


(!)

Addibro's Avatar
Addibro Addibro is offline
Member with 41 posts.
THREAD STARTER
 
Join Date: Sep 2013
12-Sep-2013, 07:58 AM #31
Hi Mark! Thanks for joining this session!

Here is the log file from Junkware:

-----------------------------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.0 (09.12.2013:1)
OS: Windows 7 Ultimate x64
Ran by Andreas on 2013-09-12 at 13:53:11,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


~~~ Services

~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1035847082-4026891932-1998868263-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL

~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

~~~ Files
Successfully disinfected: [Shortcut] C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Successfully disinfected: [Shortcut] C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Andreas\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\Andreas\AppData\Roaming\microsoft\windows\start menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Successfully disinfected: [Shortcut] C:\Users\Public\Desktop\Google Chrome.lnk

~~~ Folders

~~~ Event Viewer Logs were cleared


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2013-09-12 at 13:56:06,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Addibro's Avatar
Addibro Addibro is offline
Member with 41 posts.
THREAD STARTER
 
Join Date: Sep 2013
12-Sep-2013, 08:00 AM #32
And here is AdwCleaner:

----------------------------------------

# AdwCleaner v3.003 - Report created 12/09/2013 at 13:59:13
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Andreas - AGAMEMNON
# Running from : C:\Users\Andreas\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\op en\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16635
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v
[ File : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js ]

-\\ Google Chrome v29.0.1547.66
[ File : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************
AdwCleaner[R0].txt - [11954 octets] - [11/09/2013 15:57:57]
AdwCleaner[R1].txt - [5099 octets] - [11/09/2013 23:44:09]
AdwCleaner[R2].txt - [4245 octets] - [11/09/2013 23:59:05]
AdwCleaner[R3].txt - [5285 octets] - [12/09/2013 00:07:04]
AdwCleaner[R4].txt - [5405 octets] - [12/09/2013 00:17:58]
AdwCleaner[R5].txt - [5525 octets] - [12/09/2013 00:20:51]
AdwCleaner[R6].txt - [5645 octets] - [12/09/2013 11:08:29]
AdwCleaner[R7].txt - [5658 octets] - [12/09/2013 13:58:53]
AdwCleaner[S0].txt - [9562 octets] - [11/09/2013 15:59:09]
AdwCleaner[S1].txt - [2867 octets] - [11/09/2013 23:45:59]
AdwCleaner[S2].txt - [2595 octets] - [11/09/2013 23:59:22]
AdwCleaner[S3].txt - [3047 octets] - [12/09/2013 00:07:27]
AdwCleaner[S4].txt - [3318 octets] - [12/09/2013 00:19:05]
AdwCleaner[S5].txt - [3287 octets] - [12/09/2013 00:21:17]
AdwCleaner[S6].txt - [3407 octets] - [12/09/2013 11:08:42]
AdwCleaner[S7].txt - [3278 octets] - [12/09/2013 13:59:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [3338 octets] ##########
Mark1956's Avatar
Malware Removal Specialist with 13,709 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
12-Sep-2013, 10:03 AM #33
The infection is clearly still there so we shall dig a little deeper.

Please download Farbar Recovery Scan Tool and save it to your desktop. Do not get tempted to download Regclean Pro.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please also copy and paste that into your reply.


==================================================

Download RogueKiller (by tigzy) and save direct to your Desktop.
On the web page select the 32bit or 64bit button to match the bit rate of your version of Windows.
  • Quit all running programs.
  • Start RogueKiller.exe by double clicking on the icon.
  • Wait until Prescan has finished.
  • Ensure all boxes are ticked under "Report" tab.
  • Click on Scan.
  • Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
  • NOTE: DO NOT attempt to remove anything that the scan detects.

__________________
Please Copy & Paste scan results into your replies, DO NOT send them as attachments or in Code or Quote boxes unless asked to.
Addibro's Avatar
Addibro Addibro is offline
Member with 41 posts.
THREAD STARTER
 
Join Date: Sep 2013
12-Sep-2013, 01:56 PM #34
Alright! Here's the FRST log:

-----------------------------------------

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-09-2013 02
Ran by Andreas (administrator) on AGAMEMNON on 12-09-2013 19:54:12
Running from C:\Users\Andreas\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Woodtale Technology Inc) C:\Users\Andreas\AppData\Local\DProtect\DProtectSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Software 2000 Limited) C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Spotify Ltd) C:\Users\Andreas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Technology Nexus AB) C:\Program Files (x86)\Personal\bin\Personal.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Dropbox, Inc.) C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\NETGEAR\USB Control Center\Control Center.exe
(Apple Inc.) D:\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Steinberg Media Technologies) C:\Program Files\Steinberg\Cubase 7\Cubase7.exe
(Steinberg Media Technologies GmbH) C:\PROGRA~2\ELICEN~1\POS\SYNSOPOS.exe
(Steinberg Media Technologies) C:\Program Files\Steinberg\Cubase 7\Components\videodecode.exe
(Steinberg Media Technologies) C:\Program Files\Steinberg\Cubase 7\Components\videopreload.exe
(Steinberg Media Technologies) C:\Program Files\Steinberg\Cubase 7\Components\videooutput.exe
(Steinberg Media Technologies) C:\Program Files\Steinberg\Cubase 7\Components\VSTBridgeApp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-06-20] (Microsoft Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1811368 2013-09-06] (Valve Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Andreas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-09] (Spotify Ltd)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6581488 2013-08-15] (SUPERAntiSpyware)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Netgear UDS Control Center] - C:\Program Files (x86)\NETGEAR\USB Control Center\Control Center.exe [21124096 2011-06-28] ()
HKLM-x32\...\Run: [iTunesHelper] - D:\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [168616 2013-08-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Users\Andreas\AppData\Local\DProtect\eBP.dll,C:\Users\Andreas\AppData\Lo cal\DProtect\eBPSD.dll [62016 2013-09-09] ()
Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&ut...&ts=1379008404
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4B5463057E4ACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&ut...&ts=1379008404
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&ut...&ts=1379008404
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&ut...&ts=1379008404
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&ut...&ts=1379008404
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&ut...&ts=1379008404
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&ut...&ts=1378987194
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/result...r=984395266&ir=
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_sour...&ts=1379008338
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_sour...&ts=1379008338
SearchScopes: HKCU - {384AE65C-9E43-67A3-519C-4B523C21A961} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @se.nexus/Personal - C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (qvo6) - http://www.google.com
CHR DefaultSuggestURL: (qvo6) - "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (iTunes Application Detector) - D:\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (Google Docs) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1
CHR Extension: (Google Drive) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1
CHR Extension: (Google Search) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1
CHR Extension: (Skype Click to Call) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.11.0.13348_1
CHR Extension: (Chrome In-App Payments service) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_1
CHR Extension: (Gmail) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2
CHR HKLM-x32\...\Chrome\Extension: [hendmekoldfacfhlojkjcnbjegkahclb] - C:\Program Files (x86)\diamondata\hendmekoldfacfhlojkjcnbjegkahclb.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&ut...&ts=1378987194
==================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
R2 DPService; C:\Users\Andreas\AppData\Local\DProtect\DProtectSvc.exe [342592 2013-09-09] (Woodtale Technology Inc)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-05-26] ()
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-27] (DT Soft Ltd)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [24728 2012-11-17] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R3 NetgearUDSMBus; C:\Windows\SysWow64\Drivers\NetgearUDSMBus.sys [100448 2011-06-16] (Windows (R) Codename Longhorn DDK provider)
R3 NetgearUDSTcpBus; C:\Windows\SysWow64\Drivers\NetgearUDSTcpBus.sys [165472 2011-06-16] (Windows (R) Codename Longhorn DDK provider)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
R3 RDID1117; C:\Windows\System32\Drivers\rdwm1117.sys [268672 2011-02-18] (Roland Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [986728 2012-02-10] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH)
S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-28] (Todos Data System AB)
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========
2013-09-12 19:53 - 2013-09-12 19:53 - 01949642 _____ (Farbar) C:\Users\Andreas\Desktop\FRST64.exe
2013-09-12 14:03 - 2013-09-12 14:03 - 00003357 _____ C:\Users\Andreas\Desktop\JRT.txt
2013-09-12 13:52 - 2013-09-12 13:52 - 01029509 _____ (Thisisu) C:\Users\Andreas\Desktop\JRT.exe
2013-09-12 00:09 - 2013-09-12 16:09 - 00000514 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 765ddd47-7860-490e-974f-4944e3312867.job
2013-09-12 00:09 - 2013-09-12 00:13 - 00000514 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 2a1c52e5-debe-46ae-a8f3-bb926b2c3236.job
2013-09-12 00:09 - 2013-09-12 00:09 - 00003598 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 2a1c52e5-debe-46ae-a8f3-bb926b2c3236
2013-09-12 00:09 - 2013-09-12 00:09 - 00003524 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 765ddd47-7860-490e-974f-4944e3312867
2013-09-12 00:09 - 2013-09-12 00:09 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-09-12 00:09 - 2013-09-12 00:09 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\SUPERAntiSpyware.com
2013-09-12 00:09 - 2013-09-12 00:09 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-09-12 00:09 - 2013-09-12 00:09 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-12 00:05 - 2013-09-12 00:06 - 27540744 _____ (SUPERAntiSpyware) C:\Users\Andreas\Desktop\SUPERAntiSpyware.exe
2013-09-11 23:54 - 2013-09-11 23:55 - 01037278 _____ C:\Users\Andreas\Desktop\AdwCleaner.exe
2013-09-11 23:49 - 2013-09-11 23:49 - 00891144 _____ C:\Users\Andreas\Desktop\SecurityCheck.exe
2013-09-11 21:31 - 2013-09-11 21:31 - 00000000 __HDC C:\ProgramData\{B57BCE68-0C0F-48CE-98DB-5E6BF5A4FAE8}
2013-09-11 20:06 - 2013-09-11 20:06 - 00000000 ____D C:\ProgramData\Cakewalk
2013-09-11 20:06 - 2013-09-11 20:06 - 00000000 ____D C:\Program Files\Cakewalk
2013-09-11 16:03 - 2013-09-11 16:03 - 00000000 ____D C:\Windows\ERUNT
2013-09-11 16:02 - 2013-09-11 16:02 - 00005680 _____ C:\sc-cleaner.txt
2013-09-11 15:57 - 2013-09-12 13:59 - 00000000 ____D C:\AdwCleaner
2013-09-11 15:17 - 2013-09-11 15:17 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-11 15:17 - 2013-09-11 15:17 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Malwarebytes
2013-09-11 15:17 - 2013-09-11 15:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-11 15:17 - 2013-09-11 15:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-11 15:17 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-11 15:03 - 2013-09-11 15:03 - 00000000 _____ C:\autoexec.bat
2013-09-11 15:02 - 2013-09-11 15:16 - 00000000 ____D C:\Windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-09-11 15:02 - 2013-09-11 15:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-09-11 00:18 - 2013-09-11 00:18 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Waves
2013-09-11 00:04 - 2013-09-11 00:04 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments Absynth 4
2013-09-10 23:59 - 2013-09-10 23:59 - 00001219 _____ C:\Users\UpdatusUser\Desktop\Reaktor 5.lnk
2013-09-10 23:59 - 2013-09-10 23:59 - 00001219 _____ C:\Users\Andreas\Desktop\Reaktor 5.lnk
2013-09-10 23:59 - 2013-09-10 23:59 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments Reaktor 5
2013-09-10 23:57 - 2013-09-10 23:57 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DigiDesign
2013-09-10 22:44 - 2013-09-10 22:44 - 00063176 _____ C:\Users\Andreas\AppData\Roaming\GDIPFONTCACHEV1.DAT
2013-09-10 22:43 - 2013-09-12 00:38 - 00000501 _____ C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2013-09-10 22:29 - 2013-09-10 22:29 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2013-09-10 22:06 - 2013-09-12 19:54 - 00001586 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-10 22:05 - 2013-09-12 19:10 - 00000996 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-10 22:05 - 2013-09-12 13:59 - 00000992 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-10 22:05 - 2013-09-10 22:05 - 00003992 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-10 22:05 - 2013-09-10 22:05 - 00003740 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-10 21:28 - 2013-09-10 21:28 - 00262224 _____ C:\Windows\Minidump\091013-5803-01.dmp
2013-09-10 21:28 - 2013-09-10 21:28 - 00000000 ____D C:\Windows\Minidump
2013-09-10 17:45 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-09-10 11:11 - 2013-09-10 11:11 - 07912320 _____ C:\Users\Andreas\Downloads\[No subject].zip
2013-09-10 11:09 - 2013-09-10 11:09 - 12930429 _____ C:\Users\Andreas\Downloads\Outlook.zip
2013-09-09 23:42 - 2013-09-09 23:42 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Glitch2
2013-09-09 23:38 - 2013-09-09 23:38 - 08002755 _____ C:\Users\Andreas\Downloads\Glitch2_Demo_Windows.zip
2013-09-09 16:04 - 2013-09-09 16:04 - 01376768 _____ C:\Users\Andreas\Downloads\7z920-x64 (2).msi
2013-09-09 16:03 - 2013-09-09 16:03 - 01376768 _____ C:\Users\Andreas\Downloads\7z920-x64 (1).msi
2013-09-09 16:01 - 2013-09-09 16:01 - 00009347 _____ C:\Users\Andreas\Documents\Uninstall STAR WARS The Old Republic.log
2013-09-09 15:11 - 2013-08-20 15:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-09-09 15:11 - 2013-08-20 15:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-09-09 15:01 - 2013-09-09 15:01 - 00008450 _____ C:\Users\Andreas\Downloads\[isoHunt] Cubase 7 Crack [YIFY] (1).torrent
2013-09-09 14:52 - 2013-09-09 14:52 - 00400465 _____ C:\Users\Andreas\Downloads\inbjudan och scen.zip
2013-09-09 14:07 - 2013-09-09 14:07 - 00000000 ____D C:\Users\Andreas\AppData\Local\avgchrome
2013-09-09 14:06 - 2013-09-11 15:24 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-09 14:05 - 2013-09-09 14:05 - 00000000 ____D C:\ProgramData\Registry Helper
2013-09-09 14:04 - 2013-09-09 14:17 - 00000000 ____D C:\Users\Andreas\AppData\Local\DProtect
2013-09-07 21:11 - 2013-09-07 21:11 - 00001129 _____ C:\Users\Andreas\Downloads\[isoHunt] 4814113.torrent
2013-09-07 20:43 - 2013-09-10 22:29 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-07 20:40 - 2013-09-07 20:41 - 02766872 _____ (Acresso Software Inc.) C:\Users\Andreas\Downloads\woli (1).exe
2013-09-07 20:22 - 2013-09-07 20:22 - 00000000 ____D C:\ProgramData\Audio Damage
2013-09-07 20:03 - 2013-09-07 20:03 - 00007341 _____ C:\Users\Andreas\Downloads\[isoHunt] Audio.Damage.Axon.Ver.1.1.and.Discord.3.Ver.1.1.OSX.WIN.AU.VST.torrent
2013-09-07 19:36 - 2013-09-11 00:37 - 00000000 ____D C:\Program Files (x86)\Waves
2013-09-07 19:27 - 2013-09-07 19:27 - 00001109 _____ C:\Users\Andreas\Downloads\[isoHunt] 4814056.torrent
2013-09-07 19:18 - 2013-09-07 19:18 - 00011774 _____ C:\Users\Andreas\Downloads\[isoHunt] Waves Diamond Bundle v5.2.zip.torrent
2013-09-07 19:13 - 2013-09-07 19:13 - 00008450 _____ C:\Users\Andreas\Downloads\[isoHunt] Cubase 7 Crack [YIFY].torrent
2013-09-06 04:38 - 2013-09-06 04:38 - 00389120 _____ (SafeApp Software, LLC) C:\Windows\SysWOW64\RegistryHelperLM.ocx
2013-08-25 23:49 - 2013-08-25 23:49 - 00000000 ____D C:\Users\Andreas\AppData\Local\Steinberg
2013-08-24 01:42 - 2013-08-24 01:42 - 00076898 _____ C:\Users\Andreas\Downloads\EWQL_Symphonic_Orchestra_v1.0.zip
2013-08-24 00:51 - 2013-08-24 00:51 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-24 00:50 - 2013-08-24 00:50 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-08-24 00:50 - 2013-08-24 00:50 - 00000000 ____D C:\Windows\system32\NV
2013-08-24 00:49 - 2013-08-18 23:02 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 22101792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 13627696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 11271968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-24 00:49 - 2013-08-18 23:02 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432680.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432680.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-23 16:43 - 2013-08-23 16:43 - 01886624 _____ C:\Users\Andreas\Downloads\Bild 2.zip
2013-08-21 15:12 - 2013-08-21 15:12 - 00000000 ____D C:\Users\Andreas\Images
2013-08-20 23:47 - 2013-08-21 15:16 - 00000000 ____D C:\Users\Andreas\Audio
2013-08-20 00:20 - 2013-08-20 00:20 - 00000000 ____D C:\Program Files (x86)\EastWest
2013-08-19 22:24 - 2013-08-19 22:31 - 497555153 _____ C:\Users\Andreas\Downloads\Play_Update_4.0.12_64_bit.zip
2013-08-19 15:31 - 2013-08-19 15:31 - 00001450 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-19 15:30 - 2013-08-19 15:31 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-19 15:30 - 2013-08-19 15:31 - 00000000 ____D C:\Program Files\iTunes
2013-08-19 15:30 - 2013-08-19 15:30 - 00000000 ____D C:\Program Files\iPod
2013-08-18 20:23 - 2013-08-18 20:23 - 00000940 _____ C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2013-08-18 20:21 - 2013-08-18 20:23 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\DVDVideoSoft
2013-08-18 20:21 - 2013-08-18 20:21 - 01204608 _____ (DVDVideoSoft Ltd. ) C:\Users\Andreas\Downloads\FreeMP4VideoConverter.exe
2013-08-18 20:21 - 2013-08-18 20:21 - 01204608 _____ (DVDVideoSoft Ltd. ) C:\Users\Andreas\Downloads\FreeMP4VideoConverter (1).exe
2013-08-18 17:58 - 2013-08-18 17:59 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Ample Sound
2013-08-18 16:53 - 2013-08-18 17:56 - 228607849 _____ C:\Users\Andreas\Downloads\AGML_1_1_0_Installer.rar
2013-08-18 16:41 - 2013-08-18 16:41 - 11835335 _____ C:\Users\Andreas\Downloads\DSK_Asian_DreamZ.zip
2013-08-18 14:58 - 2013-08-18 14:58 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-08-18 14:43 - 2013-08-18 14:43 - 00003686 _____ C:\Windows\System32\Tasks\{A6250E4F-4EA9-4442-8799-6D551EF03431}
2013-08-18 14:42 - 2013-08-18 14:42 - 00000000 ____D C:\ProgramData\Big Fish Audio
2013-08-17 00:29 - 2013-08-17 00:30 - 18241765 _____ C:\Users\Andreas\Downloads\IxoxFlute_v0.2.zip
2013-08-16 12:32 - 2013-08-16 12:32 - 02377467 _____ C:\Users\Andreas\Downloads\Gothia Concentus -noter.zip
2013-08-15 23:58 - 2013-08-15 23:58 - 00034872 _____ C:\Users\Andreas\Downloads\[isoHunt] download (3).torrent
2013-08-15 23:57 - 2013-08-15 23:57 - 00035667 _____ C:\Users\Andreas\Downloads\[isoHunt] Star.Trek.Into.Darkness.2013.TS.XVID.AC3.HQ.Hive-CM8.torrent
2013-08-15 23:02 - 2013-08-15 23:02 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\qBittorrent
2013-08-15 23:01 - 2013-08-15 23:02 - 10231662 _____ (The qBittorrent project) C:\Users\Andreas\Downloads\qbittorrent_3.0.11_setup (1).exe
2013-08-15 23:01 - 2013-08-15 23:01 - 00028522 _____ C:\Users\Andreas\Downloads\[isoHunt] After.Earth.2013.CAM.XVID-Snake.torrent
2013-08-15 16:27 - 2013-08-15 16:28 - 10231662 _____ (The qBittorrent project) C:\Users\Andreas\Downloads\qbittorrent_3.0.11_setup.exe
2013-08-15 16:26 - 2013-08-15 16:27 - 00215808 _____ C:\Users\Andreas\Downloads\[isoHunt] 912D0F80B375984560CCB2D4103FB79C5F7729F5.torrent
2013-08-13 21:54 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-13 21:54 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
==================== One Month Modified Files and Folders =======
2013-09-12 19:54 - 2013-09-10 22:06 - 00001586 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-12 19:53 - 2013-09-12 19:53 - 01949642 _____ (Farbar) C:\Users\Andreas\Desktop\FRST64.exe
2013-09-12 19:51 - 2013-05-06 17:08 - 00001289 _____ C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-12 19:49 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-09-12 19:36 - 2013-05-06 21:19 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-12 19:10 - 2013-09-10 22:05 - 00000996 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-12 18:02 - 2013-05-31 13:53 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Dropbox
2013-09-12 16:09 - 2013-09-12 00:09 - 00000514 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 765ddd47-7860-490e-974f-4944e3312867.job
2013-09-12 15:22 - 2013-05-06 19:01 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-12 15:11 - 2009-07-14 06:51 - 00052021 _____ C:\Windows\setupact.log
2013-09-12 14:18 - 2013-05-06 21:22 - 00661460 _____ C:\Windows\system32\perfh01D.dat
2013-09-12 14:18 - 2013-05-06 21:22 - 00141276 _____ C:\Windows\system32\perfc01D.dat
2013-09-12 14:18 - 2009-07-14 07:13 - 01573176 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-12 14:03 - 2013-09-12 14:03 - 00003357 _____ C:\Users\Andreas\Desktop\JRT.txt
2013-09-12 14:02 - 2013-05-06 17:08 - 02096354 _____ C:\Windows\WindowsUpdate.log
2013-09-12 13:59 - 2013-09-11 15:57 - 00000000 ____D C:\AdwCleaner
2013-09-12 13:59 - 2013-09-10 22:05 - 00000992 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-12 13:59 - 2013-05-06 18:01 - 00000000 ____D C:\ProgramData\NVIDIA
2013-09-12 13:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-12 13:52 - 2013-09-12 13:52 - 01029509 _____ (Thisisu) C:\Users\Andreas\Desktop\JRT.exe
2013-09-12 00:38 - 2013-09-10 22:43 - 00000501 _____ C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2013-09-12 00:13 - 2013-09-12 00:09 - 00000514 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 2a1c52e5-debe-46ae-a8f3-bb926b2c3236.job
2013-09-12 00:09 - 2013-09-12 00:09 - 00003598 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 2a1c52e5-debe-46ae-a8f3-bb926b2c3236
2013-09-12 00:09 - 2013-09-12 00:09 - 00003524 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 765ddd47-7860-490e-974f-4944e3312867
2013-09-12 00:09 - 2013-09-12 00:09 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2013-09-12 00:09 - 2013-09-12 00:09 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\SUPERAntiSpyware.com
2013-09-12 00:09 - 2013-09-12 00:09 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2013-09-12 00:09 - 2013-09-12 00:09 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-12 00:06 - 2013-09-12 00:05 - 27540744 _____ (SUPERAntiSpyware) C:\Users\Andreas\Desktop\SUPERAntiSpyware.exe
2013-09-11 23:55 - 2013-09-11 23:54 - 01037278 _____ C:\Users\Andreas\Desktop\AdwCleaner.exe
2013-09-11 23:49 - 2013-09-11 23:49 - 00891144 _____ C:\Users\Andreas\Desktop\SecurityCheck.exe
2013-09-11 22:39 - 2013-05-06 20:44 - 00000000 ____D C:\Users\Andreas\Documents\Cubase Projects
2013-09-11 22:11 - 2010-11-21 05:47 - 00339948 _____ C:\Windows\PFRO.log
2013-09-11 22:11 - 2009-07-14 06:45 - 00289136 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 21:36 - 2013-05-28 21:28 - 00000000 ____D C:\Program Files (x86)\Vstplugins
2013-09-11 21:31 - 2013-09-11 21:31 - 00000000 __HDC C:\ProgramData\{B57BCE68-0C0F-48CE-98DB-5E6BF5A4FAE8}
2013-09-11 21:31 - 2013-05-06 21:14 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\vlc
2013-09-11 20:41 - 2013-05-06 17:36 - 00063952 _____ C:\Users\Andreas\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-11 20:06 - 2013-09-11 20:06 - 00000000 ____D C:\ProgramData\Cakewalk
2013-09-11 20:06 - 2013-09-11 20:06 - 00000000 ____D C:\Program Files\Cakewalk
2013-09-11 16:39 - 2013-05-09 15:17 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Spotify
2013-09-11 16:24 - 2013-05-09 15:17 - 00000000 ____D C:\Users\Andreas\AppData\Local\Spotify
2013-09-11 16:03 - 2013-09-11 16:03 - 00000000 ____D C:\Windows\ERUNT
2013-09-11 16:02 - 2013-09-11 16:02 - 00005680 _____ C:\sc-cleaner.txt
2013-09-11 15:41 - 2013-05-09 14:29 - 00000000 ____D C:\Windows\system32\appmgmt
2013-09-11 15:38 - 2013-05-06 17:08 - 00000000 ____D C:\Users\Andreas
2013-09-11 15:24 - 2013-09-09 14:06 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-11 15:17 - 2013-09-11 15:17 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-11 15:17 - 2013-09-11 15:17 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Malwarebytes
2013-09-11 15:17 - 2013-09-11 15:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-11 15:17 - 2013-09-11 15:17 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-11 15:16 - 2013-09-11 15:02 - 00000000 ____D C:\Windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-09-11 15:03 - 2013-09-11 15:03 - 00000000 _____ C:\autoexec.bat
2013-09-11 15:02 - 2013-09-11 15:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-09-11 13:36 - 2013-05-06 21:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-11 13:36 - 2013-05-06 21:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-11 13:36 - 2013-05-06 21:19 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-11 13:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-11 00:37 - 2013-09-07 19:36 - 00000000 ____D C:\Program Files (x86)\Waves
2013-09-11 00:18 - 2013-09-11 00:18 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Waves
2013-09-11 00:04 - 2013-09-11 00:04 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments Absynth 4
2013-09-11 00:04 - 2013-05-27 18:36 - 00000000 ____D C:\Users\Andreas\Documents\Native Instruments
2013-09-11 00:04 - 2013-05-27 18:36 - 00000000 ____D C:\Users\Andreas\AppData\Local\Native Instruments
2013-09-11 00:03 - 2013-06-10 00:44 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2013-09-10 23:59 - 2013-09-10 23:59 - 00001219 _____ C:\Users\UpdatusUser\Desktop\Reaktor 5.lnk
2013-09-10 23:59 - 2013-09-10 23:59 - 00001219 _____ C:\Users\Andreas\Desktop\Reaktor 5.lnk
2013-09-10 23:59 - 2013-09-10 23:59 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments Reaktor 5
2013-09-10 23:57 - 2013-09-10 23:57 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DigiDesign
2013-09-10 23:57 - 2013-05-29 22:42 - 00000000 ____D C:\Program Files (x86)\Digidesign
2013-09-10 23:08 - 2013-05-09 14:44 - 00000000 ____D C:\Program Files\EastWest
2013-09-10 22:44 - 2013-09-10 22:44 - 00063176 _____ C:\Users\Andreas\AppData\Roaming\GDIPFONTCACHEV1.DAT
2013-09-10 22:29 - 2013-09-10 22:29 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2013-09-10 22:29 - 2013-09-07 20:43 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-10 22:06 - 2013-05-06 17:36 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-10 22:05 - 2013-09-10 22:05 - 00003992 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-09-10 22:05 - 2013-09-10 22:05 - 00003740 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-09-10 22:05 - 2013-05-06 17:36 - 00000000 ____D C:\Users\Andreas\AppData\Local\Deployment
2013-09-10 21:34 - 2013-05-26 17:47 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Apple Computer
2013-09-10 21:34 - 2013-05-26 17:47 - 00000000 ____D C:\Users\Andreas\AppData\Local\Apple Computer
2013-09-10 21:28 - 2013-09-10 21:28 - 00262224 _____ C:\Windows\Minidump\091013-5803-01.dmp
2013-09-10 21:28 - 2013-09-10 21:28 - 00000000 ____D C:\Windows\Minidump
2013-09-10 11:11 - 2013-09-10 11:11 - 07912320 _____ C:\Users\Andreas\Downloads\[No subject].zip
2013-09-10 11:09 - 2013-09-10 11:09 - 12930429 _____ C:\Users\Andreas\Downloads\Outlook.zip
2013-09-09 23:42 - 2013-09-09 23:42 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Glitch2
2013-09-09 23:38 - 2013-09-09 23:38 - 08002755 _____ C:\Users\Andreas\Downloads\Glitch2_Demo_Windows.zip
2013-09-09 16:04 - 2013-09-09 16:04 - 01376768 _____ C:\Users\Andreas\Downloads\7z920-x64 (2).msi
2013-09-09 16:03 - 2013-09-09 16:03 - 01376768 _____ C:\Users\Andreas\Downloads\7z920-x64 (1).msi
2013-09-09 16:01 - 2013-09-09 16:01 - 00009347 _____ C:\Users\Andreas\Documents\Uninstall STAR WARS The Old Republic.log
2013-09-09 15:11 - 2013-05-06 18:01 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-09 15:01 - 2013-09-09 15:01 - 00008450 _____ C:\Users\Andreas\Downloads\[isoHunt] Cubase 7 Crack [YIFY] (1).torrent
2013-09-09 14:52 - 2013-09-09 14:52 - 00400465 _____ C:\Users\Andreas\Downloads\inbjudan och scen.zip
2013-09-09 14:17 - 2013-09-09 14:04 - 00000000 ____D C:\Users\Andreas\AppData\Local\DProtect
2013-09-09 14:15 - 2013-05-19 18:37 - 00000000 ____D C:\ProgramData\Ubisoft
2013-09-09 14:07 - 2013-09-09 14:07 - 00000000 ____D C:\Users\Andreas\AppData\Local\avgchrome
2013-09-09 14:05 - 2013-09-09 14:05 - 00000000 ____D C:\ProgramData\Registry Helper
2013-09-08 18:43 - 2013-05-06 20:32 - 00000000 ____D C:\Program Files\Common Files\VST3
2013-09-08 13:30 - 2013-05-06 17:25 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-07 21:11 - 2013-09-07 21:11 - 00001129 _____ C:\Users\Andreas\Downloads\[isoHunt] 4814113.torrent
2013-09-07 20:42 - 2013-06-19 01:52 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Waves Audio
2013-09-07 20:41 - 2013-09-07 20:40 - 02766872 _____ (Acresso Software Inc.) C:\Users\Andreas\Downloads\woli (1).exe
2013-09-07 20:22 - 2013-09-07 20:22 - 00000000 ____D C:\ProgramData\Audio Damage
2013-09-07 20:03 - 2013-09-07 20:03 - 00007341 _____ C:\Users\Andreas\Downloads\[isoHunt] Audio.Damage.Axon.Ver.1.1.and.Discord.3.Ver.1.1.OSX.WIN.AU.VST.torrent
2013-09-07 19:27 - 2013-09-07 19:27 - 00001109 _____ C:\Users\Andreas\Downloads\[isoHunt] 4814056.torrent
2013-09-07 19:18 - 2013-09-07 19:18 - 00011774 _____ C:\Users\Andreas\Downloads\[isoHunt] Waves Diamond Bundle v5.2.zip.torrent
2013-09-07 19:15 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-07 19:15 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-07 19:13 - 2013-09-07 19:13 - 00008450 _____ C:\Users\Andreas\Downloads\[isoHunt] Cubase 7 Crack [YIFY].torrent
2013-09-06 04:38 - 2013-09-06 04:38 - 00389120 _____ (SafeApp Software, LLC) C:\Windows\SysWOW64\RegistryHelperLM.ocx
2013-08-25 23:50 - 2013-05-06 20:32 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Steinberg
2013-08-25 23:49 - 2013-08-25 23:49 - 00000000 ____D C:\Users\Andreas\AppData\Local\Steinberg
2013-08-24 23:21 - 2013-07-20 23:25 - 00004737 _____ C:\Users\Andreas\Documents\TombRaider.log
2013-08-24 01:42 - 2013-08-24 01:42 - 00076898 _____ C:\Users\Andreas\Downloads\EWQL_Symphonic_Orchestra_v1.0.zip
2013-08-24 00:51 - 2013-08-24 00:51 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-08-24 00:50 - 2013-08-24 00:50 - 00000000 ____D C:\Windows\SysWOW64\NV
2013-08-24 00:50 - 2013-08-24 00:50 - 00000000 ____D C:\Windows\system32\NV
2013-08-23 16:43 - 2013-08-23 16:43 - 01886624 _____ C:\Users\Andreas\Downloads\Bild 2.zip
2013-08-21 15:16 - 2013-08-20 23:47 - 00000000 ____D C:\Users\Andreas\Audio
2013-08-21 15:12 - 2013-08-21 15:12 - 00000000 ____D C:\Users\Andreas\Images
2013-08-20 15:33 - 2013-09-09 15:11 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2013-08-20 15:32 - 2013-09-09 15:11 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-08-20 15:32 - 2013-08-11 15:09 - 00029984 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2013-08-20 00:20 - 2013-08-20 00:20 - 00000000 ____D C:\Program Files (x86)\EastWest
2013-08-20 00:20 - 2013-05-09 14:44 - 00000000 ____D C:\ProgramData\East West
2013-08-19 22:31 - 2013-08-19 22:24 - 497555153 _____ C:\Users\Andreas\Downloads\Play_Update_4.0.12_64_bit.zip
2013-08-19 15:31 - 2013-08-19 15:31 - 00001450 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-19 15:31 - 2013-08-19 15:30 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-19 15:31 - 2013-08-19 15:30 - 00000000 ____D C:\Program Files\iTunes
2013-08-19 15:30 - 2013-08-19 15:30 - 00000000 ____D C:\Program Files\iPod
2013-08-19 00:32 - 2013-06-20 00:06 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-08-18 23:02 - 2013-08-24 00:49 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 22101792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 13627696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 11271968 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-08-18 23:02 - 2013-08-24 00:49 - 09281032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 07648000 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 02970400 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432680.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432680.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 00681760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 00603424 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 00458528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2013-08-18 23:02 - 2013-08-24 00:49 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-08-18 23:02 - 2013-05-25 00:31 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-08-18 23:02 - 2013-05-25 00:31 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-08-18 23:02 - 2013-05-25 00:31 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-08-18 23:02 - 2013-05-06 18:01 - 15900936 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2013-08-18 23:02 - 2013-05-06 18:01 - 15703176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-08-18 23:02 - 2013-05-06 18:01 - 12946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-08-18 23:02 - 2013-05-06 18:01 - 02986672 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2013-08-18 23:02 - 2013-05-06 18:01 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-08-18 23:02 - 2013-05-06 18:01 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-08-18 23:02 - 2013-05-06 18:01 - 00022581 _____ C:\Windows\system32\nvinfo.pb
2013-08-18 21:34 - 2013-05-06 18:01 - 06599968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2013-08-18 21:34 - 2013-05-06 18:01 - 03452192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2013-08-18 21:34 - 2013-05-06 18:01 - 00920864 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2013-08-18 21:34 - 2013-05-06 18:01 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2013-08-18 21:34 - 2013-05-06 18:01 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2013-08-18 20:23 - 2013-08-18 20:23 - 00000940 _____ C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2013-08-18 20:23 - 2013-08-18 20:21 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\DVDVideoSoft
2013-08-18 20:21 - 2013-08-18 20:21 - 01204608 _____ (DVDVideoSoft Ltd. ) C:\Users\Andreas\Downloads\FreeMP4VideoConverter.exe
2013-08-18 20:21 - 2013-08-18 20:21 - 01204608 _____ (DVDVideoSoft Ltd. ) C:\Users\Andreas\Downloads\FreeMP4VideoConverter (1).exe
2013-08-18 20:15 - 2013-06-20 07:59 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\dvdcss
2013-08-18 18:30 - 2013-06-17 19:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-18 17:59 - 2013-08-18 17:58 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Ample Sound
2013-08-18 17:56 - 2013-08-18 16:53 - 228607849 _____ C:\Users\Andreas\Downloads\AGML_1_1_0_Installer.rar
2013-08-18 16:41 - 2013-08-18 16:41 - 11835335 _____ C:\Users\Andreas\Downloads\DSK_Asian_DreamZ.zip
2013-08-18 15:00 - 2013-06-17 19:52 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Skype
2013-08-18 14:58 - 2013-08-18 14:58 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-08-18 14:43 - 2013-08-18 14:43 - 00003686 _____ C:\Windows\System32\Tasks\{A6250E4F-4EA9-4442-8799-6D551EF03431}
2013-08-18 14:42 - 2013-08-18 14:42 - 00000000 ____D C:\ProgramData\Big Fish Audio
2013-08-17 07:30 - 2013-05-06 18:01 - 03319709 _____ C:\Windows\system32\nvcoproc.bin
2013-08-17 00:30 - 2013-08-17 00:29 - 18241765 _____ C:\Users\Andreas\Downloads\IxoxFlute_v0.2.zip
2013-08-16 12:32 - 2013-08-16 12:32 - 02377467 _____ C:\Users\Andreas\Downloads\Gothia Concentus -noter.zip
2013-08-16 11:49 - 2013-06-17 19:52 - 00000000 ____D C:\ProgramData\Skype
2013-08-15 23:58 - 2013-08-15 23:58 - 00034872 _____ C:\Users\Andreas\Downloads\[isoHunt] download (3).torrent
2013-08-15 23:57 - 2013-08-15 23:57 - 00035667 _____ C:\Users\Andreas\Downloads\[isoHunt] Star.Trek.Into.Darkness.2013.TS.XVID.AC3.HQ.Hive-CM8.torrent
2013-08-15 23:02 - 2013-08-15 23:02 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\qBittorrent
2013-08-15 23:02 - 2013-08-15 23:01 - 10231662 _____ (The qBittorrent project) C:\Users\Andreas\Downloads\qbittorrent_3.0.11_setup (1).exe
2013-08-15 23:02 - 2013-05-06 19:13 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2013-08-15 23:01 - 2013-08-15 23:01 - 00028522 _____ C:\Users\Andreas\Downloads\[isoHunt] After.Earth.2013.CAM.XVID-Snake.torrent
2013-08-15 16:28 - 2013-08-15 16:27 - 10231662 _____ (The qBittorrent project) C:\Users\Andreas\Downloads\qbittorrent_3.0.11_setup.exe
2013-08-15 16:27 - 2013-08-15 16:26 - 00215808 _____ C:\Users\Andreas\Downloads\[isoHunt] 912D0F80B375984560CCB2D4103FB79C5F7729F5.torrent
Files to move or delete:
====================
C:\Users\Andreas\AppData\Local\Temp\1_Offer_6.exe
C:\Users\Andreas\AppData\Local\Temp\98631uninstall.exe
C:\Users\Andreas\AppData\Local\Temp\H20.exe
C:\Users\Andreas\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Andreas\AppData\Local\Temp\PlaySound.dll
C:\Users\Andreas\AppData\Local\Temp\Quarantine.exe
C:\Users\Andreas\AppData\Local\Temp\SevenZip-Installer.exe
C:\Users\Andreas\AppData\Local\Temp\SHSetup.exe
C:\Users\Andreas\AppData\Local\Temp\Sqlite3.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-09-11 21:58
==================== End Of Log ============================
Addibro's Avatar
Addibro Addibro is offline
Member with 41 posts.
THREAD STARTER
 
Join Date: Sep 2013
12-Sep-2013, 01:56 PM #35
And here's the Additional log:

----------------------------------------

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-09-2013 02
Ran by Andreas at 2013-09-12 19:54:37
Running from C:\Users\Andreas\Desktop
Boot Mode: Normal
==========================================================

==================== Installed Programs =======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adblock Plus for IE (32-bit and 64-bit) (Version: 1.0)
Adblock Plus for IE (x32 Version: 1.0)
Addictive Drums (x32)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.168)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.04) - Svenska (x32 Version: 11.0.04)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Apple-programstöd (x32 Version: 2.3.4)
Assassin's Creed II (x32)
Assassin's Creed(R) III v1.05 (x32 Version: 1.05)
ASUS USB-N13 WLAN Card Utilities & Driver (x32 Version: 1.0.0.7)
AudioConverter (x32)
BankID säkerhetsprogram (x32 Version: 4.19.3)
Bioshock Infinite (x32)
Bonjour (Version: 3.0.0.10)
BOSS (x32 Version: 2.1.1)
Cinesamples Drums of War 2 (x32)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Company of Heroes 2 (x32)
DAEMON Tools Lite (x32 Version: 4.47.1.0333)
diamondata 3.0.0 (Version: 3.0.0)
DigiDesign Focusrite D3 AudioSuite 1.51.345 (x32)
DProtect (x32)
Dropbox (HKCU Version: 2.0.22)
East West Ra (x32)
East West Stormdrum Kompakt (x32)
East West Symphonic Choirs (x32)
eLicenser Control (x32)
EWQL Orchestra 24 Bit Platinum (Version: 1.0.083)
Free MP4 Video Converter version 5.0.28.812 (x32 Version: 5.0.28.812)
GeForce Experience NvStream Client Components (Version: 0.1.87)
Google Chrome (x32 Version: 29.0.1547.66)
Google Update Helper (x32 Version: 1.3.21.153)
Grand Theft Auto IV (HKCU)
Guitar Pro 5.2 (x32)
Half-Life 2 (x32)
Half-Life 2: Lost Coast (x32)
Handelsbanken kortläsare (x32 Version: 1.00.0000)
iCloud (Version: 2.1.2.8)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.5.235)
iTunes (Version: 11.0.5.5)
Kontakt Designer Volume 1 - Metallurgy (x32)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mass Effect 2 (x32)
Max Payne 3 (x32)
Metro: Last Light (c) Deep Silver version 1 (x32 Version: 1)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office XP Standard (x32 Version: 10.0.6626.0)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
N.I. Reaktor v5.1.1 (x32 Version: 5.1.1)
Native Instruments Absynth 4 (x32)
Native Instruments Battery 4 (Version: 4.0.1.2234)
Native Instruments Battery 4 (x32 Version: 4.0.1.2234)
Native Instruments Controller Editor (Version: 1.5.1.1124)
Native Instruments Controller Editor (x32)
Native Instruments Damage (Version: 1.0.0.003)
Native Instruments Damage (x32)
Native Instruments Electric Vice (Version: 1.0.0.002)
Native Instruments Electric Vice (x32)
Native Instruments Guitar Rig 5 (Version: 5.1.1.2673)
Native Instruments Guitar Rig 5 (x32)
Native Instruments Guitar Rig Mobile I/O (Version: 3.0.0.625)
Native Instruments Guitar Rig Mobile I/O (x32)
Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)
Native Instruments Guitar Rig Session I/O (x32)
Native Instruments Kontakt 5 (Version: 5.1.0.6066)
Native Instruments Kontakt 5 (x32)
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS (x32)
Native Instruments Monark (Version: 1.0.0.001)
Native Instruments Monark (x32)
Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)
Native Instruments Rig Kontrol 3 (x32)
Native Instruments Service Center (Version: 2.3.2.926)
Native Instruments Service Center (x32)
Native Instruments Vienna Concert Grand (Version: 1.0.0.002)
Native Instruments Vienna Concert Grand (x32)
Native Instruments Xpress Keyboards (x32)
NETGEAR USB Control Center (x32 Version: 1.11)
Nexus Mod Manager (Version: 0.44.15)
NVIDIA 3D Vision Controller Driver 326.80 (Version: 326.80)
NVIDIA 3D Vision Driver 326.80 (Version: 326.80)
NVIDIA Control Panel 326.80 (Version: 326.80)
NVIDIA GeForce Experience 1.6.1 (Version: 1.6.1)
NVIDIA Graphics Driver 326.80 (Version: 326.80)
NVIDIA HD Audio Driver 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.133.902)
NVIDIA PhysX (x32 Version: 9.13.0725)
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2680)
NVIDIA Update 8.3.14 (Version: 8.3.14)
NVIDIA Update Components (Version: 8.3.14)
NVIDIA Virtual Audio 1.2.5 (Version: 1.2.5)
Play Update 3.0.47 (Version: 3.0.47)
PunkBuster Services (x32 Version: 0.991)
qBittorrent 3.0.11 (x32 Version: 3.0.11)
QUAD-CAPTURE Driver
QuickTime (x32 Version: 7.74.80.86)
RCRN - Realistic Colors and Real Nights v3.6 (x32)
Realtek Ethernet Controller Driver (x32 Version: 7.65.1025.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6767)
rgc:audio z3ta+ 1.5 (x64) (Version: 1.5)
Rockstar Games Social Club (x32 Version: 1.1.0.6)
SHIELD Streaming (Version: 1.05.28)
Skype Click to Call (x32 Version: 6.11.13348)
Skype™ 6.6 (x32 Version: 6.6.106)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
Steam (x32 Version: 1.0.0.0)
Steinberg Cubase 5 (x32 Version: 5.1.0)
Steinberg Cubase 7 64bit (Version: 7.0.5)
Steinberg Drum Loop Expansion 01 (x32 Version: 2.0.0.0)
Steinberg Eucon Adapter 6.5 64bit (Version: 6.5.1)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (x32 Version: 1.0.0)
Steinberg Groove Agent ONE Content (x32 Version: 1.0.0.003)
Steinberg Groove Agent ONE Vintage Beatboxes (x32 Version: 1.0.0.000)
Steinberg HALion Sonic SE 64bit (Version: 1.6.3)
Steinberg HALion Sonic SE Content (x32 Version: 1.6.1)
Steinberg HALionOne (x32 Version: 1.1.0.457)
Steinberg HALionOne Expression Set (x32 Version: 1.0.1.0)
Steinberg HALionOne GM Drum Set (x32 Version: 1.0.1.457)
Steinberg HALionOne GM Set (x32 Version: 1.0.1.457)
Steinberg HALionOne Pro Set (x32 Version: 1.0.1.457)
Steinberg HALionOne Studio Drum Set (x32 Version: 1.0.1.457)
Steinberg HALionOne Studio Set (x32 Version: 1.0.1.457)
Steinberg LoopMash Content (x32 Version: 2.0.0.000)
Steinberg LoopMash Content 2 (x32 Version: 1.0.0.000)
Steinberg Midi Loop Library (x32 Version: 1.0.0)
Steinberg Padshop 64bit (Version: 1.1.0)
Steinberg Retrologue 64bit (Version: 1.1.0)
Steinberg REVerence Content 01 (x32 Version: 2.0.1.000)
Steinberg Upload Manager (x32 Version: 1.0.1)
Steinberg VST Amp Rack Content 01 (x32 Version: 1.0.1)
SUPERAntiSpyware (Version: 5.6.1032)
The Elder Scrolls V: Skyrim (x32)
The Walking Dead.Gold Edition (x32 Version: The Walking Dead.Gold Edition)
Total War: SHOGUN 2 (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Uplay (x32 Version: 2.1)
Waves Diamond Bundle 4.05 (x32)
Waves Musicians Bundle v5.0 (x32)
Waves Renaissance Collection 2 3.5 (x32)
Waves SSL Collection v1.2 (x32)
Waves Vocal Bundle v1.1 (x32)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
VLC media player 2.0.8 (x32 Version: 2.0.8)
==================== Restore Points =========================
08-09-2013 11:30:28 Removed Waves Complete V9r13
09-09-2013 12:15:05 Borttagen Tom Clancy's Splinter Cell Conviction
10-09-2013 16:38:05 Windows Update
10-09-2013 20:28:56 Adblock Plus for IE
11-09-2013 13:02:39 Installed SpyHunter
11-09-2013 13:15:37 Removed SpyHunter
==================== Hosts content: ==========================
2009-07-14 04:34 - 2013-05-27 20:31 - 00000418 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 http://virscan.com
127.0.0.1 http://virusscan.jotti.org/
127.0.0.1 virusscan.jotti.org/
127.0.0.1 www.virusscan.jotti.org/
127.0.0.1 scanner.novirusthanks.org/
127.0.0.1 http://scanner.novirusthanks.org/
127.0.0.1 www.scanner.novirusthanks.org/
==================== Scheduled Tasks (whitelisted) =============
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {046E26A7-4069-49A2-B8DF-8883B552EF12} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11] (Adobe Systems Incorporated)
Task: {2112FA30-2927-4F9F-BB36-5073BFCEADDA} - System32\Tasks\{D96E26C6-A291-4179-A2F0-9AE7ECCCC012} => D:\Spel\SteamApps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe [2013-05-19] ()
Task: {21ADFEEE-F1A4-4A9B-B811-BBB6FE2AC5E5} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2013-06-20] (Microsoft Corporation)
Task: {43716F4E-CC1F-48F4-82AB-D078E67061FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-10] (Google Inc.)
Task: {7224936C-B9A0-409A-AE45-40D34E1FD738} - System32\Tasks\{B1B3C8E7-9C61-4078-8919-173C0241188C} => C:\Windows\System32\msiexec.exe [2010-11-21] (Microsoft Corporation)
Task: {824217C9-6458-4C54-ABC2-9885330C2939} - \BrowserDefendert No Task File
Task: {8C6C1ADF-1727-4D15-8D4C-E8296FFD0B5F} - System32\Tasks\{E73EC5B8-42D8-459A-A007-6762F600FE08} => C:\Windows\System32\msiexec.exe [2010-11-21] (Microsoft Corporation)
Task: {941C33E8-A4FE-49DE-ABDC-D77A0CEE2ED6} - System32\Tasks\{B9B5F397-FB17-4707-8DA1-5E49DBA3E235} => D:\Spel\SteamApps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe [2013-05-19] ()
Task: {AF96A84F-2173-4339-909F-770BB5110268} - System32\Tasks\{8D3611FC-8DDB-408D-9A8F-085FA81B3726} => C:\Windows\System32\msiexec.exe [2010-11-21] (Microsoft Corporation)
Task: {B47FAC9A-AC90-4606-86E7-CF0F0E1B832E} - \EPUpdater No Task File
Task: {B70E19C7-175E-4ED8-9459-AFC557450036} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-10] (Google Inc.)
Task: {C5D9CB87-5131-40D9-A9DF-58C32B56F634} - System32\Tasks\SUPERAntiSpyware Scheduled Task 2a1c52e5-debe-46ae-a8f3-bb926b2c3236 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-05-23] (SUPERAdBlocker.com)
Task: {D9604A07-5F51-46FA-A6BC-14CB9FA978A7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E1F8AC3D-4C65-481C-B608-09278C8D4365} - System32\Tasks\SUPERAntiSpyware Scheduled Task 765ddd47-7860-490e-974f-4944e3312867 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-05-23] (SUPERAdBlocker.com)
Task: {ED1BDE69-214B-42D5-8CCA-3B2BB7506040} - \Dealply No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 2a1c52e5-debe-46ae-a8f3-bb926b2c3236.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 765ddd47-7860-490e-974f-4944e3312867.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Loaded Modules (whitelisted) =============
2013-05-25 00:31 - 2013-08-18 23:02 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2013-05-06 18:01 - 2013-08-18 23:02 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-05-06 18:01 - 2013-08-18 23:02 - 01412832 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2013-05-06 18:01 - 2013-08-18 23:02 - 15900936 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2012-12-14 02:42 - 2012-12-14 02:42 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrSVE.lrc
2012-11-12 13:34 - 2013-05-06 18:03 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-05-06 18:01 - 2013-08-18 23:02 - 15703176 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2013-05-25 02:36 - 2013-05-25 02:36 - 00164016 _____ (Dropbox, Inc.) C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2013-05-18 16:36 - 2013-04-13 07:49 - 00308736 _____ (Microsoft Corporation) C:\Windows\AppPatch\AppPatch64\AcGenral.DLL
2013-05-06 20:31 - 2012-12-07 16:48 - 01714176 _____ (Steinberg Media Technologies GmbH) C:\Windows\system32\SYNSOACC.DLL
2013-02-22 08:51 - 2013-02-22 08:51 - 01772544 _____ (Steinberg Media Technologies GmbH) C:\Program Files\Common Files\Steinberg\Shared Components\euconadapter65.dll
2012-11-02 20:27 - 2012-11-02 20:27 - 01625088 _____ (Steinberg Media Technologies) C:\Program Files\Steinberg\Cubase 7\Components\omffilter.dll
2012-11-08 17:23 - 2012-11-08 17:23 - 00659456 _____ (Steinberg Media Technologies) C:\Program Files\Steinberg\Cubase 7\Components\VSTPlugManager.dll
2013-02-27 14:12 - 2013-02-27 14:12 - 00582144 _____ (Steinberg Media Technologies GmbH) C:\Program Files\Steinberg\Cubase 7\Components\Baios.dll
2013-06-03 13:44 - 2013-06-03 13:44 - 02997760 _____ (Steinberg Media Technologies) C:\Program Files\Steinberg\Cubase 7\Components\videoengine.dll
2013-05-27 21:46 - 2011-02-18 15:10 - 00138240 _____ (Roland Corporation) C:\Windows\system32\Rdas1117.dll
2012-11-26 12:12 - 2012-11-26 12:12 - 02181120 _____ (Propellerhead Software AB) C:\Program Files\Common Files\Propellerhead Software\ReWire\ReWire.dll
2012-12-03 16:09 - 2012-12-03 16:09 - 00388608 _____ (Steinberg Media Technologies) C:\Program Files\Steinberg\Cubase 7\Components\hubservice.dll
2013-06-13 11:45 - 2013-06-13 11:45 - 00053760 _____ (Steinberg Media Technologies GmbH) C:\Program Files\Steinberg\Cubase 7\Components\exceptiondumper.dll
2013-08-24 00:49 - 2013-08-18 23:02 - 29337376 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.DLL
2013-05-31 15:14 - 2013-05-31 15:14 - 15564288 _____ (Steinberg Media Technologies) C:\Program Files\Steinberg\Cubase 7\VST3\Cubase Plug-in Set.vst3
2013-02-14 15:49 - 2013-02-14 15:49 - 01710592 _____ (Steinberg) C:\Program Files\Steinberg\Cubase 7\VST3\surroundpanner.vst3
2013-05-26 17:32 - 2010-06-29 15:22 - 01367040 _____ (Hewlett-Packard ) C:\Windows\system32\spool\DRIVERS\x64\3\HP1006U.DLL
2013-05-26 17:32 - 2010-06-29 15:22 - 00077824 _____ (Hewlett-Packard ) C:\Windows\system32\spool\DRIVERS\x64\3\HP1006L.DLL
2013-05-26 17:32 - 2010-06-29 15:22 - 00290816 _____ (Hewlett-Packard ) C:\Windows\system32\spool\DRIVERS\x64\3\HP1006C.DLL
2012-11-30 17:54 - 2012-11-30 17:54 - 44222976 _____ (Steinberg Media Technologies) C:\Program Files\Common Files\Steinberg\Shared Components\HALion Sonic SE\HALion Sonic SE.dll
2013-05-27 18:37 - 2012-12-19 17:00 - 40186232 _____ (Native Instruments GmbH) C:\Program Files\Steinberg\Vstplugins\Kontakt 5.dll
2013-03-31 17:00 - 2013-03-31 17:00 - 00318464 _____ (Propellerhead Software AB) C:\Program Files\Common Files\Native Instruments\Helper\REX Shared Library 64.dll
2012-12-19 17:00 - 2012-12-19 17:00 - 04125184 _____ (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Kontakt 5\kconvert64.dll
2013-05-25 02:44 - 2013-04-17 12:45 - 16858051 _____ (East West) C:\Program Files\Steinberg\Vstplugins\play_VST_x64.dll
2013-04-17 11:38 - 2013-04-17 11:38 - 02294784 _____ (East West) C:\ProgramData\East West\playgui\playgui_x64.dll
2011-03-09 15:45 - 2011-03-09 15:45 - 03331584 _____ () C:\ProgramData\East West\playgui\QtCore_x64_4.dll
2011-03-09 15:55 - 2011-03-09 15:55 - 11862528 _____ () C:\ProgramData\East West\playgui\QtGui_x64_4.dll
2011-03-09 15:46 - 2011-03-09 15:46 - 01217024 _____ () C:\ProgramData\East West\playgui\QtNetwork_x64_4.dll
2013-06-12 15:50 - 2012-11-27 17:00 - 77175160 _____ (Native Instruments GmbH) C:\Program Files\Steinberg\Vstplugins\Guitar Rig 5.dll
2013-09-09 14:04 - 2013-09-09 14:04 - 00506944 _____ () C:\Users\Andreas\AppData\Local\DProtect\eBP.dll
2013-09-09 14:04 - 2013-09-09 14:04 - 00062016 _____ () C:\Users\Andreas\AppData\Local\DProtect\eBPSD.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00053648 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-15 13:07 - 2012-11-15 13:07 - 00794560 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\tokenapi.dll
2012-11-15 13:12 - 2012-11-15 13:12 - 00481216 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\branding.dll
2012-11-15 13:12 - 2012-11-15 13:12 - 00083904 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\br_enu.dll
2012-11-15 13:11 - 2012-11-15 13:11 - 00723904 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_dan.dll
2012-11-15 13:12 - 2012-11-15 13:12 - 00725440 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_fin.dll
2012-11-15 13:11 - 2012-11-15 13:11 - 00104896 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_frfr.dll
2012-11-15 13:12 - 2012-11-15 13:12 - 00731584 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_nlnl.dll
2012-11-15 13:12 - 2012-11-15 13:12 - 00721344 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_nor.dll
2012-11-15 13:12 - 2012-11-15 13:12 - 00102848 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_plpl.dll
2012-11-15 13:11 - 2012-11-15 13:11 - 00103360 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_svse.dll
2012-11-14 01:32 - 2012-11-14 01:32 - 03558400 _____ (wxWidgets development team) C:\Users\Andreas\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 24978944 _____ () C:\Users\Andreas\AppData\Roaming\Dropbox\bin\libcef.dll
2013-03-13 22:48 - 2013-03-13 22:48 - 09956864 _____ (The ICU Project) C:\Users\Andreas\AppData\Roaming\Dropbox\bin\icudt.dll
2010-11-21 05:25 - 2010-11-21 05:25 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
2013-08-16 09:07 - 2013-08-16 09:07 - 00148808 _____ (Apple Inc.) D:\iTunes\iTunesHelper.dll
2013-08-16 09:17 - 2013-08-16 09:17 - 00041800 _____ (Apple Inc.) D:\iTunes\iTunesHelper.Resources\sv.lproj\iTunesHelperLocalized.DLL
2013-08-16 09:07 - 2013-08-16 09:07 - 00040264 _____ (Apple Inc.) D:\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
2011-08-30 23:05 - 2011-08-30 23:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2013-05-06 20:31 - 2012-10-25 17:30 - 01503232 _____ (Steinberg Media Technologies GmbH) C:\Program Files (x86)\eLicenser\POS\SynsoSeL.dll
2013-09-09 16:50 - 2004-10-11 15:57 - 04833280 _____ (Native Instruments Software Synthesis GmbH) C:\Program Files\Steinberg\Cubase 7\VSTPlugIns\Pro-53XpressVST.dll
2013-06-10 00:46 - 2004-10-08 17:13 - 00696320 _____ (Native Instruments GmbH) C:\Program Files (x86)\Native Instruments\Pro-53 Xpress\Presets\Pro-53.DLL
2013-08-13 16:54 - 2013-08-13 16:54 - 00441608 _____ (Adblock Plus) C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
2013-09-11 00:36 - 2013-09-11 00:36 - 16242568 ____R (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_168.ocx
==================== Alternate Data Streams (whitelisted) ==========
AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:e9vwLAy8RuMToojZBgGSrpWWMn
AlternateDataStreams: C:\ProgramData\Microsoft:2OPWWz6gTBf6k3gT9GsEKp02UENd
AlternateDataStreams: C:\ProgramData\Microsoft:TWXdsqCtPZG9iBebiSspi
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Andreas\Local Settings:uUO0HEtw8Yi6JMfRvc7V
AlternateDataStreams: C:\Users\Andreas\AppData\Local:uUO0HEtw8Yi6JMfRvc7V
AlternateDataStreams: C:\Users\Andreas\AppData\Local\Application Data:uUO0HEtw8Yi6JMfRvc7V

==================== Faulty Device Manager Devices =============
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 36%
Total physical RAM: 16268.51 MB
Available physical RAM: 10331.36 MB
Total Pagefile: 32535.21 MB
Available Pagefile: 26044.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:167.58 GB) (Free:34.75 GB) NTFS
Drive d: (Magamemnon) (Fixed) (Total:1863.01 GB) (Free:1140.08 GB) NTFS
Drive f: (INTENSO) (Fixed) (Total:596.17 GB) (Free:272.86 GB) NTFS
Drive g: (Electric Vice) (CDROM) (Total:0.31 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4E2BD590)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 168 GB) (Disk ID: 75812EF6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=168 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 596 GB) (Disk ID: 2E6186C6)
Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Addibro's Avatar
Addibro Addibro is offline
Member with 41 posts.
THREAD STARTER
 
Join Date: Sep 2013
12-Sep-2013, 02:05 PM #36
Here's the RogueKiller log:

-----------------------------------------

RogueKiller V8.6.11 _x64_ [Sep 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Andreas [Admin rights]
Mode : Scan -- Date : 09/12/2013 20:04:01
| ARK || FAK || MBR |
¤¤¤ Bad processes : 2 ¤¤¤
[SUSP PATH] DProtectSvc.exe -- C:\Users\Andreas\AppData\Local\DProtect\DProtectSvc.exe [7] -> KILLED [TermProc]
[HIDDEN] DProtectSvc.exe -- C:\Users\Andreas\AppData\Local\DProtect\DProtectSvc.exe [7] -> KILLED [TermProc]
¤¤¤ Registry Entries : 8 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : Mal.Hosts ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 hxxp://virusscan.jotti.org/ --> Potentially malicious!
127.0.0.1 virusscan.jotti.org/ --> Potentially malicious!
127.0.0.1 www.virusscan.jotti.org/ --> Potentially malicious!
127.0.0.1 hxxp://virscan.com
127.0.0.1 hxxp://virusscan.jotti.org/
127.0.0.1 virusscan.jotti.org/
127.0.0.1 www.virusscan.jotti.org/
127.0.0.1 scanner.novirusthanks.org/
127.0.0.1 hxxp://scanner.novirusthanks.org/
127.0.0.1 www.scanner.novirusthanks.org/

¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST2000DM001-1CH164 ATA Device +++++
--- User ---
[MBR] 192c5de1be4b7c8d834f8bac49b3c9ff
[BSP] 9ef20e3fe1d82828c669a9f90d9c65a5 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1907727 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: ST2000DM001-1CH164 ATA Device +++++
--- User ---
[MBR] 29eef110312278052910115fc28690df
[BSP] f7c05f3204fcafcf7ffbcd3ed6fc9d31 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 171603 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive2: ST2000DM001-1CH164 ATA Device +++++
--- User ---
[MBR] 347a115c9e3f28752a81f92ea84cd48c
[BSP] b90bc91a76b9ab15dfe127e04c2b074b : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 610477 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[0]_S_09122013_200401.txt >>
Addibro's Avatar
Addibro Addibro is offline
Member with 41 posts.
THREAD STARTER
 
Join Date: Sep 2013
12-Sep-2013, 09:21 PM #37
Hi guys.

Update. When I try to add a file into a mail, "Internet Explorer stops working", and the web page is reloaded. Don't know if this has to do with the QVO6-maleware, but I guess so.
Mark1956's Avatar
Malware Removal Specialist with 13,709 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
13-Sep-2013, 04:27 AM #38
Lets first try and remove the infection then we can deal with any remaining performance issues.

Run these scans in the order listed.

Please download RKill
There are three buttons to choose from with different names on, select the first one and save it to your desktop.

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7, right-click on it and select Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
  • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
  • If the tool does not run from any of the links provided, please let me know.
DO NOT REBOOT until ADWCleaner has been run<-- very important

Next, run a scan with ADWCleaner and then click on the Clean button, post the log produced after the reboot.


NEXT: Download Shortcut Cleaner and save it to your desktop.
Once the program has been downloaded, please double-click on the sc-cleaner.exe icon that will now be on your desktop.
If Windows prompts you as to whether or not you wish to run Shortcut Cleaner, please allow it to run. Once the program starts, it will scan your computer for hijacked shortcuts and clean them.
When it has finished it will display a log file that contains a list of all Windows shortcuts that were hijacked and disinfected.
Copy & Paste the log into your next reply.
Addibro's Avatar
Addibro Addibro is offline
Member with 41 posts.
THREAD STARTER
 
Join Date: Sep 2013
13-Sep-2013, 05:12 AM #39
Ok, here's Rkill's log:

----------------------------

Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 09/13/2013 11:08:36 AM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]
Backup Registry file created at:
C:\Users\Andreas\Desktop\rkill\rkill-09-13-2013-11-08-37.reg
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* C:\Windows\System32\user32.dll : 1 008 640 : 05/26/2013 07:28 PM : 2c353b6ce0c8d03225caa2af33b68d79 [NoSig]
+-> C:\Windows\SysWOW64\user32.dll : 833 024 : 05/26/2013 07:28 PM : 861c4346f9281dc0380de72c8d55d6be [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll : 1 008 128 : 11/21/2010 05:24 AM : fe70103391a64039a921dbfff9c7ab1b [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll : 833 024 : 11/21/2010 05:24 AM : 5e0db2d8b2750543cd2ebb9ea8e6cdd3 [Pos Repl]
Checking HOSTS File:
* HOSTS file entries found:
127.0.0.1 http://virscan.com
127.0.0.1 http://virusscan.jotti.org/
127.0.0.1 virusscan.jotti.org/
127.0.0.1 www.virusscan.jotti.org/
127.0.0.1 scanner.novirusthanks.org/
127.0.0.1 http://scanner.novirusthanks.org/
127.0.0.1 www.scanner.novirusthanks.org/
Program finished at: 09/13/2013 11:08:44 AM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)
Addibro's Avatar
Addibro Addibro is offline
Member with 41 posts.
THREAD STARTER
 
Join Date: Sep 2013
13-Sep-2013, 05:13 AM #40
And here's AdwCleaner after reboot:

--------------------------------------------------

# AdwCleaner v3.003 - Report created 13/09/2013 at 11:09:46
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Andreas - AGAMEMNON
# Running from : C:\Users\Andreas\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\op en\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16635
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v
[ File : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js ]

-\\ Google Chrome v29.0.1547.66
[ File : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************
AdwCleaner[R0].txt - [11954 octets] - [11/09/2013 15:57:57]
AdwCleaner[R1].txt - [5099 octets] - [11/09/2013 23:44:09]
AdwCleaner[R2].txt - [4245 octets] - [11/09/2013 23:59:05]
AdwCleaner[R3].txt - [5285 octets] - [12/09/2013 00:07:04]
AdwCleaner[R4].txt - [5405 octets] - [12/09/2013 00:17:58]
AdwCleaner[R5].txt - [5525 octets] - [12/09/2013 00:20:51]
AdwCleaner[R6].txt - [5645 octets] - [12/09/2013 11:08:29]
AdwCleaner[R7].txt - [5658 octets] - [12/09/2013 13:58:53]
AdwCleaner[R8].txt - [5778 octets] - [13/09/2013 11:09:32]
AdwCleaner[S0].txt - [9562 octets] - [11/09/2013 15:59:09]
AdwCleaner[S1].txt - [2867 octets] - [11/09/2013 23:45:59]
AdwCleaner[S2].txt - [2595 octets] - [11/09/2013 23:59:22]
AdwCleaner[S3].txt - [3047 octets] - [12/09/2013 00:07:27]
AdwCleaner[S4].txt - [3318 octets] - [12/09/2013 00:19:05]
AdwCleaner[S5].txt - [3287 octets] - [12/09/2013 00:21:17]
AdwCleaner[S6].txt - [3407 octets] - [12/09/2013 11:08:42]
AdwCleaner[S7].txt - [3418 octets] - [12/09/2013 13:59:13]
AdwCleaner[S8].txt - [3398 octets] - [13/09/2013 11:09:46]
########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [3458 octets] ##########
Addibro's Avatar
Addibro Addibro is offline
Member with 41 posts.
THREAD STARTER
 
Join Date: Sep 2013
13-Sep-2013, 05:14 AM #41
And the Shortcut Cleaner:

-------------------------------------------------

Shortcut Cleaner 1.2.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/down...rtcut-cleaner/
Windows Version: Windows 7 Ultimate Service Pack 1
Program started at: 09/13/2013 11:13:37 AM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\
* Shortcut Cleaned: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&ut...&ts=1379063427
* Shortcut Cleaned: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&ut...&ts=1379063427
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
* Shortcut Cleaned: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&ut...&ts=1379063427
Searching C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
* Shortcut Cleaned: C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&ut...&ts=1379063427
* Shortcut Cleaned: C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&ut...&ts=1379063427
* Shortcut Cleaned: C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&ut...&ts=1379063427
* Shortcut Cleaned: C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&ut...&ts=1379063427
Searching C:\Users\Public\Desktop\
* Shortcut Cleaned: C:\Users\Public\Desktop\Google Chrome.lnk => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.qvo6.com/?utm_source=b&ut...&ts=1379063427
Searching C:\Users\Andreas\Desktop

8 bad shortcuts found.
Program finished at: 09/13/2013 11:13:37 AM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)
Mark1956's Avatar
Malware Removal Specialist with 13,709 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
13-Sep-2013, 07:44 AM #42
Lets see if that has got rid of the infection. Reboot the system then please run ADWCleaner again, Scan and then Clean, and post the new log.
Addibro's Avatar
Addibro Addibro is offline
Member with 41 posts.
THREAD STARTER
 
Join Date: Sep 2013
14-Sep-2013, 10:15 AM #43
Ok, here's AwdCleaner's log:

----------------------------------------------

# AdwCleaner v3.003 - Report created 14/09/2013 at 16:12:51
# Updated 07/09/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Andreas - AGAMEMNON
# Running from : C:\Users\Andreas\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Andreas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\op en\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16635
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v
[ File : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0\prefs.js ]

-\\ Google Chrome v29.0.1547.66
[ File : C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted : homepage
Deleted : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [11954 octets] - [11/09/2013 15:57:57]
AdwCleaner[R1].txt - [5099 octets] - [11/09/2013 23:44:09]
AdwCleaner[R2].txt - [4245 octets] - [11/09/2013 23:59:05]
AdwCleaner[R3].txt - [5285 octets] - [12/09/2013 00:07:04]
AdwCleaner[R4].txt - [5405 octets] - [12/09/2013 00:17:58]
AdwCleaner[R5].txt - [5525 octets] - [12/09/2013 00:20:51]
AdwCleaner[R6].txt - [5645 octets] - [12/09/2013 11:08:29]
AdwCleaner[R7].txt - [5658 octets] - [12/09/2013 13:58:53]
AdwCleaner[R8].txt - [5778 octets] - [13/09/2013 11:09:32]
AdwCleaner[R9].txt - [6059 octets] - [14/09/2013 16:12:37]
AdwCleaner[S0].txt - [9562 octets] - [11/09/2013 15:59:09]
AdwCleaner[S1].txt - [2867 octets] - [11/09/2013 23:45:59]
AdwCleaner[S2].txt - [2595 octets] - [11/09/2013 23:59:22]
AdwCleaner[S3].txt - [3047 octets] - [12/09/2013 00:07:27]
AdwCleaner[S4].txt - [3318 octets] - [12/09/2013 00:19:05]
AdwCleaner[S5].txt - [3287 octets] - [12/09/2013 00:21:17]
AdwCleaner[S6].txt - [3407 octets] - [12/09/2013 11:08:42]
AdwCleaner[S7].txt - [3418 octets] - [12/09/2013 13:59:13]
AdwCleaner[S8].txt - [3538 octets] - [13/09/2013 11:09:46]
AdwCleaner[S9].txt - [3685 octets] - [14/09/2013 16:12:51]
########## EOF - C:\AdwCleaner\AdwCleaner[S9].txt - [3745 octets] ##########
Mark1956's Avatar
Malware Removal Specialist with 13,709 posts.
 
Join Date: May 2011
Location: Spain
Experience: Advanced
14-Sep-2013, 01:38 PM #44
Ok, this one was sent to test us.

We need to perform a couple of fixes.


Open Notepad and Copy & Paste the contents of the code box below into it. To do this highlight the entire contents of the box, right click on the highlighted area and select Copy then right click in the Notepad window and select Paste. Save it to the same location that FRST is saved in as fixlist.txt <--- it is very important to spell this name exactly as written here.

Code:
Replace: C:\Windows\SysWOW64\user32.dll  C:\Windows\System32\user32.dll
C:\Users\Andreas\AppData\Local\Temp\1_Offer_6.exe
C:\Users\Andreas\AppData\Local\Temp\98631uninstall.exe
C:\Users\Andreas\AppData\Local\Temp\H20.exe
C:\Users\Andreas\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Andreas\AppData\Local\Temp\PlaySound.dll
C:\Users\Andreas\AppData\Local\Temp\Quarantine.exe
C:\Users\Andreas\AppData\Local\Temp\SevenZip-Installer.exe
C:\Users\Andreas\AppData\Local\Temp\SHSetup.exe
C:\Users\Andreas\AppData\Local\Temp\Sqlite3.dll
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

  • Launch FRST by double clicking on it.
  • When the FRST window opens click on the Fix button just once and wait.
  • The tool will make a log in the same location the program is run from (Fixlog.txt) please Copy & Paste it into your next reply.


When that is done please follow this:


  • Quit all running programs.
  • Start RogueKiller.exe by double clicking on the icon.
  • Wait until Prescan has finished.
  • Ensure all boxes are ticked under "Report" tab.
  • Click on Scan.
  • Click on Hosts fix when complete.
  • Click on Report when the Deletion completes. Copy/paste the contents of the report into your next reply.


==============================================================

These two fixes above needed to be done as part of the clean up and to replace a system file that was missing its digital signature. I doubt this will have any effect on the infection, but just to be sure before we move on to further scans please reboot the system when the above is all done and run ADWCleaner again and post the log.
Addibro's Avatar
Addibro Addibro is offline
Member with 41 posts.
THREAD STARTER
 
Join Date: Sep 2013
15-Sep-2013, 04:03 PM #45
Ok, so if I saved the FRST program on desktop, should I create the Notpad-file on desktop as well? I also have an old FRST log on my desktop, should I delete that file first?
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


Tags
connection, internet

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑