Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Extendedunlimited.org Adware popping up at startup.


  • This topic is locked This topic is locked
6 replies to this topic

#1 uzbuk

uzbuk

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:55 PM

Posted 12 September 2014 - 09:36 AM

So i recently seem to have gotten an Adware. Everytime I start my computer CMD starts google chrome where the site "extendedunlimited.org" pops up.

I've tried to fix the problem with some antivirus software but it doesn't work. 

Please help.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Olle (administrator) on OLLESDATOR on 12-09-2014 15:48:50
Running from C:\Users\Olle\Downloads
Platform: Windows 8.1 (X64) OS Language: Svenska (Sverige)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Spotify Ltd) C:\Users\Olle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Flux Software LLC) C:\Users\Olle\AppData\Local\FluxSoftware\Flux\flux.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Spotify Ltd) C:\Users\Olle\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Olle\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Olle\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Olle\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Olle\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Olle\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-661086226-3269604639-3696677709-1002\...\Run: [Spotify Web Helper] => C:\Users\Olle\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-27] (Spotify Ltd)
HKU\S-1-5-21-661086226-3269604639-3696677709-1002\...\Run: [f.lux] => C:\Users\Olle\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-661086226-3269604639-3696677709-1002\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.se.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x823FC28470CBCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE,sv;q=0.5
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Olle\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-12-21]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSearchKeyword: Default -> 4E7B210A103E8A80157AF0BDA3840CF09D8DF86DD860D9159D92A53066D0BA54
CHR DefaultSearchURL: Default -> FBCFB073AF03D67EA4E1B8D00A9ED3A206C43868656E3D592FD1AED0F060D2A5
CHR Profile: C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-23]
CHR Extension: (Google Wallet) - C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-20]
CHR Extension: (Abstract-Blue) - C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2014-01-27]
CHR Profile: C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (YouTube) - C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-03]
CHR Extension: (Sök på Google) - C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-03]
CHR Extension: (Beached Beauty by toxic) - C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dafhimfgbllobipdpmfeiccmjmfmhcha [2014-01-03]
CHR Extension: (Morning Honey) - C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkpopkpmbddpflbdlgaojojnbabinbop [2014-01-03]
CHR Extension: (Seduction) - C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idmgnamhacobcfnkgngekbepjdcapbop [2014-01-03]
CHR Extension: (Google Wallet) - C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-03]
CHR Extension: (Gmail) - C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-03]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-08-20] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-20] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-09-04] (LogMeIn Inc.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-03-14] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-11-27] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
R3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [33448 2014-05-19] (Razer Inc)
R3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [31400 2014-05-19] (Razer Inc)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-12 15:48 - 2014-09-12 15:49 - 00014347 _____ () C:\Users\Olle\Downloads\FRST.txt
2014-09-12 15:48 - 2014-09-12 15:48 - 02105856 _____ (Farbar) C:\Users\Olle\Downloads\FRST64.exe
2014-09-12 15:48 - 2014-09-12 15:48 - 00000000 ____D () C:\FRST
2014-09-12 15:40 - 2014-09-12 15:47 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-12 15:40 - 2014-09-12 15:41 - 11194928 _____ (SurfRight B.V.) C:\Users\Olle\Downloads\HitmanPro_x64.exe
2014-09-12 15:39 - 2014-09-12 15:39 - 10280824 _____ (SurfRight B.V.) C:\Users\Olle\Downloads\HitmanPro.exe
2014-09-12 15:26 - 2014-09-12 15:27 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 15:26 - 2014-09-12 15:26 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-12 15:26 - 2014-09-12 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-12 15:26 - 2014-09-12 15:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-12 15:26 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-12 15:26 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-12 15:26 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-12 15:25 - 2014-09-12 15:25 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Olle\Downloads\mb3-setup-1878.1878-3.5.1.2522.exe
2014-09-12 15:21 - 2014-09-12 15:21 - 01016261 _____ (Thisisu) C:\Users\Olle\Downloads\JRT.exe
2014-09-12 15:21 - 2014-09-12 15:21 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-12 15:17 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-09-12 15:16 - 2014-09-12 15:19 - 00000000 ____D () C:\AdwCleaner
2014-09-12 15:16 - 2014-09-12 15:16 - 01370467 _____ () C:\Users\Olle\Downloads\adwcleaner_3.309.exe
2014-09-10 16:38 - 2014-09-10 16:38 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Steam
2014-09-10 16:29 - 2014-09-10 16:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-09-09 15:44 - 2014-09-09 16:13 - 00000000 ____D () C:\Users\Olle\Downloads\Dead.Rising 3 by xatab
2014-09-07 17:39 - 2014-09-07 17:39 - 00002110 _____ () C:\Users\Public\Desktop\The Sims™ 3.lnk
2014-09-07 17:39 - 2014-09-07 17:39 - 00000000 ____D () C:\Users\Olle\Documents\Electronic Arts
2014-09-07 16:51 - 2014-09-07 17:02 - 00000000 ____D () C:\Users\Olle\Downloads\The Sims 3 - Razor1911 Final MAXSPEED
2014-09-07 12:49 - 2014-09-07 12:49 - 00003116 _____ () C:\WINDOWS\System32\Tasks\Origin
2014-09-07 12:37 - 2014-09-07 12:37 - 00000000 ____D () C:\Users\Olle\AppData\Local\LogMeIn
2014-09-07 12:37 - 2014-09-07 12:37 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-09-06 19:34 - 2014-09-06 19:34 - 00000222 _____ () C:\Users\Olle\Desktop\Unturned.url
2014-09-06 12:14 - 2014-09-06 12:20 - 00000000 ____D () C:\Program Files (x86)\The SIMS 4 Deluxe Edition
2014-09-06 09:55 - 2014-09-06 09:55 - 00000219 _____ () C:\Users\Olle\Desktop\Dota 2.url
2014-09-04 11:44 - 2014-09-04 11:44 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-09-03 20:40 - 2014-09-03 20:40 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saints Row IV.lnk
2014-09-03 20:40 - 2014-09-03 20:40 - 00000850 _____ () C:\Users\Public\Desktop\Saints Row IV.lnk
2014-09-03 20:33 - 2014-09-12 15:38 - 00000000 ____D () C:\Program Files (x86)\Saints Row IV
2014-08-30 11:17 - 2014-08-30 11:17 - 01397992 _____ () C:\Users\Olle\Downloads\battlelog-web-plugins_2.5.0_148.exe
2014-08-30 10:21 - 2014-08-30 10:21 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-08-30 10:21 - 2014-08-30 10:21 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-08-30 10:20 - 2014-08-30 10:24 - 00002075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk
2014-08-30 10:20 - 2014-08-30 10:24 - 00002063 _____ () C:\Users\Public\Desktop\FL Studio 11.lnk
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Users\Olle\Documents\Image-Line
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Image-Line
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\FlowStone
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Program Files\Image-Line
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Program Files (x86)\DSPRobotics
2014-08-30 10:20 - 2013-03-12 12:47 - 01431552 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\rewire.dll
2014-08-30 10:20 - 2009-09-15 11:14 - 01554944 _____ (HMS http://hp.vector.co.jp/authors/VA012897/) C:\WINDOWS\SysWOW64\vorbis.acm
2014-08-30 10:16 - 2014-08-30 10:20 - 00000000 ____D () C:\Program Files (x86)\Image-Line
2014-08-30 09:58 - 2014-08-30 11:40 - 00000803 _____ () C:\WINDOWS\setupact.log
2014-08-30 09:58 - 2014-08-30 09:58 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-28 16:14 - 2014-09-12 15:38 - 00003000 _____ () C:\WINDOWS\PFRO.log
2014-08-28 15:10 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-27 15:50 - 2014-08-27 15:56 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-08-23 12:18 - 2014-08-23 12:19 - 00000000 ____D () C:\Users\Olle\Documents\My Spore Creations
2014-08-23 12:18 - 2014-08-23 12:19 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Spore
2014-08-23 12:18 - 2014-08-23 12:18 - 00000000 ____D () C:\Users\Olle\AppData\Local\SKIDROW
2014-08-23 12:16 - 2014-08-23 12:16 - 00001689 _____ () C:\Users\Public\Desktop\Spore.lnk
2014-08-23 12:16 - 2014-08-23 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spore
2014-08-22 21:58 - 2014-08-22 21:58 - 00000000 __RHD () C:\Users\Olle\AppData\Roaming\SecuROM
2014-08-20 21:23 - 2014-08-20 21:23 - 00000000 ____D () C:\Users\Olle\AppData\Local\UWebKit
2014-08-20 21:10 - 2014-09-12 15:38 - 01841336 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-20 20:23 - 2014-08-30 11:19 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-08-20 20:23 - 2014-08-20 20:23 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-08-14 10:16 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-14 10:16 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-14 10:11 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-14 10:11 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-14 10:11 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-14 10:11 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-14 10:11 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-14 10:11 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-14 10:11 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-14 10:11 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-14 10:11 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-14 10:11 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-14 10:11 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-14 10:11 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-14 10:11 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-14 10:11 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-14 10:11 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-14 10:11 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-14 10:11 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-14 10:11 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-14 10:11 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-14 10:11 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 10:11 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-14 10:11 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-14 10:11 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-14 10:11 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-14 10:11 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-14 10:11 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-14 10:11 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-14 10:11 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-14 10:11 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-14 10:11 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-14 10:11 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-14 10:11 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-14 10:11 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-14 10:11 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-14 10:11 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-14 10:11 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-14 10:11 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-14 10:11 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-14 10:11 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-14 10:11 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-14 10:11 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-14 10:11 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-14 10:11 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-14 10:10 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-14 10:10 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-14 10:10 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-14 10:10 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-14 10:09 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-14 10:09 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-14 10:09 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-14 10:09 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-14 10:09 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-14 10:09 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-14 10:09 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-14 10:09 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-14 10:09 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-14 10:09 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-14 10:09 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-14 10:09 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-14 10:09 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-14 10:09 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-14 10:09 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-14 10:09 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-14 10:09 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-14 10:09 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-14 10:09 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-14 10:09 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-14 10:09 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-14 10:09 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-14 10:09 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-14 10:09 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-14 10:09 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-14 10:09 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-14 10:09 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-14 10:09 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-14 10:09 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-14 10:09 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-14 10:09 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-14 10:09 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-14 10:09 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-14 10:09 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-14 10:09 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-14 10:09 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-14 10:09 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-14 10:09 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-14 10:09 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-14 10:08 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-14 10:08 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-14 10:08 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-14 10:07 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-14 10:07 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-14 10:07 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-14 10:07 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-14 10:07 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-14 10:07 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-14 10:07 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-14 10:07 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-14 10:07 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-14 10:07 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-14 10:07 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-14 10:07 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-14 10:07 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-14 10:07 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-14 10:07 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-14 10:07 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-14 10:07 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-14 10:07 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-14 10:07 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-14 10:07 - 2014-05-31 12:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-14 10:07 - 2014-05-31 12:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-14 10:07 - 2014-05-31 12:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-14 10:07 - 2014-05-31 12:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-14 10:07 - 2014-05-31 12:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-14 10:07 - 2014-05-31 08:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-14 10:07 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-14 10:07 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-14 10:07 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-14 10:07 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-14 10:07 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-14 10:07 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-14 10:07 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-14 10:07 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-14 10:07 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-14 10:07 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-12 15:49 - 2014-09-12 15:48 - 00014347 _____ () C:\Users\Olle\Downloads\FRST.txt
2014-09-12 15:49 - 2014-06-27 10:44 - 00001024 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf91e3fa561dc6.job
2014-09-12 15:48 - 2014-09-12 15:48 - 02105856 _____ (Farbar) C:\Users\Olle\Downloads\FRST64.exe
2014-09-12 15:48 - 2014-09-12 15:48 - 00000000 ____D () C:\FRST
2014-09-12 15:47 - 2014-09-12 15:40 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-12 15:46 - 2013-12-20 18:39 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Spotify
2014-09-12 15:45 - 2013-11-14 09:31 - 01740478 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-12 15:45 - 2013-11-14 09:15 - 00732588 _____ () C:\WINDOWS\system32\perfh01D.dat
2014-09-12 15:45 - 2013-11-14 09:15 - 00151960 _____ () C:\WINDOWS\system32\perfc01D.dat
2014-09-12 15:44 - 2013-12-20 18:20 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Skype
2014-09-12 15:44 - 2013-12-20 18:11 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-661086226-3269604639-3696677709-1002
2014-09-12 15:41 - 2014-09-12 15:40 - 11194928 _____ (SurfRight B.V.) C:\Users\Olle\Downloads\HitmanPro_x64.exe
2014-09-12 15:41 - 2014-02-28 21:37 - 00002206 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 15:40 - 2014-01-05 19:53 - 00003928 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{37B83FDC-CE20-4FDD-8754-D41A84102603}
2014-09-12 15:39 - 2014-09-12 15:39 - 10280824 _____ (SurfRight B.V.) C:\Users\Olle\Downloads\HitmanPro.exe
2014-09-12 15:39 - 2014-02-28 21:36 - 00001008 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-12 15:39 - 2013-12-22 15:08 - 00000000 __RDO () C:\Users\Olle\SkyDrive
2014-09-12 15:38 - 2014-09-03 20:33 - 00000000 ____D () C:\Program Files (x86)\Saints Row IV
2014-09-12 15:38 - 2014-08-28 16:14 - 00003000 _____ () C:\WINDOWS\PFRO.log
2014-09-12 15:38 - 2014-08-20 21:10 - 01841336 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-12 15:38 - 2014-05-02 11:23 - 00000000 ____D () C:\Program Files (x86)\Metro Last Light
2014-09-12 15:38 - 2013-12-22 14:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-12 15:38 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-12 15:38 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-12 15:27 - 2014-09-12 15:26 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 15:26 - 2014-09-12 15:26 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-12 15:26 - 2014-09-12 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-12 15:26 - 2014-09-12 15:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-12 15:25 - 2014-09-12 15:25 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Olle\Downloads\mb3-setup-1878.1878-3.5.1.2522.exe
2014-09-12 15:21 - 2014-09-12 15:21 - 01016261 _____ (Thisisu) C:\Users\Olle\Downloads\JRT.exe
2014-09-12 15:21 - 2014-09-12 15:21 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-12 15:19 - 2014-09-12 15:16 - 00000000 ____D () C:\AdwCleaner
2014-09-12 15:19 - 2013-12-22 14:55 - 00000000 ____D () C:\Users\Olle
2014-09-12 15:16 - 2014-09-12 15:16 - 01370467 _____ () C:\Users\Olle\Downloads\adwcleaner_3.309.exe
2014-09-12 15:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-11 20:44 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-11 20:38 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-10 16:38 - 2014-09-10 16:38 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Steam
2014-09-10 16:38 - 2014-01-05 20:21 - 00000000 ____D () C:\Users\Olle\Documents\my games
2014-09-10 16:29 - 2014-09-10 16:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-09-10 16:29 - 2013-12-20 19:47 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-09-09 16:31 - 2014-07-12 21:28 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\uTorrent
2014-09-09 16:13 - 2014-09-09 15:44 - 00000000 ____D () C:\Users\Olle\Downloads\Dead.Rising 3 by xatab
2014-09-08 17:20 - 2013-12-20 18:40 - 00000000 ____D () C:\Users\Olle\AppData\Local\Spotify
2014-09-07 17:39 - 2014-09-07 17:39 - 00002110 _____ () C:\Users\Public\Desktop\The Sims™ 3.lnk
2014-09-07 17:39 - 2014-09-07 17:39 - 00000000 ____D () C:\Users\Olle\Documents\Electronic Arts
2014-09-07 17:36 - 2014-05-16 16:08 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-09-07 17:36 - 2013-12-19 12:25 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-07 17:02 - 2014-09-07 16:51 - 00000000 ____D () C:\Users\Olle\Downloads\The Sims 3 - Razor1911 Final MAXSPEED
2014-09-07 13:02 - 2013-12-20 18:45 - 00000000 ____D () C:\ProgramData\Origin
2014-09-07 12:53 - 2013-12-20 18:46 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-07 12:52 - 2013-12-20 18:45 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-07 12:49 - 2014-09-07 12:49 - 00003116 _____ () C:\WINDOWS\System32\Tasks\Origin
2014-09-07 12:49 - 2013-12-20 18:45 - 00000000 ___HD () C:\Users\Olle\AppData\Roaming\Origin
2014-09-07 12:47 - 2013-12-20 18:40 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-07 12:37 - 2014-09-07 12:37 - 00000000 ____D () C:\Users\Olle\AppData\Local\LogMeIn
2014-09-07 12:37 - 2014-09-07 12:37 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-09-06 19:34 - 2014-09-06 19:34 - 00000222 _____ () C:\Users\Olle\Desktop\Unturned.url
2014-09-06 19:34 - 2013-12-20 20:31 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-06 12:20 - 2014-09-06 12:14 - 00000000 ____D () C:\Program Files (x86)\The SIMS 4 Deluxe Edition
2014-09-06 12:13 - 2014-04-30 16:25 - 00000000 ____D () C:\Games
2014-09-06 11:40 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-06 10:02 - 2013-12-26 21:36 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\.minecraft
2014-09-06 09:55 - 2014-09-06 09:55 - 00000219 _____ () C:\Users\Olle\Desktop\Dota 2.url
2014-09-04 11:44 - 2014-09-04 11:44 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-09-03 21:07 - 2014-07-28 13:28 - 00000000 ____D () C:\Program Files\PeerBlock
2014-09-03 20:40 - 2014-09-03 20:40 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saints Row IV.lnk
2014-09-03 20:40 - 2014-09-03 20:40 - 00000850 _____ () C:\Users\Public\Desktop\Saints Row IV.lnk
2014-08-30 11:59 - 2014-06-02 17:20 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\vlc
2014-08-30 11:40 - 2014-08-30 09:58 - 00000803 _____ () C:\WINDOWS\setupact.log
2014-08-30 11:40 - 2013-12-20 18:15 - 00000000 ____D () C:\Users\Olle\AppData\Local\NVIDIA Corporation
2014-08-30 11:19 - 2014-08-20 20:23 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-08-30 11:17 - 2014-08-30 11:17 - 01397992 _____ () C:\Users\Olle\Downloads\battlelog-web-plugins_2.5.0_148.exe
2014-08-30 11:17 - 2013-12-20 20:35 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-30 10:24 - 2014-08-30 10:20 - 00002075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 11.lnk
2014-08-30 10:24 - 2014-08-30 10:20 - 00002063 _____ () C:\Users\Public\Desktop\FL Studio 11.lnk
2014-08-30 10:21 - 2014-08-30 10:21 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-08-30 10:21 - 2014-08-30 10:21 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Users\Olle\Documents\Image-Line
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Image-Line
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\FlowStone
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Program Files\Image-Line
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2014-08-30 10:20 - 2014-08-30 10:20 - 00000000 ____D () C:\Program Files (x86)\DSPRobotics
2014-08-30 10:20 - 2014-08-30 10:16 - 00000000 ____D () C:\Program Files (x86)\Image-Line
2014-08-30 09:58 - 2014-08-30 09:58 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-28 16:15 - 2013-08-22 16:44 - 00337568 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-27 15:56 - 2014-08-27 15:50 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-08-25 16:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-23 12:19 - 2014-08-23 12:18 - 00000000 ____D () C:\Users\Olle\Documents\My Spore Creations
2014-08-23 12:19 - 2014-08-23 12:18 - 00000000 ____D () C:\Users\Olle\AppData\Roaming\Spore
2014-08-23 12:18 - 2014-08-23 12:18 - 00000000 ____D () C:\Users\Olle\AppData\Local\SKIDROW
2014-08-23 12:16 - 2014-08-23 12:16 - 00001689 _____ () C:\Users\Public\Desktop\Spore.lnk
2014-08-23 12:16 - 2014-08-23 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spore
2014-08-23 12:11 - 2014-06-06 18:41 - 00000000 ____D () C:\Users\Olle\AppData\Local\Setup Integrity Check
2014-08-23 11:50 - 2014-01-12 12:49 - 00000000 ____D () C:\Users\Olle\AppData\Local\Battle.net
2014-08-23 11:49 - 2014-01-12 12:49 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-23 02:42 - 2014-08-28 15:10 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-22 21:58 - 2014-08-22 21:58 - 00000000 __RHD () C:\Users\Olle\AppData\Roaming\SecuROM
2014-08-20 21:23 - 2014-08-20 21:23 - 00000000 ____D () C:\Users\Olle\AppData\Local\UWebKit
2014-08-20 20:32 - 2014-07-13 10:58 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-08-20 20:32 - 2013-12-20 20:31 - 00215416 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-08-20 20:23 - 2014-08-20 20:23 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-08-20 17:38 - 2014-01-14 15:48 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-20 17:04 - 2013-12-20 18:51 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-08-20 16:10 - 2014-06-08 11:32 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-08-17 11:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-17 11:29 - 2014-07-10 21:05 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-17 11:29 - 2013-12-21 22:06 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-17 11:29 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-17 11:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-17 11:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-17 11:29 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-17 11:27 - 2013-12-21 22:06 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-15 10:44 - 2013-12-20 18:20 - 00000000 ____D () C:\ProgramData\Skype
2014-08-14 10:07 - 2014-04-13 10:24 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-14 10:04 - 2014-04-10 15:47 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
 
Files to move or delete:
====================
C:\Users\Olle\AppData\Roaming\Origin\update.vbe
 
 
Some content of TEMP:
====================
C:\Users\Olle\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Olle\AppData\Local\Temp\dsp_ipp.dll
C:\Users\Olle\AppData\Local\Temp\Quarantine.exe
C:\Users\Olle\AppData\Local\Temp\unins000.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-28 16:26
 
==================== End Of Log ============================


BC AdBot (Login to Remove)

 


#2 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:05:55 PM

Posted 12 September 2014 - 10:11 AM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

I will post back a fix later today (since I am at work right now). :)

 

 

Regards,

Georgi


cXfZ4wS.png


#3 uzbuk

uzbuk
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:55 PM

Posted 12 September 2014 - 10:13 AM

Okay thank you very much!!  :bananas:



#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:05:55 PM

Posted 13 September 2014 - 07:35 AM

Hello,

 

I am sorry about the delay. I had a busy day at the office.

 

Do you recognize this extension?

 

CHR Extension: (Seduction) - C:\Users\Olle\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idmgnamhacobcfnkgngekbepjdcapbop [2014-01-03]

 

 

Also please download the following file => [attachment=154630:fixlist.txt] and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

 

Regards.

Georgi


cXfZ4wS.png


#5 uzbuk

uzbuk
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:55 PM

Posted 13 September 2014 - 03:35 PM

Hi,

No not really, but i deleted it.

Here is fixlog: 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014
Ran by Olle at 2014-09-13 22:30:03 Run:3
Running from C:\FRST
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-661086226-3269604639-3696677709-1002\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
emptytemp:
end
*****************
 
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-661086226-3269604639-3696677709-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CMD => Value not found.
EmptyTemp: => Removed 1 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====


#6 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:05:55 PM

Posted 15 September 2014 - 03:28 AM

Hello,

 

 

STEP 1

 

 

Before I let you free I'd like us to scan your machine with ESET OnlineScan to be completely sure your pc is malware free (since you had the new version of Viknok)

 

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Run ESET Online Scanner button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is  checked.
  • Now click on Advanced Settings and select the following:

    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the esetBack.png button.
  • Push esetFinish.png

 

 

STEP 2

 

 

Also let's check for outdated and vulnerable software on your pc:

 

Download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe to run it.
  • A notepad document should open automatically called checkup.txt; please post the contents of that document.

 

 

Regards,

Georgi


cXfZ4wS.png


#7 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:05:55 PM

Posted 09 October 2014 - 04:54 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

cXfZ4wS.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users