Windows Security Center can't be started because of virus/malware

Page 7 of 13 FirstFirst ... 56789 ... LastLast

  1. Crumble
    Posts : 55
    Windows 7 Ultimate, 32bit
    Thread Starter
       New #61

    Oh this is such great news :)
    I will try it today, I'll just have to clarify one thing before I start: you are talking about the OS and where it is located, but how do I know what the OS looks like?? Is it a file, or is it a folder?


    Even if he runs WDO...
    And btw, if you are reffering to me in this quote - I'm a girl haha
      My Computer
    Quote Quote

  3. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #62

    Oooops!

    Sometimes it is hard to tell who is male or female around here.
    Some names you can tell, but, others, like yours and mine, have no clue.


    On your question, click Start, and then double-click: Computer
    Then, capture an image, and from it, will let you know what to look for.

    Any questions you have, it is best to ask them beforehand. It makes it easier for you.
      My Computer
    Quote Quote

  4. Crumble
    Posts : 55
    Windows 7 Ultimate, 32bit
    Thread Starter
       New #63

    No worries :)

    Here's the image:

      My Computer
    Quote Quote

  6. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #64

    Is this a Netbook?

    Since you only have one hard drive with 10.3 GB ledig av 74.2 GB, when you get to select the drive with the Operating System (OS), you will be able to tell by its size. Also, the other driv, lettere (D), is removable storage, and it has no size, so, that is not it.

    Here, in Windows, the drive with the OS has the letter (C). However, when you go into the System Recovery Options, etc., following the instructions, the letter of the drive may change to some other letter. So, you need to check every time to make sure you have the right drive.

    It should not be difficult.
      My Computer
    Quote Quote

  7. Crumble
    Posts : 55
    Windows 7 Ultimate, 32bit
    Thread Starter
       New #65

    Nope - it's a Dell computer But I got it through my school, so maybe they have removed everything except drive C?

    Ok, I hope I will manage this :) I'm posting a reply as soon as I'm finished! Thank you for being so patient :)
      My Computer
    Quote Quote

  8. Crumble
    Posts : 55
    Windows 7 Ultimate, 32bit
    Thread Starter
       New #66

    I think everything went well! It all looked very complicated, but when I was in the middle of the process it all made sense and it was, as you said, very easy :)

    In the folder called Logs, I found 2 logs so I'm posting them both :)

    FRST_31-01-2013_08-13-50

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-01-2013 02
    Ran by SYSTEM at 31-01-2013 08:12:50
    Running from C:\
    Windows 7 Ultimate Service Pack 1 (X86) OS Language: Norwegian Bokmal
    The current controlset is ControlSet001

    ==================== Registry (Whitelisted) ===================

    HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
    HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2010-11-15] (Adobe Systems Incorporated)
    HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-15] (Adobe Systems Incorporated)
    HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
    HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
    HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
    HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152544 2012-12-12] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.11.1

    ==================== Services (Whitelisted) ===================

    2 MBAMScheduler; "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe" [398184 2012-12-14] (Malwarebytes Corporation)
    2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [682344 2012-12-14] (Malwarebytes Corporation)
    3 MozillaMaintenance; "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" [115608 2013-01-19] (Mozilla Foundation)
    2 rpcnet; C:\Windows\system32\rpcnet.exe [58288 2012-10-14] (Absolute Software Corp.)

    ==================== Drivers (Whitelisted) ====================

    3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [21104 2012-12-14] (Malwarebytes Corporation)
    2 npf; C:\Windows\System32\drivers\npf.sys [35088 2010-07-16] (CACE Technologies, Inc.)
    3 catchme; \??\C:\Users\siri1802\AppData\Local\Temp\catchme.sys [x]
    3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-01-31 08:01 - 2013-01-31 08:02 - 00909576 ____A (Farbar) C:\FRST.exe
    2013-01-30 13:46 - 2013-01-30 13:47 - 00000268 ____A C:\Users\siri1802\Downloads\701.mid
    2013-01-30 06:46 - 2013-01-30 06:46 - 00001526 ____A C:\Users\siri1802\Desktop\ESET Scan Results.txt
    2013-01-30 05:26 - 2013-01-30 05:26 - 00000000 ____D C:\Program Files\ESET
    2013-01-29 08:17 - 2013-01-29 08:17 - 00000071 ____A C:\Users\siri1802\Desktop\CFScript.txt
    2013-01-28 08:11 - 2013-01-28 08:11 - 00881914 ____A C:\Users\siri1802\Downloads\SecurityCheck.exe
    2013-01-28 04:45 - 2013-01-28 04:50 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
    2013-01-28 04:45 - 2004-06-12 00:33 - 00290304 ____A (Microsoft Corporation) C:\subinacl.exe
    2013-01-28 04:43 - 2013-01-28 04:43 - 00002244 ____A C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
    2013-01-28 04:43 - 2013-01-28 04:43 - 00000000 ____D C:\Program Files\Tweaking.com
    2013-01-28 04:40 - 2013-01-28 04:42 - 05419212 ____A C:\Users\siri1802\Downloads\tweaking.com_windows_repair_aio_setup.exe
    2013-01-28 04:33 - 2013-01-28 04:54 - 00002889 ____A C:\Windows\System32\FSS.txt
    2013-01-28 04:23 - 2013-01-28 04:23 - 00005256 ____A C:\Users\siri1802\Downloads\wscsvc.reg
    2013-01-28 03:57 - 2013-01-28 04:11 - 00005522 ____A C:\backup.reg
    2013-01-26 15:47 - 2013-01-31 05:54 - 00000071 __RSH C:\Users\All Users\3002.xml
    2013-01-26 15:47 - 2013-01-26 15:47 - 00011904 __RSH C:\Users\All Users\3002.abs
    2013-01-25 16:36 - 2013-01-25 16:36 - 00038839 ____A C:\AdwCleaner[S1].txt
    2013-01-25 16:36 - 2013-01-25 16:36 - 00038295 ____A C:\AdwCleaner[R2].txt
    2013-01-25 11:52 - 2013-01-25 12:04 - 00000000 ____D C:\Users\siri1802\Documents\Gitar-noter
    2013-01-25 10:57 - 2013-01-25 10:57 - 00038234 ____A C:\AdwCleaner[R1].txt
    2013-01-25 10:56 - 2013-01-25 10:56 - 00579279 ____A C:\Users\siri1802\Downloads\adwcleaner.exe
    2013-01-25 10:40 - 2013-01-25 10:40 - 00012496 ____A C:\ComboFix.txt
    2013-01-25 10:24 - 2011-06-26 07:45 - 00256000 ____A C:\Windows\PEV.exe
    2013-01-25 10:24 - 2010-11-07 18:20 - 00208896 ____A C:\Windows\MBR.exe
    2013-01-25 10:24 - 2009-04-20 05:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
    2013-01-25 10:24 - 2000-08-31 01:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
    2013-01-25 10:24 - 2000-08-31 01:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
    2013-01-25 10:24 - 2000-08-31 01:00 - 00098816 ____A C:\Windows\sed.exe
    2013-01-25 10:24 - 2000-08-31 01:00 - 00080412 ____A C:\Windows\grep.exe
    2013-01-25 10:24 - 2000-08-31 01:00 - 00068096 ____A C:\Windows\zip.exe
    2013-01-25 10:16 - 2013-01-25 10:40 - 00000000 ____D C:\Qoobox
    2013-01-25 10:15 - 2013-01-25 10:38 - 00000000 ____D C:\Windows\erdnt
    2013-01-25 10:11 - 2013-01-25 11:17 - 00000000 ____D C:\Users\siri1802\Desktop\RK_Quarantine
    2013-01-25 09:55 - 2013-01-25 09:55 - 01056200 ____A C:\Windows\Minidump\012513-22323-01.dmp
    2013-01-25 08:36 - 2013-01-25 08:36 - 00810472 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\mssstool32.exe
    2013-01-25 04:18 - 2013-01-25 04:20 - 11101672 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\mseinstall (1).exe
    2013-01-24 08:53 - 2013-01-25 04:04 - 00001076 ____A C:\Users\siri1802\Downloads\SystemLook.txt
    2013-01-24 08:52 - 2013-01-24 08:52 - 00139264 ____A C:\Users\siri1802\Downloads\SystemLook.exe
    2013-01-24 04:18 - 2013-01-25 11:17 - 00002809 ____A C:\Users\siri1802\Downloads\FSS.txt
    2013-01-24 04:16 - 2013-01-24 04:17 - 00353475 ____A (Farbar) C:\Users\siri1802\Downloads\FSS.exe
    2013-01-24 03:49 - 2013-01-24 03:50 - 00766464 ____A C:\Users\siri1802\Downloads\RogueKiller.exe
    2013-01-23 07:30 - 2013-01-24 10:16 - 00000000 ____D C:\Users\siri1802\Documents\Artikler fra Marit
    2013-01-22 04:23 - 2013-01-22 04:23 - 00001760 ____A C:\Users\Public\Desktop\iTunes.lnk
    2013-01-22 04:23 - 2013-01-22 04:23 - 00000000 ____D C:\Program Files\iPod
    2013-01-22 04:22 - 2013-01-22 04:23 - 00000000 ____D C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-01-22 04:22 - 2013-01-22 04:23 - 00000000 ____D C:\Program Files\iTunes
    2013-01-21 07:00 - 2013-01-21 07:00 - 01128728 ____A C:\Windows\Minidump\012113-18267-01.dmp
    2013-01-19 17:35 - 2013-01-19 17:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2013-01-19 12:48 - 2013-01-19 12:48 - 00000000 ____D C:\Users\siri1802\AppData\Roaming\Malwarebytes
    2013-01-19 12:47 - 2013-01-19 12:48 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
    2013-01-19 12:47 - 2013-01-19 12:47 - 00001078 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-01-19 12:47 - 2013-01-19 12:47 - 00000000 ____D C:\Users\All Users\Malwarebytes
    2013-01-19 12:47 - 2012-12-14 16:49 - 00021104 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
    2013-01-19 11:57 - 2013-01-19 12:35 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\siri1802\Downloads\mbam-setup-1.70.0.1100.exe
    2013-01-19 07:28 - 2013-01-19 07:35 - 00000000 ____D C:\Users\siri1802\Documents\Outlook-filer
    2013-01-18 16:40 - 2013-01-18 16:41 - 00380088 ____A (Softonic) C:\Users\siri1802\Downloads\SoftonicDownloader_for_vlc-media-player.exe
    2013-01-18 10:09 - 2013-01-18 10:09 - 00000000 ____D C:\Program Files\Common Files\Java
    2013-01-18 10:09 - 2013-01-18 10:08 - 00261024 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
    2013-01-18 10:08 - 2013-01-18 10:08 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
    2013-01-18 10:08 - 2013-01-18 10:08 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\java.exe
    2013-01-18 10:08 - 2013-01-18 10:08 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
    2013-01-18 10:02 - 2013-01-18 10:04 - 00896928 ____A (Oracle Corporation) C:\Users\siri1802\Downloads\chromeinstall-7u11.exe
    2013-01-18 06:47 - 2013-01-18 06:48 - 00318904 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\wmpfirefoxplugin.exe
    2013-01-16 11:17 - 2013-01-16 11:17 - 00000000 ____D C:\Program Files\WinPcap
    2013-01-16 05:00 - 2013-01-16 05:00 - 00000000 ____D C:\Program Files\MSECache
    2013-01-16 04:59 - 2013-01-16 05:00 - 03328408 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\OutlookConnector.exe
    2013-01-14 04:06 - 2012-12-16 15:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
    2013-01-14 04:06 - 2012-12-16 15:13 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
    2013-01-14 04:03 - 2012-11-14 03:48 - 12320256 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-01-14 04:03 - 2012-11-14 03:14 - 09738240 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-01-14 04:03 - 2012-11-14 03:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-01-14 04:03 - 2012-11-14 02:58 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2013-01-14 04:03 - 2012-11-14 02:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-01-14 04:03 - 2012-11-14 02:57 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-01-14 04:03 - 2012-11-14 02:55 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2013-01-14 04:03 - 2012-11-14 02:51 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-01-14 04:03 - 2012-11-14 02:49 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-01-14 04:03 - 2012-11-14 02:49 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2013-01-14 04:03 - 2012-11-14 02:48 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2013-01-14 04:03 - 2012-11-14 02:47 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-01-14 04:03 - 2012-11-14 02:46 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-01-14 04:03 - 2012-11-14 02:45 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2013-01-14 04:03 - 2012-11-14 02:44 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-01-14 04:03 - 2012-11-14 02:41 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-01-13 16:06 - 2012-11-23 03:56 - 02345984 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-01-13 16:06 - 2012-11-22 05:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
    2013-01-13 16:05 - 2012-11-30 05:53 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
    2013-01-13 16:05 - 2012-11-30 05:47 - 00868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
    2013-01-13 16:05 - 2012-11-30 05:47 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 03:55 - 00271360 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
    2013-01-13 16:05 - 2012-11-30 03:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 03:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 03:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 03:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 00:17 - 00420064 ____A C:\Windows\System32\locale.nls
    2013-01-13 16:05 - 2012-11-09 05:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
    2013-01-13 16:05 - 2012-11-01 05:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
    2013-01-13 16:02 - 2012-12-07 13:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
    2013-01-13 16:02 - 2012-12-07 13:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
    2013-01-13 16:02 - 2012-12-07 11:46 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
    2013-01-13 16:02 - 2012-11-23 03:48 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
    2013-01-13 16:02 - 2012-11-20 05:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
      My Computer
    Quote Quote

  10. Crumble
    Posts : 55
    Windows 7 Ultimate, 32bit
    Thread Starter
       New #67

    ==================== One Month Modified Files and Folders ========

    2013-01-31 08:05 - 2012-09-24 10:54 - 01411580 ____A C:\Windows\WindowsUpdate.log
    2013-01-31 08:02 - 2013-01-31 08:01 - 00909576 ____A (Farbar) C:\FRST.exe
    2013-01-31 07:39 - 2012-10-07 16:20 - 00000984 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-01-31 07:31 - 2012-09-24 23:16 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-01-31 05:54 - 2013-01-26 15:47 - 00000071 __RSH C:\Users\All Users\3002.xml
    2013-01-31 05:00 - 2012-10-10 14:06 - 00585728 __ASH C:\Users\siri1802\Desktop\Thumbs.db
    2013-01-31 04:06 - 2012-10-07 16:20 - 00000980 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-01-31 03:51 - 2012-09-24 10:51 - 00017408 ____A C:\Windows\System32\rpcnetp.exe
    2013-01-30 13:47 - 2013-01-30 13:46 - 00000268 ____A C:\Users\siri1802\Downloads\701.mid
    2013-01-30 06:46 - 2013-01-30 06:46 - 00001526 ____A C:\Users\siri1802\Desktop\ESET Scan Results.txt
    2013-01-30 05:26 - 2013-01-30 05:26 - 00000000 ____D C:\Program Files\ESET
    2013-01-29 11:10 - 2012-09-24 19:35 - 00000000 ____D C:\Users\siri1802\Desktop\YLVIS
    2013-01-29 10:58 - 2012-11-29 08:27 - 00000000 ____D C:\Users\siri1802\Documents\JOBB - RTI
    2013-01-29 08:22 - 2009-07-14 03:04 - 00000252 ____A C:\Windows\system.ini
    2013-01-29 08:17 - 2013-01-29 08:17 - 00000071 ____A C:\Users\siri1802\Desktop\CFScript.txt
    2013-01-28 08:57 - 2009-07-14 05:34 - 00020496 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-01-28 08:57 - 2009-07-14 05:34 - 00020496 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-01-28 08:11 - 2013-01-28 08:11 - 00881914 ____A C:\Users\siri1802\Downloads\SecurityCheck.exe
    2013-01-28 08:11 - 2010-11-21 00:43 - 00456744 ____A C:\Windows\System32\perfh014.dat
    2013-01-28 08:11 - 2010-11-21 00:43 - 00077218 ____A C:\Windows\System32\perfc014.dat
    2013-01-28 08:11 - 2010-11-20 22:01 - 01248616 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-01-28 08:05 - 2012-09-25 08:30 - 00058288 ____A (Absolute Software Corp.) C:\Windows\System32\rpcnet.dll
    2013-01-28 08:05 - 2012-09-24 23:13 - 00000310 ____A C:\Windows\Tasks\IKOPXBS.job
    2013-01-28 08:05 - 2009-07-14 05:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-01-28 08:05 - 2009-07-14 05:39 - 00060439 ____A C:\Windows\setupact.log
    2013-01-28 08:03 - 2012-09-24 10:52 - 00017408 ____A C:\Windows\System32\rpcnetp.dll
    2013-01-28 04:54 - 2013-01-28 04:33 - 00002889 ____A C:\Windows\System32\FSS.txt
    2013-01-28 04:50 - 2013-01-28 04:45 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
    2013-01-28 04:43 - 2013-01-28 04:43 - 00002244 ____A C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
    2013-01-28 04:43 - 2013-01-28 04:43 - 00000000 ____D C:\Program Files\Tweaking.com
    2013-01-28 04:42 - 2013-01-28 04:40 - 05419212 ____A C:\Users\siri1802\Downloads\tweaking.com_windows_repair_aio_setup.exe
    2013-01-28 04:23 - 2013-01-28 04:23 - 00005256 ____A C:\Users\siri1802\Downloads\wscsvc.reg
    2013-01-28 04:22 - 2012-09-24 19:47 - 00000000 ____D C:\Users\siri1802\AppData\Roaming\Skype
    2013-01-28 04:11 - 2013-01-28 03:57 - 00005522 ____A C:\backup.reg
    2013-01-26 15:47 - 2013-01-26 15:47 - 00011904 __RSH C:\Users\All Users\3002.abs
    2013-01-25 16:59 - 2011-05-20 11:43 - 00002115 ____A C:\Windows\epplauncher.mif
    2013-01-25 16:36 - 2013-01-25 16:36 - 00038839 ____A C:\AdwCleaner[S1].txt
    2013-01-25 16:36 - 2013-01-25 16:36 - 00038295 ____A C:\AdwCleaner[R2].txt
    2013-01-25 16:36 - 2012-09-25 09:35 - 00000000 ____D C:\Users\siri1802\AppData\Local\iLivid
    2013-01-25 16:36 - 2012-09-25 09:35 - 00000000 ____D C:\Program Files\Searchqu Toolbar
    2013-01-25 12:04 - 2013-01-25 11:52 - 00000000 ____D C:\Users\siri1802\Documents\Gitar-noter
    2013-01-25 11:17 - 2013-01-25 10:11 - 00000000 ____D C:\Users\siri1802\Desktop\RK_Quarantine
    2013-01-25 11:17 - 2013-01-24 04:18 - 00002809 ____A C:\Users\siri1802\Downloads\FSS.txt
    2013-01-25 10:57 - 2013-01-25 10:57 - 00038234 ____A C:\AdwCleaner[R1].txt
    2013-01-25 10:56 - 2013-01-25 10:56 - 00579279 ____A C:\Users\siri1802\Downloads\adwcleaner.exe
    2013-01-25 10:40 - 2013-01-25 10:40 - 00012496 ____A C:\ComboFix.txt
    2013-01-25 10:40 - 2013-01-25 10:16 - 00000000 ____D C:\Qoobox
    2013-01-25 10:40 - 2009-07-14 03:37 - 00000000 __RHD C:\users\Default
    2013-01-25 10:40 - 2009-07-14 03:37 - 00000000 ___RD C:\users\Public
    2013-01-25 10:38 - 2013-01-25 10:15 - 00000000 ____D C:\Windows\erdnt
    2013-01-25 10:35 - 2010-11-20 22:48 - 00020770 ____A C:\Windows\PFRO.log
    2013-01-25 09:55 - 2013-01-25 09:55 - 01056200 ____A C:\Windows\Minidump\012513-22323-01.dmp
    2013-01-25 09:55 - 2012-10-13 17:45 - 00000000 ____D C:\Windows\Minidump
    2013-01-25 08:36 - 2013-01-25 08:36 - 00810472 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\mssstool32.exe
    2013-01-25 04:20 - 2013-01-25 04:18 - 11101672 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\mseinstall (1).exe
    2013-01-25 04:04 - 2013-01-24 08:53 - 00001076 ____A C:\Users\siri1802\Downloads\SystemLook.txt
    2013-01-24 10:16 - 2013-01-23 07:30 - 00000000 ____D C:\Users\siri1802\Documents\Artikler fra Marit
    2013-01-24 08:52 - 2013-01-24 08:52 - 00139264 ____A C:\Users\siri1802\Downloads\SystemLook.exe
    2013-01-24 04:17 - 2013-01-24 04:16 - 00353475 ____A (Farbar) C:\Users\siri1802\Downloads\FSS.exe
    2013-01-24 03:50 - 2013-01-24 03:49 - 00766464 ____A C:\Users\siri1802\Downloads\RogueKiller.exe
    2013-01-22 04:23 - 2013-01-22 04:23 - 00001760 ____A C:\Users\Public\Desktop\iTunes.lnk
    2013-01-22 04:23 - 2013-01-22 04:23 - 00000000 ____D C:\Program Files\iPod
    2013-01-22 04:23 - 2013-01-22 04:22 - 00000000 ____D C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-01-22 04:23 - 2013-01-22 04:22 - 00000000 ____D C:\Program Files\iTunes
    2013-01-22 04:22 - 2012-09-24 23:05 - 00000000 ____D C:\Program Files\Common Files\Apple
    2013-01-22 04:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\DriverStore
    2013-01-21 07:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\NDF
    2013-01-21 07:00 - 2013-01-21 07:00 - 01128728 ____A C:\Windows\Minidump\012113-18267-01.dmp
    2013-01-21 07:00 - 2012-09-24 23:09 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2013-01-20 06:52 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
    2013-01-20 05:28 - 2012-09-25 23:15 - 00000000 ____D C:\Users\siri1802\AppData\Roaming\BitTorrent
    2013-01-19 17:36 - 2013-01-19 17:35 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2013-01-19 12:48 - 2013-01-19 12:48 - 00000000 ____D C:\Users\siri1802\AppData\Roaming\Malwarebytes
    2013-01-19 12:48 - 2013-01-19 12:47 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
    2013-01-19 12:47 - 2013-01-19 12:47 - 00001078 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-01-19 12:47 - 2013-01-19 12:47 - 00000000 ____D C:\Users\All Users\Malwarebytes
    2013-01-19 12:35 - 2013-01-19 11:57 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\siri1802\Downloads\mbam-setup-1.70.0.1100.exe
    2013-01-19 07:35 - 2013-01-19 07:28 - 00000000 ____D C:\Users\siri1802\Documents\Outlook-filer
    2013-01-18 16:41 - 2013-01-18 16:40 - 00380088 ____A (Softonic) C:\Users\siri1802\Downloads\SoftonicDownloader_for_vlc-media-player.exe
    2013-01-18 10:09 - 2013-01-18 10:09 - 00000000 ____D C:\Program Files\Common Files\Java
    2013-01-18 10:08 - 2013-01-18 10:09 - 00261024 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
    2013-01-18 10:08 - 2013-01-18 10:08 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
    2013-01-18 10:08 - 2013-01-18 10:08 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\java.exe
    2013-01-18 10:08 - 2013-01-18 10:08 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
    2013-01-18 10:08 - 2012-09-25 08:27 - 00859552 ____A (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll
    2013-01-18 10:08 - 2011-05-20 15:10 - 00780192 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
    2013-01-18 10:08 - 2011-05-20 15:10 - 00000000 ____D C:\Program Files\Java
    2013-01-18 10:04 - 2013-01-18 10:02 - 00896928 ____A (Oracle Corporation) C:\Users\siri1802\Downloads\chromeinstall-7u11.exe
    2013-01-18 07:18 - 2011-05-20 15:09 - 00000000 ____D C:\Users\All Users\Adobe
    2013-01-18 06:48 - 2013-01-18 06:47 - 00318904 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\wmpfirefoxplugin.exe
    2013-01-16 11:17 - 2013-01-16 11:17 - 00000000 ____D C:\Program Files\WinPcap
    2013-01-16 05:00 - 2013-01-16 05:00 - 00000000 ____D C:\Program Files\MSECache
    2013-01-16 05:00 - 2013-01-16 04:59 - 03328408 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\OutlookConnector.exe
    2013-01-15 06:46 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
    2013-01-14 08:29 - 2009-07-14 05:33 - 00342976 ____A C:\Windows\System32\FNTCACHE.DAT
    2013-01-14 08:28 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\nb-NO
    2013-01-14 04:04 - 2011-05-23 08:38 - 00000000 ____D C:\Users\All Users\Microsoft Help
    2013-01-13 15:39 - 2012-09-24 23:16 - 00697864 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2013-01-13 15:39 - 2011-05-20 15:10 - 00074248 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl


    ==================== Known DLLs (Whitelisted) =================


    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points =========================

    Restore point made on: 2013-01-24 10:33:48
    Restore point made on: 2013-01-28 04:00:43
    Restore point made on: 2013-01-28 04:04:26
    Restore point made on: 2013-01-28 04:44:14
    Restore point made on: 2013-01-28 09:58:22

    ==================== Memory info ===========================

    Percentage of memory in use: 21%
    Total physical RAM: 2003.17 MB
    Available physical RAM: 1576.98 MB
    Total Pagefile: 2003.17 MB
    Available Pagefile: 1582.26 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1962.29 MB

    ==================== Partitions =============================

    1 Drive c: (Windows) (Fixed) (Total:74.24 GB) (Free:9.93 GB) NTFS
    3 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    4 Drive y: (System) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    Disknr. Status Str. Ledig Dyn GPT
    -------- ------------- ------- ------- --- ---
    Disk 0 Tilkoblet 74 G byte 0 byte


    Partitions of Disk 0:
    ===============

    Disk-ID: E1D95CC4

    Partisjonsnr. Type Str. Forskyvning
    ------------- ---------------- ------- -----------
    Partisjon 1 Prim‘r 300 M 1024 K byte
    Partisjon 2 Prim‘r 74 G 301 M byte

    =========================================================

    Disk: 0
    Partisjon 1
    Type : 07
    Skjult: Nei
    Aktiv : Ja
    Forskyvning i byte: 1048576

    Volumnr. Bks Etikett Fs Type Str. Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volum 1 Y System NTFS Partisjon 300 M OK

    =========================================================

    Disk: 0
    Partisjon 2
    Type : 07
    Skjult: Nei
    Aktiv : Nei
    Forskyvning i byte: 315621376

    Volumnr. Bks Etikett Fs Type Str. Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volum 2 C Windows NTFS Partisjon 74 G OK

    =========================================================

    Last Boot: 2013-01-20 06:09

    ==================== End Of Log ============================
      My Computer
    Quote Quote

  11. Crumble
    Posts : 55
    Windows 7 Ultimate, 32bit
    Thread Starter
       New #68

    FRST_31-01-2013_08-17-40

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-01-2013 02
    Ran by SYSTEM at 31-01-2013 08:17:15
    Running from C:\
    Windows 7 Ultimate Service Pack 1 (X86) OS Language: Norwegian Bokmal
    The current controlset is ControlSet001

    ==================== Registry (Whitelisted) ===================

    HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
    HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2010-11-15] (Adobe Systems Incorporated)
    HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [932288 2010-11-15] (Adobe Systems Incorporated)
    HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
    HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-11-28] (Apple Inc.)
    HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
    HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [152544 2012-12-12] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.11.1

    ==================== Services (Whitelisted) ===================

    2 MBAMScheduler; "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe" [398184 2012-12-14] (Malwarebytes Corporation)
    2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [682344 2012-12-14] (Malwarebytes Corporation)
    3 MozillaMaintenance; "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" [115608 2013-01-19] (Mozilla Foundation)
    2 rpcnet; C:\Windows\system32\rpcnet.exe [58288 2012-10-14] (Absolute Software Corp.)

    ==================== Drivers (Whitelisted) ====================

    3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [21104 2012-12-14] (Malwarebytes Corporation)
    2 npf; C:\Windows\System32\drivers\npf.sys [35088 2010-07-16] (CACE Technologies, Inc.)
    3 catchme; \??\C:\Users\siri1802\AppData\Local\Temp\catchme.sys [x]
    3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-01-31 08:01 - 2013-01-31 08:02 - 00909576 ____A (Farbar) C:\FRST.exe
    2013-01-30 13:46 - 2013-01-30 13:47 - 00000268 ____A C:\Users\siri1802\Downloads\701.mid
    2013-01-30 06:46 - 2013-01-30 06:46 - 00001526 ____A C:\Users\siri1802\Desktop\ESET Scan Results.txt
    2013-01-30 05:26 - 2013-01-30 05:26 - 00000000 ____D C:\Program Files\ESET
    2013-01-29 08:17 - 2013-01-29 08:17 - 00000071 ____A C:\Users\siri1802\Desktop\CFScript.txt
    2013-01-28 08:11 - 2013-01-28 08:11 - 00881914 ____A C:\Users\siri1802\Downloads\SecurityCheck.exe
    2013-01-28 04:45 - 2013-01-28 04:50 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
    2013-01-28 04:45 - 2004-06-12 00:33 - 00290304 ____A (Microsoft Corporation) C:\subinacl.exe
    2013-01-28 04:43 - 2013-01-28 04:43 - 00002244 ____A C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
    2013-01-28 04:43 - 2013-01-28 04:43 - 00000000 ____D C:\Program Files\Tweaking.com
    2013-01-28 04:40 - 2013-01-28 04:42 - 05419212 ____A C:\Users\siri1802\Downloads\tweaking.com_windows_repair_aio_setup.exe
    2013-01-28 04:33 - 2013-01-28 04:54 - 00002889 ____A C:\Windows\System32\FSS.txt
    2013-01-28 04:23 - 2013-01-28 04:23 - 00005256 ____A C:\Users\siri1802\Downloads\wscsvc.reg
    2013-01-28 03:57 - 2013-01-28 04:11 - 00005522 ____A C:\backup.reg
    2013-01-26 15:47 - 2013-01-31 05:54 - 00000071 __RSH C:\Users\All Users\3002.xml
    2013-01-26 15:47 - 2013-01-26 15:47 - 00011904 __RSH C:\Users\All Users\3002.abs
    2013-01-25 16:36 - 2013-01-25 16:36 - 00038839 ____A C:\AdwCleaner[S1].txt
    2013-01-25 16:36 - 2013-01-25 16:36 - 00038295 ____A C:\AdwCleaner[R2].txt
    2013-01-25 11:52 - 2013-01-25 12:04 - 00000000 ____D C:\Users\siri1802\Documents\Gitar-noter
    2013-01-25 10:57 - 2013-01-25 10:57 - 00038234 ____A C:\AdwCleaner[R1].txt
    2013-01-25 10:56 - 2013-01-25 10:56 - 00579279 ____A C:\Users\siri1802\Downloads\adwcleaner.exe
    2013-01-25 10:40 - 2013-01-25 10:40 - 00012496 ____A C:\ComboFix.txt
    2013-01-25 10:24 - 2011-06-26 07:45 - 00256000 ____A C:\Windows\PEV.exe
    2013-01-25 10:24 - 2010-11-07 18:20 - 00208896 ____A C:\Windows\MBR.exe
    2013-01-25 10:24 - 2009-04-20 05:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
    2013-01-25 10:24 - 2000-08-31 01:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
    2013-01-25 10:24 - 2000-08-31 01:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
    2013-01-25 10:24 - 2000-08-31 01:00 - 00098816 ____A C:\Windows\sed.exe
    2013-01-25 10:24 - 2000-08-31 01:00 - 00080412 ____A C:\Windows\grep.exe
    2013-01-25 10:24 - 2000-08-31 01:00 - 00068096 ____A C:\Windows\zip.exe
    2013-01-25 10:16 - 2013-01-25 10:40 - 00000000 ____D C:\Qoobox
    2013-01-25 10:15 - 2013-01-25 10:38 - 00000000 ____D C:\Windows\erdnt
    2013-01-25 10:11 - 2013-01-25 11:17 - 00000000 ____D C:\Users\siri1802\Desktop\RK_Quarantine
    2013-01-25 09:55 - 2013-01-25 09:55 - 01056200 ____A C:\Windows\Minidump\012513-22323-01.dmp
    2013-01-25 08:36 - 2013-01-25 08:36 - 00810472 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\mssstool32.exe
    2013-01-25 04:18 - 2013-01-25 04:20 - 11101672 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\mseinstall (1).exe
    2013-01-24 08:53 - 2013-01-25 04:04 - 00001076 ____A C:\Users\siri1802\Downloads\SystemLook.txt
    2013-01-24 08:52 - 2013-01-24 08:52 - 00139264 ____A C:\Users\siri1802\Downloads\SystemLook.exe
    2013-01-24 04:18 - 2013-01-25 11:17 - 00002809 ____A C:\Users\siri1802\Downloads\FSS.txt
    2013-01-24 04:16 - 2013-01-24 04:17 - 00353475 ____A (Farbar) C:\Users\siri1802\Downloads\FSS.exe
    2013-01-24 03:49 - 2013-01-24 03:50 - 00766464 ____A C:\Users\siri1802\Downloads\RogueKiller.exe
    2013-01-23 07:30 - 2013-01-24 10:16 - 00000000 ____D C:\Users\siri1802\Documents\Artikler fra Marit
    2013-01-22 04:23 - 2013-01-22 04:23 - 00001760 ____A C:\Users\Public\Desktop\iTunes.lnk
    2013-01-22 04:23 - 2013-01-22 04:23 - 00000000 ____D C:\Program Files\iPod
    2013-01-22 04:22 - 2013-01-22 04:23 - 00000000 ____D C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-01-22 04:22 - 2013-01-22 04:23 - 00000000 ____D C:\Program Files\iTunes
    2013-01-21 07:00 - 2013-01-21 07:00 - 01128728 ____A C:\Windows\Minidump\012113-18267-01.dmp
    2013-01-19 17:35 - 2013-01-19 17:36 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2013-01-19 12:48 - 2013-01-19 12:48 - 00000000 ____D C:\Users\siri1802\AppData\Roaming\Malwarebytes
    2013-01-19 12:47 - 2013-01-19 12:48 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
    2013-01-19 12:47 - 2013-01-19 12:47 - 00001078 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-01-19 12:47 - 2013-01-19 12:47 - 00000000 ____D C:\Users\All Users\Malwarebytes
    2013-01-19 12:47 - 2012-12-14 16:49 - 00021104 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
    2013-01-19 11:57 - 2013-01-19 12:35 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\siri1802\Downloads\mbam-setup-1.70.0.1100.exe
    2013-01-19 07:28 - 2013-01-19 07:35 - 00000000 ____D C:\Users\siri1802\Documents\Outlook-filer
    2013-01-18 16:40 - 2013-01-18 16:41 - 00380088 ____A (Softonic) C:\Users\siri1802\Downloads\SoftonicDownloader_for_vlc-media-player.exe
    2013-01-18 10:09 - 2013-01-18 10:09 - 00000000 ____D C:\Program Files\Common Files\Java
    2013-01-18 10:09 - 2013-01-18 10:08 - 00261024 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
    2013-01-18 10:08 - 2013-01-18 10:08 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
    2013-01-18 10:08 - 2013-01-18 10:08 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\java.exe
    2013-01-18 10:08 - 2013-01-18 10:08 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
    2013-01-18 10:02 - 2013-01-18 10:04 - 00896928 ____A (Oracle Corporation) C:\Users\siri1802\Downloads\chromeinstall-7u11.exe
    2013-01-18 06:47 - 2013-01-18 06:48 - 00318904 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\wmpfirefoxplugin.exe
    2013-01-16 11:17 - 2013-01-16 11:17 - 00000000 ____D C:\Program Files\WinPcap
    2013-01-16 05:00 - 2013-01-16 05:00 - 00000000 ____D C:\Program Files\MSECache
    2013-01-16 04:59 - 2013-01-16 05:00 - 03328408 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\OutlookConnector.exe
    2013-01-14 04:06 - 2012-12-16 15:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
    2013-01-14 04:06 - 2012-12-16 15:13 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
    2013-01-14 04:03 - 2012-11-14 03:48 - 12320256 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-01-14 04:03 - 2012-11-14 03:14 - 09738240 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-01-14 04:03 - 2012-11-14 03:09 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-01-14 04:03 - 2012-11-14 02:58 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2013-01-14 04:03 - 2012-11-14 02:57 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-01-14 04:03 - 2012-11-14 02:57 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-01-14 04:03 - 2012-11-14 02:55 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2013-01-14 04:03 - 2012-11-14 02:51 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-01-14 04:03 - 2012-11-14 02:49 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-01-14 04:03 - 2012-11-14 02:49 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2013-01-14 04:03 - 2012-11-14 02:48 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2013-01-14 04:03 - 2012-11-14 02:47 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-01-14 04:03 - 2012-11-14 02:46 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-01-14 04:03 - 2012-11-14 02:45 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2013-01-14 04:03 - 2012-11-14 02:44 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-01-14 04:03 - 2012-11-14 02:41 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-01-13 16:06 - 2012-11-23 03:56 - 02345984 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-01-13 16:06 - 2012-11-22 05:45 - 00626688 ____A (Microsoft Corporation) C:\Windows\System32\usp10.dll
    2013-01-13 16:05 - 2012-11-30 05:53 - 00169984 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
    2013-01-13 16:05 - 2012-11-30 05:47 - 00868352 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
    2013-01-13 16:05 - 2012-11-30 05:47 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 05:45 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 03:55 - 00271360 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
    2013-01-13 16:05 - 2012-11-30 03:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 03:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 03:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 03:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
    2013-01-13 16:05 - 2012-11-30 00:17 - 00420064 ____A C:\Windows\System32\locale.nls
    2013-01-13 16:05 - 2012-11-09 05:43 - 00492032 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
    2013-01-13 16:05 - 2012-11-01 05:47 - 01389568 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
    2013-01-13 16:02 - 2012-12-07 13:26 - 00308736 ____A (Microsoft Corporation) C:\Windows\System32\Wpc.dll
    2013-01-13 16:02 - 2012-12-07 13:20 - 02576384 ____A (Microsoft Corporation) C:\Windows\System32\gameux.dll
    2013-01-13 16:02 - 2012-12-07 11:46 - 00055296 ____A (Microsoft) C:\Windows\System32\cero.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00051712 ____A (Microsoft) C:\Windows\System32\esrb.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00046592 ____A (Microsoft) C:\Windows\System32\fpb.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00045568 ____A (Microsoft) C:\Windows\System32\oflc-nz.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00044544 ____A (Microsoft) C:\Windows\System32\pegibbfc.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00043520 ____A (Microsoft) C:\Windows\System32\csrr.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00040960 ____A (Microsoft) C:\Windows\System32\cob-au.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00030720 ____A (Microsoft) C:\Windows\System32\usk.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00023552 ____A (Microsoft) C:\Windows\System32\oflc.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00021504 ____A (Microsoft) C:\Windows\System32\grb.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-pt.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi-fi.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00020480 ____A (Microsoft) C:\Windows\System32\pegi.rs
    2013-01-13 16:02 - 2012-12-07 11:46 - 00015360 ____A (Microsoft) C:\Windows\System32\djctq.rs
    2013-01-13 16:02 - 2012-11-23 03:48 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
    2013-01-13 16:02 - 2012-11-20 05:51 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
      My Computer
    Quote Quote

  12. Crumble
    Posts : 55
    Windows 7 Ultimate, 32bit
    Thread Starter
       New #69

    ==================== One Month Modified Files and Folders ========

    2013-01-31 08:12 - 2013-01-31 08:12 - 00000000 ____D C:\FRST
    2013-01-31 08:05 - 2012-09-24 10:54 - 01411580 ____A C:\Windows\WindowsUpdate.log
    2013-01-31 08:02 - 2013-01-31 08:01 - 00909576 ____A (Farbar) C:\FRST.exe
    2013-01-31 07:39 - 2012-10-07 16:20 - 00000984 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-01-31 07:31 - 2012-09-24 23:16 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-01-31 05:54 - 2013-01-26 15:47 - 00000071 __RSH C:\Users\All Users\3002.xml
    2013-01-31 05:00 - 2012-10-10 14:06 - 00585728 __ASH C:\Users\siri1802\Desktop\Thumbs.db
    2013-01-31 04:06 - 2012-10-07 16:20 - 00000980 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-01-31 03:51 - 2012-09-24 10:51 - 00017408 ____A C:\Windows\System32\rpcnetp.exe
    2013-01-30 13:47 - 2013-01-30 13:46 - 00000268 ____A C:\Users\siri1802\Downloads\701.mid
    2013-01-30 06:46 - 2013-01-30 06:46 - 00001526 ____A C:\Users\siri1802\Desktop\ESET Scan Results.txt
    2013-01-30 05:26 - 2013-01-30 05:26 - 00000000 ____D C:\Program Files\ESET
    2013-01-29 11:10 - 2012-09-24 19:35 - 00000000 ____D C:\Users\siri1802\Desktop\YLVIS
    2013-01-29 10:58 - 2012-11-29 08:27 - 00000000 ____D C:\Users\siri1802\Documents\JOBB - RTI
    2013-01-29 08:22 - 2009-07-14 03:04 - 00000252 ____A C:\Windows\system.ini
    2013-01-29 08:17 - 2013-01-29 08:17 - 00000071 ____A C:\Users\siri1802\Desktop\CFScript.txt
    2013-01-28 08:57 - 2009-07-14 05:34 - 00020496 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-01-28 08:57 - 2009-07-14 05:34 - 00020496 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-01-28 08:11 - 2013-01-28 08:11 - 00881914 ____A C:\Users\siri1802\Downloads\SecurityCheck.exe
    2013-01-28 08:11 - 2010-11-21 00:43 - 00456744 ____A C:\Windows\System32\perfh014.dat
    2013-01-28 08:11 - 2010-11-21 00:43 - 00077218 ____A C:\Windows\System32\perfc014.dat
    2013-01-28 08:11 - 2010-11-20 22:01 - 01248616 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-01-28 08:05 - 2012-09-25 08:30 - 00058288 ____A (Absolute Software Corp.) C:\Windows\System32\rpcnet.dll
    2013-01-28 08:05 - 2012-09-24 23:13 - 00000310 ____A C:\Windows\Tasks\IKOPXBS.job
    2013-01-28 08:05 - 2009-07-14 05:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-01-28 08:05 - 2009-07-14 05:39 - 00060439 ____A C:\Windows\setupact.log
    2013-01-28 08:03 - 2012-09-24 10:52 - 00017408 ____A C:\Windows\System32\rpcnetp.dll
    2013-01-28 04:54 - 2013-01-28 04:33 - 00002889 ____A C:\Windows\System32\FSS.txt
    2013-01-28 04:50 - 2013-01-28 04:45 - 00181064 ____A (Sysinternals) C:\Windows\PSEXESVC.EXE
    2013-01-28 04:43 - 2013-01-28 04:43 - 00002244 ____A C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk
    2013-01-28 04:43 - 2013-01-28 04:43 - 00000000 ____D C:\Program Files\Tweaking.com
    2013-01-28 04:42 - 2013-01-28 04:40 - 05419212 ____A C:\Users\siri1802\Downloads\tweaking.com_windows_repair_aio_setup.exe
    2013-01-28 04:23 - 2013-01-28 04:23 - 00005256 ____A C:\Users\siri1802\Downloads\wscsvc.reg
    2013-01-28 04:22 - 2012-09-24 19:47 - 00000000 ____D C:\Users\siri1802\AppData\Roaming\Skype
    2013-01-28 04:11 - 2013-01-28 03:57 - 00005522 ____A C:\backup.reg
    2013-01-26 15:47 - 2013-01-26 15:47 - 00011904 __RSH C:\Users\All Users\3002.abs
    2013-01-25 16:59 - 2011-05-20 11:43 - 00002115 ____A C:\Windows\epplauncher.mif
    2013-01-25 16:36 - 2013-01-25 16:36 - 00038839 ____A C:\AdwCleaner[S1].txt
    2013-01-25 16:36 - 2013-01-25 16:36 - 00038295 ____A C:\AdwCleaner[R2].txt
    2013-01-25 16:36 - 2012-09-25 09:35 - 00000000 ____D C:\Users\siri1802\AppData\Local\iLivid
    2013-01-25 16:36 - 2012-09-25 09:35 - 00000000 ____D C:\Program Files\Searchqu Toolbar
    2013-01-25 12:04 - 2013-01-25 11:52 - 00000000 ____D C:\Users\siri1802\Documents\Gitar-noter
    2013-01-25 11:17 - 2013-01-25 10:11 - 00000000 ____D C:\Users\siri1802\Desktop\RK_Quarantine
    2013-01-25 11:17 - 2013-01-24 04:18 - 00002809 ____A C:\Users\siri1802\Downloads\FSS.txt
    2013-01-25 10:57 - 2013-01-25 10:57 - 00038234 ____A C:\AdwCleaner[R1].txt
    2013-01-25 10:56 - 2013-01-25 10:56 - 00579279 ____A C:\Users\siri1802\Downloads\adwcleaner.exe
    2013-01-25 10:40 - 2013-01-25 10:40 - 00012496 ____A C:\ComboFix.txt
    2013-01-25 10:40 - 2013-01-25 10:16 - 00000000 ____D C:\Qoobox
    2013-01-25 10:40 - 2009-07-14 03:37 - 00000000 __RHD C:\users\Default
    2013-01-25 10:40 - 2009-07-14 03:37 - 00000000 ___RD C:\users\Public
    2013-01-25 10:38 - 2013-01-25 10:15 - 00000000 ____D C:\Windows\erdnt
    2013-01-25 10:35 - 2010-11-20 22:48 - 00020770 ____A C:\Windows\PFRO.log
    2013-01-25 09:55 - 2013-01-25 09:55 - 01056200 ____A C:\Windows\Minidump\012513-22323-01.dmp
    2013-01-25 09:55 - 2012-10-13 17:45 - 00000000 ____D C:\Windows\Minidump
    2013-01-25 08:36 - 2013-01-25 08:36 - 00810472 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\mssstool32.exe
    2013-01-25 04:20 - 2013-01-25 04:18 - 11101672 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\mseinstall (1).exe
    2013-01-25 04:04 - 2013-01-24 08:53 - 00001076 ____A C:\Users\siri1802\Downloads\SystemLook.txt
    2013-01-24 10:16 - 2013-01-23 07:30 - 00000000 ____D C:\Users\siri1802\Documents\Artikler fra Marit
    2013-01-24 08:52 - 2013-01-24 08:52 - 00139264 ____A C:\Users\siri1802\Downloads\SystemLook.exe
    2013-01-24 04:17 - 2013-01-24 04:16 - 00353475 ____A (Farbar) C:\Users\siri1802\Downloads\FSS.exe
    2013-01-24 03:50 - 2013-01-24 03:49 - 00766464 ____A C:\Users\siri1802\Downloads\RogueKiller.exe
    2013-01-22 04:23 - 2013-01-22 04:23 - 00001760 ____A C:\Users\Public\Desktop\iTunes.lnk
    2013-01-22 04:23 - 2013-01-22 04:23 - 00000000 ____D C:\Program Files\iPod
    2013-01-22 04:23 - 2013-01-22 04:22 - 00000000 ____D C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2013-01-22 04:23 - 2013-01-22 04:22 - 00000000 ____D C:\Program Files\iTunes
    2013-01-22 04:22 - 2012-09-24 23:05 - 00000000 ____D C:\Program Files\Common Files\Apple
    2013-01-22 04:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\DriverStore
    2013-01-21 07:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\NDF
    2013-01-21 07:00 - 2013-01-21 07:00 - 01128728 ____A C:\Windows\Minidump\012113-18267-01.dmp
    2013-01-21 07:00 - 2012-09-24 23:09 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
    2013-01-20 06:52 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
    2013-01-20 05:28 - 2012-09-25 23:15 - 00000000 ____D C:\Users\siri1802\AppData\Roaming\BitTorrent
    2013-01-19 17:36 - 2013-01-19 17:35 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2013-01-19 12:48 - 2013-01-19 12:48 - 00000000 ____D C:\Users\siri1802\AppData\Roaming\Malwarebytes
    2013-01-19 12:48 - 2013-01-19 12:47 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
    2013-01-19 12:47 - 2013-01-19 12:47 - 00001078 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2013-01-19 12:47 - 2013-01-19 12:47 - 00000000 ____D C:\Users\All Users\Malwarebytes
    2013-01-19 12:35 - 2013-01-19 11:57 - 10156344 ____A (Malwarebytes Corporation ) C:\Users\siri1802\Downloads\mbam-setup-1.70.0.1100.exe
    2013-01-19 07:35 - 2013-01-19 07:28 - 00000000 ____D C:\Users\siri1802\Documents\Outlook-filer
    2013-01-18 16:41 - 2013-01-18 16:40 - 00380088 ____A (Softonic) C:\Users\siri1802\Downloads\SoftonicDownloader_for_vlc-media-player.exe
    2013-01-18 10:09 - 2013-01-18 10:09 - 00000000 ____D C:\Program Files\Common Files\Java
    2013-01-18 10:08 - 2013-01-18 10:09 - 00261024 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
    2013-01-18 10:08 - 2013-01-18 10:08 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
    2013-01-18 10:08 - 2013-01-18 10:08 - 00174496 ____A (Oracle Corporation) C:\Windows\System32\java.exe
    2013-01-18 10:08 - 2013-01-18 10:08 - 00094112 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
    2013-01-18 10:08 - 2012-09-25 08:27 - 00859552 ____A (Oracle Corporation) C:\Windows\System32\npdeployJava1.dll
    2013-01-18 10:08 - 2011-05-20 15:10 - 00780192 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
    2013-01-18 10:08 - 2011-05-20 15:10 - 00000000 ____D C:\Program Files\Java
    2013-01-18 10:04 - 2013-01-18 10:02 - 00896928 ____A (Oracle Corporation) C:\Users\siri1802\Downloads\chromeinstall-7u11.exe
    2013-01-18 07:18 - 2011-05-20 15:09 - 00000000 ____D C:\Users\All Users\Adobe
    2013-01-18 06:48 - 2013-01-18 06:47 - 00318904 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\wmpfirefoxplugin.exe
    2013-01-16 11:17 - 2013-01-16 11:17 - 00000000 ____D C:\Program Files\WinPcap
    2013-01-16 05:00 - 2013-01-16 05:00 - 00000000 ____D C:\Program Files\MSECache
    2013-01-16 05:00 - 2013-01-16 04:59 - 03328408 ____A (Microsoft Corporation) C:\Users\siri1802\Downloads\OutlookConnector.exe
    2013-01-15 06:46 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
    2013-01-14 08:29 - 2009-07-14 05:33 - 00342976 ____A C:\Windows\System32\FNTCACHE.DAT
    2013-01-14 08:28 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\nb-NO
    2013-01-14 04:04 - 2011-05-23 08:38 - 00000000 ____D C:\Users\All Users\Microsoft Help
    2013-01-13 15:39 - 2012-09-24 23:16 - 00697864 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2013-01-13 15:39 - 2011-05-20 15:10 - 00074248 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl


    ==================== Known DLLs (Whitelisted) =================


    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points =========================

    Restore point made on: 2013-01-24 10:33:48
    Restore point made on: 2013-01-28 04:00:43
    Restore point made on: 2013-01-28 04:04:26
    Restore point made on: 2013-01-28 04:44:14
    Restore point made on: 2013-01-28 09:58:22

    ==================== Memory info ===========================

    Percentage of memory in use: 20%
    Total physical RAM: 2003.17 MB
    Available physical RAM: 1588.77 MB
    Total Pagefile: 2003.17 MB
    Available Pagefile: 1598.35 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1959.21 MB

    ==================== Partitions =============================

    1 Drive c: (Windows) (Fixed) (Total:74.24 GB) (Free:9.93 GB) NTFS
    3 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    4 Drive y: (System) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    Disknr. Status Str. Ledig Dyn GPT
    -------- ------------- ------- ------- --- ---
    Disk 0 Tilkoblet 74 G byte 0 byte


    Partitions of Disk 0:
    ===============

    Disk-ID: E1D95CC4

    Partisjonsnr. Type Str. Forskyvning
    ------------- ---------------- ------- -----------
    Partisjon 1 Prim‘r 300 M 1024 K byte
    Partisjon 2 Prim‘r 74 G 301 M byte

    =========================================================

    Disk: 0
    Partisjon 1
    Type : 07
    Skjult: Nei
    Aktiv : Ja
    Forskyvning i byte: 1048576

    Volumnr. Bks Etikett Fs Type Str. Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volum 1 Y System NTFS Partisjon 300 M OK

    =========================================================

    Disk: 0
    Partisjon 2
    Type : 07
    Skjult: Nei
    Aktiv : Nei
    Forskyvning i byte: 315621376

    Volumnr. Bks Etikett Fs Type Str. Status Info
    ---------- --- ----------- ----- ---------- ------- --------- --------
    * Volum 2 C Windows NTFS Partisjon 74 G OK

    =========================================================

    Last Boot: 2013-01-20 06:09

    ==================== End Of Log ============================
      My Computer
    Quote Quote

  13. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #70

    Crumble,

    Glad it went well for you!

    At first glance, do not see any RootKits identified, which is good. However, need to take a closer look at the reports to make sure no malicious files are present.

    Since it appears you do not have an AntiVirus program installed, please take action to install one as soon as possible!


    Here are links for a couple of free ones, however, only install one program:

    Microsoft Security Essentials:
    Microsoft Security Essentials - Microsoft Windows

    avast! Free Antivirus:
    avast! Free Antivirus | Download Antivirus Protection Software

    I use them both (in different computers), and recommed either one.

    If you want something else, there are other free AVs available, and a Google search will provide more.

    Post back after you install an AV program.
      My Computer
    Quote Quote

 
Page 7 of 13 FirstFirst ... 56789 ... LastLast

  Related Discussions
Hi, I've recently had a virus on my laptop, AVG detected a few called trojan horse generic29.ajge I think i've managed to remove them through various types of malware programs and such but it has left me unable to activate the Windows Security Center and also my Windows Firewall isn't using...
Hey,Im a Rookie to when it comes to using programs to Get rid of certain viruses and programs, But recently i found out my Firewall and security center could not be started, I have used malware bytes, and a few other programs but this has only made it so that the firewall is accesiable now, I Was...
Hello, This is my first post and, as you can see from the title, I'm getting the message that my Windows Security Center service can't be started. In addition, when browsing the web, I will sometimes click on a link and be sent to a page other than the one I clicked on. I've read, here on...
background:I took your advice and ran it. Nothing detected. I decided to also do a full scan with MS Security Essentials and there were some items detected. Thnx! Issue : Oh btw, as I was navigating the Control Panel after all this I happened across the 'Action Center' and noticed that...
I click on the flag to turn it on but get that message... 'The Windows Security Center service can't be started.' Seems to have coincided with Firefox crashing REALLY FREQUENTLY too. I downloaded Malwarebytes' Anti-Malware and did a full scan. Here's the result: Malwarebytes'...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 08:28.
Find Us