Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malicious e-mail link, now afraid of infection... [Solved]


  • This topic is locked This topic is locked

#1
Pernaman

Pernaman

    Member

  • Member
  • PipPip
  • 11 posts

Hello!

 

Here's my topic on Avast forum: https://forum.avast....0437#msg1250437

 

Can someone add anything to this?

 

To add into problem, I've noticed that Farbar gives the error when ever it start to scan "Chrome: preferences".


Edited by Pernaman, 10 September 2015 - 08:37 AM.

  • 0

Advertisements


#2
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello, Pernaman. Welcome to Geeks to Go! My nickname is Nevan and I will be helping you getting your system back on its electronic feet.

Before we get started, please keep these things in mind:
  • Always read every part of my post carefully. If you don't, you may do something wrong and there could be more problems to solve.
  • If your security programs give you any warnings when using tools I asked you to, don't be afraid. Every tool I provide to you is 100% safe.
  • Only run tools that I ask you to. Some of them can be dangerous to your system as they have much power.
  • You should save or print my instructions. It is possible that we will be using Safe mode, which will cut you off from your internet connection and without access to them, you might be stuck.
  • Malware removal is a complicated process that takes multiple steps to be completed. Don't give up, be patient.
  • The tools we are going to use and your software may cause unwanted interactions. Because of that, I recommend you to make backups of any important files from your machine before proceeding as they might be lost.
  • I recommend you to stay with me until I tell you that we are done. It is important because when your system does not show any bad symptoms anymore it does not mean that it is 100% clean.
  • Your time to reply is limited. If you don't reply within 3 days, your topic will be closed and you will have to request it to be reopened by contacting one of Moderator group members with the link to this topic.
  • Every program I ask you to download should be saved to and run from desktop. If you don't know how to choose the direction of where a download is saved, check this site. You can also just copy these programs to your desktop manually and then run them from there.
  • Remember that the fixes I give you are only for your machine. Using it on other systems may (and probably will) cause problems.
  • Finally, if you have any questions or are unsure about something, just ask. I will not blame you for it. It is better to ask rather than regret it later.
Let's get started :)

 
If FRST doesn't work then we'll try another tool. Please follow the instructions below.

8OFR1v4.pngZOEK Scan

Download zoek.exe from here: Bleepingcomputer
  • Close/disable all anti virus and anti malware programs so they do not interfere download or run of Zoek.exe
    Here or here you can read a manual how to disable your security applications.
  • Doubleclick zoek.exe to start the program.
  • Copy and paste the following script in the code box:
    createsrpoint;
    installedprogs;
    process;
    drivers-services-list;
    systemspecs;
    filesrcm;
    startupall;
    firefoxlook;
    chromelook;
    skipfix-iedefaults;
    
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Close any open browsers.
  • Click the "Run script" button and wait patiently.
  • When finished the logfile will be opened in notepad. If a reboot is needed the logfile will be opened after reboot.
    The zoek-results.log can also be found on your systemdrive.
  • Please post the logfile for further review in your next comment.

  • 0

#3
Pernaman

Pernaman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Hello! Thanks for the reply. I'm little nervious about tinkering with my antivirus' settings, so I'd like to clerify that should I disable Avast only when downloading and/or running Zoek or keep it disabled all the time when Zoek is installed?


  • 0

#4
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
You can turn your Avast back on when done :)
  • 0

#5
Pernaman

Pernaman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Ok done, I attached log file into my reply.


Zoek.exe v5.0.0.0 Updated 08-September-2015
Tool run by Juha on pe 11.09.2015 at 13:49:50,18.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Juha\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

11.9.2015 13:51:41 Zoek.exe System Restore Point Created Successfully.

==== Installed Programs ======================

64 Bit HP CIO Components Installer
Adobe Flash Player 18 NPAPI
AI Suite II
ASUS GPU Tweak
Audacity 2.0.2
Avast Free Antivirus
Battle for Wesnoth 1.10.2
Battle for Wesnoth 1.12.0
Battle.net
Battlefield 3T
Battlefield 4T
Bing Bar
CCleaner
D3DX10
Dropbox
DuckTales Remastered
EasyCleaner
Fast Boot
Garry's Mod
Google Chrome
Google Update Helper
HD Tune 2.55
Heroes of the Storm
Intel® Management Engine Components
Intel® USB 3.0 eXtensible Host Controller Driver
Intel© Trusted Connect Service Client
Java 8 Update 51
Java 8 Update 60
Java Auto Updater
Junk Mail filter update
Left 4 Dead 2
LEGO Digital Designer
LibreOffice 4.3.7.2
LogMeIn Hamachi
Malwarebytes Anti-Malware versio 2.1.8.1057
Mesh Runtime
Messenger-kumppani
Messenger Assistent
Messenger Companion
Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 4.5.2 (FIN)
Microsoft .NET Framework 4.5.2 (suomi)
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 4 Runtime
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Mozilla Firefox 40.0.3 (x86 fi)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Nokia Connectivity Cable Driver
NVIDIA-ohjauspaneeli 355.82
NVIDIA-p„ivitykset 2.5.14.5
NVIDIA 3D Vision -ohjain 352.65
NVIDIA 3D Vision -ohjain 355.82
NVIDIA GeForce Experience 2.5.14.5
NVIDIA GeForce Experience Service
NVIDIA Grafiikkaohjain 355.82
NVIDIA HD-„„niohjain 1.3.34.3
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX-j„rjestelm„ohjelmisto 9.15.0428
NVIDIA ShadowPlay 2.5.14.5
NVIDIA Stereoscopic 3D Driver
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.31
Origin
paint.net
PlanetSide 2
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Risk of Rain
Security Update for Microsoft .NET Framework 4.5.2 (KB3023224)
Security Update for Microsoft .NET Framework 4.5.2 (KB3035490)
Security Update for Microsoft .NET Framework 4.5.2 (KB3037581)
Security Update for Microsoft .NET Framework 4.5.2 (KB3074230)
Security Update for Microsoft .NET Framework 4.5.2 (KB3074550)
SHIELD Streaming
SHIELD Wireless Controller Driver
SkypeT 7.10
SpeedFan (remove only)
Starbound
Steam
System Requirements Lab CYRI
Team Fortress 2
TitanfallT
Unity Web Player
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Fotogalleri
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
Windows Live Mesh ActiveX-objekt til fjernforbindelser
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Meshin et„yhteyksien ActiveX-komponentti
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennusty”kalu
Windows Liven s„hk”posti
Windows Liven valokuvavalikoima
VLC media player
Worms Armageddon

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.18\atkexComSvc.exe
C:\Windows\SysWOW64\ASGT.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.18\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Juha\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Users\Juha\Desktop\zoek.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe

==== Services(whitelist) ======================
Powered by E Dev

R2 - [AFBAgent] - AFBAgent - c:\windows\system32\fbagent.exe
R2 - [asComSvc] - ASUS Com Service - c:\program files (x86)\asus\axsp\1.00.18\atkexcomsvc.exe
R2 - [asHmComSvc] - ASUS HM Com Service - c:\program files (x86)\asus\aahm\1.00.18\aahmsvc.exe
R2 - [AsSysCtrlService] - ASUS System Control Service - c:\program files (x86)\asus\assysctrlservice\1.00.11\assysctrlservice.exe
R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe
R2 - [Intel® Capability Licensing Service Interface] - Intel® Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe
R2 - [jhi_service] - Intel® Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel® management engine components\dal\jhi_service.exe
R2 - [LMIGuardianSvc] - LMIGuardianSvc - c:\program files (x86)\logmein hamachi\lmiguardiansvc.exe
R2 - [LMS] - Intel® Management and Security Application Local Management Service - c:\program files (x86)\intel\intel® management engine components\lms\lms.exe
R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamservice.exe
R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [PnkBstrA] - PnkBstrA - c:\windows\system32\pnkbstra.exe [x]
R2 - [SeaPort] - SeaPort - c:\program files (x86)\microsoft\bingbar\seaport.exe
R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe
R2 - [UNS] - Intel® Management and Security Application User Notification Service - c:\program files (x86)\intel\intel® management engine components\uns\uns.exe
R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
R2 - [WMPNetworkSvc] - Windows Media Playerin verkkojakamispalvelu - c:\program files\windows media player\wmpnetwk.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [TrustedInstaller] - Windowsin moduulien asennusohjelma - c:\windows\servicing\trustedinstaller.exe
R3 - [VSS] - Aseman tilannevedos - c:\windows\system32\vssvc.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Google Päivitä-palvelu (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe
S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe
S2 - [sppsvc] - Ohjelmistojen suojaus - c:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Sovelluskerroksen yhdyskäytäväpalvelu - c:\windows\system32\alg.exe
S3 - [aspnet_state] - ASP.NET-tilapalvelu - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S3 - [BBSvc] - Bing Bar Update Service - c:\program files (x86)\microsoft\bingbar\bbsvc.exe
S3 - [COMSysApp] - COM+-järjestelmäsovellus - c:\windows\system32\dllhost.exe
S3 - [ehRecvr] - Windows Media Center - Vastaanotinpalvelu - c:\windows\ehome\ehrecvr.exe
S3 - [ehSched] - Windows Media Center - Ajastinpalvelu - c:\windows\ehome\ehsched.exe
S3 - [Fax] - Faksi - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundationin fonttivälimuisti 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe
S3 - [gupdatem] - Google Päivitä-palvelu (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer -ohjelma - c:\windows\system32\msiexec.exe
S3 - [Origin Client Service] - Origin Client Service - d:\origin\originclientservice.exe
S3 - [PerfHost] - Resurssilaskurien DLL-isäntä - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - Etäproseduurikutsujen (RPC) paikannin - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP-keskeytys - c:\windows\system32\snmptrap.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [WatAdminSvc] - Windowsin aktivointitekniikoiden palvelu - c:\windows\system32\wat\watadminsvc.exe
S3 - [wbengine] - Lohkotason varmuuskopiointipalvelu - c:\windows\system32\wbengine.exe
S3 - [vds] - Näennäislevy - c:\windows\system32\vds.exe
S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe
S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe

==== Drivers(whitelist) ======================
Powered by E Dev

R0 - [FileInfo] - File Information FS MiniFilter - C:\windows\system32\Drivers\FileInfo.sys
R0 - [FltMgr] - FltMgr - C:\windows\system32\Drivers\FltMgr.sys
R0 - [Mup] - Mup - C:\windows\system32\Drivers\Mup.sys
R1 - [NetBIOS] - NetBIOS Interface - C:\windows\system32\Drivers\NetBIOS.sys
R3 - [srv] - Palvelimen SMB 1.xxx -ohjain - C:\windows\system32\Drivers\srv.sys
R3 - [srv2] - Palvelimen SMB 2.xxx -ohjain - C:\windows\system32\Drivers\srv2.sys
R0 - [ACPI] - Microsoft ACPI Driver - C:\windows\system32\Drivers\ACPI.sys
R0 - [adp94xx] - adp94xx - C:\windows\system32\Drivers\adp94xx.sys
R0 - [adpahci] - adpahci - C:\windows\system32\Drivers\adpahci.sys
R0 - [adpu320] - adpu320 - C:\windows\system32\Drivers\adpu320.sys
R0 - [aliide] - aliide - C:\windows\system32\Drivers\aliide.sys
R0 - [amdide] - amdide - C:\windows\system32\Drivers\amdide.sys
R0 - [amdsata] - amdsata - C:\windows\system32\Drivers\amdsata.sys
R0 - [amdsbs] - amdsbs - C:\windows\system32\Drivers\amdsbs.sys
R0 - [amdxata] - amdxata - C:\windows\system32\Drivers\amdxata.sys
R0 - [arc] - arc - C:\windows\system32\Drivers\arc.sys
R0 - [arcsas] - Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver - C:\windows\system32\Drivers\arcsas.sys
R0 - [aswRvrt] - avast! Revert - C:\windows\system32\Drivers\aswRvrt.sys
R0 - [aswVmm] - avast! VM Monitor - C:\windows\system32\Drivers\aswVmm.sys
R0 - [atapi] - IDE-kanava - C:\windows\system32\Drivers\atapi.sys
R0 - [CLFS] - Yleinen loki (CLFS) - C:\windows\system32\Drivers\CLFS.sys [x]
R0 - [cmdide] - cmdide - C:\windows\system32\Drivers\cmdide.sys
R0 - [CNG] - CNG - C:\windows\system32\Drivers\CNG.sys
R0 - [Compbatt] - Microsoft Composite Battery Driver - C:\windows\system32\Drivers\Compbatt.sys
R0 - [Disk] - Levyohjain - C:\windows\system32\Drivers\Disk.sys
R0 - [elxstor] - elxstor - C:\windows\system32\Drivers\elxstor.sys
R0 - [fvevol] - BitLocker-asemansalauksen suodatinohjain - C:\windows\system32\Drivers\fvevol.sys
R0 - [HpSAMD] - HpSAMD - C:\windows\system32\Drivers\HpSAMD.sys
R0 - [hwpolicy] - Hardware Policy Driver - C:\windows\system32\Drivers\hwpolicy.sys
R0 - [iaStor] - Intel RAID Controller - C:\windows\system32\Drivers\iaStor.sys
R0 - [iaStorV] - Intel RAID Controller Windows 7 - C:\windows\system32\Drivers\iaStorV.sys
R0 - [iirsp] - iirsp - C:\windows\system32\Drivers\iirsp.sys
R0 - [intelide] - intelide - C:\windows\system32\Drivers\intelide.sys
R0 - [isapnp] - isapnp - C:\windows\system32\Drivers\isapnp.sys
R0 - [iusb3hcs] - Intel® USB 3.0 Host Controller Switch Driver - C:\windows\system32\Drivers\iusb3hcs.sys
R0 - [KSecDD] - KSecDD - C:\windows\system32\Drivers\KSecDD.sys
R0 - [KSecPkg] - KSecPkg - C:\windows\system32\Drivers\KSecPkg.sys
R0 - [LSI_FC] - LSI_FC - C:\windows\system32\Drivers\LSI_FC.sys
R0 - [LSI_SAS] - LSI_SAS - C:\windows\system32\Drivers\LSI_SAS.sys
R0 - [LSI_SAS2] - LSI_SAS2 - C:\windows\system32\Drivers\LSI_SAS2.sys
R0 - [LSI_SCSI] - LSI_SCSI - C:\windows\system32\Drivers\LSI_SCSI.sys
R0 - [megasas] - megasas - C:\windows\system32\Drivers\megasas.sys
R0 - [MegaSR] - MegaSR - C:\windows\system32\Drivers\MegaSR.sys
R0 - [mountmgr] - Mount Point Manager - C:\windows\system32\Drivers\mountmgr.sys
R0 - [mpio] - Microsoft Multi-Path Bus Driver - C:\windows\system32\Drivers\mpio.sys
R0 - [msahci] - msahci - C:\windows\system32\Drivers\msahci.sys
R0 - [msdsm] - Microsoft Multi-Path Device Specific Module - C:\windows\system32\Drivers\msdsm.sys
R0 - [msisadrv] - msisadrv - C:\windows\system32\Drivers\msisadrv.sys
R0 - [mv91xx] - mv91xx - C:\windows\system32\Drivers\mv91xx.sys
R0 - [NDIS] - NDIS-järjestelmäohjain - C:\windows\system32\Drivers\NDIS.sys
R0 - [nfrd960] - nfrd960 - C:\windows\system32\Drivers\nfrd960.sys
R0 - [nvraid] - nvraid - C:\windows\system32\Drivers\nvraid.sys
R0 - [nvstor] - nvstor - C:\windows\system32\Drivers\nvstor.sys
R0 - [partmgr] - Osionhallinta - C:\windows\system32\Drivers\partmgr.sys
R0 - [pci] - PCI Bus Driver - C:\windows\system32\Drivers\pci.sys
R0 - [pciide] - pciide - C:\windows\system32\Drivers\pciide.sys
R0 - [pcw] - Performance Counters for Windows Driver - C:\windows\system32\Drivers\pcw.sys
R0 - [ql2300] - QLogic Fibre Channel Miniport Driver - C:\windows\system32\Drivers\ql2300.sys
R0 - [ql40xx] - QLogic iSCSI Miniport Driver - C:\windows\system32\Drivers\ql40xx.sys
R0 - [rdyboost] - ReadyBoost - C:\windows\system32\Drivers\rdyboost.sys
R0 - [sbp2port] - SBP-2 Transport/Protocol Bus Driver - C:\windows\system32\Drivers\sbp2port.sys
R0 - [SiSRaid2] - SiSRaid2 - C:\windows\system32\Drivers\SiSRaid2.sys
R0 - [SiSRaid4] - SiSRaid4 - C:\windows\system32\Drivers\SiSRaid4.sys
R0 - [spldr] - Security Processor Loader Driver - C:\windows\system32\Drivers\spldr.sys
R0 - [stexstor] - stexstor - C:\windows\system32\Drivers\stexstor.sys
R0 - [Tcpip] - TCP/IP-protokollaohjain - C:\windows\system32\Drivers\Tcpip.sys
R0 - [Wd] - Microsoft Watchdog Timer Driver - C:\windows\system32\Drivers\Wd.sys
R0 - [Wdf01000] - Ydintilaohjainkehyspalvelu - C:\windows\system32\Drivers\Wdf01000.sys
R0 - [vdrvroot] - Microsoft Virtual Drive Enumerator Driver - C:\windows\system32\Drivers\vdrvroot.sys
R0 - [viaide] - viaide - C:\windows\system32\Drivers\viaide.sys
R0 - [volmgr] - Volume Manager Driver - C:\windows\system32\Drivers\volmgr.sys
R0 - [volmgrx] - Dynaaminen asemanhallinta - C:\windows\system32\Drivers\volmgrx.sys
R0 - [volsnap] - Loogiset asemat - C:\windows\system32\Drivers\volsnap.sys
R0 - [vsmraid] - vsmraid - C:\windows\system32\Drivers\vsmraid.sys
R1 - [AFD] - Ancillary Function Driver for Winsock - C:\windows\system32\Drivers\AFD.sys
R1 - [Beep] - Beep - C:\windows\system32\Drivers\Beep.sys
R1 - [tdx] - NetIO:n aiempi TDI-tukiohjain - C:\windows\system32\Drivers\tdx.sys
R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\windows\system32\Drivers\tcpipreg.sys

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8148 MB
CPU Info: Intel® Core™ i7-3770 CPU @ 3.40GHz
CPU Speed: 3445,3 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek Digital Output (Realtek |
Display Adapters: NVIDIA GeForce GTX 650 | NVIDIA GeForce GTX 650 | NVIDIA GeForce GTX 650 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Yleinen PnP-näyttölaite |
Screen Resolution: 1440 X 900 - 32 bit
Network: Network Present
Network Adapters: Realtek PCIe GBE Family Controller | Hamachi Network Interface
CD / DVD Drives: 1x (E: | ) E: ATAPI DVD A DH24ABS
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 372,6GB | D: 540,2GB
Hard Disks - Free: C: 118,0GB | D: 434,2GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 02/24/12 | _ASUS_ - 1072009
Time Zone: Suomen normaaliaika
Motherboard *: ASUSTeK COMPUTER INC. CM6870
Country: Suomi
Language: FIN

==== System Specs (Software) ======================

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Default Browser: Firefox 40.0.3
Internet Explorer Version: 11.0.9600.18015
Mozilla Firefox version: 40.0.3 (x86 fi)
Google Chrome version: 45.0.2454.85
Sun Java version: 1.8.0_60 (32-bit)
Sun Java version: 1.8.0_60 (64-bit)
Flash Player version: 18.0.0.232

==== Files Recently Created / Modified ======================

====== C:\windows ====
====== C:\Users\Juha\AppData\Local\Temp ====
2015-09-11 07:52:48 78F768C4E0BD116AAF5EE41D760F899D 71168 ----a-w- C:\Users\Juha\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqt5x78.dll
====== Java Cache =====
2015-08-22 23:10:03 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Juha\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\3d7894d3-307ecc16
2015-08-22 23:07:29 27266DB268940A58180604BA1A7BE3E0 450735 ----a-w- C:\Users\Juha\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\6f20baa4-6e7af793
2015-08-22 23:07:28 C611538EFED63F122E4A07F748AC01B3 793 ----a-w- C:\Users\Juha\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\11dd5f3d-6cdf1494
2015-08-22 23:07:29 F9D3AD29943D2A4A1BE776CA25F89C99 442 ----a-w- C:\Users\Juha\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\11dd5f3d-866ea8a9a5e54c718f59857e9fb20e99af8e0c6c1540667a6358a78f78af6bf9-6.0.lap
====== C:\windows\SysWOW64 =====
2015-09-09 19:55:46 287C352FE47F9D8BEF97AF8832B81CC1 574072 ----a-w- C:\windows\SysWOW64\nvStreaming.exe
2015-09-09 19:53:24 D79C58F26C4F83E4BED84C85D68AC0C8 945456 ----a-w- C:\windows\SysWOW64\NvFBC.dll
2015-09-09 19:53:23 CCBCA08BF1E6A117142BDE7D970CA805 2627704 ----a-w- C:\windows\SysWOW64\nvcuvid.dll
2015-09-09 19:53:23 B7C16AE8A5CBAA8BC9B691AEACB55688 944736 ----a-w- C:\windows\SysWOW64\nvumdshim.dll
2015-09-09 19:53:16 FC2F653BBCAEB2FF9B8AF9A2F4444CA6 12185152 ----a-w- C:\windows\SysWOW64\nvcuda.dll
2015-09-09 19:53:16 C292C882D657E889FB8DA5BC582096AB 986232 ----a-w- C:\windows\SysWOW64\NvIFR.dll
2015-09-09 19:53:16 4E1F5A8A1CAA04A0D846112DF3787F5E 18543736 ----a-w- C:\windows\SysWOW64\nvoglv32.dll
2015-09-09 19:53:16 03788C2AA81CECD624041DE4C43AA4DA 155792 ----a-w- C:\windows\SysWOW64\nvinit.dll
2015-09-09 19:53:15 F02E2983DCD931F93D2643CCCEEA44C8 128512 ----a-w- C:\windows\SysWOW64\nvoglshim32.dll
2015-09-09 19:53:15 DF8E1CAE97639CA0739E7C5B405F81F3 364336 ----a-w- C:\windows\SysWOW64\NvIFROpenGL.dll
2015-09-09 19:53:15 96CE91A4B0A368DFFB5ACA7511C1D3A5 37819184 ----a-w- C:\windows\SysWOW64\nvcompiler.dll
2015-09-09 19:53:15 319E82EED7298BAC196CEF63BCE015B0 421544 ----a-w- C:\windows\SysWOW64\nvEncodeAPI.dll
2015-09-09 19:53:15 0A2000AB32A088BA57852E08571FDEBF 13661160 ----a-w- C:\windows\SysWOW64\nvopencl.dll
2015-09-09 08:16:04 F5811FD860256CD6A1F19A168EBE0C80 216064 ----a-w- C:\windows\SysWOW64\InkEd.dll
2015-09-09 08:15:55 BFCB5A69B6D9EAB9D7B9B2B3BB9300B4 30720 ----a-w- C:\windows\SysWOW64\iernonce.dll
2015-09-09 08:15:55 4C68C514F25379AC4B24739D6F93473A 47616 ----a-w- C:\windows\SysWOW64\ieetwproxystub.dll
2015-09-09 08:15:55 3D24E0397BED00AFBB3DFA3A8AB98FD3 76288 ----a-w- C:\windows\SysWOW64\mshtmled.dll
2015-09-09 08:15:55 0056D5DECBC2CE89721DB380D0FD57BE 64000 ----a-w- C:\windows\SysWOW64\MshtmlDac.dll
2015-09-09 08:15:54 DA47CED2032198A6E4739BB77C70EBA9 60416 ----a-w- C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-09 08:15:54 98733E7AA07BEDF523778FF3240CDB17 504832 ----a-w- C:\windows\SysWOW64\vbscript.dll
2015-09-09 08:15:54 7C25F33E59D387DE06B11B8EC38CF26D 1310720 ----a-w- C:\windows\SysWOW64\urlmon.dll
2015-09-09 08:15:54 3CF7BD2B4A046633CEE16F5A2522ADF4 285696 ----a-w- C:\windows\SysWOW64\dxtrans.dll
2015-09-09 08:15:54 267305B4B170E15FFE905E2C5A1D3137 344168 ----a-w- C:\windows\SysWOW64\iedkcs32.dll
2015-09-09 08:15:54 216C0B2B406534ADACF8CCEFD8E86837 689152 ----a-w- C:\windows\SysWOW64\msfeeds.dll
2015-09-09 08:15:54 1730F4B69593EB38072DAF273B5565AB 19856896 ----a-w- C:\windows\SysWOW64\mshtml.dll
2015-09-09 08:15:53 FEEB3D195FEB6A2B05D5AADCB1900AF1 62464 ----a-w- C:\windows\SysWOW64\iesetup.dll
2015-09-09 08:15:53 FDDB70F74F079760743BC3E6E2F1C69F 418304 ----a-w- C:\windows\SysWOW64\dxtmsft.dll
2015-09-09 08:15:53 ED40CEA3833C5B0227B1B01B86D47393 479232 ----a-w- C:\windows\SysWOW64\ieui.dll
2015-09-09 08:15:53 E5AC8290F6468070E9F664AA5CD34899 710144 ----a-w- C:\windows\SysWOW64\ieapfltr.dll
2015-09-09 08:15:53 D47DB47A2C61664DAB00550EBB342AFA 2279424 ----a-w- C:\windows\SysWOW64\iertutil.dll
2015-09-09 08:15:53 810525827BFE17A1E99C78C39A8D52BB 2052608 ----a-w- C:\windows\SysWOW64\inetcpl.cpl
2015-09-09 08:15:53 682D51EC4E605249E5330BDD36569C67 620032 ----a-w- C:\windows\SysWOW64\jscript9diag.dll
2015-09-09 08:15:53 5D5ACD27170DDD0E685820AF2650B7CE 47104 ----a-w- C:\windows\SysWOW64\jsproxy.dll
2015-09-09 08:15:53 5931961817E242BC8CB76E1F7EB2FA3F 665600 ----a-w- C:\windows\SysWOW64\jscript.dll
2015-09-09 08:15:53 42175CD4FD54C02CA8419F4079D9C8B2 115712 ----a-w- C:\windows\SysWOW64\ieUnatt.exe
2015-09-09 08:15:52 66B2A244152C78E4C298807BC544AA26 12857344 ----a-w- C:\windows\SysWOW64\ieframe.dll
2015-09-09 08:15:52 04FBC984859E0A0D15DDFBFD97198D07 2724864 ----a-w- C:\windows\SysWOW64\mshtml.tlb
2015-09-09 08:15:51 CE982D0CBE88BEA12A74BA9FF70DDC88 4520448 ----a-w- C:\windows\SysWOW64\jscript9.dll
2015-09-09 08:15:51 C137627A10341356036A84A717660669 1155072 ----a-w- C:\windows\SysWOW64\mshtmlmedia.dll
2015-09-09 08:15:51 A8C80A92549AFDD6891C8159D4C0A107 1951232 ----a-w- C:\windows\SysWOW64\wininet.dll
2015-09-09 08:15:51 4881F098B26356905039C1D9DC233690 341504 ----a-w- C:\windows\SysWOW64\html.iec
2015-09-09 08:15:50 B860385F95CDE86286A12FB3FAABAF7F 168960 ----a-w- C:\windows\SysWOW64\msrating.dll
2015-09-09 08:15:09 BF49B5D47D80D8711E3D54C8E0A59130 1241088 ----a-w- C:\windows\SysWOW64\msxml3.dll
2015-09-09 08:15:09 2032B7698A8DCA5E157FD4ED153E9A76 1391104 ----a-w- C:\windows\SysWOW64\msxml6.dll
2015-09-09 08:15:08 F615574BF6B81533F3382856BE359237 2048 ----a-w- C:\windows\SysWOW64\msxml6r.dll
2015-09-09 08:15:08 4DF7AD468DA9828D4B704805EEE2C7B1 2048 ----a-w- C:\windows\SysWOW64\msxml3r.dll
2015-09-09 08:14:31 E08E3E101A15FF4966AA3B2E86CF9806 50688 ----a-w- C:\windows\SysWOW64\appidapi.dll
2015-09-09 08:13:53 DD126C4EA72C9D55A7BAE2C9326C4704 34304 ----a-w- C:\windows\SysWOW64\atmlib.dll
2015-09-09 08:13:53 68054F129D15CE0A50E1E3841222A166 10240 ----a-w- C:\windows\SysWOW64\dciman32.dll
2015-09-09 08:13:53 4629ED2D48E8DBB78A87CA219DAE6513 299520 ----a-w- C:\windows\SysWOW64\atmfd.dll
2015-09-09 08:13:53 415FB89174E6D8BFC885A00A01C3446B 25600 ----a-w- C:\windows\SysWOW64\lpk.dll
2015-09-09 08:13:53 2748108963E56A7A0CF05F19501DF832 70656 ----a-w- C:\windows\SysWOW64\fontsub.dll
2015-09-09 08:13:43 EA010D8C6C63EA28BA9EB360403E5F85 173056 ----a-w- C:\windows\SysWOW64\wuwebv.dll
2015-09-09 08:13:43 DC45670BF6EB8D7472EEB1D544B51C6B 30208 ----a-w- C:\windows\SysWOW64\wups.dll
2015-09-09 08:13:43 80DA9F3867192A12059906D742E22091 34816 ----a-w- C:\windows\SysWOW64\wuapp.exe
2015-09-09 08:13:43 18703D7AD19222F508B83BFFC015D37D 93184 ----a-w- C:\windows\SysWOW64\wudriver.dll
2015-09-09 08:13:43 0FC51CD52CB71243C4E5E291ED717C97 566784 ----a-w- C:\windows\SysWOW64\wuapi.dll
2015-08-31 14:56:27 71C2CB12D371216910700AC9BF566F87 1423120 ----a-w- C:\windows\SysWOW64\nvspcap.dll
2015-08-31 14:56:27 2591333C89E71E9A4467FD62F6B38B20 1316000 ----a-w- C:\windows\SysWOW64\nvspbridge.dll
2015-08-31 14:55:49 A396CE9FC7A4815C1B537B5BD25621F1 69416 ----a-w- C:\windows\SysWOW64\nvaudcap32v.dll
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
2015-09-09 19:53:24 A072E48FD7E59C159003C31B8045553A 14936264 ----a-w- C:\windows\Sysnative\nvcuda.dll
2015-09-09 19:53:23 CCE7BEFFE29CC2994F2949354F196939 17082392 ----a-w- C:\windows\Sysnative\nvwgf2umx.dll
2015-09-09 19:53:16 D9F0E0273750D4067AC3FF38BCF495BB 150832 ----a-w- C:\windows\Sysnative\nvoglshim64.dll
2015-09-09 19:53:16 B368FA6A9392257BCDC338446582A353 22525560 ----a-w- C:\windows\Sysnative\nvoglv64.dll
2015-09-09 19:53:16 62A76885475E5CDF26ECC8B913FAA540 512904 ----a-w- C:\windows\Sysnative\nvEncodeAPI64.dll
2015-09-09 19:53:16 4A52367938EFB8ED886C72ADECCFFCE0 408184 ----a-w- C:\windows\Sysnative\NvIFROpenGL.dll
2015-09-09 19:53:16 327C6900617B3696104888A091E314D0 176904 ----a-w- C:\windows\Sysnative\nvinitx.dll
2015-09-09 19:53:15 E0D9278EF7A99BD28503E9206F921171 1075320 ----a-w- C:\windows\Sysnative\NvFBC64.dll
2015-09-09 19:53:15 D08DEDB67E0A00AF74CF1DF34AD5024B 1558648 ----a-w- C:\windows\Sysnative\nvdispgenco6435582.dll
2015-09-09 19:53:15 C5D668931BDDFC558A0EB8DA64A59EFA 42840368 ----a-w- C:\windows\Sysnative\nvcompiler.dll
2015-09-09 19:53:15 9D854D067557D8CB705C207D89209468 1106672 ----a-w- C:\windows\Sysnative\nvumdshimx.dll
2015-09-09 19:53:15 94C71F1A1EFEAA77A4DA9482D0E83995 15512888 ----a-w- C:\windows\Sysnative\nvd3dumx.dll
2015-09-09 19:53:15 7FB372269B0317BB01A1A54563A7A496 1064752 ----a-w- C:\windows\Sysnative\NvIFR64.dll
2015-09-09 19:53:15 77E7F44D56D143673C393A0570301F73 2940720 ----a-w- C:\windows\Sysnative\nvcuvid.dll
2015-09-09 19:53:15 76B54826126F16A863BBFD99143E3D42 16637336 ----a-w- C:\windows\Sysnative\nvopencl.dll
2015-09-09 19:53:15 1A2CB3875DB072F16BF2F6DE2BA381A1 1898288 ----a-w- C:\windows\Sysnative\nvdispco6435582.dll
2015-09-09 08:16:04 E2B939D646418AC4F85C42F0E7790EC9 24576 ----a-w- C:\windows\Sysnative\jnwmon.dll
2015-09-09 08:16:04 28CAE76925107A4D5FBB63EC0A7DCA51 275456 ----a-w- C:\windows\Sysnative\InkEd.dll
2015-09-09 08:16:03 40686B59C127F0C93B4234E4A1E3472A 1110016 ----a-w- C:\windows\Sysnative\schedsvc.dll
2015-09-09 08:15:55 DF38359BA1798DD42CD15F7207FDAFA6 48640 ----a-w- C:\windows\Sysnative\ieetwproxystub.dll
2015-09-09 08:15:55 91AD7A275B3BA53B036C0D246E89EF3A 114688 ----a-w- C:\windows\Sysnative\ieetwcollector.exe
2015-09-09 08:15:54 6D10EB9ED12B215B4523337F6291AF08 77824 ----a-w- C:\windows\Sysnative\JavaScriptCollectionAgent.dll
2015-09-09 08:15:54 21B7BEC14F9D35ABF5F802B61E637EEE 720384 ----a-w- C:\windows\Sysnative\ie4uinit.exe
2015-09-09 08:15:54 0C3341D5B70E5796BF622BC457DD3619 34304 ----a-w- C:\windows\Sysnative\iernonce.dll
2015-09-09 08:15:53 F7842D6C680AFED5656989BD0189C78C 968704 ----a-w- C:\windows\Sysnative\MsSpellCheckingFacility.exe
2015-09-09 08:15:53 D8FE466B3EB5E290EF6B698367BC8FF6 801280 ----a-w- C:\windows\Sysnative\msfeeds.dll
2015-09-09 08:15:53 BC83213ABAB473B99BF78848573514E0 4096 ----a-w- C:\windows\Sysnative\ieetwcollectorres.dll
2015-09-09 08:15:53 5C29BE6B121490177978741FB1487F87 2724864 ----a-w- C:\windows\Sysnative\mshtml.tlb
2015-09-09 08:15:53 5BF637520D37C06EBA8FF3AFAF11D961 393304 ----a-w- C:\windows\Sysnative\iedkcs32.dll
2015-09-09 08:15:53 394A06EBC37283F59AA1F3E793DBFB8B 1545728 ----a-w- C:\windows\Sysnative\urlmon.dll
2015-09-09 08:15:53 357785E8D45614BEE7A340E58E149B34 316928 ----a-w- C:\windows\Sysnative\dxtrans.dll
2015-09-09 08:15:52 ABEBE737EC3EDDAC560258ED86712961 66560 ----a-w- C:\windows\Sysnative\iesetup.dll
2015-09-09 08:15:52 2A161E2B7A37C7A18B6CF02B05804B1D 800768 ----a-w- C:\windows\Sysnative\ieapfltr.dll
2015-09-09 08:15:51 B04F6C38F0D78E0DF23FE69813DB5464 2886144 ----a-w- C:\windows\Sysnative\iertutil.dll
2015-09-09 08:15:51 A7D51FC9BF718F10AAD7E381C78D4CF4 54784 ----a-w- C:\windows\Sysnative\jsproxy.dll
2015-09-09 08:15:51 A5ED86412F4A623FA2468C023CE6344E 144384 ----a-w- C:\windows\Sysnative\ieUnatt.exe
2015-09-09 08:15:51 90D77CFA7C7BA84EC1E8B06CF5F94C34 585216 ----a-w- C:\windows\Sysnative\vbscript.dll
2015-09-09 08:15:51 39AD1102270EB183B03AA5A0362201D1 2126336 ----a-w- C:\windows\Sysnative\inetcpl.cpl
2015-09-09 08:15:50 ED10CF4AFE2BF66667A08A79EF5329E0 490496 ----a-w- C:\windows\Sysnative\dxtmsft.dll
2015-09-09 08:15:50 E850CB3A37F8A9117BE2FF263B7D0FD1 817664 ----a-w- C:\windows\Sysnative\jscript.dll
2015-09-09 08:15:50 C977CF244EE08E22F0F122591EE6420D 92160 ----a-w- C:\windows\Sysnative\mshtmled.dll
2015-09-09 08:15:50 9AE595C539A180F8B267EB0697B38B2E 615936 ----a-w- C:\windows\Sysnative\ieui.dll
2015-09-09 08:15:50 4AFF1DA04FC31C4E3E73ADA805BA57ED 814080 ----a-w- C:\windows\Sysnative\jscript9diag.dll
2015-09-09 08:15:50 2A9F3C1F3D93EA4938B821FE241CB227 1359360 ----a-w- C:\windows\Sysnative\mshtmlmedia.dll
2015-09-09 08:15:50 00059AAFAF28B362197B90D3FD5062BB 14451712 ----a-w- C:\windows\Sysnative\ieframe.dll
2015-09-09 08:15:49 D7390AAB21AABF0B2E7D8B0793686512 5923328 ----a-w- C:\windows\Sysnative\jscript9.dll
2015-09-09 08:15:49 CA9B509F45E6C53A03C7D5D8359AEBDF 417792 ----a-w- C:\windows\Sysnative\html.iec
2015-09-09 08:15:49 C2279FA9510104431A5936F4D64CC591 88064 ----a-w- C:\windows\Sysnative\MshtmlDac.dll
2015-09-09 08:15:49 A55305B1CACD38EAC176CC532B2053AC 2427392 ----a-w- C:\windows\Sysnative\wininet.dll
2015-09-09 08:15:49 2555DEF683BDF9B4947591827D6DE69A 25190400 ----a-w- C:\windows\Sysnative\mshtml.dll
2015-09-09 08:15:49 17125243606DCACEE3AA12964B649ECF 199680 ----a-w- C:\windows\Sysnative\msrating.dll
2015-09-09 08:15:09 FDE5C7F271A8424B019EEFDAFD8CBD75 2004480 ----a-w- C:\windows\Sysnative\msxml6.dll
2015-09-09 08:15:09 F06A3A6A49F6E059D6727A215A8FAA70 1887232 ----a-w- C:\windows\Sysnative\msxml3.dll
2015-09-09 08:15:08 A25E5E8A16E0BA2A74390EA63319BE1D 2048 ----a-w- C:\windows\Sysnative\msxml3r.dll
2015-09-09 08:15:08 3940461513FE8C7D94D76CCDBC783B93 2048 ----a-w- C:\windows\Sysnative\msxml6r.dll
2015-09-09 08:14:32 65825DC78742A89C59C1184D9D36091B 147456 ----a-w- C:\windows\Sysnative\appidpolicyconverter.exe
2015-09-09 08:14:32 2BFD9C958A2E08D6486FB2A688D2F2F4 616360 ----a-w- C:\windows\Sysnative\winresume.efi
2015-09-09 08:14:32 21267F39EAB62396E79C80089E912DA9 692672 ----a-w- C:\windows\Sysnative\winload.efi
2015-09-09 08:14:32 1CE43325025DECB0035A55720814A7A3 59392 ----a-w- C:\windows\Sysnative\appidapi.dll
2015-09-09 08:14:31 173C90AF5B243B4DD86F95CA154CB58A 32768 ----a-w- C:\windows\Sysnative\appidsvc.dll
2015-09-09 08:14:29 7EA98A87FBFCAD2E0650EA1F1AB51D88 17920 ----a-w- C:\windows\Sysnative\appidcertstorecheck.exe
2015-09-09 08:14:29 056C9A75342F6545A4B864B9C703E380 63488 ----a-w- C:\windows\Sysnative\setbcdlocale.dll
2015-09-09 08:13:54 891D1D6C4B8D4E929F247F97C6214C9A 3209216 ----a-w- C:\windows\Sysnative\win32k.sys
2015-09-09 08:13:53 AA9DF61A0B6A39EF36C3393DDE325F58 14336 ----a-w- C:\windows\Sysnative\dciman32.dll
2015-09-09 08:13:53 92828C27E59DCC79AD70681DC70C3A41 100864 ----a-w- C:\windows\Sysnative\fontsub.dll
2015-09-09 08:13:53 774236E3A89C838E774241CD2B66791B 372736 ----a-w- C:\windows\Sysnative\atmfd.dll
2015-09-09 08:13:53 5E258B6D3D1A6F038A757FB70BA78037 46080 ----a-w- C:\windows\Sysnative\atmlib.dll
2015-09-09 08:13:53 0E8D254B70E880F032036BFD45266754 41984 ----a-w- C:\windows\Sysnative\lpk.dll
2015-09-09 08:13:44 F8CE5FBDA334941FB1034D1DAF6F9301 3165696 ----a-w- C:\windows\Sysnative\wucltux.dll
2015-09-09 08:13:44 39D604E190DFE2E483B637D6796ABAFF 2606080 ----a-w- C:\windows\Sysnative\wuaueng.dll
2015-09-09 08:13:43 F78B95558E150F8DBA1DBE873C8FADCA 192000 ----a-w- C:\windows\Sysnative\wuwebv.dll
2015-09-09 08:13:43 E466B59224B351EB0F51D30477F0FE59 696320 ----a-w- C:\windows\Sysnative\wuapi.dll
2015-09-09 08:13:43 CE08490157D7C871A4F1E9D8057EC2A1 139776 ----a-w- C:\windows\Sysnative\wuauclt.exe
2015-09-09 08:13:43 A6ACBEF520B03C4CF251C869B9912EDE 12288 ----a-w- C:\windows\Sysnative\wu.upgrade.ps.dll
2015-09-09 08:13:43 6F53D7D35C390B8A1C8761A8BF307690 98304 ----a-w- C:\windows\Sysnative\wudriver.dll
2015-09-09 08:13:43 292F9D085D79C09973C55007FBBDFB4B 36864 ----a-w- C:\windows\Sysnative\wups.dll
2015-09-09 08:13:43 1559BBD74DA38146373727FE368A65C6 37888 ----a-w- C:\windows\Sysnative\wups2.dll
2015-09-09 08:13:43 0C22CADE768D444A4CC0DA273486EDFA 91136 ----a-w- C:\windows\Sysnative\WinSetupUI.dll
2015-09-09 08:13:43 04ABD36541EB9B8070CDAFF933EAB4E5 37376 ----a-w- C:\windows\Sysnative\wuapp.exe
2015-08-31 14:56:28 82AC2521953A63DE85326D4968113387 1756424 ----a-w- C:\windows\Sysnative\nvspbridge64.dll
2015-08-31 14:56:28 451BBFCBF01D8482D03FEC823A2164CC 1710568 ----a-w- C:\windows\Sysnative\nvspcap64.dll
2015-08-31 14:55:49 8C2EA8D121595B18BD26D8A2E2E0A276 72504 ----a-w- C:\windows\Sysnative\nvaudcap64v.dll
====== C:\windows\Sysnative\drivers =====
2015-09-09 19:53:24 DF2213CF2DD81B790B85541D138D93C7 11089200 ----a-w- C:\windows\Sysnative\drivers\nvlddmkm.sys
2015-09-09 08:14:29 A0711D119BA4B48A1470C768D301013E 61440 ----a-w- C:\windows\Sysnative\drivers\appid.sys
2015-08-31 14:55:49 35DFC12FD7E44B7CB8CCD7E5A2B3975A 50472 ----a-w- C:\windows\Sysnative\drivers\nvvad64v.sys
2015-08-20 01:25:30 E4DC0909B5EACB5BF50F6252095BCFF2 155584 ----a-w- C:\windows\Sysnative\drivers\ksecpkg.sys
2015-08-20 01:25:30 A405647429DE231CD954D93F792CFBA2 95680 ----a-w- C:\windows\Sysnative\drivers\ksecdd.sys
2015-08-20 01:25:29 7D65B5E9573A26C204AA547457DBF544 129024 ----a-w- C:\windows\Sysnative\drivers\mrxsmb20.sys
2015-08-20 01:25:29 62CEA59FF56B66154E08BD51D87392C2 290816 ----a-w- C:\windows\Sysnative\drivers\mrxsmb10.sys
2015-08-20 01:25:29 43E1F4B0EFDC244D2A83995CCD7846F7 159232 ----a-w- C:\windows\Sysnative\drivers\mrxsmb.sys
====== C:\windows\Tasks ======
====== C:\windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-08-22 23:09:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2015-08-21 11:01:19 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype
2015-08-21 11:01:18 -------- d-----r- C:\PROGRA~2\Skype
======= C: =====
====== C:\Users\Juha\AppData\Roaming ======
2015-09-04 10:31:51 -------- d-----w- C:\Users\Juha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-31 14:56:14 -------- d-----w- C:\Users\Juha\AppData\Local\NVIDIA
2015-08-22 23:09:22 -------- d-----w- C:\Users\Juha\AppData\Roaming\Sun
====== C:\Users\Juha ======
2015-08-31 14:54:52 88AA4685315A33242594D602BA9542B8 37815192 ----a-w- C:\Users\Juha\Downloads\GeForce_Experience_v2.5.14.5.exe
2015-08-23 10:39:27 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\.oracle_jre_usage
2015-08-22 23:09:21 -------- d-----w- C:\Users\Juha\.oracle_jre_usage
2015-08-21 11:01:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

====== C: exe-files ==
2015-09-09 19:55:47 06CB08315E48D329EDFDD7099F1B5EEB 8316536 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe
2015-09-09 19:55:46 B624EA0828B48A724B95098272A025DE 1866872 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
2015-09-09 19:55:46 952BBA89EDD248A19F0EF4D912FDC338 2579064 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe
2015-09-09 19:55:46 89123DFAC7E1E6E664D19622D135571B 410744 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2015-09-09 19:55:46 86DD7FEEB0A06059557D9D61DC318A15 1067128 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe
2015-09-09 19:55:46 2AF8F7577DD6C67A51227799BE35F21D 785528 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe
2015-09-09 19:55:46 184D66F6E596D359CCECDE02A0A4A6E2 896120 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe
2015-09-09 19:55:46 027583773794EB3BFBBD85723EB8D77A 437368 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe
2015-09-09 19:53:26 54EFA693F1E2AA96E7085B80C7ECEBC2 18849624 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{1F9919A8-0867-4505-8AC8-0241C039848B}\3DVision.exe
2015-09-09 19:53:19 CD79C7D21BA766819052FD1363C7F0EA 95387840 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{DC2FB120-520E-4C30-B45C-E52379B8C9C6}\NvCplSetupInt.exe
2015-09-09 19:53:15 492D32EA6E02B0BDF6C47F04F408E848 448120 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{DC2FB120-520E-4C30-B45C-E52379B8C9C6}\dbInstaller.exe
2015-09-09 19:53:15 492D32EA6E02B0BDF6C47F04F408E848 448120 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe
2015-09-09 19:52:40 5B886015E9D392FB2BFC2C93F7FF16F2 1872504 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\installer.{990E5F0E-9A41-48BF-986D-6A6BD7ACFCAC}\NVNetworkService.exe
2015-09-09 16:27:12 929660582400A33B22AA006EDBD08393 46208048 ----a-w- C:\Program Files (x86)\Heroes of the Storm\Versions\Base37569\HeroesOfTheStorm_x64.exe
2015-09-09 16:27:12 71C7B07AD566C2F99836D48B2B25F58C 45470256 ----a-w- C:\Program Files (x86)\Heroes of the Storm\Versions\Base37569\HeroesOfTheStorm.exe
2015-09-09 08:16:05 7405A1D2E87A372590E4651F65FD51CF 2164224 ----a-w- C:\Program Files\Windows Journal\Journal.exe
2015-09-09 08:16:04 4DD6093F5264724B7AF5C9F7B4826327 51200 ----a-w- C:\Program Files\Windows Journal\PDIALOG.exe
2015-09-09 08:15:54 AD1C0DB9A9354840EB2D1C70B400B9EF 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-09-09 08:15:53 E47457275305DCF57BD49018BEF00517 816744 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-09-09 08:15:53 C4C751BD35DDAC04CB2638F6C766FC47 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2015-09-09 08:15:53 74188984D3FEA2AF4654819DBBB866D4 473600 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-09-09 08:15:52 E602B76F039401B152E5F87553D268A4 491008 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2015-09-09 08:15:51 433ED9FCAF876C86478436C3FA69184D 817240 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
=== C: other files ==
2015-09-09 19:53:25 5FAE3141271AAF8A43951487C973825D 454752 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{12B753C2-835B-4A6A-AC44-ABCD3BA823C8}\nvstusb32.sys
2015-09-09 19:53:25 43DB182DC821C322C9EE8E936B82D8FB 469688 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{12B753C2-835B-4A6A-AC44-ABCD3BA823C8}\nvstusb64.sys
2015-09-09 19:53:24 F38FA119FBFCEC7ADC062E6244440E44 136624 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{ABF1DB97-ED49-4A3B-969E-D0CBE6DA7BD6}\nvhda32.sys
2015-09-09 19:53:24 DF2213CF2DD81B790B85541D138D93C7 11089200 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2015-09-09 19:53:24 B9E5A80F646DDFEF158773722A466EA3 204648 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{ABF1DB97-ED49-4A3B-969E-D0CBE6DA7BD6}\nvhda64v.sys
2015-09-09 19:53:24 7F17CB0F4AD4B30703BBC0529D35D1F0 171352 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{ABF1DB97-ED49-4A3B-969E-D0CBE6DA7BD6}\nvhda32v.sys
2015-09-09 19:53:24 66BC79AEBAAA9B6B3ED4616E2F359B88 171352 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{ABF1DB97-ED49-4A3B-969E-D0CBE6DA7BD6}\nvhda64.sys
2015-09-09 08:14:29 A0711D119BA4B48A1470C768D301013E 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
2015-09-09 08:13:54 891D1D6C4B8D4E929F247F97C6214C9A 3209216 ----a-w- C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3593363412-4209830269-3190633874-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"Dropbox Update"="C:\Users\Juha\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"Dropbox Update"="C:\Users\Juha\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"hkey"="HKLM"
"item"="Adobe ARM"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage]
"command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\3.0.104.216\\AsusWSPanel.exe /S"
"hkey"="HKLM"
"item"="ASUSWebStorage"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RtkNGUI64.exe -s"
"hkey"="HKLM"
"item"="RTHDVCPL"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
"backup"="C:\\Windows\\pss\\AsusVibeLauncher.lnk.CommonStartup"
"command"="C:\\PROGRA~2\\ASUS\\AsusVibe\\ASUSVI~2.EXE /start"
"item"="AsusVibeLauncher"
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\AsusVibeLauncher.lnk"
"backupExtension"=".CommonStartup"


==== Startup Folders ======================

2015-03-10 11:53:40 1142 ----a-w- C:\Users\Juha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12.08.2015 15:14]
C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-3593363412-4209830269-3190633874-1001Core.job --a------ C:\Users\Juha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [19.06.2015 14:25]
C:\windows\tasks\DropboxUpdateTaskUserS-1-5-21-3593363412-4209830269-3190633874-1001UA.job --a------ C:\Users\Juha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [19.06.2015 14:25]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31.08.2015 22:19]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31.08.2015 22:19]

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3593363412-4209830269-3190633874-1001Core" [C:\Users\Juha\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-3593363412-4209830269-3190633874-1001UA" [C:\Users\Juha\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\ASUS\ASUS AI Suite II Execute" [C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Juha\AppData\Roaming\Mozilla\Firefox\Profiles\1u48w610.default-1355238309841
user_pref("browser.startup.homepage", "https://dub130.mail....default.aspx");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"[email protected]"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [03.08.2015 12:47]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Juha\AppData\Roaming\Mozilla\Firefox\Profiles\1u48w610.default-1355238309841
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Juha\AppData\Roaming\Mozilla\Firefox\Profiles\1u48w610.default-1355238309841
EC55112EDB2CE5BC2BFCACDB9C2150F4 - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll - Shockwave Flash
EF3CA2A515FEC970E22D2C424A42401E - C:\Users\Juha\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player


==== Chromium Look ======================

Google Chrome Version: 45.0.2454.85

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[17.03.2015 14:05]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17.03.2015 14:05]

AdBlock - Juha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Juha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Juha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Google Docs - Juha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Juha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Juha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Juha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Docs Offline - Juha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Avast Online Security - Juha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Web Store Payments - Juha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Juha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.bing.com"
"Search Bar"="http://www.bing.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/...ox&FORM=IESR02"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on pe 11.09.2015 at 13:57:14,03 ======================

Attached Files


  • 0

#6
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, Pernaman.

A small request. Please copy and paste the content of the logs instead of attaching them :)

I can't find anything harmful in the log, but we'll do some more checks just to make sure.

Please follow the instructions below.

Step #1
Avast update

ZOEK says that your Avast is outdated. Please click the Avast's tray icon, then click Update in the menu that appears. If no updates are found then it's okay; if your program will be updated then please restart your system after that.

 
Step #2
INQmTSa.png Junkware Removal Tool
  • Download Junkware Removal Tool to your Desktop
  • Close any open windows
  • Disable your Antivirus program (click here if you don't know how to do this)
  • Double click JRT.exe on your desktop to run it
  • Click any button to start the scan
  • Wait for Junkware Removal Tool to finish the scan
  • When the scan is finished, JRT.txt will be saved to your desktop and it will automatically open
  • Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
 
Step #3
LHBIenm.pngAdwCleaner
  • Download AdwCleaner to your Desktop.
  • Close any open windows
  • Double click AdwCleaner.exe on your desktop to run it
  • Click the OvD9RYN.png button
  • Wait for AdwCleaner to finish the scan
  • When the scan is finished, there will be "Pending. Please uncheck elements you don't want to remove" message. Leave everything as it is and click 5W2Ci1o.png button.
  • When the cleaning is finished, the program will ask you to reboot the system. Please do so.
  • Once your machine has rebooted, a Notepad window will be opened. If it won't, you can find it in C:\AdwCleaner. The report will be saved as AdwCleaner[C1].txt.
  • Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
Remember to enable your Antivirus program once you're done!

 
EOEdyWG.png Things that should appear in your next post:
  • Did Avast perform any updates?
  • JRT.txt log content
  • AdwCleaner log content

  • 0

#7
Pernaman

Pernaman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Thanks for quick reply!

 

My Avast shows that it's updated to newest version, numpered 2015.10.3.2225, which according to Avast forum should be newest version, and program itself doesn't show any updates.

 

I'd still like to ask that is it ok to have all tool softwares mentioned above installed at the same time, as in will they collide with each other and should I remove them whatever I'm done with them and move to the next?


  • 0

#8
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
You don't have to remove them. Once you're finished with the scan, you turn them off and they will just stay in the folders doing nothing unless you use them.

We will delete them once I tell you that we're done.
  • 0

#9
Pernaman

Pernaman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

This sure took much less time than I expected. Here are the logs:

 

JTR:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.1 (09.08.2015:1)
OS: Windows 7 Home Premium x64
Ran by Juha on pe 11.09.2015 at 15:10:27,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Juha\AppData\Roaming\mozilla\firefox\profiles\1u48w610.default-1355238309841\minidumps [332 files]



~~~ Chrome


[C:\Users\Juha\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Juha\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Juha\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Juha\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pe 11.09.2015 at 15:12:50,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

AdwCleaner:

 

# AdwCleaner v5.007 - Logfile created 11/09/2015 at 15:14:57
# Updated 08/09/2015 by Xplode
# Database : 2015-09-10.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Juha - JUHA-MATIAS-PC
# Running from : C:\Users\Juha\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [625 bytes] ##########
 


  • 0

#10
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
So far so good :)

ESET Online Scanner will be installed on your system, but don't worry, once we're done you'll be free to remove it.

Step #1
JHlUMFt.png Malwarebytes Anti-Malware

I can see that you currently have Malwarebytes Anti-Malware installed on your computer. We'll use it.
  • Launch Malwarebytes Anti-Malware
  • In Database version section, click Update Now
  • Once the update is done, click Settings>Detection and Protection
  • Make sure that all three boxes under Detection Options are checked
    vG7pLOy.png
  • Go back to Dashboard and click the big, green Scan Now button.
  • Wait for Malwarebytes Anti-Malware to finish the scan
  • If the program will detect anything, click Remove Selected. The program might want to reboot the system. Allow it it wants to.
  • Once the deletion is done (or after reboot), go to History, select Application Logs and click the latest Scan Log.
  • Click Export, then click Copy to Clipboard.
  • Paste (CTRL+V) the log into your next reply.
 
Step #2
jyv2Te8.png ESET Online Scanner
  • Note: This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox
  • Disable your Antivirus program (click here if you don't know how to do this).
  • Visit ESET site
  • Click RYa1k8g.png
  • When using:
    • Internet Explorer:
      • Accept the Terms of Use and click Start
      • Allow the running of add-on
    • Other browsers:
      • Download esetsmartinstaller_enu.exe that you'll be given link to
      • Double click esetsmartinstaller_enu.exe
      • Allow the Terms of Use and click Start
  • Make sure that the options are set as the example below:
    temh2Om.png
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan
  • When the scan is done, click Finish
  • A log.txt file will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.
  • Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
Remember to enable your Antivirus program once you're done!

 
EOEdyWG.png Things that should appear in your next post:
  • Malwarebytes Anti-Malware log content
  • ESET Online Scanner log content

  • 0

Advertisements


#11
Pernaman

Pernaman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Malwarebytes didn't find anything, but ESET found something which I quess could be false positive?

 

Here's the log:

 

[email protected] as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=8e7cd0ada55398448a330edc214cd0fb
# end=init
# utc_time=2015-09-11 01:45:09
# local_time=2015-09-11 04:45:09 (+0200, Suomen kesäaika)
# country="Finland"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25714
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=8e7cd0ada55398448a330edc214cd0fb
# end=updated
# utc_time=2015-09-11 01:48:52
# local_time=2015-09-11 04:48:52 (+0200, Suomen kesäaika)
# country="Finland"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=8e7cd0ada55398448a330edc214cd0fb
# engine=25714
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-09-11 03:51:02
# local_time=2015-09-11 06:51:02 (+0200, Suomen kesäaika)
# country="Finland"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 259428 206407152 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 12919 193616512 0 0
# scanned=492738
# found=4
# cleaned=0
# scan_time=7329
sh=012CB3E628C9FAC1159A4BA01F79C6C905757FF9 ft=1 fh=2ab5bfb1b985039b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Juha\Downloads\ccsetup506.exe"
sh=BCA0BBDC1ECA7D7049B11DFDF06A731B0DEB0330 ft=1 fh=5d043d2b7dcbb6c6 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Juha\Downloads\ccsetup507.exe"
sh=AA7AFFCBDAF13C3872F32EACCF3BEFB92FD0FA80 ft=1 fh=02ff89afc7fa57e5 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Juha\Downloads\ccsetup508.exe"
sh=6F77F2137756740F4E632BDD7FDAE582929CB411 ft=1 fh=cd73fc9df274ad5b vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Juha\Downloads\ccsetup509.exe"
 


  • 0

#12
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Well it just shows that these CCleaner installers have an adware bundled (in case you don't untick some options they are installed.

Could you please post the MBAM log even if it didn't find anything? ;)
  • 0

#13
Pernaman

Pernaman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Could it be the mad/harmful thing since I've downloaded all installers directly from offical Piriform website?

 

And my apologies, here's MBAM log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11.9.2015
Scan Time: 16:22
Logfile:
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.09.11.05
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Juha

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 422949
Time Elapsed: 19 min, 50 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

EDIT: I quickly went and changed my MBAM to english and recopied the log


Edited by Pernaman, 11 September 2015 - 10:20 AM.

  • 0

#14
Nevan

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
It's a common thing when downloading free programs. If they put these ads there, they get paid for that. Not exactly a kind of behaviour that I encourage, but well... it's understandable - they want money.
You just have to be careful not to install these ads when installing tools. There's a program that does it for you; I'll mention it later.

It looks like your system is clean, but let's check if you have any outdated programs installed that may cause your system to be vulnerable.

bABuPc2.pngSecurity Check

Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.

 
As your logs look good, could you tell me if you have any other problems with your system that you'd like to mention?

 
EOEdyWG.png Things that should appear in your next post:
  • Checkup.txt log content
  • Answer to my question

  • 0

#15
Pernaman

Pernaman

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

SecurityCheck log here:

 

Results of screen317's Security Check version 1.008  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 EasyCleaner     
 Java 8 Update 51  
 Java 8 Update 60  
 Adobe Flash Player 18.0.0.232  
 Mozilla Firefox (40.0.3)
 Google Chrome (44.0.2403.157)
 Google Chrome (45.0.2454.85)
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

 

To answer your question, right now there's nothing else bothering me about my system. I simply wanted to make sure my system would be clean of infections. :)


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP