bengsi

Medlem

Visa profil Visa deras aktivitet

Innehållsantal
49
Gick med
Augusti 2, 2012
Besökte senast
Maj 16, 2013

Innehållstyp

All aktivitet

Profiler

Forum

Allt postat av bengsi

Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Okej. Tack så JÄTTEJÄTTEMYCKET för all hjälp!!!
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Och ytterligare en fil vid namn MBR.dat Allt ligger på skrivbordet.
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Och Malwarebytes, men det kanske jag ska ha kvar?
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Det är fortfarande program kvar som heter CCleaner, hosts-perm, TFC, SystemLook_x64, ccsetup321_slim och GMER.
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

McAfee och MBAM hittar ingenting
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

GODE GUD, ja, det funkade! Hade varit inne och ändrat till "se dolda filer" innan, men hade missat punkten med skyddade filsystem. Var lite krångel med att ändra behörighet, men till sist löste det sig. Okej, en sista koll och städning nu?
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Vet inte om jag har "kommit på" nåt nu, eller bara upprepar något uppenbart, men läste guiden nedan och följde instruktionerna. Nu kräver datorn lösenord för ALLA sidor (inte det som är problem, vet hur jag ordnar tillbaka). Skriver jag in lösenordet en gång kan jag se sidan jag vill till, men sedan kräver datorn lösenord en gång till. När jag då klickar cancel, dyker inte pop up-adsen upp. Har jag kommit något på spåren, eller är det bara ett "symptom"? Härifrån: http://forums.cnet.com/7723-6122_102-560709/recommended-for-you-popup-ads-in-the-browser/
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Dessutom har det ett antal gånger nu hänt att när jag klickat på en länk som jag VET är säker, att jag har skickats vidare till någon sida som jag varit snabb att klicka bort. Något som heller aldrig brukade hända innan.
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Microsoft Windows [Version 6.1.7601] Copyright © 2009 Microsoft Corporation. Med ensamrätt. C:\Users\Emma>tracert ad-emea.doubleclick.net Spårar väg till ad-emea.doubleclick.net. [78.46.61.26] över högst 30 hopp: 1 351 ms 98 ms 98 ms dsldevice.lan [192.168.1.1] 2 126 ms * * gw2-no200.tbcn.telia.com [90.225.125.1] 3 * * * Begäran gjorde timeout. 4 * * * Begäran gjorde timeout. 5 * * * Begäran gjorde timeout. 6 * * * Begäran gjorde timeout. 7 * * * Begäran gjorde timeout. 8 * * * Begäran gjorde timeout. 9 * * * Begäran gjorde timeout. 10 * * * Begäran gjorde timeout. 11 * * * Begäran gjorde timeout. 12 * * * Begäran gjorde timeout. 13 50 ms 44 ms 45 ms www.google-analytics.com. [78.46.61.26] Spårning utförd. C:\Users\Emma>
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Microsoft Windows [Version 6.1.7601] Copyright © 2009 Microsoft Corporation. Med ensamrätt. C:\Users\Emma>ipconfig /all IP-konfiguration för Windows Värddatornamn . . . . . . . . . . : Emma-VAIO Primärt DNS-suffix. . . . . . . . : Nodtyp. . . . . . . . . . . . . . : Hybrid IP-routning aktiverat . . . . . . : Nej WINS-proxy aktiverat. . . . . . . : Nej Söklista för DNS-suffix . . . . . : lan Ethernet-anslutning Anslutning till lokalt nätverk: Tillstånd . . . . . . . . . . . . : Frånkopplad Anslutningsspecifika DNS-suffix . : bredbandsbolaget.se Beskrivning . . . . . . . . . . . : Marvell Yukon 88E8059 PCI-E Gigabit Ether net Controller Fysisk adress . . . . . . . . . . : 54-42-49-00-D7-18 DHCP aktiverat. . . . . . . . . . : Ja Autokonfiguration aktiverat . . . : Ja Trådlös anslutning Trådlös nätverksanslutning: Anslutningsspecifika DNS-suffix . : lan Beskrivning . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter Fysisk adress . . . . . . . . . . : 2C-81-58-F3-B3-FC DHCP aktiverat. . . . . . . . . . : Ja Autokonfiguration aktiverat . . . : Ja Länklokal IPv6-adress . . . . . . : fe80::e9bf:4450:36d0:3a13%10(Standard) IPv4-adress . . . . . . . . . . . : 192.168.1.67(Standard) Nätmask . . . . . . . . . . . . . : 255.255.255.0 Lånet erhölls . . . . . . . . . . : den 6 augusti 2012 10:31:51 Lånet upphör. . . . . . . . . . . : den 6 augusti 2012 20:08:08 Standard-gateway. . . . . . . . . : 192.168.1.1 DHCP-server . . . . . . . . . . . : 192.168.1.1 IAID för DHCPv6 . . . . . . . . . : 184559198 DUID för DHCPv6-klient. . . . . . : 00-01-00-01-13-64-A3-ED-54-42-49-00-D7-18 DNS-servrar . . . . . . . . . . . : 192.168.1.1 NetBIOS över TCP/IP . . . . . . . : Aktiverat Tunnelanslutning: 6TO4 Adapter: Tillstånd . . . . . . . . . . . . : Frånkopplad Anslutningsspecifika DNS-suffix . : Beskrivning . . . . . . . . . . . : Microsoft 6to4 Adapter Fysisk adress . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP aktiverat. . . . . . . . . . : Nej Autokonfiguration aktiverat . . . : Ja Tunnelanslutning: isatap.lan: Tillstånd . . . . . . . . . . . . : Frånkopplad Anslutningsspecifika DNS-suffix . : lan Beskrivning . . . . . . . . . . . : Microsoft ISATAP Adapter Fysisk adress . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP aktiverat. . . . . . . . . . : Nej Autokonfiguration aktiverat . . . : Ja Tunnelanslutning: Anslutning till lokalt nätverk* 22: Anslutningsspecifika DNS-suffix . : Beskrivning . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Fysisk adress . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP aktiverat. . . . . . . . . . : Nej Autokonfiguration aktiverat . . . : Ja IPv6-adress . . . . . . . . . . . : 2001:0:5ef5:79fd:24a3:83b:b1ba:e662(Stand ard) Länklokal IPv6-adress . . . . . . : fe80::24a3:83b:b1ba:e662%27(Standard) Standard-gateway. . . . . . . . . : :: NetBIOS över TCP/IP . . . . . . . : Inaktiverat Tunnelanslutning: isatap.bredbandsbolaget.se: Tillstånd . . . . . . . . . . . . : Frånkopplad Anslutningsspecifika DNS-suffix . : Beskrivning . . . . . . . . . . . : Microsoft ISATAP Adapter #3 Fysisk adress . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP aktiverat. . . . . . . . . . : Nej Autokonfiguration aktiverat . . . : Ja C:\Users\Emma>
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

SystemLook 30.07.11 by jpshortstuff Log created at 19:33 on 06/08/2012 by Emma Administrator - Elevation successful ========== dir ========== C:\windows\system32\drivers\etc - Parameters: "(none)" ---Files--- hosts -rahs-- 1392 bytes [02:34 14/07/2009] [22:49 01/08/2012] hosts.txt --a---- 794 bytes [10:58 03/08/2012] [10:59 03/08/2012] lmhosts.sam --a---- 3683 bytes [02:35 14/07/2009] [21:00 10/06/2009] networks --a---- 407 bytes [02:34 14/07/2009] [21:00 10/06/2009] protocol --a---- 1358 bytes [02:34 14/07/2009] [21:00 10/06/2009] services --a---- 17463 bytes [02:34 14/07/2009] [21:00 10/06/2009] ---Folders--- None found. C:\Windows\SysNative\drivers\etc - Unable to find folder. -= EOF =-
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Problemet med annonserna kom efter att jag blivit av med Security Shield. Dvs. första gången jag kunde starta datorn utan att Security Shield visade sig, dök istället annonserna upp när jag gick ut på internet. Med andra ord hade jag inga problem alls innan i torsdags.
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Är det risk med en systemåterställning även om man väljer en punkt som var långt innan infektionen?
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

OTL logfile created on: 06/08/2012 18:25:47 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Emma\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 3.86 Gb Total Physical Memory | 2.43 Gb Available Physical Memory | 63.11% Memory free 7.71 Gb Paging File | 5.48 Gb Available in Paging File | 71.07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.45 Gb Total Space | 259.64 Gb Free Space | 57.51% Space Free | Partition Type: NTFS Computer Name: EMMA-VAIO | User Name: Emma | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Emma\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Personal\bin\Personal.exe (Technology Nexus AB) PRC - C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) PRC - C:\Program Files (x86)\ekort\ekort.exe (Orbiscom Ltd. All rights reserved.) PRC - C:\Windows\SysWOW64\OBroker.exe () PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_sv_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\SysWOW64\OBroker.exe () MOD - C:\Program Files (x86)\ekort\EkortRes.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.) SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe () SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe () SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation) SRV:64bit: - (VCService) -- C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (TabletService) -- C:\Windows\SysNative\Tablet.exe (Wacom Technology, Corp.) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions) SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.) DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.) DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.) DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.) DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.) DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.) DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.) DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys () DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology) DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheritage.com?orig=ds&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 09 E9 1E C5 26 73 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{1B75A58B-EF69-4423-930F-4D1373A6B54F}: "URL" = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll () FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ekort@orbiscom: C:\Program Files (x86)\ekort [2011/04/14 13:30:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/06/29 13:39:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/07/25 18:24:48 | 000,000,000 | ---D | M] O1 HOSTS File: ([2012/08/02 00:49:50 | 000,001,392 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 78.46.61.26 www.google-analytics.com. O1 - Hosts: 78.46.61.26 ad-emea.doubleclick.net. O1 - Hosts: 78.46.61.26 www.statcounter.com. O1 - Hosts: 108.163.215.51 www.google-analytics.com. O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net. O1 - Hosts: 108.163.215.51 www.statcounter.com. O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120629133947.dll (McAfee, Inc.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120629133947.dll (McAfee, Inc.) O2 - BHO: (e-kort Helper Class) - {9065E913-4F23-4B47-9B5D-B055D32DB1F3} - C:\Program Files (x86)\ekort\EKortHelper.dll () O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (e-kort Toolbar) - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program Files (x86)\ekort\EKortToolbar.dll () O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart File not found O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [browserChoice] "C:\Windows\System32\browserchoice.exe" /run File not found O4 - HKCU..\Run: [spotify Web Helper] C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () O4 - Startup: C:\Users\Emma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} http://www.turntool.com/ViewerInstall.exe (TurnTool Scene) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.fujidirekt.se/aurigma/ImageUploader5.cab (Image Uploader Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36601CEE-D5D8-49CC-9878-7011DD745294}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D7BD819-48F2-4E64-8CDB-988BAD52DF69}: DhcpNameServer = 195.54.122.199 195.54.122.204 O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012/08/06 17:44:57 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Emma\Desktop\OTL.exe [2012/08/06 11:00:12 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Local\Mozilla [2012/08/06 11:00:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/08/06 10:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2012/08/06 10:32:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/08/06 10:25:20 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/08/05 21:01:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012/08/05 21:01:00 | 000,000,000 | ---D | C] -- C:\Config.Msi [2012/08/05 19:20:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012/08/05 19:19:09 | 002,975,336 | ---- | C] (Piriform Ltd) -- C:\Users\Emma\Desktop\ccsetup321_slim.exe [2012/08/05 18:12:01 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Roaming\f-secure [2012/08/05 18:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure [2012/08/05 14:25:15 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Roaming\TuneUp Software [2012/08/05 14:24:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012/08/05 14:23:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012/08/05 14:23:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012/08/05 13:03:34 | 000,000,000 | R--D | C] -- C:\Users\Emma\Documents\Favorites [2012/08/03 15:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012/08/03 13:58:17 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Emma\Desktop\TFC.exe [2012/08/03 12:24:48 | 000,000,000 | ---D | C] -- C:\Users\Emma\Desktop\RK_Quarantine [2012/08/03 11:30:25 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Emma\Desktop\aswMBR.exe [2012/08/03 09:49:29 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Emma\Desktop\dds.scr [2012/08/02 22:00:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/08/02 22:00:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/08/02 22:00:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/08/02 21:55:04 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/08/02 21:54:31 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012/08/02 21:49:04 | 004,725,168 | R--- | C] (Swearware) -- C:\Users\Emma\Desktop\ComboFix.exe [2012/08/02 20:06:31 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Roaming\Malwarebytes [2012/08/02 20:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/08/02 20:06:21 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/08/02 20:06:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/08/02 20:06:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/08/02 20:03:58 | 000,000,000 | ---D | C] -- C:\Users\Emma\Desktop\rkill-backup [2012/08/02 00:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\7531CC77000844B0C9AE2DF4F875F002 [2012/07/24 22:47:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012/07/24 13:22:36 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Emma\Desktop\TDSSKiller.exe [2012/07/17 17:18:06 | 000,000,000 | ---D | C] -- C:\Users\Emma\Desktop\BRIGHTON BECKS [2012/07/13 20:13:29 | 000,000,000 | ---D | C] -- C:\Users\Emma\Documents\Brighton [2012/07/12 23:39:03 | 000,000,000 | ---D | C] -- C:\Users\Emma\Documents\mythical-creatures-assets-package_2 [2012/07/12 22:05:44 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012/07/12 22:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2012/07/12 22:00:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2012/07/12 21:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012/07/12 21:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012/07/12 20:50:37 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/07/12 20:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant [2012/07/12 20:50:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR ========== Files - Modified Within 30 Days ========== [2012/08/06 18:41:02 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/08/06 17:50:00 | 000,001,008 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/08/06 17:45:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Emma\Desktop\OTL.exe [2012/08/06 16:38:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/08/06 14:09:51 | 000,000,824 | ---- | M] () -- C:\Users\Emma\Desktop\hosts [2012/08/06 10:40:11 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/06 10:40:11 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/06 10:37:03 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk [2012/08/06 10:32:17 | 000,001,004 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/08/06 10:31:37 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2012/08/06 09:50:25 | 004,725,168 | R--- | M] (Swearware) -- C:\Users\Emma\Desktop\ComboFix.exe [2012/08/05 20:23:19 | 001,466,674 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/08/05 20:23:19 | 000,626,006 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat [2012/08/05 20:23:19 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/08/05 20:23:19 | 000,124,128 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat [2012/08/05 20:23:19 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/08/05 20:10:01 | 000,003,240 | ---- | M] () -- C:\Users\Emma\Desktop\Attach.zip [2012/08/05 19:20:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/08/05 19:19:25 | 002,975,336 | ---- | M] (Piriform Ltd) -- C:\Users\Emma\Desktop\ccsetup321_slim.exe [2012/08/05 18:45:55 | 000,000,134 | ---- | M] () -- C:\Users\Emma\Desktop\hosts-perm.bat [2012/08/05 17:31:21 | 000,003,664 | ---- | M] () -- C:\bootsqm.dat [2012/08/03 13:58:18 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Emma\Desktop\TFC.exe [2012/08/03 12:23:10 | 001,552,384 | ---- | M] () -- C:\Users\Emma\Desktop\RogueKiller.exe [2012/08/03 11:35:23 | 000,000,512 | ---- | M] () -- C:\Users\Emma\Desktop\MBR.dat [2012/08/03 11:30:53 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Emma\Desktop\aswMBR.exe [2012/08/03 11:21:38 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Emma\Desktop\TDSSKiller.exe [2012/08/03 09:49:29 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Emma\Desktop\dds.scr [2012/08/02 20:06:22 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/08/02 00:49:50 | 000,001,392 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/08/01 15:41:35 | 000,423,053 | ---- | M] () -- C:\Users\Emma\Documents\kvitto lensway.xps [2012/08/01 09:50:36 | 000,244,774 | ---- | M] () -- C:\test.xml [2012/07/18 16:58:10 | 035,852,793 | ---- | M] () -- C:\Users\Emma\Documents\OnFire_chapter1.pdf [2012/07/15 14:02:17 | 005,002,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/07/14 21:40:44 | 002,640,603 | ---- | M] () -- C:\Users\Emma\Documents\hallelujah.wma [2012/07/12 20:50:34 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk ========== Files Created - No Company Name ========== [2012/08/06 14:09:51 | 000,000,824 | ---- | C] () -- C:\Users\Emma\Desktop\hosts [2012/08/05 20:10:01 | 000,003,240 | ---- | C] () -- C:\Users\Emma\Desktop\Attach.zip [2012/08/05 19:20:46 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/08/05 18:45:55 | 000,000,134 | ---- | C] () -- C:\Users\Emma\Desktop\hosts-perm.bat [2012/08/05 17:31:21 | 000,003,664 | ---- | C] () -- C:\bootsqm.dat [2012/08/03 12:23:08 | 001,552,384 | ---- | C] () -- C:\Users\Emma\Desktop\RogueKiller.exe [2012/08/03 11:35:23 | 000,000,512 | ---- | C] () -- C:\Users\Emma\Desktop\MBR.dat [2012/08/02 22:00:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/08/02 22:00:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/08/02 22:00:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/08/02 22:00:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/08/02 22:00:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/08/02 20:06:22 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/08/01 15:41:34 | 000,423,053 | ---- | C] () -- C:\Users\Emma\Documents\kvitto lensway.xps [2012/07/18 16:58:08 | 035,852,793 | ---- | C] () -- C:\Users\Emma\Documents\OnFire_chapter1.pdf [2012/07/14 21:44:15 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk [2012/07/14 21:43:26 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk [2012/07/14 21:40:44 | 002,640,603 | ---- | C] () -- C:\Users\Emma\Documents\hallelujah.wma [2012/07/12 22:02:08 | 000,001,650 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk [2012/07/12 22:00:51 | 000,001,518 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk [2012/07/12 21:59:44 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk [2012/07/12 21:59:07 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk [2012/07/12 21:53:46 | 000,001,353 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk [2012/07/12 21:53:31 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk [2012/07/12 21:53:06 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2012/07/12 20:50:34 | 000,001,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk [2012/07/12 20:50:34 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk [2011/11/23 15:33:54 | 000,000,272 | ---- | C] () -- C:\Users\Emma\AppData\Roaming\.backup.dm [2011/04/14 13:30:20 | 000,145,920 | ---- | C] () -- C:\Windows\SysWow64\OBroker.exe [2010/10/10 23:17:44 | 000,010,752 | ---- | C] () -- C:\Users\Emma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/09/11 00:11:38 | 000,000,004 | ---- | C] () -- C:\Users\Emma\AppData\Roaming\wklnhst.dat ========== LOP Check ========== [2012/06/30 22:28:56 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Audacity [2010/07/11 19:01:41 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Auslogics [2012/04/07 13:09:41 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\BitZipper [2012/01/20 15:02:49 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Canon [2012/07/12 20:50:37 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/08/05 18:12:01 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\f-secure [2011/05/31 17:48:51 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Fit3DLive [2010/10/03 00:03:27 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Opera [2011/04/08 15:07:08 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Personal [2011/07/28 22:53:17 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\RenPy [2012/06/25 17:21:46 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\SanDisk [2012/07/18 00:01:40 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Spotify [2012/07/12 22:05:44 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010/09/11 00:12:40 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Template [2012/08/05 14:25:15 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\TuneUp Software [2012/08/05 20:06:18 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\uTorrent [2011/01/10 16:24:43 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Windows Live Writer [2012/08/05 19:14:23 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2012/08/05 17:31:21 | 000,003,664 | ---- | M] () -- C:\bootsqm.dat [2012/08/06 10:25:03 | 000,021,049 | ---- | M] () -- C:\ComboFix.txt [2012/08/06 10:31:37 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2012/08/06 10:31:40 | 4141,977,600 | -HS- | M] () -- C:\pagefile.sys [2010/01/13 16:29:30 | 000,000,073 | ---- | M] () -- C:\splash.idx [2012/08/03 11:24:41 | 000,139,310 | ---- | M] () -- C:\TDSSKiller.2.7.48.0_03.08.2012_11.23.17_log.txt [2012/08/01 09:50:36 | 000,244,774 | ---- | M] () -- C:\test.xml [2009/12/15 13:53:48 | 000,003,872 | ---- | M] () -- C:\version < %systemroot%\system32\*.wt > < %systemroot%\system32\*.ruy > < %systemroot%\Fonts\*.com > [2009/07/14 07:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont [2009/07/14 07:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont [2009/07/14 07:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont [2009/07/14 07:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont < %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini > [2009/06/10 22:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini < %systemroot%\Fonts\*.ini2 > < %systemroot%\Fonts\*.exe > < %systemroot%\system32\spool\prtprocs\w32x86\*.* > < %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.jpg > < %systemroot%\*.png > < %systemroot%\*.scr > [2012/03/08 18:37:20 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > [2010/04/24 14:29:23 | 000,001,814 | --S- | M] () -- C:\Users\Emma\AppData\Roaming\Microsoft\LastFlashConfig.wfc < %PROGRAMFILES%\*.* > [2009/07/14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini < %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report > Extras.Txt
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

OTL Extras logfile created on: 06/08/2012 17:48:18 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Emma\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 3.86 Gb Total Physical Memory | 2.64 Gb Available Physical Memory | 68.39% Memory free 7.71 Gb Paging File | 5.60 Gb Available in Paging File | 72.58% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.45 Gb Total Space | 259.64 Gb Free Space | 57.51% Space Free | Partition Type: NTFS Computer Name: EMMA-VAIO | User Name: Emma | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{173E726E-C763-4F39-9D34-14F75868832B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{28A09FA6-A1A0-460A-B3ED-1B4BE30BEB25}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{2B262F65-9AA8-484A-8AD8-5E63C9ACC7D0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2FDBD31C-D0B8-434E-BEFD-275047DE6022}" = lport=138 | protocol=17 | dir=in | app=system | "{3B2A31C8-AEF5-4EAE-BF9A-A9DF81504BD1}" = lport=445 | protocol=6 | dir=in | app=system | "{3FC74F5C-23A3-42DE-A1C8-C1B5FAB6E664}" = lport=139 | protocol=6 | dir=in | app=system | "{45F85A10-B218-408D-8CAB-B34D5B347284}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{545D74E0-EE70-42C2-B31B-E06ADF7733D3}" = rport=138 | protocol=17 | dir=out | app=system | "{65F672A0-EAAF-4875-8E30-F728F6F131FD}" = lport=2869 | protocol=6 | dir=in | app=system | "{67B445C3-CC03-4DBE-ABD2-6BCB5D737A40}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{685AFF91-EA0F-4657-9A21-A2199A250586}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{6D44E3BA-727B-4CF5-92E9-0DB0D9FD33DA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7F11A23E-DD25-4D6B-A1F8-F897C20BE0FD}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{880E84C9-E55E-46FA-974B-3D59776A4C13}" = lport=137 | protocol=17 | dir=in | app=system | "{8BA42885-5CEC-4381-B328-92211D1FFFDA}" = rport=137 | protocol=17 | dir=out | app=system | "{9D6BA8F2-F5BF-4705-926D-2D36D780186D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{A25A6369-F05F-463B-BA3D-8B6B97C2C50E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{AAD9CA4B-8433-406F-95A5-D10AC7680388}" = lport=2869 | protocol=6 | dir=in | app=system | "{AEC69A38-F4A8-4092-ADC6-A4245766628A}" = lport=10243 | protocol=6 | dir=in | app=system | "{B21909C0-EC05-409C-9372-222382687EA9}" = rport=139 | protocol=6 | dir=out | app=system | "{D30B3FAE-437B-415E-AA6C-6D881EB619F7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{E1C61DCC-A1F6-4884-A1A4-3E7060808F88}" = rport=445 | protocol=6 | dir=out | app=system | "{EE3A3F95-D54B-4CA5-8026-E9106247DDAC}" = rport=10243 | protocol=6 | dir=out | app=system | "{F5762939-047D-4F8F-A26E-8BC32B62CF5F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{FFE675FF-AB2F-4156-8565-E8BCBE01448C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0964731C-A534-4D13-9B23-A1FB8A5FFC96}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{0F44C7DB-7C94-4F88-9656-46CB4466B94C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{1281AACB-3F57-40CC-84C7-F05DF978FBB2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{137EF48A-6B1B-4C10-939B-066D516CA227}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{1CAC4890-9BDD-4071-A6A7-DC9843A28D84}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{1F6488BF-B368-46D2-B212-C12B21D6FC73}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{210410D8-E307-4CDC-998C-F9297AD12B38}" = protocol=6 | dir=out | app=system | "{26BF1C85-654B-41EA-B2E0-DBBB843AF1DB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{302DF6AD-FC22-40F8-AA42-515A21B5C08E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{30E77DBF-3E34-4E6A-906F-642AD9522955}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{3BFB0708-E6B4-4908-A617-1DB805D5E54C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{435A1B51-E807-4604-9444-81E8C3BA7752}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{4D18DDBF-D0EA-4692-85DE-587A89DEEA04}" = protocol=58 | dir=in | app=system | "{5457857E-4AEC-4467-A601-B8BF95BDD092}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{57ED467C-3420-40D9-BAC6-449208D4510F}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{626C3850-43B6-49AB-861D-5F576B8DAF94}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{78C0543C-7709-45A3-98F3-095CBF831067}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{8767BDB6-1E91-438B-88BD-E5A68DFD54C2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{9A1FCB1D-9B6B-4139-A5AA-2283BBB87753}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A1A30DD6-864F-49B5-B594-8F2B8B016913}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{AEE598C7-B358-4725-BC92-91B8996C3A92}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B9D0C3D5-500E-4FE3-B2CA-C920AEB8239B}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{BAB3C80D-580E-4809-AE23-7F9F83CF44CE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{D19EB56C-8B21-4CCC-9228-5138E41D0927}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D96F18A4-8C1B-463F-9E2D-D48C61CBE473}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{DB11027E-1347-4673-BDE1-02660CDF9322}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{DD7DB7AF-5E03-4847-9B60-AB6DA5913BD8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E5714268-1063-462D-B7C8-EBD6442BEAB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{E6BD7EAB-7897-4087-A91A-523D50390246}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{EEAB42BB-16C0-471C-822A-15C4AE785587}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{F9ACB208-53F3-484F-8C2A-A6C9B2969444}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{FB1D0263-049A-4F56-B99F-4CEF2FC91852}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{FEF8699E-99AF-4007-B38C-FB3F6FA4785F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP260_series" = Canon MP260 series MP Drivers "{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64 "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java 6 Update 16 (64-bit) "{393A9268-A428-4F5A-9B20-BD753309A98E}" = Click to Disc MergeModules x64 "{3F2A8756-C008-43D7-8E1D-7300AA394549}" = Windows Live Family Safety "{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8CD311D9-CE40-2D2C-89CB-EED5027D9ED9}" = ccc-utility64 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-002A-041D-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Swedish) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{96CC6DCC-8EBA-3F85-899B-933F599C4142}" = Microsoft .NET Framework 4 Client Profile SVE Language Pack "{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99}" = VAIO Movie Story MergeModules x64 "{CC2B71CC-F0FB-7E59-2ACD-614F7FB5D5F2}" = ATI Catalyst Install Manager "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) "930E4792BDAEAFB62A9514EE7578775658A5D07C" = Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile SVE Language Pack" = Microsoft .NET Framework 4 Client Profile Language Pack - SVE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care "{01169717-5E26-9395-A544-DC9098896147}" = Catalyst Control Center InstallProxy "{012005D4-E3EF-1B6C-AF73-5CD654F7C566}" = CCC Help Spanish "{0712E505-7C49-F24B-C526-53D13B070397}" = Catalyst Control Center Graphics Previews Vista "{077AFFE9-BC8B-7811-0EEF-632D31E49C87}" = Catalyst Control Center Graphics Full New "{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}" = Canon PhotoRecord "{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B4F37D9-951B-B4C0-31FD-06304092DD70}" = CCC Help Norwegian "{12D0BE8D-538C-4AB1-86DE-C540308F50DA}" = VAIO Content Metadata Manager Settings "{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer) "{1E450972-E996-4EC1-A4C3-1518A46928D0}" = VAIO Content Metadata Intelligent Network Service Manager "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FD416D0-CC16-41D1-A25C-C9986CD8BBAB}" = VAIO Content Metadata Intelligent Analyzing Manager "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{208345BE-27BB-4367-B245-A5B6E764FDD0}" = VAIO Content Metadata Intelligent Analyzing Manager "{2110ECBD-BF15-4673-8852-8C68DDEB26AC}" = Media Gallery "{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = PhotoStitch "{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Monitoring Settings "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31 "{28291BD5-92D2-4685-82DC-CCA925C53CCA}" = RemoteCapture Task 1.1 "{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common "{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}" = VAIO Content Metadata XML Interface Library "{2F81FBFC-9A37-431F-9050-14B55485DF5A}" = Internet Library "{304FA186-DECC-9CC7-2FAE-0B67DB6FAE61}" = CCC Help Portuguese "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34DC654E-6E43-4BFA-9E00-6C16CFA7B9F0}" = VAIO Data Restore Tool "{3619666A-CB7E-0D03-3DFB-3F83BAF0FB6B}" = CCC Help Turkish "{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care "{37531547-B1F4-45E6-98FC-8AF5F2F0EAA4}" = VAIO Content Metadata Manager Settings "{37DA1B85-CB86-E048-8DB8-44B893C8AEA1}" = Catalyst Control Center Localization All "{3DD0F01F-98E4-6682-6272-DC51658035CA}" = Catalyst Control Center Graphics Light "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology "{4427F384-B5BE-4769-B7D0-C784FC321EB1}" = VAIO Content Metadata Intelligent Network Service Manager "{45EF4EE3-F591-4B74-A477-0CAE12934CE7}" = RAW Image Task 1.2 "{4869414E-7AEA-4C8E-BE1C-8D40977FD517}" = Adobe Illustrator CS6 "{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}" = VAIO Content Metadata Intelligent Analyzing Manager "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials "{4C96958A-6562-4143-B820-FF4890D3B734}" = Camera Window DVC "{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc) "{4F753D00-FC8E-4AB2-E9EC-91251BC44F60}" = CCC Help German "{50026CD1-BDF2-29E1-10DF-9A414DFD90A8}" = CCC Help Polish "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Easy Media Creator 10 LJ "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI "{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool "{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data "{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update "{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support "{5FC56CFC-FBD8-7D5C-D16F-025F43F313B5}" = CCC Help Japanese "{644EF892-C792-F4FE-7D3E-DDACDEE15ACA}" = CCC Help Russian "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components "{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR "{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources "{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger "{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform "{6B99E90E-2AC4-4D72-8D88-39030783172B}" = e-kort "{6D8ED20E-E792-4DAC-BB66-009836CBD80B}" = VAIO Content Monitoring Settings "{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "{70991E0A-1108-437E-BA7D-085702C670C0}" = "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center "{7392AA60-133D-4761-94DB-8FBC9B6CD5EA}" = VAIO Content Metadata Intelligent Network Service Manager "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio "{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6 "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{78665DD8-307F-B6B9-D0AA-BE9D9DCBACED}" = CCC Help French "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7B7A0C2B-89BF-9D93-65D5-CA10361C4A45}" = CCC Help English "{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2 "{7C5FF476-5B4B-E07F-3AD1-D035F19340A2}" = CCC Help Czech "{803E4FA5-A940-4420-B89D-A8BC2E160247}" = VAIO Power Management "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{885E16CA-C33E-082A-2A72-DDD9F8C2C20E}" = CCC Help Chinese Traditional "{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery "{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide "{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}" = MovieEdit Task "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-041D-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Swedish) 2007 "{90120000-0016-041D-0000-0000000FF1CE}_HOMESTUDENTR_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-041D-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Swedish) 2007 "{90120000-0018-041D-0000-0000000FF1CE}_HOMESTUDENTR_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-041D-0000-0000000FF1CE}" = Microsoft Office Word MUI (Swedish) 2007 "{90120000-001B-041D-0000-0000000FF1CE}_HOMESTUDENTR_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040B-0000-0000000FF1CE}" = Microsoft Office Proof (Finnish) 2007 "{90120000-001F-040B-0000-0000000FF1CE}_HOMESTUDENTR_{C3B4672B-3FE7-4D6F-AFF3-80D290C1131E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-041D-0000-0000000FF1CE}" = Microsoft Office Proof (Swedish) 2007 "{90120000-001F-041D-0000-0000000FF1CE}_HOMESTUDENTR_{4A960AFC-E28F-4233-953F-1903BE859B79}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-041D-1000-0000000FF1CE}_HOMESTUDENTR_{18651597-9190-4C03-902A-6F8F58A91A3E}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-002C-041D-0000-0000000FF1CE}" = Microsoft Office Proofing (Swedish) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-041D-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Swedish) 2007 "{90120000-006E-041D-0000-0000000FF1CE}_HOMESTUDENTR_{18651597-9190-4C03-902A-6F8F58A91A3E}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-041D-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Swedish) 2007 "{90120000-00A1-041D-0000-0000000FF1CE}_HOMESTUDENTR_{6DB23E19-BC1C-4C62-8158-391F65D84457}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{9118C696-FC94-435B-E4A3-77169E050F77}" = CCC Help Hungarian "{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}" = Camera Window DS "{91AAC9F5-0BF7-BD73-C00E-F907C00A1612}" = CCC Help Thai "{91F1A0D6-23AD-49FE-8D4E-379485652214}" = Camera Support Core Library "{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{931FE23C-BB40-4C7A-A594-DB35908D8E83}" = VAIO Quick Web Access "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" = "{96D8E26D-70CB-44DE-AE50-43095A39E5B2}" = VAIO Entertainment Platform "{9866E5F0-121F-E018-E2D1-2E1770847ABF}" = Adobe Download Assistant "{9B163B82-3B46-4CE5-BF01-A53E550A8E58}" = Sony Home Network Library "{9B75981A-E44C-8F1F-87FA-90AF19E0B543}" = CCC Help Korean "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9DA53D22-D922-494C-B1D7-51CD9BCB9E4A}" = VAIO Hardware Diagnostics "{9EAC0E21-510E-4259-A9C6-F5D5B8969036}" = Catalyst Control Center - Branding "{A02D29FD-6961-5CED-B8AC-906DDDF4FD61}" = CCC Help Dutch "{A3563827-B0DB-44DC-B037-15CC4E5E692F}" = VAIO Content Metadata XML Interface Library "{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Settings "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate "{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series "{A8453E55-43B9-086C-8E81-05BDF7D685E8}" = Catalyst Control Center Graphics Previews Common "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A95187EF-BCF4-4468-B501-C0BAB976ADD1}" = VAIO Personalization Manager "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC050677-EAFC-4B57-8F83-8205F65134D2}" = VAIO Content Metadata XML Interface Library "{AC7327AD-68B6-26B0-1C77-6178BD13C10B}" = CCC Help Italian "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2 "{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager "{B1DADBEB-7F82-4B29-84D6-5F14A020F0A0}" = VAIO Content Metadata Intelligent Analyzing Manager "{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story) "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy "{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default "{BA9632CB-2B93-4FD6-905C-BB325CE1C4DD}" = e-kort "{BCA907B6-5A0F-473E-8C63-0FF0CFAEB7B7}" = VAIO Personalization Manager "{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6 "{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon ZoomBrowser EX "{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup "{C614B5D2-2AE5-5026-350F-C893A2EF690C}" = Catalyst Control Center Graphics Full Existing "{C7281207-4AA4-425E-B57A-0E9EF8445635}" = Camera Window MC "{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service "{C9E84BA5-FCDD-B150-1EC9-F003F04607EC}" = CCC Help Swedish "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}" = Sony Home Network Library "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86 "{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents "{D6782EBE-7DEB-6DB6-2F36-1CF4F929541C}" = CCC Help Finnish "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver "{DA71EE59-9DF8-E845-942E-1974E620D9AB}" = CCC Help Chinese Standard "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer "{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = Media Gallery "{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3DC1111-5D32-40F9-BB81-64E31294C1A4}" = VAIO Personalization Manager "{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1432614-6183-49E6-98E8-674485463CFE}" = VAIO Original Function Settings "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{F64227CC-EF4C-1122-1A4B-0D7147D537F8}" = ccc-core-static "{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote "{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center "{F8D915D4-0E11-6E92-C51B-88AEA671E9EF}" = Catalyst Control Center Core Implementation "{FA0813C1-1F93-0F76-08C2-DCE9D844928A}" = CCC Help Greek "{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" = "{FB8E2BF6-5D1D-831E-1DD7-B2817A201FDF}" = CCC Help Danish "{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode) "CanonSolutionMenu" = Canon Utilities Solution Menu "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "Digital Editions" = Adobe Digital Editions "ESET Online Scanner" = ESET Online Scanner v3 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}" = PMB VAIO Edition plug-in (VAIO Image Optimizer) "InstallShield_{218BBBE3-FE63-4BB2-81A8-7435575A84FA}" = Canon Utilities PhotoStitch 3.1 "InstallShield_{28291BD5-92D2-4685-82DC-CCA925C53CCA}" = Canon RemoteCapture Task for ZoomBrowser EX "InstallShield_{2F81FBFC-9A37-431F-9050-14B55485DF5A}" = Canon Internet Library for ZoomBrowser EX "InstallShield_{45EF4EE3-F591-4B74-A477-0CAE12934CE7}" = Canon RAW Image Task for ZoomBrowser EX "InstallShield_{4C96958A-6562-4143-B820-FF4890D3B734}" = Canon Camera Window DVC for ZoomBrowser EX "InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = PMB VAIO Edition plug-in (Click to Disc) "InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data "InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}" = PMB VAIO Edition Guide "InstallShield_{8AF1E098-1A5C-4336-BBE2-D047ABB401ED}" = Canon MovieEdit Task for ZoomBrowser EX "InstallShield_{91203BD3-6C3E-472F-ADBD-F60FDC7C4010}" = Canon Camera Window DS for ZoomBrowser EX "InstallShield_{91F1A0D6-23AD-49FE-8D4E-379485652214}" = Canon Camera Support Core Library "InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = PMB VAIO Edition plug-in (VAIO Movie Story) "InstallShield_{C7281207-4AA4-425E-B57A-0E9EF8445635}" = Canon Camera Window for ZoomBrowser EX "LAME_is1" = LAME v3.99.3 (for Windows) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300 "MarketingTools" = VAIO Marketing Tools "MP Navigator EX 2.0" = Canon MP Navigator EX 2.0 "MSC" = McAfee Internet Security "Personal" = BankID säkerhetsprogram 4.17.0 "splashtop" = VAIO Quick Web Access "Spotify" = Spotify "Tablet Driver" = Platta "uTorrent" = µTorrent "VAIO Help and Support" = "VAIO Premium Partners" = VAIO Premium Partners "VAIO screensaver" = VAIO screensaver "WinLiveSuite" = Windows Live Essentials ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{dfc307dd-ab9f-4f7b-844c-a97d6e70cac4}_is1" = FitLive 1.1.15 "Sansa Updater" = Sansa Updater "Spotify" = Spotify ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 18/03/2012 06:45:41 | Computer Name = Emma-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019) Error - 19/03/2012 06:03:04 | Computer Name = Emma-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000) Error - 19/03/2012 06:03:04 | Computer Name = Emma-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019) Error - 21/03/2012 06:16:58 | Computer Name = Emma-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000) Error - 21/03/2012 06:16:58 | Computer Name = Emma-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019) Error - 22/03/2012 11:11:10 | Computer Name = Emma-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000) Error - 22/03/2012 11:11:10 | Computer Name = Emma-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019) Error - 22/03/2012 17:28:14 | Computer Name = Emma-VAIO | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Det gick inte att extrahera tredjepartsrotlista från autouppdaterings-CAB-filen vid: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fel: Ett nödvändigt certifikat är inte inom sin giltighetstid när det verifieras mot den aktuella systemklockan eller tidsstämpeln i den signerade filen. . Error - 23/03/2012 04:52:38 | Computer Name = Emma-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000) Error - 23/03/2012 04:52:39 | Computer Name = Emma-VAIO | Source = VzCdbSvc | ID = 7 Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019) [ Media Center Events ] Error - 12/06/2010 04:12:12 | Computer Name = Emma-VAIO | Source = MCUpdate | ID = 0 Description = 10:12:11 - Ett fel inträffade under anslutningen till Internet. 10:12:11 - Det gick inte att kontakta servern.. Error - 12/06/2010 04:12:26 | Computer Name = Emma-VAIO | Source = MCUpdate | ID = 0 Description = 10:12:17 - Ett fel inträffade under anslutningen till Internet. 10:12:17 - Det gick inte att kontakta servern.. Error - 03/07/2010 16:48:00 | Computer Name = Emma-VAIO | Source = MCUpdate | ID = 0 Description = 22:48:00 - Ett fel inträffade under anslutningen till Internet. 22:48:00 - Det gick inte att kontakta servern.. Error - 03/07/2010 16:48:13 | Computer Name = Emma-VAIO | Source = MCUpdate | ID = 0 Description = 22:48:05 - Ett fel inträffade under anslutningen till Internet. 22:48:05 - Det gick inte att kontakta servern.. Error - 03/07/2010 17:48:18 | Computer Name = Emma-VAIO | Source = MCUpdate | ID = 0 Description = 23:48:18 - Ett fel inträffade under anslutningen till Internet. 23:48:18 - Det gick inte att kontakta servern.. Error - 03/07/2010 17:48:24 | Computer Name = Emma-VAIO | Source = MCUpdate | ID = 0 Description = 23:48:23 - Ett fel inträffade under anslutningen till Internet. 23:48:23 - Det gick inte att kontakta servern.. Error - 03/07/2010 18:48:29 | Computer Name = Emma-VAIO | Source = MCUpdate | ID = 0 Description = 00:48:29 - Ett fel inträffade under anslutningen till Internet. 00:48:29 - Det gick inte att kontakta servern.. Error - 03/07/2010 18:48:35 | Computer Name = Emma-VAIO | Source = MCUpdate | ID = 0 Description = 00:48:34 - Ett fel inträffade under anslutningen till Internet. 00:48:34 - Det gick inte att kontakta servern.. Error - 10/07/2010 07:32:48 | Computer Name = Emma-VAIO | Source = MCUpdate | ID = 0 Description = 13:32:48 - Ett fel inträffade under anslutningen till Internet. 13:32:48 - Det gick inte att kontakta servern.. Error - 10/07/2010 07:32:59 | Computer Name = Emma-VAIO | Source = MCUpdate | ID = 0 Description = 13:32:53 - Ett fel inträffade under anslutningen till Internet. 13:32:53 - Det gick inte att kontakta servern.. [ OSession Events ] Error - 12/02/2011 19:03:02 | Computer Name = Emma-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 25 seconds with 0 seconds of active time. This session ended with a crash. Error - 21/03/2011 11:31:14 | Computer Name = Emma-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash. Error - 18/08/2011 12:10:13 | Computer Name = Emma-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 05/08/2012 12:53:39 | Computer Name = Emma-VAIO | Source = Service Control Manager | ID = 7001 Description = Tjänsten Computer Browser är beroende av tjänsten Server. Den sistnämnda kunde inte starta på grund av följande fel: %%1068 Error - 05/08/2012 12:54:24 | Computer Name = Emma-VAIO | Source = Service Control Manager | ID = 7009 Description = En timeout (30000 ms) inträffade vid väntan på att tjänsten Roxio Upnp Server 10 skulle ansluta. Error - 05/08/2012 13:14:24 | Computer Name = Emma-VAIO | Source = Service Control Manager | ID = 7009 Description = En timeout (30000 ms) inträffade vid väntan på att tjänsten Roxio Upnp Server 10 skulle ansluta. Error - 05/08/2012 13:15:03 | Computer Name = Emma-VAIO | Source = Service Control Manager | ID = 7011 Description = En timeout (30000 ms) inträffade vid väntan på transaktionssvar från tjänsten VcmIAlzMgr. Error - 05/08/2012 13:17:19 | Computer Name = Emma-VAIO | Source = bowser | ID = 8003 Description = Error - 06/08/2012 03:12:04 | Computer Name = Emma-VAIO | Source = Service Control Manager | ID = 7009 Description = En timeout (30000 ms) inträffade vid väntan på att tjänsten Roxio Upnp Server 10 skulle ansluta. Error - 06/08/2012 03:55:16 | Computer Name = Emma-VAIO | Source = Service Control Manager | ID = 7030 Description = Tjänsten PEVSystemStart är markerad som en interaktiv tjänst. Systemet är dock konfigurerat för att inte tillåta interaktiva tjänster. Tjänsten kommer kanske inte att fungera korrekt. Error - 06/08/2012 04:03:29 | Computer Name = Emma-VAIO | Source = Service Control Manager | ID = 7030 Description = Tjänsten PEVSystemStart är markerad som en interaktiv tjänst. Systemet är dock konfigurerat för att inte tillåta interaktiva tjänster. Tjänsten kommer kanske inte att fungera korrekt. Error - 06/08/2012 04:31:57 | Computer Name = Emma-VAIO | Source = Service Control Manager | ID = 7009 Description = En timeout (30000 ms) inträffade vid väntan på att tjänsten Roxio Upnp Server 10 skulle ansluta. Error - 06/08/2012 04:32:49 | Computer Name = Emma-VAIO | Source = Service Control Manager | ID = 7011 Description = En timeout (30000 ms) inträffade vid väntan på transaktionssvar från tjänsten VcmIAlzMgr. < End of report >
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

OTL logfile created on: 06/08/2012 17:48:18 - Run 1 OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Emma\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd 3.86 Gb Total Physical Memory | 2.64 Gb Available Physical Memory | 68.39% Memory free 7.71 Gb Paging File | 5.60 Gb Available in Paging File | 72.58% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451.45 Gb Total Space | 259.64 Gb Free Space | 57.51% Space Free | Partition Type: NTFS Computer Name: EMMA-VAIO | User Name: Emma | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Emma\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.exe (Adobe Systems Incorporated) PRC - C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Personal\bin\Personal.exe (Technology Nexus AB) PRC - C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) PRC - C:\Program Files (x86)\ekort\ekort.exe (Orbiscom Ltd. All rights reserved.) PRC - C:\Windows\SysWOW64\OBroker.exe () PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) ========== Modules (No Company Name) ========== MOD - C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_sv_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\SysWOW64\OBroker.exe () MOD - C:\Program Files (x86)\ekort\EkortRes.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.) SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe () SRV:64bit: - (McShield) -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe () SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SRV:64bit: - (VUAgent) -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation) SRV:64bit: - (VCService) -- C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNASvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (mcmscsvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV:64bit: - (VcmXmlIfHelper) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV:64bit: - (VcmIAlzMgr) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (VAIO Power Management) -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe (Sony Corporation) SRV:64bit: - (VSNService) -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV:64bit: - (VcmINSMgr) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV:64bit: - (TabletService) -- C:\Windows\SysNative\Tablet.exe (Wacom Technology, Corp.) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (VAIO Event Service) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation) SRV - (SOHPlMgr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDBSvr) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe (Sony Corporation) SRV - (VzCdbSvc) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions) SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.) DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.) DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.) DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.) DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.) DRV:64bit: - (mferkdet) -- C:\Windows\SysNative\drivers\mferkdet.sys (McAfee, Inc.) DRV:64bit: - (mfenlfk) -- C:\Windows\SysNative\drivers\mfenlfk.sys (McAfee, Inc.) DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys () DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology) DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheritage.com?orig=ds&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 09 E9 1E C5 26 73 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{1B75A58B-EF69-4423-930F-4D1373A6B54F}: "URL" = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll () FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ekort@orbiscom: C:\Program Files (x86)\ekort [2011/04/14 13:30:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/06/29 13:39:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/07/25 18:24:48 | 000,000,000 | ---D | M] O1 HOSTS File: ([2012/08/02 00:49:50 | 000,001,392 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 78.46.61.26 www.google-analytics.com. O1 - Hosts: 78.46.61.26 ad-emea.doubleclick.net. O1 - Hosts: 78.46.61.26 www.statcounter.com. O1 - Hosts: 108.163.215.51 www.google-analytics.com. O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net. O1 - Hosts: 108.163.215.51 www.statcounter.com. O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120629133947.dll (McAfee, Inc.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120629133947.dll (McAfee, Inc.) O2 - BHO: (e-kort Helper Class) - {9065E913-4F23-4B47-9B5D-B055D32DB1F3} - C:\Program Files (x86)\ekort\EKortHelper.dll () O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (e-kort Toolbar) - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program Files (x86)\ekort\EKortToolbar.dll () O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart File not found O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [startCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [browserChoice] "C:\Windows\System32\browserchoice.exe" /run File not found O4 - HKCU..\Run: [spotify Web Helper] C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () O4 - Startup: C:\Users\Emma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control) O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} http://www.turntool.com/ViewerInstall.exe (TurnTool Scene) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.fujidirekt.se/aurigma/ImageUploader5.cab (Image Uploader Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36601CEE-D5D8-49CC-9878-7011DD745294}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D7BD819-48F2-4E64-8CDB-988BAD52DF69}: DhcpNameServer = 195.54.122.199 195.54.122.204 O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.) O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012/08/06 17:44:57 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Emma\Desktop\OTL.exe [2012/08/06 11:00:12 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Local\Mozilla [2012/08/06 11:00:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012/08/06 10:37:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2012/08/06 10:32:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012/08/06 10:25:20 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/08/05 21:01:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2012/08/05 21:01:00 | 000,000,000 | ---D | C] -- C:\Config.Msi [2012/08/05 19:20:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012/08/05 19:19:09 | 002,975,336 | ---- | C] (Piriform Ltd) -- C:\Users\Emma\Desktop\ccsetup321_slim.exe [2012/08/05 18:12:01 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Roaming\f-secure [2012/08/05 18:11:35 | 000,000,000 | ---D | C] -- C:\ProgramData\F-Secure [2012/08/05 14:25:15 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Roaming\TuneUp Software [2012/08/05 14:24:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012/08/05 14:23:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012/08/05 14:23:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2012/08/05 13:03:34 | 000,000,000 | R--D | C] -- C:\Users\Emma\Documents\Favorites [2012/08/03 15:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012/08/03 13:58:17 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Emma\Desktop\TFC.exe [2012/08/03 12:24:48 | 000,000,000 | ---D | C] -- C:\Users\Emma\Desktop\RK_Quarantine [2012/08/03 11:30:25 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Emma\Desktop\aswMBR.exe [2012/08/03 09:49:29 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Emma\Desktop\dds.scr [2012/08/02 22:00:52 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/08/02 22:00:52 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/08/02 22:00:52 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/08/02 21:55:04 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/08/02 21:54:31 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012/08/02 21:49:04 | 004,725,168 | R--- | C] (Swearware) -- C:\Users\Emma\Desktop\ComboFix.exe [2012/08/02 20:06:31 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Roaming\Malwarebytes [2012/08/02 20:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/08/02 20:06:21 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/08/02 20:06:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/08/02 20:06:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/08/02 20:03:58 | 000,000,000 | ---D | C] -- C:\Users\Emma\Desktop\rkill-backup [2012/08/02 00:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\7531CC77000844B0C9AE2DF4F875F002 [2012/07/24 22:47:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012/07/24 13:22:36 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Emma\Desktop\TDSSKiller.exe [2012/07/17 17:18:06 | 000,000,000 | ---D | C] -- C:\Users\Emma\Desktop\BRIGHTON BECKS [2012/07/13 20:13:29 | 000,000,000 | ---D | C] -- C:\Users\Emma\Documents\Brighton [2012/07/12 23:39:03 | 000,000,000 | ---D | C] -- C:\Users\Emma\Documents\mythical-creatures-assets-package_2 [2012/07/12 22:05:44 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012/07/12 22:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2012/07/12 22:00:48 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2012/07/12 21:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012/07/12 21:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012/07/12 20:50:37 | 000,000,000 | ---D | C] -- C:\Users\Emma\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/07/12 20:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant [2012/07/12 20:50:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2012/07/12 01:57:59 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/07/12 01:57:59 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/07/12 01:57:58 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/07/12 01:57:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/07/12 01:57:56 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/07/12 01:57:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/07/12 01:57:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012/07/12 01:57:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012/07/12 01:57:54 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/07/12 01:57:54 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/07/12 01:57:54 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/07/12 01:57:54 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/07/12 01:57:54 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/07/11 19:18:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2012/07/11 19:18:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2012/07/11 19:18:11 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012/07/11 19:18:01 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll [2012/07/11 19:17:57 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll ========== Files - Modified Within 30 Days ========== [2012/08/06 17:50:00 | 000,001,008 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/08/06 17:45:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Emma\Desktop\OTL.exe [2012/08/06 17:41:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/08/06 16:38:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/08/06 14:09:51 | 000,000,824 | ---- | M] () -- C:\Users\Emma\Desktop\hosts [2012/08/06 10:40:11 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/06 10:40:11 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/06 10:37:03 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk [2012/08/06 10:32:17 | 000,001,004 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/08/06 10:31:37 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2012/08/06 09:50:25 | 004,725,168 | R--- | M] (Swearware) -- C:\Users\Emma\Desktop\ComboFix.exe [2012/08/05 20:23:19 | 001,466,674 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/08/05 20:23:19 | 000,626,006 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat [2012/08/05 20:23:19 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/08/05 20:23:19 | 000,124,128 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat [2012/08/05 20:23:19 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/08/05 20:10:01 | 000,003,240 | ---- | M] () -- C:\Users\Emma\Desktop\Attach.zip [2012/08/05 19:20:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/08/05 19:19:25 | 002,975,336 | ---- | M] (Piriform Ltd) -- C:\Users\Emma\Desktop\ccsetup321_slim.exe [2012/08/05 18:45:55 | 000,000,134 | ---- | M] () -- C:\Users\Emma\Desktop\hosts-perm.bat [2012/08/05 18:40:22 | 000,000,274 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{AA0C8ADD-AA4A-433E-8C79-299935B01853}.job [2012/08/05 17:31:21 | 000,003,664 | ---- | M] () -- C:\bootsqm.dat [2012/08/03 14:41:56 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/08/03 14:41:56 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012/08/03 13:58:18 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Emma\Desktop\TFC.exe [2012/08/03 12:23:10 | 001,552,384 | ---- | M] () -- C:\Users\Emma\Desktop\RogueKiller.exe [2012/08/03 11:35:23 | 000,000,512 | ---- | M] () -- C:\Users\Emma\Desktop\MBR.dat [2012/08/03 11:30:53 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Emma\Desktop\aswMBR.exe [2012/08/03 11:21:38 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Emma\Desktop\TDSSKiller.exe [2012/08/03 09:49:29 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Emma\Desktop\dds.scr [2012/08/02 20:06:22 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/08/02 00:49:50 | 000,001,392 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/08/01 15:41:35 | 000,423,053 | ---- | M] () -- C:\Users\Emma\Documents\kvitto lensway.xps [2012/08/01 09:50:36 | 000,244,774 | ---- | M] () -- C:\test.xml [2012/07/18 16:58:10 | 035,852,793 | ---- | M] () -- C:\Users\Emma\Documents\OnFire_chapter1.pdf [2012/07/15 14:02:17 | 005,002,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/07/14 21:40:44 | 002,640,603 | ---- | M] () -- C:\Users\Emma\Documents\hallelujah.wma [2012/07/12 20:50:34 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk ========== Files Created - No Company Name ========== [2012/08/06 14:09:51 | 000,000,824 | ---- | C] () -- C:\Users\Emma\Desktop\hosts [2012/08/05 20:10:01 | 000,003,240 | ---- | C] () -- C:\Users\Emma\Desktop\Attach.zip [2012/08/05 19:20:46 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012/08/05 18:45:55 | 000,000,134 | ---- | C] () -- C:\Users\Emma\Desktop\hosts-perm.bat [2012/08/05 18:40:22 | 000,000,274 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{AA0C8ADD-AA4A-433E-8C79-299935B01853}.job [2012/08/05 17:31:21 | 000,003,664 | ---- | C] () -- C:\bootsqm.dat [2012/08/03 12:23:08 | 001,552,384 | ---- | C] () -- C:\Users\Emma\Desktop\RogueKiller.exe [2012/08/03 11:35:23 | 000,000,512 | ---- | C] () -- C:\Users\Emma\Desktop\MBR.dat [2012/08/02 22:00:52 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/08/02 22:00:52 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/08/02 22:00:52 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/08/02 22:00:52 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/08/02 22:00:52 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/08/02 20:06:22 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/08/01 15:41:34 | 000,423,053 | ---- | C] () -- C:\Users\Emma\Documents\kvitto lensway.xps [2012/07/18 16:58:08 | 035,852,793 | ---- | C] () -- C:\Users\Emma\Documents\OnFire_chapter1.pdf [2012/07/14 21:44:15 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk [2012/07/14 21:43:26 | 000,001,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk [2012/07/14 21:40:44 | 002,640,603 | ---- | C] () -- C:\Users\Emma\Documents\hallelujah.wma [2012/07/12 22:02:08 | 000,001,650 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk [2012/07/12 22:00:51 | 000,001,518 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk [2012/07/12 21:59:44 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk [2012/07/12 21:59:07 | 000,001,169 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk [2012/07/12 21:53:46 | 000,001,353 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk [2012/07/12 21:53:31 | 000,001,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk [2012/07/12 21:53:06 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2012/07/12 20:50:34 | 000,001,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk [2012/07/12 20:50:34 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Download Assistant.lnk [2011/11/23 15:33:54 | 000,000,272 | ---- | C] () -- C:\Users\Emma\AppData\Roaming\.backup.dm [2011/04/14 13:30:20 | 000,145,920 | ---- | C] () -- C:\Windows\SysWow64\OBroker.exe [2010/10/10 23:17:44 | 000,010,752 | ---- | C] () -- C:\Users\Emma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/09/11 00:11:38 | 000,000,004 | ---- | C] () -- C:\Users\Emma\AppData\Roaming\wklnhst.dat ========== LOP Check ========== [2012/06/30 22:28:56 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Audacity [2010/07/11 19:01:41 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Auslogics [2012/04/07 13:09:41 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\BitZipper [2012/01/20 15:02:49 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Canon [2012/07/12 20:50:37 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/08/05 18:12:01 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\f-secure [2011/05/31 17:48:51 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Fit3DLive [2010/10/03 00:03:27 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Opera [2011/04/08 15:07:08 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Personal [2011/07/28 22:53:17 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\RenPy [2012/06/25 17:21:46 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\SanDisk [2012/07/18 00:01:40 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Spotify [2012/07/12 22:05:44 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2010/09/11 00:12:40 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Template [2012/08/05 14:25:15 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\TuneUp Software [2012/08/05 20:06:18 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\uTorrent [2011/01/10 16:24:43 | 000,000,000 | ---D | M] -- C:\Users\Emma\AppData\Roaming\Windows Live Writer [2012/08/05 19:14:23 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012/08/05 18:40:22 | 000,000,274 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{AA0C8ADD-AA4A-433E-8C79-299935B01853}.job ========== Purity Check ========== < End of report >
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Ja, har provat med både Firefox och Chrome, men det var samma sak där. Skulle det kunna funka att försöka med en systemåterställning?
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Ja, popupsen är kvar.
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Det funkade ändå inte :/ Har fortfarande inte behörighet, säger datorn.
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Näpp, enda gången jag rört McAfee är när jag stängt av skyddet. Verkar inte som om skyddet i malwarebytes är på, men däremot såg det ut så här när jag öppnade programmet: Borde jag radera dessa filer permanent?
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Insåg efter någon minut att jag missade att köra som administratör, när jag startade ComboFix. Spelar det någon roll?
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

ComboFix 12-08-05.02 - Emma 2012-08-06 9:51.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.3950.2642 [GMT 2:00] Körs från: c:\users\Emma\Desktop\ComboFix.exe AV: McAfee Antivirus och antispionprogram *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee Antivirus och antispionprogram *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Andra raderingar )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Emma\AppData\Roaming\.# . . (((((((((((((((((((((((( Filer skapade från 2012-07-06 till 2012-08-06 )))))))))))))))))))))))))))))) . . 2012-08-06 08:03 . 2012-08-06 08:03 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-05 19:01 . 2012-08-05 19:01 -------- d-----w- c:\program files (x86)\Apple Software Update 2012-08-05 17:20 . 2012-08-05 17:20 -------- d-----w- c:\program files\CCleaner 2012-08-05 16:12 . 2012-08-05 16:12 -------- d-----w- c:\users\Emma\AppData\Roaming\f-secure 2012-08-05 16:11 . 2012-08-05 16:11 -------- d-----w- c:\programdata\F-Secure 2012-08-05 12:25 . 2012-08-05 12:25 -------- d-----w- c:\users\Emma\AppData\Roaming\TuneUp Software 2012-08-05 12:24 . 2012-08-05 12:26 -------- d-----w- c:\programdata\TuneUp Software 2012-08-05 12:23 . 2012-08-05 12:23 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-08-05 12:23 . 2012-08-05 12:23 -------- d--h--w- c:\programdata\Common Files 2012-08-03 13:00 . 2012-08-03 13:00 -------- d-----w- c:\program files (x86)\ESET 2012-08-02 18:06 . 2012-08-02 18:06 -------- d-----w- c:\users\Emma\AppData\Roaming\Malwarebytes 2012-08-02 18:06 . 2012-08-02 18:06 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-08-02 18:06 . 2012-08-02 18:06 -------- d-----w- c:\programdata\Malwarebytes 2012-08-02 18:06 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-01 22:50 . 2012-08-01 22:50 -------- d-----w- c:\programdata\7531CC77000844B0C9AE2DF4F875F002 2012-07-12 20:05 . 2012-07-12 20:05 -------- d-----w- c:\users\Emma\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2012-07-12 20:02 . 2012-07-14 19:44 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2012-07-12 20:00 . 2012-07-12 20:00 -------- d-----w- c:\programdata\ALM 2012-07-12 19:58 . 2012-07-14 19:44 -------- d-----w- c:\program files\Adobe 2012-07-12 19:50 . 2012-07-14 19:44 -------- d-----w- c:\program files\Common Files\Adobe 2012-07-12 18:50 . 2012-07-12 18:50 -------- d-----w- c:\users\Emma\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant 2012-07-12 18:50 . 2012-07-12 18:50 -------- d-----w- c:\program files (x86)\Adobe Download Assistant 2012-07-12 18:50 . 2012-07-12 18:50 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR 2012-07-12 00:02 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 23:58 . 2012-06-02 11:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-07-11 23:58 . 2012-06-02 08:16 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb 2012-07-11 17:18 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 17:17 . 2012-06-06 05:05 212992 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 17:17 . 2012-06-06 05:05 143360 ----a-w- c:\program files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 17:17 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 17:17 . 2012-06-06 06:02 1133568 ----a-w- c:\windows\system32\cdosys.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-03 12:41 . 2012-04-02 14:05 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-03 12:41 . 2011-10-19 13:33 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-11 23:59 . 2010-05-13 10:42 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-06-24 20:22 . 2012-06-24 20:23 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-06-02 22:19 . 2012-06-22 22:38 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-22 22:39 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-22 22:39 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-22 22:39 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-22 22:38 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-22 22:39 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-22 22:38 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-22 22:37 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-22 22:37 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-05-25 15:13 . 2012-06-29 11:28 162224 ----a-w- c:\windows\system32\mfevtps.exe . . (((((((((((((((((((((((((((((((((( Startpunkter i registret ))))))))))))))))))))))))))))))))))))))))))))))) . . *Not* tomma poster & legitima standardposter visas inte. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="c:\users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-09 932528] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-15 98304] "NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-17 538472] "PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792] "e-kort"="c:\progra~2\ekort\ekort.exe" [2008-12-11 377856] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1675160] "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] . c:\users\Emma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] Skärmurklipp och start för OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ BankID säkerhetsprogram.lnk - c:\program files (x86)\Personal\bin\Personal.exe [2011-4-8 1086288] Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2009-12-01 22:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" "MarketingTools"=c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" . R2 0048881343150844mcinstcleanup;McAfee Application Installer Cleanup (0048881343150844);c:\windows\TEMP\004888~1.EXE [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056] R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104] R3 gupdatem;Tjänsten Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13 133104] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2009-11-13 151936] R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912] R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104] R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048] R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432] R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1255736] R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568] S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-24 202752] S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13 133104] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-05-25 210616] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-11-06 93696] S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-09-15 75776] S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192] S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-14 2320920] S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416] S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776] S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-11-25 821760] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-12-14 56344] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392] S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248] S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736] S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-11-12 395264] . . --- Övriga tjänster/drivrutiner i minnet --- . *Deregistered* - mfeavfk01 . Innehåll i mappen 'Schemalagda aktiviteter': . 2012-08-06 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 12:42] . 2012-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13 14:30] . 2012-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13 14:30] . 2012-08-05 c:\windows\Tasks\User_Feed_Synchronization-{AA0C8ADD-AA4A-433E-8C79-299935B01853}.job - c:\windows\system32\msfeedssync.exe [2011-08-05 13:41] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896] "CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Extra genomsökning ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.se/ mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.1.1 DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} - hxxp://www.turntool.com/ViewerInstall.exe . - - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - - . WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file) HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\"" . --------------------- LÅSTA REGISTERNYCKLAR --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Sluttid: 2012-08-06 10:24:52 ComboFix-quarantined-files.txt 2012-08-06 08:24 . Före genomsökningen: 278 837 235 712 byte ledigt Efter genomsökningen: 278 971 117 568 byte ledigt . - - End Of File - - 1FE1D195AD33B500581B1F27B938DBFC
- Augusti 6, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Har McAfee Internet Security, vilket inte finns någon ordentlig instruktion för hur man stänger av. Men har stängt av Genomsökning i realtid och Schemalagd genomscanning, räcker det? Det är allt som går att välja på att stänga av/ha aktivt, förutom brandväggen då. Har trådlöst internet, så det borde inte påverkas, eller?
- Augusti 5, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Nähä, okej. Tune up är en fri trial version, Adobe Reader är inte installerat (kan ha kommit från en fri trial version av Adobe Photoshop?). I mapparna är det Windows Installer & en ikon, står det.
- Augusti 5, 2012
- 101 svar
Security Shield!

bengsi svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Körde Ccleaner. Så här ser det ut i Hosts-filen: # Copyright © 1993-2006 Microsoft Corp. # # Det här är HOSTS-exempelfilen som används av Microsoft TCP/IP för Windows. # # Den här filen innehåller mappningar av IP-adresser till värdnamn. Du bör # inte ange fler än en post per rad. IP-adressen bör anges # i den första kolumnen och följas av motsvarande värddatornamn. # IP-adressen och värdnamnet måste åtskiljas av minst ett blanksteg. # # Kommentarer (som dessa) kan infogas på en egen rad eller # efter ett datornamn. Kommentarer måste föregås av tecknet #. # # Till exempel: # # 102.54.94.97 rhino.acme.com # källserver # 38.25.63.10 x.acme.com # klientvärddatorn x # Namnuppslag för localhost hanteras inom DNS. # 127.0.0.1 localhost # ::1 localhost
- Augusti 5, 2012
- 101 svar

Logga in

bengsi

Innehållsantal

Gick med

Besökte senast

Innehållstyp

Profiler

Forum

Allt postat av bengsi

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Bläddra

Aktivitet