busefin

Medlem

Visa profil Visa deras aktivitet

Innehållsantal
4
Gick med
September 21, 2013
Besökte senast
December 16, 2013

busefin's Achievements

(1/8)

Polisviruset

busefin svarade på busefin's ämne i Borttagning av virus och andra skadliga program

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01 Ran by Leffe (administrator) on LEFFE-VAIO on 23-09-2013 10:38:36 Running from C:\Users\Leffe\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: Swedish Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (iTeleport, Inc.) C:\Program Files (x86)\iTeleport\iTeleport Connect\iTeleportService.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe (ALPS) C:\Program Files\Apoint\Apvfb.exe (Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe (iTeleport, Inc.) C:\Program Files (x86)\iTeleport\iTeleport Connect\iTeleportConnect.exe (Spotify Ltd) C:\Users\Leffe\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Leffe\AppData\Roaming\Spotify\spotify.exe (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\Personal.exe (WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe (BitTorrent Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.) HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications) HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations) HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.) HKCU\...\Run: [iTeleportConnect] - C:\Program Files (x86)\iTeleport\iTeleport Connect\iTeleportConnect.exe [1999360 2012-10-10] (iTeleport, Inc.) HKCU\...\Run: [spotify Web Helper] - C:\Users\Leffe\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-11] (Spotify Ltd) HKCU\...\Run: [spotify] - C:\Users\Leffe\AppData\Roaming\Spotify\Spotify.exe [4640768 2013-07-11] (Spotify Ltd) HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_174_ActiveX.exe -update activex [515464 2013-09-13] (Adobe Systems Incorporated) MountPoints2: {1a9af7d5-d8b1-11e1-ab0e-9439e5bae3e6} - "E:\WD SmartWare.exe" autoplay=true HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [iSBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) Startup: C:\Users\Leffe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skärmurklipp och start för OneNote 2010.lnk ShortcutTarget: Skärmurklipp och start för OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vaioportal.sony.eu HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://sony.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com URLSearchHook: (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {30DF1F86-AA64-4B18-93F5-08E53A10EBD2} URL = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices SearchScopes: HKCU - {386C9E33-E710-4F5E-8D3B-9C408175FB91} URL = http://rover.ebay.com/rover/1/0/4?satitle={searchTerms} BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation) BHO-x32: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\Exts\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Leffe\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx ==================== Services (Whitelisted) ================= S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) R2 iTeleportService; C:\Program Files (x86)\iTeleport\iTeleport Connect\iTeleportService.exe [28160 2012-10-10] (iTeleport, Inc.) R2 N360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation) R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation) R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] ==================== Drivers (Whitelisted) ==================== R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [1387608 2013-03-22] (Symantec Corporation) R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [1387608 2013-03-22] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-09-05] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-09-05] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-09-29] (Symantec Corporation) R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130405.001\IDSvia64.sys [513184 2012-09-01] (Symantec Corporation) R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130405.001\IDSvia64.sys [513184 2012-09-01] (Symantec Corporation) S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130406.008\ENG64.SYS [126192 2013-02-02] (Symantec Corporation) S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130406.008\ENG64.SYS [126192 2013-02-02] (Symantec Corporation) S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130406.008\EX64.SYS [2087664 2013-02-02] (Symantec Corporation) S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130406.008\EX64.SYS [2087664 2013-02-02] (Symantec Corporation) S3 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-04-07] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-23 10:36 - 2013-09-21 11:35 - 01950622 _____ (Farbar) C:\Users\Leffe\Desktop\FRST64.exe 2013-09-21 19:09 - 2013-09-21 19:10 - 00000000 ____D C:\304b0a78d90227e92a 2013-09-21 19:04 - 2013-09-21 19:04 - 00000000 ___RD C:\Users\Leffe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2013-09-21 14:08 - 2013-09-21 14:08 - 00000000 ____D C:\FRST 2013-09-18 06:03 - 2013-09-18 06:03 - 00000000 ____D C:\Users\Leffe\AppData\Roaming\ArcSoft 2013-09-18 06:03 - 2013-09-18 06:03 - 00000000 ____D C:\Users\Leffe\AppData\Local\ArcSoft 2013-09-13 03:13 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-09-13 03:13 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-09-13 03:13 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-09-13 03:13 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-09-13 03:13 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-09-13 03:13 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-09-13 03:13 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-13 03:13 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-13 03:13 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-13 03:13 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-13 03:13 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-13 03:13 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-09-13 03:13 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-13 03:13 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-09-13 03:13 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-13 03:12 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-09-13 03:12 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-09-13 03:12 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-09-13 03:12 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-09-13 03:12 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-09-13 03:12 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-09-13 03:12 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-09-13 03:12 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-09-13 03:12 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-13 03:12 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-13 03:12 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-13 03:12 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-13 03:12 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-13 03:12 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-13 03:12 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-13 03:12 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-12 18:18 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-09-12 18:18 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2013-09-12 18:18 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-09-12 18:18 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-09-12 18:18 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2013-09-12 18:18 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-09-12 18:18 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2013-09-12 18:18 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2013-09-12 18:18 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2013-09-12 18:18 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2013-09-12 18:18 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-09-12 18:18 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-09-12 18:18 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-12 18:18 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-09-12 18:18 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-09-12 18:18 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2013-09-12 18:18 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2013-09-12 18:18 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-09-12 18:18 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-09-12 18:18 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-09-12 18:18 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-09-12 18:18 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 18:18 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-12 18:17 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-09-12 18:17 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-09-12 18:17 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-12 18:17 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll ==================== One Month Modified Files and Folders ======= 2013-09-23 10:39 - 2012-05-13 16:45 - 00000000 ____D C:\Users\Leffe\AppData\Roaming\uTorrent 2013-09-23 10:32 - 2011-02-14 23:13 - 00661956 _____ C:\Windows\system32\perfh01D.dat 2013-09-23 10:32 - 2011-02-14 23:13 - 00141726 _____ C:\Windows\system32\perfc01D.dat 2013-09-23 10:32 - 2009-07-14 07:13 - 01574032 _____ C:\Windows\system32\PerfStringBackup.INI 2013-09-23 10:13 - 2012-11-12 09:54 - 00000992 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-23 10:05 - 2012-03-22 18:20 - 01656321 _____ C:\Windows\WindowsUpdate.log 2013-09-23 10:03 - 2012-11-03 21:11 - 00000000 ____D C:\Users\Leffe\AppData\Roaming\Spotify 2013-09-23 09:53 - 2012-09-05 18:14 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-23 00:13 - 2012-11-12 09:54 - 00000988 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-22 22:45 - 2013-08-12 16:21 - 00000000 ____D C:\Users\Leffe\AppData\Roaming\vlc 2013-09-22 20:53 - 2012-09-05 18:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-22 20:53 - 2012-09-05 18:14 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-22 20:53 - 2012-09-05 18:14 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-22 19:51 - 2012-03-22 18:44 - 00003932 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{30A896D7-4D82-45EC-ADDD-652B59309106} 2013-09-22 19:51 - 2009-07-14 06:51 - 00103585 _____ C:\Windows\setupact.log 2013-09-22 00:16 - 2012-11-12 09:54 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-09-21 21:00 - 2012-03-22 18:37 - 00000000 ___RD C:\Users\Leffe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-21 19:11 - 2009-07-14 06:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-21 19:11 - 2009-07-14 06:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-21 19:10 - 2013-09-21 19:09 - 00000000 ____D C:\304b0a78d90227e92a 2013-09-21 19:04 - 2013-09-21 19:04 - 00000000 ___RD C:\Users\Leffe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2013-09-21 19:03 - 2011-09-17 15:38 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-21 19:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-21 14:08 - 2013-09-21 14:08 - 00000000 ____D C:\FRST 2013-09-21 11:35 - 2013-09-23 10:36 - 01950622 _____ (Farbar) C:\Users\Leffe\Desktop\FRST64.exe 2013-09-18 06:03 - 2013-09-18 06:03 - 00000000 ____D C:\Users\Leffe\AppData\Roaming\ArcSoft 2013-09-18 06:03 - 2013-09-18 06:03 - 00000000 ____D C:\Users\Leffe\AppData\Local\ArcSoft 2013-09-18 06:03 - 2011-09-17 16:00 - 00000000 ____D C:\ProgramData\ArcSoft 2013-09-16 23:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2013-09-16 23:21 - 2012-05-16 21:12 - 00000000 ____D C:\Users\Leffe\AppData\Local\CrashDumps 2013-09-14 09:51 - 2012-12-13 05:34 - 00000000 ____D C:\Update 2013-09-14 02:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-09-14 01:23 - 2011-09-17 15:44 - 00000000 ____D C:\ProgramData\Sony Corporation 2013-09-13 08:59 - 2013-08-11 10:19 - 00029727 _____ C:\test.xml 2013-09-13 04:05 - 2012-03-22 18:37 - 00000000 ___RD C:\Users\Leffe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-09-13 03:33 - 2009-07-14 06:45 - 00437696 _____ C:\Windows\system32\FNTCACHE.DAT 2013-09-13 03:12 - 2013-07-14 09:07 - 00000000 ____D C:\Windows\system32\MRT 2013-09-13 03:09 - 2012-05-13 16:57 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-09-13 03:09 - 2012-04-07 07:08 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-12 18:28 - 2012-12-06 18:55 - 00014037 _____ C:\Users\Leffe\Documents\Lotto jobb.xlsx 2013-09-12 18:09 - 2012-11-03 21:11 - 00000000 ____D C:\Users\Leffe\AppData\Local\Spotify 2013-08-28 16:44 - 2012-11-05 22:42 - 00000000 ____D C:\ProgramData\boost_interprocess 2013-08-26 21:38 - 2013-07-08 18:17 - 00015716 _____ C:\Users\Leffe\Documents\EKONOMI (sparad automatiskt).xlsx Some content of TEMP: ==================== C:\Users\Leffe\AppData\Local\Temp\mwlriltsmprgiwcoudi.bfg C:\Users\Leffe\AppData\Local\Temp\SpotifyUpgrader.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-22 10:56 ==================== End Of Log ============================
- September 23, 2013
- 10 svar
Polisviruset

busefin svarade på busefin's ämne i Borttagning av virus och andra skadliga program

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-09-2013 01 Ran by Leffe at 2013-09-23 10:39:30 Running from C:\Users\Leffe\Desktop Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= µTorrent (x32 Version: 3.3.0.29625) A kiterjesztett Microsoft .NET-keretrendszer 4 HUN nyelvi csomagja (Version: 4.0.30319) A Microsoft .NET-keretrendszer 4-es verziójához tartozó ügyfélprofil HUN nyelvi csomagja (Version: 4.0.30319) ActiveX контрола на Windows Live Mesh за отдалечени връзки (x32 Version: 15.4.5722.2) ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (x32 Version: 15.4.5722.2) Adobe AIR (x32 Version: 2.5.1.17730) Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.175) Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168) Adobe Reader X (10.1.5) MUI (x32 Version: 10.1.5) Alps Pointing-device for VAIO Apple Mobile Device Support (Version: 6.1.0.13) Apple Software Update (x32 Version: 2.1.3.127) Apple-programstöd (x32 Version: 2.3.4) ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.142) ArcSoft WebCam Companion 4 (x32 Version: 4.0.21.392) BankID säkerhetsprogram (x32 Version: 4.19.3) Bing Bar (x32 Version: 7.0.850.0) Bluetooth Win7 Suite (64) (Version: 7.3.0.100) Bonjour (Version: 3.0.0.10) Canon MG5200 series MP Drivers Conexant HD Audio (Version: 8.54.0.53) Control ActiveX Windows Live Mesh pentru conexiuni la distanță (x32 Version: 15.4.5722.2) Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2) Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2) D3DX10 (x32 Version: 15.4.2368.0902) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922) Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922) Galerie foto Windows Live (x32 Version: 15.4.3502.0922) Google Chrome (x32 Version: 29.0.1547.76) Google Toolbar for Internet Explorer (x32 Version: 1.0.0) Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752) Google Update Helper (x32 Version: 1.3.21.153) Intel® Control Center (x32 Version: 1.2.1.1007) Intel® Management Engine Components (x32 Version: 7.0.0.1144) Intel® Rapid Storage Technology (x32 Version: 10.0.0.1046) iTeleport Connect (x32 Version: 6.1.0002) iTunes (Version: 11.0.4.4) Java Auto Updater (x32 Version: 2.0.2.4) Java 6 Update 22 (64-bit) (Version: 6.0.220) Java 6 Update 22 (x32 Version: 6.0.220) Junk Mail filter update (x32 Version: 15.4.3502.0922) Media Gallery (Version: 1.5.0.16020) Mesh Runtime (x32 Version: 15.4.5722.2) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile CSY Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DAN Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile DAN sprogpakke (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile ELL Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile FIN Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile HUN Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile Language Pack - SVE (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile NOR Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile PLK Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile PTG Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile SVE Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profile TRK Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Client Profilen suomen kielipaketti (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft .NET Framework 4 Extended CSY Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DAN Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended DAN sprogpakke (Version: 4.0.30319) Microsoft .NET Framework 4 Extended ELL Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended FIN Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended HUN Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended Language Pack - SVE (Version: 4.0.30319) Microsoft .NET Framework 4 Extended NOR Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended PLK Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended PTG Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended SVE Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extended TRK Language Pack (Version: 4.0.30319) Microsoft .NET Framework 4 Extendedin suomen kielipaketti (Version: 4.0.30319) Microsoft .NET Framework 4 Genişletilmiş TRK Dil Paketi (Version: 4.0.30319) Microsoft .NET Framework 4 İstemci Profili TRK Dil Paketi (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 2010 Service Pack 1 (SP1) (x32) Microsoft Office Access MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Excel MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Outlook MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Finnish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Swedish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing (Swedish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Publisher MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (Swedish) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Word MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.20513.0) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRT_amd64 (x32 Version: 15.4.2862.0708) MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) Norton 360 (x32 Version: 6.4.1.14) NVIDIA 3D Vision Driver 267.21 (Version: 267.21) NVIDIA Control Panel 267.21 (Version: 267.21) NVIDIA Graphics Driver 267.21 (Version: 267.21) NVIDIA HD audiodrivrutin 1.3.18.0 (Version: 1.3.18.0) NVIDIA Install Application (Version: 2.1002.109.718) NVIDIA PhysX (x32 Version: 9.10.0514) NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721) Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (x32 Version: 15.4.5722.2) Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (x32 Version: 15.4.5722.2) PMB (x32 Version: 5.5.02.12220) PMB VAIO Edition Plug-in (Version: 1.5.10.05300) PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922) Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Polski pakiet językowy dla programu Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922) Realtek PCIE Card Reader (x32 Version: 6.1.7600.77) Remote Keyboard (x32 Version: 1.1.1.03020) Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070) Skype™ 5.10 (x32 Version: 5.10.116) Sony Corporation (Version: 1.0.0) Spotify (HKCU Version: 0.9.1.57.ge7405149) SSLx64 (Version: 1.0.0) SSLx86 (x32 Version: 1.0.0) Svenska Spels Poker (x32) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2494150) (x32) Update for Microsoft Office 2010 (KB2553065) (x32) Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2566458) (x32) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32) Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32) uTorrentControl2 Toolbar (x32 Version: 6.8.9.0) Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (x32 Version: 15.4.5722.2) VAIO - Media Gallery (x32 Version: 1.5.0.16020) VAIO - PMB VAIO Edition Guide (x32 Version: 1.6.00.06030) VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140) VAIO - Remote Keyboard (x32 Version: 1.0.1.03020) VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.15070) VAIO Care (x32 Version: 6.4.2.11150) VAIO Control Center (x32 Version: 4.5.0.03040) VAIO Data Restore Tool (x32 Version: 1.6.0.13140) VAIO Easy Connect (x32 Version: 1.1.2.01120) VAIO Event Service (x32 Version: 5.5.0.03040) VAIO Gate (x32 Version: 2.3.0.11090) VAIO Gate Default (x32 Version: 2.4.0.03240) VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280) VAIO Hero Screensaver - Summer 2011 Screensaver (x32) VAIO Improvement (x32 Version: 1.0.0.14150) VAIO Improvement Validation (Version: 1.0.4.01190) VAIO Manual (x32 Version: 2.0.0.02250) VAIO Quick Web Access (x32 Version: 1.4.5.3) VAIO Sample Contents (x32 Version: 1.4.2.09010) VAIO Smart Network (x32 Version: 3.5.0.02280) VAIO Transfer Support (x32 Version: 1.4.0.14230) VAIO Update (x32 Version: 6.3.0.08010) VCCx86 (x32 Version: 1.0.0) WD SmartWare (Version: 1.2.0.20) VESx64 (Version: 1.0.0) VESx86 (x32 Version: 1.0.0) Windows Live Communications Platform (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3502.0922) Windows Live Essentials (x32 Version: 15.4.3508.1109) Windows Live Fotogaléria (x32 Version: 15.4.3502.0922) Windows Live Fotogalerie (x32 Version: 15.4.3502.0922) Windows Live Fotogalleri (x32 Version: 15.4.3502.0922) Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922) Windows Live Fotótár (x32 Version: 15.4.3502.0922) Windows Live ID Sign-in Assistant (Version: 7.250.4225.0) Windows Live Installer (x32 Version: 15.4.3502.0922) Windows Live Language Selector (Version: 15.4.3508.1109) Windows Live Mail (x32 Version: 15.4.3502.0922) Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2) Windows Live Mesh (x32 Version: 15.4.3502.0922) Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2) Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2) Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (x32 Version: 15.4.5722.2) Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2) Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2) Windows Live Meshin etäyhteyksien ActiveX-komponentti (x32 Version: 15.4.5722.2) Windows Live Messenger (x32 Version: 15.4.3502.0922) Windows Live MIME IFilter (Version: 15.4.3502.0922) Windows Live Movie Maker (x32 Version: 15.4.3502.0922) Windows Live Photo Common (x32 Version: 15.4.3502.0922) Windows Live Photo Gallery (x32 Version: 15.4.3502.0922) Windows Live PIMT Platform (x32 Version: 15.4.3508.1109) Windows Live Remote Client (Version: 15.4.5722.2) Windows Live Remote Client Resources (Version: 15.4.5722.2) Windows Live Remote Service (Version: 15.4.5722.2) Windows Live Remote Service Resources (Version: 15.4.5722.2) Windows Live SOXE (x32 Version: 15.4.3502.0922) Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922) Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922) Windows Live UX Platform (x32 Version: 15.4.3502.0922) Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109) Windows Live Writer (x32 Version: 15.4.3502.0922) Windows Live Writer Resources (x32 Version: 15.4.3502.0922) Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922) Windows Liven sähköposti (x32 Version: 15.4.3502.0922) Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922) VIx64 (Version: 1.0.0) VIx86 (x32 Version: 1.0.0) VLC media player 2.0.8 (x32 Version: 2.0.8) VSNx64 (Version: 1.0.0) VU5x64 (Version: 1.1.0) VU5x86 (x32 Version: 1.0.0) VU5x86 (x32 Version: 1.1.0) VWSTx86 (x32 Version: 1.0.0) Πακέτο γλωσσών για τα Ελληνικά του Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Πακέτο γλωσσών για τα Ελληνικά του Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (x32 Version: 15.4.5722.2) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922) Елемент керування Windows Live Mesh ActiveX для віддалених підключень (x32 Version: 15.4.5722.2) Основи Windows Live (x32 Version: 15.4.3502.0922) Основные компоненты Windows Live (x32 Version: 15.4.3502.0922) Почта Windows Live (x32 Version: 15.4.3502.0922) Фотоальбом Windows Live (x32 Version: 15.4.3502.0922) Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922) Фотоколекція Windows Live (x32 Version: 15.4.3502.0922) Элемент управления Windows Live Mesh ActiveX для удаленных подключений (x32 Version: 15.4.5722.2) ==================== Restore Points ========================= 04-09-2013 16:10:33 Windows Update 10-09-2013 14:13:40 Windows Update 13-09-2013 01:00:34 Windows Update 13-09-2013 23:21:10 Installed VAIO Update 18-09-2013 03:14:21 Windows Update 21-09-2013 17:09:08 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started Task: {0D4BA7E2-DD5A-46FA-BB15-D2354F5F7F90} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation) Task: {16B79D74-1957-452C-BA34-867EC49D4061} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task Task: {33041E18-478D-4E30-8E45-8130785ABA80} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {33FA6184-DE37-4869-85C6-D1D160910F82} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation) Task: {4A6A2478-81F7-4CBF-963D-A9E986C961EF} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\SymErr.exe [2012-02-04] (Symantec Corporation) Task: {4FAC3601-6617-4A15-956C-7B5FE09AE8C9} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation) Task: {61E39EC9-5593-44B9-806A-DBAA88D0826B} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\SymErr.exe [2012-02-04] (Symantec Corporation) Task: {8CF9E782-61CD-4B9F-B103-4C12CCEFF179} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {91FA703C-754B-4FC8-80BE-83ECE8489E04} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation) Task: {9906C726-0CF9-4C84-81D1-FD626EAE6724} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient Task: {997322BD-54AE-40BC-B873-5044D848394C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.) Task: {99A2BE5B-CC40-4F3F-AD5A-54ACED228C33} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation) Task: {9F7C92EB-5CBA-4C2A-A2B0-D40950471C01} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation) Task: {A6720F94-C90C-40B4-877E-C5874991A523} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation) Task: {BF657661-92AB-4980-B720-AFA52A037E1E} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation) Task: {CA172918-1152-4E36-BEA7-D0D5999B0A23} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation) Task: {E3B0EC5B-F05A-44BC-810C-06997B2D6EDD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-22] (Adobe Systems Incorporated) Task: {E8EC8FD4-B1E7-42F8-83CF-A668EE4F071B} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation) Task: {EEE3CC96-E73F-491A-A873-7565E45AB5DF} - System32\Tasks\User_Feed_Synchronization-{30A896D7-4D82-45EC-ADDD-652B59309106} => C:\Windows\system32\msfeedssync.exe [2013-03-22] (Microsoft Corporation) Task: {FA904470-9F15-40FD-B286-5AE06C1290C1} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation) Task: {FB0C3C00-4EF3-4FCE-A955-AD20661E380B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-12] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-02-06 18:32 - 2012-07-26 20:26 - 01840088 ____R (SwapDrive, Inc.) C:\Program Files (x86)\Norton 360\Engine64\6.4.1.14\BuEng.dll 2011-02-17 09:52 - 2011-02-17 05:06 - 00107376 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll 2011-02-17 09:52 - 2011-02-17 05:06 - 00107376 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\VXDIF.DLL 2009-08-19 15:49 - 2009-08-19 15:49 - 01069056 _____ (Memeo Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.dll 2009-08-19 15:49 - 2009-08-19 15:49 - 00049152 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll 2009-08-19 15:49 - 2009-08-19 15:49 - 00901120 _____ (Memeo Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Tanagra.Utility.dll 2009-08-19 15:49 - 2009-08-19 15:49 - 00015360 _____ (Stan Schultes, VBNetExpert.com) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\XMLSettings.dll 2009-08-19 15:49 - 2009-08-19 15:49 - 00290816 _____ (Memeo Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Tanagra.DataClad.DataAccess.dll 2009-08-19 15:49 - 2009-08-19 15:49 - 01404928 _____ (Memeo Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Tanagra.BMU.dll 2009-08-19 15:49 - 2009-08-19 15:49 - 00049152 _____ (Memeo Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Tanagra.Interop.dll 2009-08-19 15:49 - 2009-08-19 15:49 - 00069632 _____ (Finisar Corporation) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\SQLite.NET.dll 2009-02-25 14:18 - 2009-02-25 14:18 - 01196032 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\sqlite3.DLL 2013-07-09 09:30 - 2013-07-09 09:30 - 01250080 _____ (Conduit Ltd.) C:\Users\Leffe\AppData\LocalLow\uTorrentControl2\hk64tbuTo2.dll 2013-05-12 20:51 - 2012-03-14 05:00 - 03769344 _____ (CANON INC.) C:\Windows\system32\spool\DRIVERS\x64\3\CNMUIAE.DLL 2013-02-06 18:32 - 2012-07-26 20:26 - 01333720 ____R (SwapDrive, Inc.) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\BuEng.dll 2012-11-03 21:11 - 2013-07-11 09:32 - 24985600 _____ () C:\Users\Leffe\AppData\Roaming\Spotify\Data\libcef.dll 2012-11-03 21:11 - 2013-07-11 09:32 - 09964032 _____ (The ICU Project) C:\Users\Leffe\AppData\Roaming\Spotify\Data\icudt.dll 2012-11-15 14:07 - 2012-11-15 14:07 - 00794560 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\tokenapi.dll 2012-11-15 14:11 - 2012-11-15 14:11 - 00103360 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_svse.dll 2012-11-15 14:12 - 2012-11-15 14:12 - 00481216 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\branding.dll 2012-11-15 14:12 - 2012-11-15 14:12 - 00089024 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\br_svse.dll 2012-11-15 14:11 - 2012-11-15 14:11 - 00723904 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_dan.dll 2012-11-15 14:12 - 2012-11-15 14:12 - 00725440 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_fin.dll 2012-11-15 14:11 - 2012-11-15 14:11 - 00104896 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_frfr.dll 2012-11-15 14:12 - 2012-11-15 14:12 - 00731584 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_nlnl.dll 2012-11-15 14:12 - 2012-11-15 14:12 - 00721344 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_nor.dll 2012-11-15 14:12 - 2012-11-15 14:12 - 00102848 _____ (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\lng_plpl.dll 2013-08-16 10:29 - 2013-08-16 10:29 - 00475136 _____ (Intel Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ebdb3050959d9be47d33d2c77d6cc291\IAStorUtil.ni.dll 2012-02-20 21:28 - 2012-02-20 21:28 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll 2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2011-08-30 23:05 - 2011-08-30 23:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll 2011-05-09 10:49 - 2011-05-09 10:49 - 00176936 _____ (Conduit Ltd.) C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll 2013-07-09 09:30 - 2013-07-09 09:30 - 00332576 _____ (Conduit Ltd.) C:\Users\Leffe\AppData\LocalLow\uTorrentControl2\ldrtbuTo2.dll 2013-07-09 09:30 - 2013-07-09 09:30 - 05128992 _____ (Conduit Ltd.) C:\Users\Leffe\AppData\LocalLow\uTorrentControl2\tbuTo2.dll 2013-07-09 09:30 - 2013-07-09 09:30 - 01053984 _____ (Conduit Ltd.) C:\Users\Leffe\AppData\LocalLow\uTorrentControl2\hktbuTo2.dll 2011-06-23 15:20 - 2011-06-23 15:20 - 00638560 _____ (Conduit Ltd.) C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll 2013-09-13 18:53 - 2013-09-13 18:53 - 16244616 ____N (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_174.ocx 2013-05-02 10:10 - 2013-05-02 10:10 - 02928976 ___SH (Microsoft Corp.) \\?\C:\Users\Leffe\AppData\LocalLow\PlayReady\Cache\S-1-5-21-3398816673-3255225787-3868380858-1001\MSPRindiv01.key ==================== Alternate Data Streams (whitelisted) ========== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/21/2013 07:05:14 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/21/2013 07:03:47 PM) (Source: WDSmartWareBackgroundService) (User: ) Description: Problem starting Memeo Background Service :Fjärrtjänstkonfigurationen misslyckades med undantagsfelet System.Reflection.TargetInvocationException: Ett undantagsfel har uppstått i målet för en aktivering. ---> System.Security.Principal.IdentityNotMappedException: Vissa eller alla identitetsreferenser kunde inte översättas. vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) vid System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Slut på stackspårning för interna undantag --- vid System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) vid System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) vid System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) vid System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) vid RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args) Error: (09/20/2013 10:35:59 AM) (Source: WDSmartWareBackgroundService) (User: ) Description: Problem starting Memeo Background Service :Fjärrtjänstkonfigurationen misslyckades med undantagsfelet System.Reflection.TargetInvocationException: Ett undantagsfel har uppstått i målet för en aktivering. ---> System.Security.Principal.IdentityNotMappedException: Vissa eller alla identitetsreferenser kunde inte översättas. vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) vid System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Slut på stackspårning för interna undantag --- vid System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) vid System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) vid System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) vid System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) vid RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args) Error: (09/20/2013 10:31:31 AM) (Source: WDSmartWareBackgroundService) (User: ) Description: Problem starting Memeo Background Service :Fjärrtjänstkonfigurationen misslyckades med undantagsfelet System.Reflection.TargetInvocationException: Ett undantagsfel har uppstått i målet för en aktivering. ---> System.Security.Principal.IdentityNotMappedException: Vissa eller alla identitetsreferenser kunde inte översättas. vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) vid System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Slut på stackspårning för interna undantag --- vid System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) vid System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) vid System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) vid System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) vid RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args) Error: (09/19/2013 06:32:48 PM) (Source: WDSmartWareBackgroundService) (User: ) Description: Problem starting Memeo Background Service :Fjärrtjänstkonfigurationen misslyckades med undantagsfelet System.Reflection.TargetInvocationException: Ett undantagsfel har uppstått i målet för en aktivering. ---> System.Security.Principal.IdentityNotMappedException: Vissa eller alla identitetsreferenser kunde inte översättas. vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) vid System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Slut på stackspårning för interna undantag --- vid System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) vid System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) vid System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) vid System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) vid RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args) Error: (09/19/2013 06:29:53 PM) (Source: WDSmartWareBackgroundService) (User: ) Description: Problem starting Memeo Background Service :Fjärrtjänstkonfigurationen misslyckades med undantagsfelet System.Reflection.TargetInvocationException: Ett undantagsfel har uppstått i målet för en aktivering. ---> System.Security.Principal.IdentityNotMappedException: Vissa eller alla identitetsreferenser kunde inte översättas. vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) vid System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Slut på stackspårning för interna undantag --- vid System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) vid System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) vid System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) vid System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) vid RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args) Error: (09/19/2013 06:20:17 PM) (Source: Application Error) (User: ) Description: Felet uppstod i programmet med namn: iTeleportService.exe, version 6.1.0.2, tidsstämpel 0x5075cad0 , felet uppstod i modulen med namn: jingle.dll, version 0.0.0.0, tidsstämpel 0x506e0b2b Undantagskod: 0xc0000005 Felförskjutning: 0x00008f0e Process-ID: 0x7fc Programmets starttid: 0xiTeleportService.exe0 Sökväg till program: iTeleportService.exe1 Sökväg till modul: iTeleportService.exe2 Rapport-ID: iTeleportService.exe3 Error: (09/19/2013 06:20:17 PM) (Source: .NET Runtime) (User: ) Description: Tillämpningsprogram: iTeleportService.exe Framework-version: v4.0.30319 Beskrivning: Processen avslutades på grund av ett ohanterat undantag. Undantagsinformation: undantagskod c0000005, undantagsadress 6FB08F0E Stack: Error: (09/19/2013 06:19:21 PM) (Source: Bonjour Service) (User: ) Description: Client application registered 2 identical instances of service LEFFE-VAIO._rfb._tcp.local. port 5900. Error: (09/18/2013 00:20:03 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 12324 System errors: ============= Error: (09/21/2013 07:06:18 PM) (Source: Service Control Manager) (User: ) Description: Tjänsten Intel® Rapid Storage Technology kunde inte startas på grund av följande fel: %%1053 Error: (09/21/2013 07:06:18 PM) (Source: Service Control Manager) (User: ) Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Intel® Rapid Storage Technology skulle ansluta. Error: (09/21/2013 07:04:45 PM) (Source: DCOM) (User: NT instans) Description: programspecifikLokalStarta{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT instansSYSTEMS-1-5-18LocalHost (med LRPC) Error: (09/21/2013 07:03:39 PM) (Source: Service Control Manager) (User: ) Description: Tjänsten McAfee SiteAdvisor Service kunde inte startas på grund av följande fel: %%2 Error: (09/21/2013 07:03:34 PM) (Source: BTHUSB) (User: ) Description: Det lokala Bluetooth-kortet fungerade inte på ett odefinierat sätt och kommer inte att användas. Drivrutinen har inaktiverats. Error: (09/20/2013 10:37:05 AM) (Source: Service Control Manager) (User: ) Description: Tjänsten Windows Management Instrumentation avbröts med följande fel: %%127 Error: (09/20/2013 10:36:58 AM) (Source: DCOM) (User: NT instans) Description: programspecifikLokalStarta{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT instansSYSTEMS-1-5-18LocalHost (med LRPC) Error: (09/20/2013 10:36:30 AM) (Source: Service Control Manager) (User: ) Description: Tjänsten HomeGroup Listener avbröts med det tjänstspecifika felet %%-2147023143. Error: (09/20/2013 10:36:29 AM) (Source: Service Control Manager) (User: ) Description: Tjänsten Windows Management Instrumentation avbröts med följande fel: %%127 Error: (09/20/2013 10:36:29 AM) (Source: DCOM) (User: ) Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Microsoft Office Sessions: ========================= Error: (09/21/2013 07:05:14 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/21/2013 07:03:47 PM) (Source: WDSmartWareBackgroundService)(User: ) Description: Problem starting Memeo Background Service :Fjärrtjänstkonfigurationen misslyckades med undantagsfelet System.Reflection.TargetInvocationException: Ett undantagsfel har uppstått i målet för en aktivering. ---> System.Security.Principal.IdentityNotMappedException: Vissa eller alla identitetsreferenser kunde inte översättas. vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) vid System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Slut på stackspårning för interna undantag --- vid System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) vid System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) vid System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) vid System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) vid RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args) Error: (09/20/2013 10:35:59 AM) (Source: WDSmartWareBackgroundService)(User: ) Description: Problem starting Memeo Background Service :Fjärrtjänstkonfigurationen misslyckades med undantagsfelet System.Reflection.TargetInvocationException: Ett undantagsfel har uppstått i målet för en aktivering. ---> System.Security.Principal.IdentityNotMappedException: Vissa eller alla identitetsreferenser kunde inte översättas. vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) vid System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Slut på stackspårning för interna undantag --- vid System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) vid System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) vid System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) vid System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) vid RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args) Error: (09/20/2013 10:31:31 AM) (Source: WDSmartWareBackgroundService)(User: ) Description: Problem starting Memeo Background Service :Fjärrtjänstkonfigurationen misslyckades med undantagsfelet System.Reflection.TargetInvocationException: Ett undantagsfel har uppstått i målet för en aktivering. ---> System.Security.Principal.IdentityNotMappedException: Vissa eller alla identitetsreferenser kunde inte översättas. vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) vid System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Slut på stackspårning för interna undantag --- vid System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) vid System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) vid System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) vid System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) vid RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args) Error: (09/19/2013 06:32:48 PM) (Source: WDSmartWareBackgroundService)(User: ) Description: Problem starting Memeo Background Service :Fjärrtjänstkonfigurationen misslyckades med undantagsfelet System.Reflection.TargetInvocationException: Ett undantagsfel har uppstått i målet för en aktivering. ---> System.Security.Principal.IdentityNotMappedException: Vissa eller alla identitetsreferenser kunde inte översättas. vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) vid System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Slut på stackspårning för interna undantag --- vid System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) vid System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) vid System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) vid System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) vid RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args) Error: (09/19/2013 06:29:53 PM) (Source: WDSmartWareBackgroundService)(User: ) Description: Problem starting Memeo Background Service :Fjärrtjänstkonfigurationen misslyckades med undantagsfelet System.Reflection.TargetInvocationException: Ett undantagsfel har uppstått i målet för en aktivering. ---> System.Security.Principal.IdentityNotMappedException: Vissa eller alla identitetsreferenser kunde inte översättas. vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) vid System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) vid System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Slut på stackspårning för interna undantag --- vid System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) vid System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) vid System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) vid System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity). vid System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) vid System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) vid RemoteServerService.WDSmartWareBackgroundService.OnStart(String[] args) Error: (09/19/2013 06:20:17 PM) (Source: Application Error)(User: ) Description: iTeleportService.exe6.1.0.25075cad0jingle.dll0.0.0.0506e0b2bc000000500008f0e7fc01ceb4254c09d8f9C:\Program Files (x86)\iTeleport\iTeleport Connect\iTeleportService.exeC:\Program Files (x86)\iTeleport\iTeleport Connect\jingle.dll5ebf2f7a-2147-11e3-a54c-9439e5bae3e6 Error: (09/19/2013 06:20:17 PM) (Source: .NET Runtime)(User: ) Description: Tillämpningsprogram: iTeleportService.exe Framework-version: v4.0.30319 Beskrivning: Processen avslutades på grund av ett ohanterat undantag. Undantagsinformation: undantagskod c0000005, undantagsadress 6FB08F0E Stack: Error: (09/19/2013 06:19:21 PM) (Source: Bonjour Service)(User: ) Description: Client application registered 2 identical instances of service LEFFE-VAIO._rfb._tcp.local. port 5900. Error: (09/18/2013 00:20:03 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 12324 ==================== Memory info =========================== Percentage of memory in use: 58% Total physical RAM: 4077.86 MB Available physical RAM: 1709.93 MB Total Pagefile: 8153.9 MB Available Pagefile: 4989.7 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:579.22 GB) (Free:36.98 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 50606AF8) Partition 1: (Not Active) - (Size=17 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=579 GB) - (Type=07 NTFS) ==================== End Of Log ============================
- September 23, 2013
- 10 svar
Polisviruset

busefin svarade på busefin's ämne i Borttagning av virus och andra skadliga program

Super mycket tack. nu funkar den igen. Tack tack och fortsatt trevlig helg. Med vänlig hälsning Leif
- September 21, 2013
- 10 svar
Polisviruset

ett ämne postade busefin i Borttagning av virus och andra skadliga program

Finns det en vänlig själ som kan hjälpa en okunnig? Stort TACK på förhand // Leif Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01 Ran by SYSTEM on MININT-8RV0IBV on 21-09-2013 12:08:58 Running from G:\ Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.) HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Commnucations) HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations) HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.) HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation) HKLM-x32\...\Run: [iSBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) HKU\Leffe\...\Run: [iTeleportConnect] - C:\Program Files (x86)\iTeleport\iTeleport Connect\iTeleportConnect.exe [1999360 2012-10-10] (iTeleport, Inc.) HKU\Leffe\...\Run: [spotify Web Helper] - C:\Users\Leffe\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-11] (Spotify Ltd) HKU\Leffe\...\Run: [spotify] - C:\Users\Leffe\AppData\Roaming\Spotify\Spotify.exe [4640768 2013-07-11] (Spotify Ltd) Startup: C:\Users\Leffe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mqie7tgr.lnk ShortcutTarget: mqie7tgr.lnk -> C:\PROGRA~3\rgt7eiqm.plz (Daniel Pistelli) Startup: C:\Users\Leffe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skärmurklipp och start för OneNote 2010.lnk ShortcutTarget: Skärmurklipp och start för OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) ==================== Services (Whitelisted) ================= S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) S2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) S2 iTeleportService; C:\Program Files (x86)\iTeleport\iTeleport Connect\iTeleportService.exe [28160 2012-10-10] (iTeleport, Inc.) S2 N360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation) S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation) S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation) S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation) S2 Winmgmt; C:\PROGRA~3\mqie7tgr.pzz [62052 2013-09-18] (Microsoft Corporation) S2 Winmgmt; C:\PROGRA~3\mqie7tgr.pzz [62052 2013-09-18] (Microsoft Corporation) S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [x] ==================== Drivers (Whitelisted) ==================== S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.) S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [1387608 2013-03-22] (Symantec Corporation) S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130322.001\BHDrvx64.sys [1387608 2013-03-22] (Symantec Corporation) S1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation) S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-09-05] (Symantec Corporation) S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-09-05] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-09-29] (Symantec Corporation) S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130405.001\IDSvia64.sys [513184 2012-09-01] (Symantec Corporation) S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130405.001\IDSvia64.sys [513184 2012-09-01] (Symantec Corporation) S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130406.008\ENG64.SYS [126192 2013-02-01] (Symantec Corporation) S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130406.008\ENG64.SYS [126192 2013-02-01] (Symantec Corporation) S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130406.008\EX64.SYS [2087664 2013-02-01] (Symantec Corporation) S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130406.008\EX64.SYS [2087664 2013-02-01] (Symantec Corporation) S3 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation) S1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation) S0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2011-08-15] (Symantec Corporation) S0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation) S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-04-07] (Symantec Corporation) S1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation) S1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-09-21 12:08 - 2013-09-21 12:08 - 00000000 ____D C:\FRST 2013-09-18 04:16 - 2013-09-18 04:16 - 00016181 ____T C:\ProgramData\6jlwt7.exe 2013-09-18 04:03 - 2013-09-18 04:03 - 00000000 ____D C:\Users\Leffe\AppData\Roaming\ArcSoft 2013-09-18 04:03 - 2013-09-18 04:03 - 00000000 ____D C:\Users\Leffe\AppData\Local\ArcSoft 2013-09-18 04:00 - 2013-09-20 08:36 - 95025368 ____T C:\ProgramData\mqie7tgr.pff 2013-09-18 04:00 - 2013-09-20 08:36 - 00000000 _____ C:\ProgramData\mqie7tgr.ctrl 2013-09-18 04:00 - 2013-09-18 04:00 - 00192912 _____ (Daniel Pistelli) C:\ProgramData\rgt7eiqm.plz 2013-09-18 04:00 - 2013-09-18 04:00 - 00062052 ____T (Microsoft Corporation) C:\ProgramData\mqie7tgr.pzz 2013-09-13 01:13 - 2013-08-10 05:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-09-13 01:13 - 2013-08-10 05:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-09-13 01:13 - 2013-08-10 05:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-09-13 01:13 - 2013-08-10 05:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-09-13 01:13 - 2013-08-10 05:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-09-13 01:13 - 2013-08-10 05:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-09-13 01:13 - 2013-08-10 03:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-09-13 01:13 - 2013-08-10 03:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-09-13 01:13 - 2013-08-10 03:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-09-13 01:13 - 2013-08-10 03:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-09-13 01:13 - 2013-08-10 03:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-09-13 01:13 - 2013-08-10 03:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-09-13 01:13 - 2013-08-10 03:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-09-13 01:13 - 2013-08-10 02:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-09-13 01:13 - 2013-08-10 02:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-09-13 01:12 - 2013-08-10 05:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-09-13 01:12 - 2013-08-10 05:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-09-13 01:12 - 2013-08-10 05:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-09-13 01:12 - 2013-08-10 05:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-09-13 01:12 - 2013-08-10 05:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-09-13 01:12 - 2013-08-10 05:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-09-13 01:12 - 2013-08-10 05:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-09-13 01:12 - 2013-08-10 05:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-09-13 01:12 - 2013-08-10 03:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-09-13 01:12 - 2013-08-10 03:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-09-13 01:12 - 2013-08-10 03:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-09-13 01:12 - 2013-08-10 03:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-09-13 01:12 - 2013-08-10 03:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-09-13 01:12 - 2013-08-10 03:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-09-13 01:12 - 2013-08-10 03:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-09-13 01:12 - 2013-08-10 03:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-09-12 16:18 - 2013-08-08 01:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys 2013-09-12 16:18 - 2013-08-05 02:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys 2013-09-12 16:18 - 2013-08-02 02:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2013-09-12 16:18 - 2013-08-02 02:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll 2013-09-12 16:18 - 2013-08-02 02:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll 2013-09-12 16:18 - 2013-08-02 02:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll 2013-09-12 16:18 - 2013-08-02 02:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll 2013-09-12 16:18 - 2013-08-02 02:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll 2013-09-12 16:18 - 2013-08-02 02:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll 2013-09-12 16:18 - 2013-08-02 02:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll 2013-09-12 16:18 - 2013-08-02 02:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 02:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-09-12 16:18 - 2013-08-02 01:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-09-12 16:18 - 2013-08-02 01:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-09-12 16:18 - 2013-08-02 01:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2013-09-12 16:18 - 2013-08-02 01:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2013-09-12 16:18 - 2013-08-02 01:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 01:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe 2013-09-12 16:18 - 2013-08-02 00:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe 2013-09-12 16:18 - 2013-08-02 00:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-09-12 16:18 - 2013-08-02 00:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-09-12 16:18 - 2013-08-02 00:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-09-12 16:18 - 2013-08-02 00:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-09-12 16:18 - 2013-08-02 00:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 00:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 00:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 16:18 - 2013-08-02 00:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-12 16:17 - 2013-07-26 02:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll 2013-09-12 16:17 - 2013-07-26 02:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll 2013-09-12 16:17 - 2013-07-26 01:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-09-12 16:17 - 2013-07-26 01:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll ==================== One Month Modified Files and Folders ======= 2013-09-21 12:08 - 2013-09-21 12:08 - 00000000 ____D C:\FRST 2013-09-20 08:36 - 2013-09-18 04:00 - 95025368 ____T C:\ProgramData\mqie7tgr.pff 2013-09-20 08:36 - 2013-09-18 04:00 - 00000000 _____ C:\ProgramData\mqie7tgr.ctrl 2013-09-20 08:36 - 2012-11-12 07:54 - 00000988 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-09-20 08:36 - 2012-11-03 19:11 - 00000000 ____D C:\Users\Leffe\AppData\Roaming\Spotify 2013-09-20 08:35 - 2011-09-17 13:38 - 00000000 ____D C:\ProgramData\NVIDIA 2013-09-20 08:35 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-09-20 08:35 - 2009-07-14 04:51 - 00103305 _____ C:\Windows\setupact.log 2013-09-19 16:32 - 2012-03-22 16:44 - 00003932 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{30A896D7-4D82-45EC-ADDD-652B59309106} 2013-09-19 16:20 - 2012-11-12 07:54 - 00000992 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-09-19 16:20 - 2012-03-22 16:20 - 01366276 _____ C:\Windows\WindowsUpdate.log 2013-09-19 16:20 - 2009-07-14 04:45 - 00020928 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-09-19 16:20 - 2009-07-14 04:45 - 00020928 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-09-19 16:19 - 2012-09-05 16:14 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-09-18 04:16 - 2013-09-18 04:16 - 00016181 ____T C:\ProgramData\6jlwt7.exe 2013-09-18 04:05 - 2012-05-13 14:45 - 00000000 ____D C:\Users\Leffe\AppData\Roaming\uTorrent 2013-09-18 04:03 - 2013-09-18 04:03 - 00000000 ____D C:\Users\Leffe\AppData\Roaming\ArcSoft 2013-09-18 04:03 - 2013-09-18 04:03 - 00000000 ____D C:\Users\Leffe\AppData\Local\ArcSoft 2013-09-18 04:03 - 2011-09-17 14:00 - 00000000 ____D C:\ProgramData\ArcSoft 2013-09-18 04:00 - 2013-09-18 04:00 - 00192912 _____ (Daniel Pistelli) C:\ProgramData\rgt7eiqm.plz 2013-09-18 04:00 - 2013-09-18 04:00 - 00062052 ____T (Microsoft Corporation) C:\ProgramData\mqie7tgr.pzz 2013-09-16 21:45 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\System32\NDF 2013-09-16 21:21 - 2012-05-16 19:12 - 00000000 ____D C:\Users\Leffe\AppData\Local\CrashDumps 2013-09-16 03:21 - 2013-08-12 14:21 - 00000000 ____D C:\Users\Leffe\AppData\Roaming\vlc 2013-09-15 16:49 - 2011-02-14 21:13 - 00661956 _____ C:\Windows\System32\perfh01D.dat 2013-09-15 16:49 - 2011-02-14 21:13 - 00141726 _____ C:\Windows\System32\perfc01D.dat 2013-09-15 16:49 - 2009-07-14 05:13 - 01574032 _____ C:\Windows\System32\PerfStringBackup.INI 2013-09-14 07:51 - 2012-12-13 03:34 - 00000000 ____D C:\Update 2013-09-14 00:12 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\rescache 2013-09-13 23:23 - 2011-09-17 13:44 - 00000000 ____D C:\ProgramData\Sony Corporation 2013-09-13 16:54 - 2012-09-05 16:14 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-09-13 16:53 - 2012-09-05 16:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-09-13 16:53 - 2012-09-05 16:14 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-09-13 06:59 - 2013-08-11 08:19 - 00029727 _____ C:\test.xml 2013-09-13 01:33 - 2009-07-14 04:45 - 00437696 _____ C:\Windows\System32\FNTCACHE.DAT 2013-09-13 01:12 - 2013-07-14 07:07 - 00000000 ____D C:\Windows\System32\MRT 2013-09-13 01:09 - 2012-05-13 14:57 - 79143768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-09-13 01:09 - 2012-04-07 05:08 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-09-12 16:28 - 2012-12-06 16:55 - 00014037 _____ C:\Users\Leffe\Documents\Lotto jobb.xlsx 2013-09-12 16:09 - 2012-11-03 19:11 - 00000000 ____D C:\Users\Leffe\AppData\Local\Spotify 2013-09-04 15:59 - 2012-11-12 07:54 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2013-08-28 14:44 - 2012-11-05 20:42 - 00000000 ____D C:\ProgramData\boost_interprocess 2013-08-26 19:38 - 2013-07-08 16:17 - 00015716 _____ C:\Users\Leffe\Documents\EKONOMI (sparad automatiskt).xlsx 2013-08-22 05:08 - 2010-11-21 03:47 - 00089838 _____ C:\Windows\PFRO.log Files to move or delete: ==================== C:\ProgramData\6jlwt7.exe C:\ProgramData\mqie7tgr.ctrl C:\ProgramData\mqie7tgr.pff C:\ProgramData\rgt7eiqm.plz Some content of TEMP: ==================== C:\Users\Leffe\AppData\Local\Temp\mwlriltsmprgiwcoudi.bfg C:\Users\Leffe\AppData\Local\Temp\SpotifyUpgrader.exe ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= 7 Restore point made on: 2013-08-27 13:39:23 Restore point made on: 2013-08-30 16:24:06 Restore point made on: 2013-09-04 16:11:24 Restore point made on: 2013-09-10 14:14:00 Restore point made on: 2013-09-13 01:01:06 Restore point made on: 2013-09-13 23:22:12 Restore point made on: 2013-09-18 03:14:56 ==================== Memory info =========================== Percentage of memory in use: 17% Total physical RAM: 4077.86 MB Available physical RAM: 3359.07 MB Total Pagefile: 4076.01 MB Available Pagefile: 3355.08 MB Total Virtual: 8192 MB Available Virtual: 8191.88 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:579.22 GB) (Free:38 GB) NTFS Drive e: (Recovery) (Fixed) (Total:16.85 GB) (Free:1.12 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive g: () (Removable) (Total:3.75 GB) (Free:3.74 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 50606AF8) Partition 1: (Not Active) - (Size=17 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=579 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 4 GB) (Disk ID: 04DD5721) Partition 1: (Active) - (Size=4 GB) - (Type=0B) LastRegBack: 2013-09-12 18:55 ==================== End Of Log ============================
- September 21, 2013
- 10 svar

Logga in

busefin

Innehållsantal

Gick med

Besökte senast

busefin's Achievements

(1/8)

Polisviruset

Polisviruset

Polisviruset

Polisviruset

Bläddra

Aktivitet