Security Shield!

[MrO]

Ok vilka metoder testade du för att återställa din hostsfil?Äntligen så är fulingen åtgärdad då,mycket bra av mcAfee!!

Uppdatera din malwarebytes och kör en ny scan,posta loggan om något hittas!

[bengsi]

Scannade med malwarebytes, men den hittade inget.

När jag försökte återställa hosts-filen gjorde jag som det stod här: http://support.microsoft.com/kb/972034/sv

Först själv, eftersom guiden inte funkade i säkerhetsläget, och nu använde jag Fix it, men vet inte om det funkade...

I vilket fall är de där jobbiga pop-up-grejerna fortfarande kvar :/

[MrO]

Ok Security Shield har ändrat på behörigheten till denna hostsfil så följ instruktionerna i punkt 22 o 23 hos bleepingcomputor!

http://www.bleepingcomputer.com/virus-removal/remove-security-shield

[bengsi]

Har försökt med den guiden innan också, och nu igen, men det funkar inte. Trots att jag är administratör och anger detta, säger datorn att jag inte har behörighet till mappen. Dessutom säger den att det redan finns en Hosts-fil när jag vill spara den nya, trots att den gamla är raderad :S

[MrO]

Har du laddat ner och kört bat-filen under punkt 22 innan du försöker ladda in ny hosts-fil?

[bengsi]

Har du laddat ner och kört bat-filen under punkt 22 innan du försöker ladda in ny hosts-fil?

Ja.

[MrO]

Ok det kanske är så att denna bat-fil inte fungerar på 64 bitars system,ska kolla lite med andra om detta!

kör en Fil&Registerstädning med Ccleaner så länge

http://www.piriform....r/download/slim

Och sen kan du även prova att köra bat-filen i felsäkert läge också för att se om det fungerar bättre

Edit:Jo den skall fungera på 64 bitars också,följ dessa instruktioner exakt då:

Usage Instructions:

1. Download the hosts-perm.bat file and save it somewhere on your computer.
   
2. Double-click the hosts-perm.bat file and when it is done you will see a message stating "The Permissions on the HOSTS file have been reset.".
   
3. Press any key on your keyboard to exit the batch file.
   
4. You should now be able to modify or delete the HOSTS file.
   

Redigerad Augusti 5, 2012 av MrO

[bengsi]

1. Download the hosts-perm.bat file and save it somewhere on your computer.
   
2. Double-click the hosts-perm.bat file and when it is done you will see a message stating "The Permissions on the HOSTS file have been reset.".
   
3. Press any key on your keyboard to exit the batch file.
   
4. You should now be able to modify or delete the HOSTS file.
   

Följde anvisningarna till punkt och pricka, i felsäkert läge den här gången, men det funkade ändå inte. Sedan betedde sig programmet inte som det står på punkt 3, utan stängde ner sig själv automatiskt efter någon mikrosekund (fast det såg jag i den andra guiden att det skulle göra?).

Angående Ccleaner så lät jag den analysera först, och den ville radera flera program som jag vill/behöver spara, så vågade inte fortsätta med städningen ... kan man välja vilka den ska radera?

[MrO]

Ok men du fick beskedet "The Permissions on the HOSTS file have been reset"?

Nu förstår jag inte med Ccleaner,skulle programmet avinstallera dina program när du körde fil städningen?

Ccleaner är ett säkert program att använda

Redigerad Augusti 5, 2012 av MrO

[bengsi]

Det står något i en svart ruta, men den försvinner så snabbt att det inte går att läsa.

När jag kör ccleaner ser det ut så här efter analysen:

och överst står det "Detaljer för filer som kan tas bort (OBS: Inga filer har tagits bort än)".

Exempelvis verkar den ju vilja ta bort McAfee antivirus, Office, m.m. Vilket väl inte ska behövas?

[bengsi]

Sedan försökte jag med microsofts fix it-guide för hosts, men hur vet jag om det funkade (vilket det väl troligtvis inte gjorde...)? Köra en ny DDS?

[MrO]

Ok men Ccleaner tar ju inte bort hela programmen utan det är loggar o annat som sparas men som inte behövas för att programmen skall fungera!

Ja kör ny DDS så får vi se hur det ser ut,kan du även öppna hostsfilen i anteckningar o klistra in det som står där här!?

[bengsi]

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Emma at 20:07:57 on 2012-08-05

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.3950.2742 [GMT 2:00]

.

AV: McAfee Antivirus och antispionprogram *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Antivirus och antispionprogram *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Windows\system32\mfevtps.exe

C:\Windows\system32\rundll32.exe

C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

C:\Windows\system32\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\Tablet.exe

C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe

C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe

C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe

C:\Windows\system32\taskhost.exe

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\WTablet\TabUserW.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\Tablet.exe

C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Apoint\Apoint.exe

C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files (x86)\Personal\bin\Personal.exe

C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe

C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ekort\ekort.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Windows\SysWOW64\OBroker.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Sony\VAIO Power Management\SPMService.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Apoint\ApMsgFwd.exe

C:\Program Files\Apoint\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Apoint\Apvfb.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Sony\VAIO Care\VCPerfService.exe

C:\Program Files\Sony\VAIO Care\listener.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Sony\VAIO Care\VCsystray.exe

C:\Program Files\Sony\VAIO Care\VCService.exe

C:\Program Files\Sony\VAIO Care\VCAgent.exe

C:\Windows\System32\vds.exe

C:\Windows\system32\svchost.exe -k defragsvc

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearch Bar = Preserve

uStart Page = hxxp://www.google.se/

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120629133947.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - C:\Program Files (x86)\ekort\EKortHelper.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - C:\Program Files (x86)\ekort\EKortToolbar.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

TB: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File

uRun: [spotify Web Helper] "C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

StartupFolder: C:\Users\Emma\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

StartupFolder: C:\Users\Emma\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SKRMUR~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

uPolicies-explorer: RestrictRun = 0 (0x0)

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: RestrictRun = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} - hxxp://www.turntool.com/ViewerInstall.exe

DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujidirekt.se/aurigma/ImageUploader5.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{36601CEE-D5D8-49CC-9878-7011DD745294} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{6D7BD819-48F2-4E64-8CDB-988BAD52DF69} : DhcpNameServer = 195.54.122.199 195.54.122.204

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: VESWinlogon - VESWinlogon.dll

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

{7DB2D5A0-7241-4E79-B68D-6309F01C5231}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{9065E913-4F23-4B47-9B5D-B055D32DB1F3}

{AA58ED58-01DD-4d91-8333-CF10577473F7}

{B164E929-A1B6-4A06-B104-2CD0E90A88FF}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF}

{2318C2B1-4965-11d4-9B18-009027A5CD4F}

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}

TB-X64: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun-x64: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

Hosts: 78.46.61.26 www.google-analytics.com.

Hosts: 78.46.61.26 ad-emea.doubleclick.net.

Hosts: 78.46.61.26 www.statcounter.com.

Hosts: 108.163.215.51 www.google-analytics.com.

Hosts: 108.163.215.51 ad-emea.doubleclick.net.

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-28 13336]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-2 655944]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936]

R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936]

R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936]

R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-6-29 199304]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-6-29 210616]

R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]

R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]

R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?]

R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-12-15 259192]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2012-5-29 2143072]

R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-1-13 104960]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-28 2320920]

R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-9-14 642416]

R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776]

R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-1-13 821760]

R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]

R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2012-5-8 11856]

R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-1-13 571248]

R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-12-15 44736]

R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S2 0048881343150844mcinstcleanup;McAfee Application Installer Cleanup (0048881343150844);C:\Windows\TEMP\004888~1.EXE -cleanup -nolog --> C:\Windows\TEMP\004888~1.EXE -cleanup -nolog [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-13 133104]

S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-2 250056]

S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-13 133104]

S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]

S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840]

S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-1-13 120104]

S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2010-1-13 70952]

S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-1-13 427304]

S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-1-13 75048]

S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2010-1-13 91432]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-1-13 361840]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568]

.

=============== Created Last 30 ================

.

2012-08-05 17:20:42 -------- d-----w- C:\Program Files\CCleaner

2012-08-05 16:12:01 -------- d-----w- C:\Users\Emma\AppData\Roaming\f-secure

2012-08-05 16:11:35 -------- d-----w- C:\ProgramData\F-Secure

2012-08-05 12:26:11 34656 ----a-w- C:\Windows\System32\TURegOpt.exe

2012-08-05 12:26:10 25952 ----a-w- C:\Windows\System32\authuitu.dll

2012-08-05 12:26:10 21344 ----a-w- C:\Windows\SysWow64\authuitu.dll

2012-08-05 12:25:15 -------- d-----w- C:\Users\Emma\AppData\Roaming\TuneUp Software

2012-08-05 12:24:59 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2012

2012-08-05 12:24:11 -------- d-----w- C:\ProgramData\TuneUp Software

2012-08-05 12:23:27 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2012-08-05 12:23:27 -------- d--h--w- C:\ProgramData\Common Files

2012-08-03 13:00:42 -------- d-----w- C:\Program Files (x86)\ESET

2012-08-02 20:00:52 98816 ----a-w- C:\Windows\sed.exe

2012-08-02 20:00:52 518144 ----a-w- C:\Windows\SWREG.exe

2012-08-02 20:00:52 256000 ----a-w- C:\Windows\PEV.exe

2012-08-02 20:00:52 208896 ----a-w- C:\Windows\MBR.exe

2012-08-02 20:00:44 -------- d-s---w- C:\ComboFix

2012-08-02 18:06:31 -------- d-----w- C:\Users\Emma\AppData\Roaming\Malwarebytes

2012-08-02 18:06:21 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-08-02 18:06:21 -------- d-----w- C:\ProgramData\Malwarebytes

2012-08-02 18:06:21 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-08-01 22:50:34 -------- d-----w- C:\ProgramData\7531CC77000844B0C9AE2DF4F875F002

2012-07-12 20:05:44 -------- d-----w- C:\Users\Emma\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2012-07-12 20:02:52 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe

2012-07-12 20:00:48 -------- d-----w- C:\ProgramData\ALM

2012-07-12 18:50:37 -------- d-----w- C:\Users\Emma\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2012-07-12 18:50:32 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant

2012-07-12 00:02:14 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-07-11 23:58:00 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-07-11 23:58:00 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-07-11 17:18:22 2004480 ----a-w- C:\Windows\System32\msxml6.dll

2012-07-11 17:17:59 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll

2012-07-11 17:17:58 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll

2012-07-11 17:17:58 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll

2012-07-11 17:17:57 1133568 ----a-w- C:\Windows\System32\cdosys.dll

.

==================== Find3M ====================

.

2012-08-03 12:41:56 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-03 12:41:56 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll

2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-02 13:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-02 13:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2012-05-25 15:13:54 162224 ----a-w- C:\Windows\System32\mfevtps.exe

.

============= FINISH: 20:08:45,54 ===============

Attach.zip

[bengsi]

Körde Ccleaner.

Så här ser det ut i Hosts-filen:

# Copyright © 1993-2006 Microsoft Corp. # # Det här är HOSTS-exempelfilen som används av Microsoft TCP/IP för Windows. # # Den här filen innehåller mappningar av IP-adresser till värdnamn. Du bör # inte ange fler än en post per rad. IP-adressen bör anges # i den första kolumnen och följas av motsvarande värddatornamn. # IP-adressen och värdnamnet måste åtskiljas av minst ett blanksteg. # # Kommentarer (som dessa) kan infogas på en egen rad eller # efter ett datornamn. Kommentarer måste föregås av tecknet #. # # Till exempel: # # 102.54.94.97 rhino.acme.com # källserver # 38.25.63.10 x.acme.com # klientvärddatorn x

# Namnuppslag för localhost hanteras inom DNS. # 127.0.0.1 localhost # ::1 localhost

[MrO]

Hmm kanske inte så bra att du installerar optimeringsprogram och fler antivirusprogram medan vi håller på med rensningen!!

Har du köpt TuneUp Utilities 2012 eller är detta program crackat??

Är Adobe Reader köpt eller crackat?

Vad finns i dessa mappar:

C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}

C:\ProgramData\7531CC77000844B0C9AE2DF4F875F002

Redigerad Augusti 5, 2012 av MrO

[bengsi]

Nähä, okej. Tune up är en fri trial version, Adobe Reader är inte installerat (kan ha kommit från en fri trial version av Adobe Photoshop?).

I mapparna är det Windows Installer & en ikon, står det.

[MrO]

Ok vet inte riktigt va Tune up gör numera men den ligger o kör iallafall!

ComboFix skall numera fungera även med 64 bitars system så jag tror det är bäst med en djupare analys av ditt system!

Skriv ut nedanstående eller kopiera det till ett textdokument och spara det till skrivbordet:

Läs/Följ Instruktionerna mycket noga

Hämta hem ComboFix från nedanstående länk

=> ComboFix.exe

1: Spara ComboFix till skrivbordet "Mycket viktigt"

Stäng av alla program du ser inklusive antivirusprogram, antispionprogram. Men låt brandväggen vara på.

Information om hur du stänger av ditt antivirusprogram finns Här

2: Dubbelklicka på ComboFix för att starta den

(För Vista/Win7-användare: Högerklicka och välj Kör som Administratör:)

3: Följ anvisningarna som visas på skärmen.

4: Om du får förfrågan om du vill installera återställningskonsolen så svara ja.

Denna gör det möjligt att starta datorn i ett särskild återställningsläge vilket kan vara bra om något händer med datorn under de kommande procedurerna.

5: När den är färdig så skall en text-logg komma upp, kopiera och klistra in den hit till din tråd

Kan även hittas här => (C:\ComboFix.txt)

VIKTIGT! Klicka INTE på Combofix-fönstret med musen när ComboFix körs annars kan scanningen hänga upp sig.

VIKTIGT: Kontrollera att antivirusprogram/antispionprogram mm är återaktiverade innan du ansluter till Internet.

OBSERVERA:

Verktyget/Programmet kan ge problem med uppkopplingen (tex trådlös).

Om problem uppstår prova då nedanstående.

Gå till => Kontrollpanelen => Nätverksanslutningar => högerklicka på din Internetanslutning => välj Reparera

Och/Eller

Starta om datorn.

OBS:

Kopiera INTE in loggan (textfilen) som bifogad fil ej heller inom code-taggar eller annat.

Kopiera/klistra in loggan DIREKT i ditt inlägg.

Lycka till

Redigerad Augusti 5, 2012 av MrO

[bengsi]

Har McAfee Internet Security, vilket inte finns någon ordentlig instruktion för hur man stänger av. Men har stängt av Genomsökning i realtid och Schemalagd genomscanning, räcker det? Det är allt som går att välja på att stänga av/ha aktivt, förutom brandväggen då.

Har trådlöst internet, så det borde inte påverkas, eller?

[MrO]

Ja det räcker,nej det trådlösa internet skall inte påverkas!

[bengsi]

ComboFix 12-08-05.02 - Emma 2012-08-06 9:51.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.3950.2642 [GMT 2:00]

Körs från: c:\users\Emma\Desktop\ComboFix.exe

AV: McAfee Antivirus och antispionprogram *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee Antivirus och antispionprogram *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Emma\AppData\Roaming\.#

.

.

(((((((((((((((((((((((( Filer skapade från 2012-07-06 till 2012-08-06 ))))))))))))))))))))))))))))))

.

.

2012-08-06 08:03 . 2012-08-06 08:03 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-05 19:01 . 2012-08-05 19:01 -------- d-----w- c:\program files (x86)\Apple Software Update

2012-08-05 17:20 . 2012-08-05 17:20 -------- d-----w- c:\program files\CCleaner

2012-08-05 16:12 . 2012-08-05 16:12 -------- d-----w- c:\users\Emma\AppData\Roaming\f-secure

2012-08-05 16:11 . 2012-08-05 16:11 -------- d-----w- c:\programdata\F-Secure

2012-08-05 12:25 . 2012-08-05 12:25 -------- d-----w- c:\users\Emma\AppData\Roaming\TuneUp Software

2012-08-05 12:24 . 2012-08-05 12:26 -------- d-----w- c:\programdata\TuneUp Software

2012-08-05 12:23 . 2012-08-05 12:23 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}

2012-08-05 12:23 . 2012-08-05 12:23 -------- d--h--w- c:\programdata\Common Files

2012-08-03 13:00 . 2012-08-03 13:00 -------- d-----w- c:\program files (x86)\ESET

2012-08-02 18:06 . 2012-08-02 18:06 -------- d-----w- c:\users\Emma\AppData\Roaming\Malwarebytes

2012-08-02 18:06 . 2012-08-02 18:06 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-08-02 18:06 . 2012-08-02 18:06 -------- d-----w- c:\programdata\Malwarebytes

2012-08-02 18:06 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-01 22:50 . 2012-08-01 22:50 -------- d-----w- c:\programdata\7531CC77000844B0C9AE2DF4F875F002

2012-07-12 20:05 . 2012-07-12 20:05 -------- d-----w- c:\users\Emma\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2012-07-12 20:02 . 2012-07-14 19:44 -------- d-----w- c:\programdata\regid.1986-12.com.adobe

2012-07-12 20:00 . 2012-07-12 20:00 -------- d-----w- c:\programdata\ALM

2012-07-12 19:58 . 2012-07-14 19:44 -------- d-----w- c:\program files\Adobe

2012-07-12 19:50 . 2012-07-14 19:44 -------- d-----w- c:\program files\Common Files\Adobe

2012-07-12 18:50 . 2012-07-12 18:50 -------- d-----w- c:\users\Emma\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2012-07-12 18:50 . 2012-07-12 18:50 -------- d-----w- c:\program files (x86)\Adobe Download Assistant

2012-07-12 18:50 . 2012-07-12 18:50 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR

2012-07-12 00:02 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-07-11 23:58 . 2012-06-02 11:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-07-11 23:58 . 2012-06-02 08:16 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-07-11 17:18 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-07-11 17:17 . 2012-06-06 05:05 212992 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll

2012-07-11 17:17 . 2012-06-06 05:05 143360 ----a-w- c:\program files (x86)\Common Files\System\ado\msjro.dll

2012-07-11 17:17 . 2012-06-06 05:05 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll

2012-07-11 17:17 . 2012-06-06 06:02 1133568 ----a-w- c:\windows\system32\cdosys.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-03 12:41 . 2012-04-02 14:05 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-03 12:41 . 2011-10-19 13:33 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-11 23:59 . 2010-05-13 10:42 59701280 ----a-w- c:\windows\system32\MRT.exe

2012-06-24 20:22 . 2012-06-24 20:23 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

2012-06-02 22:19 . 2012-06-22 22:38 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-22 22:39 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-22 22:39 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-22 22:39 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-22 22:38 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-22 22:39 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-22 22:38 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 13:19 . 2012-06-22 22:37 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 13:15 . 2012-06-22 22:37 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-05-25 15:13 . 2012-06-29 11:28 162224 ----a-w- c:\windows\system32\mfevtps.exe

.

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* tomma poster & legitima standardposter visas inte.

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Spotify Web Helper"="c:\users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-09 932528]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-15 98304]

"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-17 538472]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2009-10-24 597792]

"e-kort"="c:\progra~2\ekort\ekort.exe" [2008-12-11 377856]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1675160]

"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

.

c:\users\Emma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

Skärmurklipp och start för OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

BankID säkerhetsprogram.lnk - c:\program files (x86)\Personal\bin\Personal.exe [2011-4-8 1086288]

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2009-12-01 22:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe"

"MarketingTools"=c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

.

R2 0048881343150844mcinstcleanup;McAfee Application Installer Cleanup (0048881343150844);c:\windows\TEMP\004888~1.EXE [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]

R3 gupdatem;Tjänsten Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13 133104]

R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2009-11-13 151936]

R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]

R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]

R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]

R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]

R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]

R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]

R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-22 1255736]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-12-24 202752]

S2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13 133104]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-05-25 210616]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]

S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-11-06 93696]

S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-09-15 75776]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]

S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]

S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]

S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2009-11-25 821760]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-12-14 56344]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392]

S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-11-12 395264]

.

.

--- Övriga tjänster/drivrutiner i minnet ---

.

*Deregistered* - mfeavfk01

.

Innehåll i mappen 'Schemalagda aktiviteter':

.

2012-08-06 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 12:42]

.

2012-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13 14:30]

.

2012-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-13 14:30]

.

2012-08-05 c:\windows\Tasks\User_Feed_Synchronization-{AA0C8ADD-AA4A-433E-8C79-299935B01853}.job

- c:\windows\system32\msfeedssync.exe [2011-08-05 13:41]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]

"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Extra genomsökning -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.se/

mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 192.168.1.1

DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} - hxxp://www.turntool.com/ViewerInstall.exe

.

- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

.

WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file)

HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_270_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_270.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Sluttid: 2012-08-06 10:24:52

ComboFix-quarantined-files.txt 2012-08-06 08:24

.

Före genomsökningen: 278 837 235 712 byte ledigt

Efter genomsökningen: 278 971 117 568 byte ledigt

.

- - End Of File - - 1FE1D195AD33B500581B1F27B938DBFC

[bengsi]

Insåg efter någon minut att jag missade att köra som administratör, när jag startade ComboFix. Spelar det någon roll?

[MrO]

Insåg efter någon minut att jag missade att köra som administratör, när jag startade ComboFix. Spelar det någon roll?

Det verkar ha fungerat ändå!

har du försökt att avinstallera McAfee?

Prova att stänga av mcAfee realtidsskydd och sen även skyddet i malwarebytes innan du kör bat-filen till hosts igen o se om det går bättre nu när ComboFix städat lite

[bengsi]

Näpp, enda gången jag rört McAfee är när jag stängt av skyddet.

Verkar inte som om skyddet i malwarebytes är på, men däremot såg det ut så här när jag öppnade programmet:

Borde jag radera dessa filer permanent?

[bengsi]

Det verkar ha fungerat ändå!

har du försökt att avinstallera McAfee?

Prova att stänga av mcAfee realtidsskydd och sen även skyddet i malwarebytes innan du kör bat-filen till hosts igen o se om det går bättre nu när ComboFix städat lite

Det funkade ändå inte :/ Har fortfarande inte behörighet, säger datorn.

[MrO]

Näpp, enda gången jag rört McAfee är när jag stängt av skyddet.

Verkar inte som om skyddet i malwarebytes är på, men däremot såg det ut så här när jag öppnade programmet:

Borde jag radera dessa filer permanent?

Ja du kan radera dessa filer