Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

serchnu as default in google chrome probably from downloading ilivid [


  • This topic is locked This topic is locked

#1
DanteAlighieri

DanteAlighieri

    Member

  • Member
  • PipPip
  • 50 posts
Yesterday I wanted to watch some streamed online sport, god decided to punish me instantly. I downloaded the required program ilivid, seemed legit and also googled it. Downloaded everything and it seemed fine. At the same moment my computer went slow, couldn't browse at all. Turned my computer on and off to see if it was my mobile internet, it wasn't. Browsing was slow/did not work at all, but the rest was fine. Turns out this ilivid thing was strange. I instantly uninstalled it. It changed my default page in Google Chrome to searchnu, same in Internet Explorer. I changed it back to google.se and it works fine. (It also changed the adress bar search engine to something very strange). I scanned with McAfee Security Center thorough scan, didn't find anything in all files.

Below is my OTL log file.

I am now afraid my computer has some kind of trojan.

OTL logfile created on: 2012-07-02 17:45:59 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Oscar\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

5,90 Gb Total Physical Memory | 4,14 Gb Available Physical Memory | 70,28% Memory free
11,79 Gb Paging File | 8,90 Gb Available in Paging File | 75,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 269,86 Gb Free Space | 60,49% Space Free | Partition Type: NTFS
Drive E: | 36,39 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: OSCAR-DATOR | User Name: Oscar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-07-02 17:44:51 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Oscar\Downloads\OTL.exe
PRC - [2012-06-07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-06-06 11:41:48 | 001,823,160 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe
PRC - [2012-05-24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012-05-14 19:25:57 | 000,932,528 | ---- | M] () -- C:\Users\Oscar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012-02-06 18:23:20 | 003,110,184 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe
PRC - [2012-01-24 16:17:54 | 001,140,632 | ---- | M] (Technology Nexus AB) -- C:\Program Files (x86)\Personal\bin\Personal.exe
PRC - [2011-11-25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011-10-18 23:01:49 | 000,203,776 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
PRC - [2011-10-18 23:01:37 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
PRC - [2011-09-06 19:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011-09-05 10:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-08-31 11:59:14 | 000,274,216 | ---- | M] (Conduit Ltd.) -- C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe
PRC - [2011-08-30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011-08-18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011-07-08 00:14:02 | 000,150,312 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
PRC - [2011-06-29 15:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
PRC - [2011-06-28 02:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
PRC - [2011-04-22 18:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-04-21 19:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011-04-13 17:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2011-01-28 07:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
PRC - [2011-01-28 07:13:43 | 004,538,368 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
PRC - [2011-01-17 20:11:22 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011-01-17 20:11:22 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010-12-21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010-12-21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010-12-17 17:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2010-11-17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010-09-29 03:33:40 | 000,249,856 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010-09-29 03:33:34 | 000,228,352 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe


========== Modules (No Company Name) ==========

MOD - [2012-06-16 19:26:17 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\f2f8201dd3453250dfd9ed1afce630a0\WindowsFormsIntegration.ni.dll
MOD - [2012-06-15 19:02:07 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012-06-15 19:02:02 | 001,044,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Printing\991dbe40be5b114ed705bb5b48e6b330\System.Printing.ni.dll
MOD - [2012-06-15 19:02:01 | 002,157,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\87f73de6e080d37be93adfc7d5c31d7a\ReachFramework.ni.dll
MOD - [2012-06-15 19:01:59 | 001,658,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\163517c8a195fb48f7ef6ee17c585bdb\PresentationUI.ni.dll
MOD - [2012-06-15 19:01:58 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012-06-15 19:01:44 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-06-15 19:01:38 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-06-15 19:01:37 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll
MOD - [2012-06-15 19:01:35 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012-06-07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll
MOD - [2012-06-07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012-06-07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libglesv2.dll
MOD - [2012-06-07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\libegl.dll
MOD - [2012-06-07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012-06-07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012-06-07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012-06-07 09:23:19 | 009,252,040 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
MOD - [2012-05-14 19:25:57 | 000,932,528 | ---- | M] () -- C:\Users\Oscar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012-05-13 21:39:37 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\64de6810023adccdc56ddae13bdd6b03\System.Xml.Linq.ni.dll
MOD - [2012-05-13 21:39:31 | 009,921,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\51a2589d5ee1c9c40fb6c56391570f9e\System.Data.Entity.ni.dll
MOD - [2012-05-13 21:38:02 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012-05-13 21:37:58 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012-05-13 21:37:03 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\72a24b45e11d64eb2bc840aae9419ba5\System.Runtime.Serialization.ni.dll
MOD - [2012-05-11 16:10:02 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012-05-11 16:09:49 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012-05-11 16:09:49 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\168755d010e5a96ac940b0ddd27616a4\System.EnterpriseServices.ni.dll
MOD - [2012-05-11 16:09:48 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012-05-11 16:09:48 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\80fae9f16f80075535e72458ef293f7a\System.Transactions.ni.dll
MOD - [2012-05-11 16:09:44 | 001,117,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ef0d8a4790c24a3a091170958bc7b976\System.DirectoryServices.ni.dll
MOD - [2012-05-11 16:09:26 | 000,039,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\5a9d0ff936810991cedd098fe006a9be\PresentationCFFRasterizer.ni.dll
MOD - [2012-05-11 16:09:16 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\d8af9a65cf0ed85d47360796e2645a06\UIAutomationTypes.ni.dll
MOD - [2012-05-11 16:09:16 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\ca2eff60beb3ba00a529a2d42dceca22\UIAutomationProvider.ni.dll
MOD - [2012-05-11 16:09:16 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
MOD - [2012-05-11 16:09:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012-05-11 16:08:56 | 000,680,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\054fcff18035c210487b0888e6461192\System.Security.ni.dll
MOD - [2012-05-11 16:08:51 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-05-11 16:08:47 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012-05-11 16:08:46 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-05-11 16:08:32 | 000,015,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\55c57057dc81a5e8c5bde3a230f0bcb9\Microsoft.VisualC.ni.dll
MOD - [2012-05-11 16:08:31 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011-10-18 23:02:04 | 000,185,856 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\XFramePlugin.dll
MOD - [2011-10-18 23:02:04 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\XCodec.dll
MOD - [2011-10-18 23:02:04 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\USSDSrvPlugin.dll
MOD - [2011-10-18 23:02:04 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Trace.dll
MOD - [2011-10-18 23:02:04 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Win7Support.dll
MOD - [2011-10-18 23:02:03 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtGui4.dll
MOD - [2011-10-18 23:02:03 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtCore4.dll
MOD - [2011-10-18 23:02:03 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtNetwork4.dll
MOD - [2011-10-18 23:02:03 | 000,777,728 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SMSUIPlugin.dll
MOD - [2011-10-18 23:02:03 | 000,670,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SmsAppPlugin.dll
MOD - [2011-10-18 23:02:03 | 000,545,280 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\PluginContainer.dll
MOD - [2011-10-18 23:02:03 | 000,379,392 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Proxy.dll
MOD - [2011-10-18 23:02:03 | 000,370,176 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qtiff4.dll
MOD - [2011-10-18 23:02:03 | 000,350,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qmng4.dll
MOD - [2011-10-18 23:02:03 | 000,314,368 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\StatusBarMgrPlugin.dll
MOD - [2011-10-18 23:02:03 | 000,258,560 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\sdk.dll
MOD - [2011-10-18 23:02:03 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\ToolBarMgrPlugin.dll
MOD - [2011-10-18 23:02:03 | 000,217,600 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SmsSrvPlugin.dll
MOD - [2011-10-18 23:02:03 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qjpeg4.dll
MOD - [2011-10-18 23:02:03 | 000,156,672 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\STKSrvPlugin.dll
MOD - [2011-10-18 23:02:03 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSDialup.dll
MOD - [2011-10-18 23:02:03 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSNDIS.dll
MOD - [2011-10-18 23:02:03 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSAdapt.dll
MOD - [2011-10-18 23:02:03 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qgif4.dll
MOD - [2011-10-18 23:02:03 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qico4.dll
MOD - [2011-10-18 23:02:03 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSPowerMgr.dll
MOD - [2011-10-18 23:02:03 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSCall.dll
MOD - [2011-10-18 23:02:02 | 001,101,824 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NDISAPI.dll
MOD - [2011-10-18 23:02:02 | 000,495,104 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,449,536 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetInfoUIExPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,414,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DialupUIPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,352,768 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\core.dll
MOD - [2011-10-18 23:02:02 | 000,337,408 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceAppPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,331,776 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetConnectPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,300,544 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceSrvPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,275,456 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetInfoSrvPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,245,760 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\MenuMgrPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,236,544 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\LiveUpdateInterface.dll
MOD - [2011-10-18 23:02:02 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetSrvPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Common.dll
MOD - [2011-10-18 23:02:02 | 000,211,456 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,179,712 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NDISPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,175,104 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\CallSrvPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetConnectSrvPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DataServicePlugin.dll
MOD - [2011-10-18 23:02:02 | 000,117,760 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\LayoutPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll
MOD - [2011-10-18 23:02:02 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\libgcc_s_dw2-1.dll
MOD - [2011-10-18 23:02:02 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\mingwm10.dll
MOD - [2011-10-18 23:02:01 | 001,077,248 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookPlugin.dll
MOD - [2011-10-18 23:02:01 | 000,739,840 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookUIPlugin.dll
MOD - [2011-10-18 23:02:01 | 000,550,400 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\CallAppPlugin.dll
MOD - [2011-10-18 23:02:01 | 000,547,840 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\CallLogSrvPlugin.dll
MOD - [2011-10-18 23:02:01 | 000,264,704 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookSrvPlugin.dll
MOD - [2011-10-18 23:02:01 | 000,238,592 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AtCodec.dll
MOD - [2011-10-18 23:02:01 | 000,123,392 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\ATR2SMgr.dll
MOD - [2011-10-18 23:01:37 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
MOD - [2011-09-28 21:54:43 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011-09-16 15:29:16 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_sv_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011-07-08 00:14:06 | 000,891,688 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\System.Data.SQLite.dll
MOD - [2011-07-08 00:13:24 | 000,026,408 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\AdbDetect.dll
MOD - [2011-07-08 00:13:10 | 000,251,688 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\System.ComponentModel.Composition.dll
MOD - [2011-06-29 15:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
MOD - [2011-06-28 02:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
MOD - [2011-06-28 02:25:30 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
MOD - [2011-06-25 06:39:30 | 000,322,624 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sv-SE\UI\ManagerUI.dll
MOD - [2011-06-25 06:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
MOD - [2011-04-22 18:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010-12-17 17:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MOD - [2010-11-25 05:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010-11-21 13:37:59 | 000,389,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Data.Entity.resources\3.5.0.0_sv_b77a5c561934e089\System.Data.Entity.resources.dll
MOD - [2010-11-21 13:37:58 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_sv_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2010-11-21 13:37:58 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_sv_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2010-11-21 13:37:49 | 000,155,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_sv_b77a5c561934e089\System.Xml.resources.dll
MOD - [2010-11-21 05:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010-11-17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010-03-22 22:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
MOD - [2010-03-17 03:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
MOD - [2010-03-17 03:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
MOD - [2010-03-17 03:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
MOD - [2010-03-12 02:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
MOD - [2010-03-12 02:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
MOD - [2010-03-05 22:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
MOD - [2010-03-05 22:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll
MOD - [2009-06-10 23:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012-04-19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2012-03-20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012-03-20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012-03-20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010-12-17 21:41:32 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV:64bit: - [2010-12-17 21:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010-12-17 21:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV:64bit: - [2010-11-29 22:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2010-09-23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010-08-30 21:42:00 | 000,220,528 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2009-11-18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-05-04 22:44:32 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011-11-25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2011-10-18 23:01:49 | 000,203,776 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
SRV - [2011-09-05 10:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-08-30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011-08-18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011-04-22 18:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-04-21 19:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011-01-28 07:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2010-12-21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010-12-21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010-11-25 12:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010-11-25 12:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010-09-29 03:33:40 | 000,249,856 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010-08-26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012-02-22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012-02-22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012-02-22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012-02-22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012-02-22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012-02-22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012-02-22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011-10-18 23:02:05 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2011-10-18 23:02:05 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011-10-18 23:02:05 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2011-10-18 23:02:04 | 000,256,000 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2011-10-18 23:02:04 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011-09-16 15:29:11 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-09-16 15:29:11 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-05-17 16:27:54 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011-05-17 16:27:52 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011-05-17 16:27:50 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011-04-22 18:13:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011-03-07 22:52:24 | 012,264,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011-03-04 07:29:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011-02-11 00:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011-02-11 00:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011-01-31 17:24:46 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2011-01-20 18:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011-01-13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010-12-22 19:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Kortdrivrutin för Windows 7 64-bitars Intel®
DRV:64bit: - [2010-12-13 19:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010-12-01 00:02:54 | 000,412,264 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010-11-29 22:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-10-20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010-10-16 02:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010-09-24 03:44:48 | 001,394,224 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010-08-20 11:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010-07-13 04:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2010-03-19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010-02-27 17:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007-10-30 10:59:28 | 000,028,672 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nordecr.sys -- (TdsNordecr)
DRV:64bit: - [2006-11-01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{2E819478-475C-40B8-8B88-991293678060}: "URL" = http://se.kelkoopart...tnerId=96913934
IE:64bit: - HKLM\..\SearchScopes\{3DB6C7A2-A8F7-4680-A8FA-A658B0F8528E}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{AEC7FE28-F39F-49DB-A9DB-B5D8E25F8B60}: "URL" = http://se.kelkoopart...tnerId=96913934
IE:64bit: - HKLM\..\SearchScopes\{B4590971-11C7-4DB9-A033-596A8E151500}: "URL" = http://se.kelkoopart...tnerId=96913934
IE:64bit: - HKLM\..\SearchScopes\{FF05C4AC-4EFA-4D57-A93A-16C26A7F62C8}: "URL" = http://se.kelkoopart...tnerId=96913934
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{3DB6C7A2-A8F7-4680-A8FA-A658B0F8528E}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...C2-E3F95C801DBB
IE - HKCU\..\SearchScopes\{2E819478-475C-40B8-8B88-991293678060}: "URL" = http://se.kelkoopart...tnerId=96913934
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{AEC7FE28-F39F-49DB-A9DB-B5D8E25F8B60}: "URL" = http://se.kelkoopart...tnerId=96913934
IE - HKCU\..\SearchScopes\{B4590971-11C7-4DB9-A033-596A8E151500}: "URL" = http://se.kelkoopart...tnerId=96913934
IE - HKCU\..\SearchScopes\{FF05C4AC-4EFA-4D57-A93A-16C26A7F62C8}: "URL" = http://se.kelkoopart...tnerId=96913934
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o...?o=15003&l=dis"
FF - prefs.js..extensions.enabledItems: [email protected]:5.0.7.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.1.0.19
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.6.0


FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-06-28 16:57:42 | 000,000,000 | ---D | M]

[2012-01-17 19:50:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oscar\AppData\Roaming\mozilla\Firefox\Profiles\qtoo8q0k.default\extensions
[2012-01-17 19:50:15 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Oscar\AppData\Roaming\mozilla\Firefox\Profiles\qtoo8q0k.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012-01-17 19:50:15 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Oscar\AppData\Roaming\mozilla\Firefox\Profiles\qtoo8q0k.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012-01-17 19:50:14 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Oscar\AppData\Roaming\mozilla\Firefox\Profiles\qtoo8q0k.default\extensions\[email protected]
[2012-01-17 19:50:14 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Oscar\AppData\Roaming\mozilla\Firefox\Profiles\qtoo8q0k.default\extensions\[email protected]
[2012-01-17 19:50:15 | 000,000,000 | ---D | M] (Flash AX Control) -- C:\Users\Oscar\AppData\Roaming\mozilla\Firefox\Profiles\qtoo8q0k.default\extensions\[email protected]
[2011-01-22 10:23:48 | 000,002,558 | ---- | M] () -- C:\Users\Oscar\AppData\Roaming\Mozilla\Firefox\Profiles\qtoo8q0k.default\searchplugins\askcom.xml
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Nexus Personal (Enabled) = C:\Program Files (x86)\Personal\bin\np_prsnl.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: uTorrentBar = C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj\2.3.15.10_0\
CHR - Extension: YouTube = C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: S\u00F6k p\u00E5 Google = C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120627222616.dll (McAfee, Inc.)
O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120627222617.dll (McAfee, Inc.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ConduitHelper] C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe (Conduit Ltd.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Oscar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - Startup: C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost-teknologi Bevakare 2.0.lnk = File not found
O4 - Startup: C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F06FE2A-46F7-4E94-8AF9-00DE29FA1B0F}: DhcpNameServer = 195.49.242.79 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CDBE95F-21DE-4727-A99C-4018BC1CFC9A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F64669B1-0E9A-4649-BFF2-5BCD17D29A8A}: NameServer = 80.251.201.177 80.251.201.178
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-10-01 03:33:42 | 000,140,288 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010-11-08 13:28:30 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{4b0b3a0a-4601-11e1-941c-848f69a9b25a}\Shell - "" = AutoRun
O33 - MountPoints2\{4b0b3a0a-4601-11e1-941c-848f69a9b25a}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010-10-01 03:33:42 | 000,140,288 | R--- | M] ()
O33 - MountPoints2\{68bcb6d1-096e-11e1-a74b-848f69a9b25a}\Shell - "" = AutoRun
O33 - MountPoints2\{68bcb6d1-096e-11e1-a74b-848f69a9b25a}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010-10-01 03:33:42 | 000,140,288 | R--- | M] ()
O33 - MountPoints2\{fa056016-f99e-11e0-a09a-848f69a9b25a}\Shell - "" = AutoRun
O33 - MountPoints2\{fa056016-f99e-11e0-a09a-848f69a9b25a}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010-10-01 03:33:42 | 000,140,288 | R--- | M] ()
O33 - MountPoints2\{fa056025-f99e-11e0-a09a-848f69a9b25a}\Shell - "" = AutoRun
O33 - MountPoints2\{fa056025-f99e-11e0-a09a-848f69a9b25a}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010-10-01 03:33:42 | 000,140,288 | R--- | M] ()
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010-10-01 03:33:42 | 000,140,288 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-07-02 17:20:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012-07-01 23:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012-07-01 22:17:03 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\Ilivid Player
[2012-07-01 22:15:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Searchqu Toolbar
[2012-06-26 23:26:03 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\{17EADEB5-BD8B-4F1D-9DB4-92E47E2107DA}
[2012-06-26 23:25:51 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\{316699D6-13A1-4300-9FC7-38C21816A3E7}
[2012-06-26 23:18:20 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\{EEA28E76-F9F3-43F8-B695-7E9EC5920AF9}
[2012-06-26 23:12:54 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\Windows Live
[2012-06-26 23:12:28 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\{B18C2354-2B8F-4E23-AD21-4E0CEB72946E}
[2012-06-26 23:12:28 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\{200DC27F-9936-44BB-B1C3-18ED4CE87782}
[2012-06-25 19:54:52 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Roaming\Roxio Burn
[2012-06-25 19:51:07 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Roaming\Macrovision
[2012-06-19 23:59:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veetle
[2011-09-23 16:06:05 | 000,641,400 | ---- | C] (BitTorrent, Inc.) -- C:\Users\Oscar\utorrent.exe
[2011-09-22 20:12:52 | 001,029,000 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Oscar\SkypeSetup.exe
[2011-09-22 20:09:04 | 014,228,488 | ---- | C] (PokerStars) -- C:\Users\Oscar\PokerStarsInstall.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012-07-02 18:07:49 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012-07-02 18:07:49 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-07-02 17:43:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-02 17:41:02 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012-07-02 17:23:31 | 000,025,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-02 17:23:31 | 000,025,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-02 17:16:17 | 000,000,988 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-07-02 17:15:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-07-02 17:15:44 | 453,640,191 | -HS- | M] () -- C:\hiberfil.sys
[2012-06-26 23:26:09 | 005,432,904 | ---- | M] () -- C:\Users\Oscar\Desktop\RafaNadal.wmv
[2012-06-26 23:18:48 | 005,432,904 | ---- | M] () -- C:\Users\Oscar\Desktop\RafaNadal.mov.wmv
[2012-06-26 23:16:28 | 000,002,250 | ---- | M] () -- C:\Users\Oscar\Desktop\RafaNadal.mov.wlmp
[2012-06-26 22:48:25 | 002,794,749 | ---- | M] () -- C:\Users\Oscar\Desktop\IMG_3897.MOV
[2012-06-25 17:29:44 | 000,691,062 | ---- | M] () -- C:\Users\Oscar\Desktop\Grejskrivbord.png
[2012-06-23 21:51:17 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012-06-20 20:36:21 | 001,573,176 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-20 20:36:21 | 000,661,744 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2012-06-20 20:36:21 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-20 20:36:21 | 000,141,514 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2012-06-20 20:36:21 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-15 18:57:10 | 000,348,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-06-06 09:24:13 | 000,001,056 | ---- | M] () -- C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012-06-06 09:24:07 | 000,001,024 | ---- | M] () -- C:\Users\Oscar\Desktop\Dropbox.lnk
[2012-06-02 23:19:47 | 000,008,869 | ---- | M] () -- C:\Users\Oscar\Desktop\Statistik - Golf - 2012.ods
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012-06-26 23:26:00 | 005,432,904 | ---- | C] () -- C:\Users\Oscar\Desktop\RafaNadal.wmv
[2012-06-26 23:18:38 | 005,432,904 | ---- | C] () -- C:\Users\Oscar\Desktop\RafaNadal.mov.wmv
[2012-06-26 23:16:28 | 000,002,250 | ---- | C] () -- C:\Users\Oscar\Desktop\RafaNadal.mov.wlmp
[2012-06-26 22:47:09 | 002,794,749 | ---- | C] () -- C:\Users\Oscar\Desktop\IMG_3897.MOV
[2012-06-25 17:29:44 | 000,691,062 | ---- | C] () -- C:\Users\Oscar\Desktop\Grejskrivbord.png
[2012-01-16 21:44:50 | 000,003,465 | -HS- | C] () -- C:\Windows\SysWow64\win_stlthdb_sys.dat
[2012-01-16 21:44:50 | 000,003,465 | -HS- | C] () -- C:\Users\Oscar\AppData\Local\win_stlthdb_sys.dat
[2012-01-16 21:44:50 | 000,002,568 | -HS- | C] () -- C:\ProgramData\win_mpwd_sys.dat
[2012-01-16 21:43:30 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nwsftUninstall.exe
[2011-10-10 21:05:05 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2011-09-28 20:59:08 | 001,448,993 | ---- | C] () -- C:\Users\Oscar\wrar401.exe
[2011-09-23 16:17:45 | 000,000,031 | ---- | C] () -- C:\Program Files\plugins-04041e-fe8.dat
[2011-09-22 21:25:09 | 006,759,840 | ---- | C] () -- C:\Users\Oscar\Spotify Installer.exe
[2011-09-22 20:28:21 | 000,787,440 | ---- | C] () -- C:\Users\Oscar\PurpleLounge.exe
[2011-09-16 15:15:33 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011-09-16 15:15:31 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011-09-16 15:15:30 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011-02-24 01:12:26 | 000,002,182 | ---- | C] () -- C:\Users\Oscar\URPreferences.xml
[2011-02-15 13:09:53 | 001,551,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012-07-02 17:20:04 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\Dropbox
[2011-09-22 19:59:11 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\Fingertapps
[2011-10-10 20:02:13 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\HEM Data
[2012-01-21 11:45:54 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\Microgaming
[2011-09-28 21:55:08 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\OpenOffice.org
[2011-09-24 12:02:46 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\PCDr
[2012-03-20 00:03:02 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\Personal
[2012-06-25 21:17:57 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\Spotify
[2011-09-30 00:12:00 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\TeamViewer
[2012-01-17 19:50:12 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\Template
[2012-01-29 22:37:22 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\uTorrent
[2011-09-22 20:14:58 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\ZinioReader4
[2012-06-23 21:51:17 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012-04-20 23:31:01 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012-07-02 17:41:02 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there I downloaded iLivid once just for fun to see what it did....Never again

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE:64bit: - HKLM\..\SearchScopes\{2E819478-475C-40B8-8B88-991293678060}: "URL" = http://se.kelkoopart...tnerId=96913934
    IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
    IE:64bit: - HKLM\..\SearchScopes\{AEC7FE28-F39F-49DB-A9DB-B5D8E25F8B60}: "URL" = http://se.kelkoopart...tnerId=96913934
    IE:64bit: - HKLM\..\SearchScopes\{B4590971-11C7-4DB9-A033-596A8E151500}: "URL" = http://se.kelkoopart...tnerId=96913934
    IE:64bit: - HKLM\..\SearchScopes\{FF05C4AC-4EFA-4D57-A93A-16C26A7F62C8}: "URL" = http://se.kelkoopart...tnerId=96913934
    IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/406
    IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...C2-E3F95C801DBB
    IE - HKCU\..\SearchScopes\{2E819478-475C-40B8-8B88-991293678060}: "URL" = http://se.kelkoopart...tnerId=96913934
    IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
    IE - HKCU\..\SearchScopes\{AEC7FE28-F39F-49DB-A9DB-B5D8E25F8B60}: "URL" = http://se.kelkoopart...tnerId=96913934
    IE - HKCU\..\SearchScopes\{B4590971-11C7-4DB9-A033-596A8E151500}: "URL" = http://se.kelkoopart...tnerId=96913934
    IE - HKCU\..\SearchScopes\{FF05C4AC-4EFA-4D57-A93A-16C26A7F62C8}: "URL" = http://se.kelkoopart...tnerId=96913934
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
    FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
    File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
    O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
    O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)
    O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\IEBHO.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
    O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
    [2012-07-01 23:20:16 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
    [2012-07-01 22:17:03 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\Ilivid Player
    [2012-07-01 22:15:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Searchqu Toolbar


    :Files
    ipconfig /flushdns /c
    C:\Program Files (x86)\Searchqu Toolbar
    C:\Users\Public\Conduit
    C:\Program Files (x86)\Ilivid Player

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Note: When you re-run OTL please select all users

THEN

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
  • 0

#3
DanteAlighieri

DanteAlighieri

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
This is after the Run Fix:


All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E819478-475C-40B8-8B88-991293678060}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E819478-475C-40B8-8B88-991293678060}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AEC7FE28-F39F-49DB-A9DB-B5D8E25F8B60}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEC7FE28-F39F-49DB-A9DB-B5D8E25F8B60}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B4590971-11C7-4DB9-A033-596A8E151500}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4590971-11C7-4DB9-A033-596A8E151500}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FF05C4AC-4EFA-4D57-A93A-16C26A7F62C8}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF05C4AC-4EFA-4D57-A93A-16C26A7F62C8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E819478-475C-40B8-8B88-991293678060}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E819478-475C-40B8-8B88-991293678060}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AEC7FE28-F39F-49DB-A9DB-B5D8E25F8B60}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEC7FE28-F39F-49DB-A9DB-B5D8E25F8B60}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B4590971-11C7-4DB9-A033-596A8E151500}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4590971-11C7-4DB9-A033-596A8E151500}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FF05C4AC-4EFA-4D57-A93A-16C26A7F62C8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF05C4AC-4EFA-4D57-A93A-16C26A7F62C8}\ not found.
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
File C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR deleted successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll deleted successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll deleted successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\IEBHO.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll deleted successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll deleted successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll moved successfully.
C:\ProgramData\boost_interprocess\59DB592ECF57CD01 folder moved successfully.
C:\ProgramData\boost_interprocess folder moved successfully.
C:\Users\Oscar\AppData\Local\Ilivid Player folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64 folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\components folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\skin folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome\content folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\chrome folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar\Datamngr folder moved successfully.
C:\Program Files (x86)\Searchqu Toolbar folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
IP-konfiguration f”r Windows
DNS-matcharens cacheminne har rensats.
C:\Users\Oscar\Downloads\cmd.bat deleted successfully.
C:\Users\Oscar\Downloads\cmd.txt deleted successfully.
File\Folder C:\Program Files (x86)\Searchqu Toolbar not found.
C:\Users\Public\Conduit\ConduitHelper\Logs folder moved successfully.
C:\Users\Public\Conduit\ConduitHelper\Lang folder moved successfully.
C:\Users\Public\Conduit\ConduitHelper folder moved successfully.
C:\Users\Public\Conduit folder moved successfully.
File\Folder C:\Program Files (x86)\Ilivid Player not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Oscar
->Temp folder emptied: 917660579 bytes
->Temporary Internet Files folder emptied: 198625049 bytes
->Java cache emptied: 1186842 bytes
->FireFox cache emptied: 51186914 bytes
->Google Chrome cache emptied: 21245033 bytes
->Flash cache emptied: 57432 bytes

User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56468 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 569974297 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50416 bytes
RecycleBin emptied: 2205874269 bytes

Total Files Cleaned = 3 782,00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.53.1 log created on 07022012_221631

Files\Folders moved on Reboot...
C:\Users\Oscar\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...
File C:\Users\Oscar\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...


I am doing the quick scan now.
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you also check to ensure that the bad boys no longer appear
  • 0

#5
DanteAlighieri

DanteAlighieri

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Quick scan:


OTL logfile created on: 2012-07-02 22:22:53 - Run 2
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Oscar\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

5,90 Gb Total Physical Memory | 3,72 Gb Available Physical Memory | 63,10% Memory free
11,79 Gb Paging File | 9,36 Gb Available in Paging File | 79,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 273,39 Gb Free Space | 61,28% Space Free | Partition Type: NTFS
Drive E: | 36,39 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: OSCAR-DATOR | User Name: Oscar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012-07-02 17:44:51 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Oscar\Downloads\OTL.exe
PRC - [2012-06-28 12:28:57 | 001,250,328 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012-05-24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012-05-14 19:25:57 | 000,932,528 | ---- | M] () -- C:\Users\Oscar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012-02-06 18:26:08 | 000,066,872 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
PRC - [2012-01-24 16:17:54 | 001,140,632 | ---- | M] (Technology Nexus AB) -- C:\Program Files (x86)\Personal\bin\Personal.exe
PRC - [2011-11-25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011-10-18 23:01:49 | 000,203,776 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
PRC - [2011-10-18 23:01:37 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
PRC - [2011-09-06 19:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011-09-05 10:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011-08-30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011-08-18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011-08-18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011-08-01 19:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011-06-29 15:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
PRC - [2011-06-28 02:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
PRC - [2011-04-22 18:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011-04-21 19:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011-04-13 17:39:14 | 000,503,942 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
PRC - [2011-01-28 07:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
PRC - [2011-01-28 07:13:43 | 004,538,368 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
PRC - [2011-01-17 20:11:22 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011-01-17 20:11:22 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010-12-21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010-12-21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010-12-17 17:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
PRC - [2010-11-17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
PRC - [2010-09-29 03:33:40 | 000,249,856 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2010-09-29 03:33:34 | 000,228,352 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe


========== Modules (No Company Name) ==========

MOD - [2012-06-28 12:28:56 | 000,438,296 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppgooglenaclpluginchrome.dll
MOD - [2012-06-28 12:28:54 | 003,972,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll
MOD - [2012-06-28 12:27:40 | 000,554,520 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\libglesv2.dll
MOD - [2012-06-28 12:27:38 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\libegl.dll
MOD - [2012-06-28 12:27:29 | 000,140,328 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\avutil-51.dll
MOD - [2012-06-28 12:27:28 | 000,262,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\avformat-54.dll
MOD - [2012-06-28 12:27:26 | 002,386,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\avcodec-54.dll
MOD - [2012-06-15 19:01:58 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012-06-15 19:01:44 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012-06-15 19:01:38 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012-06-15 19:01:35 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012-05-14 19:25:57 | 000,932,528 | ---- | M] () -- C:\Users\Oscar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012-05-13 21:38:02 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll
MOD - [2012-05-11 16:10:02 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012-05-11 16:09:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012-05-11 16:08:51 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012-05-11 16:08:47 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012-05-11 16:08:46 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012-05-11 16:08:31 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012-02-06 18:26:08 | 000,066,872 | ---- | M] () -- C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
MOD - [2011-10-18 23:02:04 | 000,185,856 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\XFramePlugin.dll
MOD - [2011-10-18 23:02:04 | 000,159,232 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\XCodec.dll
MOD - [2011-10-18 23:02:04 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\USSDSrvPlugin.dll
MOD - [2011-10-18 23:02:04 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Trace.dll
MOD - [2011-10-18 23:02:04 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Win7Support.dll
MOD - [2011-10-18 23:02:03 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtGui4.dll
MOD - [2011-10-18 23:02:03 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtCore4.dll
MOD - [2011-10-18 23:02:03 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\QtNetwork4.dll
MOD - [2011-10-18 23:02:03 | 000,777,728 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SMSUIPlugin.dll
MOD - [2011-10-18 23:02:03 | 000,670,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SmsAppPlugin.dll
MOD - [2011-10-18 23:02:03 | 000,545,280 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\PluginContainer.dll
MOD - [2011-10-18 23:02:03 | 000,379,392 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Proxy.dll
MOD - [2011-10-18 23:02:03 | 000,370,176 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qtiff4.dll
MOD - [2011-10-18 23:02:03 | 000,350,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qmng4.dll
MOD - [2011-10-18 23:02:03 | 000,314,368 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\StatusBarMgrPlugin.dll
MOD - [2011-10-18 23:02:03 | 000,258,560 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\sdk.dll
MOD - [2011-10-18 23:02:03 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\ToolBarMgrPlugin.dll
MOD - [2011-10-18 23:02:03 | 000,217,600 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SmsSrvPlugin.dll
MOD - [2011-10-18 23:02:03 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qjpeg4.dll
MOD - [2011-10-18 23:02:03 | 000,156,672 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\STKSrvPlugin.dll
MOD - [2011-10-18 23:02:03 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSDialup.dll
MOD - [2011-10-18 23:02:03 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSNDIS.dll
MOD - [2011-10-18 23:02:03 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSAdapt.dll
MOD - [2011-10-18 23:02:03 | 000,082,944 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qgif4.dll
MOD - [2011-10-18 23:02:03 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\plugins\imageformats\qico4.dll
MOD - [2011-10-18 23:02:03 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSPowerMgr.dll
MOD - [2011-10-18 23:02:03 | 000,062,976 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\OSCall.dll
MOD - [2011-10-18 23:02:02 | 001,101,824 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NDISAPI.dll
MOD - [2011-10-18 23:02:02 | 000,495,104 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,449,536 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetInfoUIExPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,414,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DialupUIPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,352,768 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\core.dll
MOD - [2011-10-18 23:02:02 | 000,337,408 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceAppPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,331,776 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetConnectPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,300,544 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceSrvPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,275,456 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetInfoSrvPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,245,760 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\MenuMgrPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,236,544 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\LiveUpdateInterface.dll
MOD - [2011-10-18 23:02:02 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetSrvPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,218,112 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Common.dll
MOD - [2011-10-18 23:02:02 | 000,211,456 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,179,712 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NDISPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,175,104 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\CallSrvPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,158,720 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetConnectSrvPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,157,184 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DataServicePlugin.dll
MOD - [2011-10-18 23:02:02 | 000,117,760 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\LayoutPlugin.dll
MOD - [2011-10-18 23:02:02 | 000,093,184 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll
MOD - [2011-10-18 23:02:02 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\libgcc_s_dw2-1.dll
MOD - [2011-10-18 23:02:02 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\mingwm10.dll
MOD - [2011-10-18 23:02:01 | 001,077,248 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookPlugin.dll
MOD - [2011-10-18 23:02:01 | 000,739,840 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookUIPlugin.dll
MOD - [2011-10-18 23:02:01 | 000,550,400 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\CallAppPlugin.dll
MOD - [2011-10-18 23:02:01 | 000,547,840 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\CallLogSrvPlugin.dll
MOD - [2011-10-18 23:02:01 | 000,264,704 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AddrBookSrvPlugin.dll
MOD - [2011-10-18 23:02:01 | 000,238,592 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\AtCodec.dll
MOD - [2011-10-18 23:02:01 | 000,123,392 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\ATR2SMgr.dll
MOD - [2011-10-18 23:01:37 | 000,514,048 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
MOD - [2011-09-28 21:54:43 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011-08-18 17:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011-06-29 15:52:54 | 000,474,176 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
MOD - [2011-06-28 02:26:30 | 002,022,976 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
MOD - [2011-06-28 02:25:30 | 000,058,944 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\DataService.dll
MOD - [2011-06-25 06:39:30 | 000,322,624 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sv-SE\UI\ManagerUI.dll
MOD - [2011-06-25 06:20:26 | 000,565,968 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll
MOD - [2011-04-22 18:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2010-12-17 17:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
MOD - [2010-11-25 05:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
MOD - [2010-11-17 17:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
MOD - [2010-03-22 22:52:42 | 006,776,832 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll
MOD - [2010-03-17 03:28:28 | 000,326,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll
MOD - [2010-03-17 03:28:16 | 000,635,904 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll
MOD - [2010-03-17 03:28:04 | 001,926,144 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll
MOD - [2010-03-12 02:52:34 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll
MOD - [2010-03-12 02:52:34 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll
MOD - [2010-03-05 22:07:58 | 000,125,952 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll
MOD - [2010-03-05 22:07:58 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012-04-19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\virusscan\mcods.exe -- (McODS)
SRV:64bit: - [2012-03-20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012-03-20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012-03-20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011-01-27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010-12-17 21:41:32 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel®
SRV:64bit: - [2010-12-17 21:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010-12-17 21:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel®
SRV:64bit: - [2010-11-29 22:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) Intel®
SRV:64bit: - [2010-09-23 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010-08-30 21:42:00 | 000,220,528 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Program Files\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV:64bit: - [2009-11-18 04:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012-05-04 22:44:32 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011-11-25 16:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2011-10-18 23:01:49 | 000,203,776 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
SRV - [2011-09-05 10:04:54 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011-08-30 18:18:30 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011-08-18 17:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011-04-22 18:13:00 | 002,009,704 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011-04-21 19:32:26 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011-01-28 07:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2010-12-21 01:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS) Intel®
SRV - [2010-12-21 01:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS) Intel®
SRV - [2010-11-25 12:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010-11-25 12:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010-09-29 03:33:40 | 000,249,856 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2010-08-26 03:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012-03-01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-02-22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012-02-22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012-02-22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012-02-22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012-02-22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012-02-22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012-02-22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012-02-22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011-10-18 23:02:05 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2011-10-18 23:02:05 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011-10-18 23:02:05 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2011-10-18 23:02:04 | 000,256,000 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2011-10-18 23:02:04 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011-09-16 15:29:11 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-09-16 15:29:11 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-05-17 16:27:54 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011-05-17 16:27:52 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011-05-17 16:27:50 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011-04-22 18:13:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011-03-07 22:52:24 | 012,264,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011-03-04 07:29:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011-02-11 00:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011-02-11 00:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011-01-31 17:24:46 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2011-01-20 18:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2011-01-13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010-12-22 19:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Kortdrivrutin för Windows 7 64-bitars Intel®
DRV:64bit: - [2010-12-13 19:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)
DRV:64bit: - [2010-12-01 00:02:54 | 000,412,264 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010-11-29 22:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010-11-21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-11-21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010-10-20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel®
DRV:64bit: - [2010-10-16 02:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel®
DRV:64bit: - [2010-09-24 03:44:48 | 001,394,224 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010-08-20 11:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)
DRV:64bit: - [2010-07-13 04:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)
DRV:64bit: - [2010-03-19 10:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010-02-27 17:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007-10-30 10:59:28 | 000,028,672 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nordecr.sys -- (TdsNordecr)
DRV:64bit: - [2006-11-01 19:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{3DB6C7A2-A8F7-4680-A8FA-A658B0F8528E}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{3DB6C7A2-A8F7-4680-A8FA-A658B0F8528E}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.ask.com?o...?o=15003&l=dis"
FF - prefs.js..extensions.enabledItems: [email protected]:5.0.7.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.1.0.19
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.6.0


FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-06-28 16:57:42 | 000,000,000 | ---D | M]

[2012-01-17 19:50:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Oscar\AppData\Roaming\mozilla\Firefox\Profiles\qtoo8q0k.default\extensions
[2012-01-17 19:50:15 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Oscar\AppData\Roaming\mozilla\Firefox\Profiles\qtoo8q0k.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012-01-17 19:50:15 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Oscar\AppData\Roaming\mozilla\Firefox\Profiles\qtoo8q0k.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012-01-17 19:50:14 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\Oscar\AppData\Roaming\mozilla\Firefox\Profiles\qtoo8q0k.default\extensions\[email protected]
[2012-01-17 19:50:14 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Oscar\AppData\Roaming\mozilla\Firefox\Profiles\qtoo8q0k.default\extensions\[email protected]
[2012-01-17 19:50:15 | 000,000,000 | ---D | M] (Flash AX Control) -- C:\Users\Oscar\AppData\Roaming\mozilla\Firefox\Profiles\qtoo8q0k.default\extensions\[email protected]
[2011-01-22 10:23:48 | 000,002,558 | ---- | M] () -- C:\Users\Oscar\AppData\Roaming\Mozilla\Firefox\Profiles\qtoo8q0k.default\searchplugins\askcom.xml
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Nexus Personal (Enabled) = C:\Program Files (x86)\Personal\bin\np_prsnl.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: YouTube = C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: S\u00F6k p\u00E5 Google = C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\Oscar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012-07-02 22:16:43 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL File not found
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\mcafee\systemcore\ScriptSn.20120627222616.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\mcafee\msk\mskapbho.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\mcafee\SystemCore\ScriptSn.20120627222617.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] c:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ConduitHelper] "C:\Users\Public\Conduit\ConduitHelper\ConduitHelper.exe" File not found
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Oscar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - Startup: C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Oscar\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel® Turbo Boost-teknologi Bevakare 2.0.lnk = File not found
O4 - Startup: C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F06FE2A-46F7-4E94-8AF9-00DE29FA1B0F}: DhcpNameServer = 195.49.242.79 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CDBE95F-21DE-4727-A99C-4018BC1CFC9A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F64669B1-0E9A-4649-BFF2-5BCD17D29A8A}: NameServer = 80.251.201.177 80.251.201.178
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - AppInit_DLLs: (c:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010-10-01 03:33:42 | 000,140,288 | R--- | M] () - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010-11-08 13:28:30 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{4b0b3a0a-4601-11e1-941c-848f69a9b25a}\Shell - "" = AutoRun
O33 - MountPoints2\{4b0b3a0a-4601-11e1-941c-848f69a9b25a}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010-10-01 03:33:42 | 000,140,288 | R--- | M] ()
O33 - MountPoints2\{68bcb6d1-096e-11e1-a74b-848f69a9b25a}\Shell - "" = AutoRun
O33 - MountPoints2\{68bcb6d1-096e-11e1-a74b-848f69a9b25a}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010-10-01 03:33:42 | 000,140,288 | R--- | M] ()
O33 - MountPoints2\{fa056016-f99e-11e0-a09a-848f69a9b25a}\Shell - "" = AutoRun
O33 - MountPoints2\{fa056016-f99e-11e0-a09a-848f69a9b25a}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010-10-01 03:33:42 | 000,140,288 | R--- | M] ()
O33 - MountPoints2\{fa056025-f99e-11e0-a09a-848f69a9b25a}\Shell - "" = AutoRun
O33 - MountPoints2\{fa056025-f99e-11e0-a09a-848f69a9b25a}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010-10-01 03:33:42 | 000,140,288 | R--- | M] ()
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2010-10-01 03:33:42 | 000,140,288 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012-07-02 22:30:05 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Roaming\Malwarebytes
[2012-07-02 22:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012-07-02 22:29:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012-07-02 22:29:44 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012-07-02 22:29:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012-07-02 22:23:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012-07-02 22:16:31 | 000,000,000 | ---D | C] -- C:\_OTL
[2012-06-26 23:26:03 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\{17EADEB5-BD8B-4F1D-9DB4-92E47E2107DA}
[2012-06-26 23:25:51 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\{316699D6-13A1-4300-9FC7-38C21816A3E7}
[2012-06-26 23:18:20 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\{EEA28E76-F9F3-43F8-B695-7E9EC5920AF9}
[2012-06-26 23:12:54 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\Windows Live
[2012-06-26 23:12:28 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\{B18C2354-2B8F-4E23-AD21-4E0CEB72946E}
[2012-06-26 23:12:28 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Local\{200DC27F-9936-44BB-B1C3-18ED4CE87782}
[2012-06-25 19:54:52 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Roaming\Roxio Burn
[2012-06-25 19:51:07 | 000,000,000 | ---D | C] -- C:\Users\Oscar\AppData\Roaming\Macrovision
[2012-06-19 23:59:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veetle
[2011-09-23 16:06:05 | 000,641,400 | ---- | C] (BitTorrent, Inc.) -- C:\Users\Oscar\utorrent.exe
[2011-09-22 20:12:52 | 001,029,000 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Oscar\SkypeSetup.exe
[2011-09-22 20:09:04 | 014,228,488 | ---- | C] (PokerStars) -- C:\Users\Oscar\PokerStarsInstall.exe

========== Files - Modified Within 30 Days ==========

[2012-07-02 22:29:52 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-07-02 22:26:30 | 000,025,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-02 22:26:30 | 000,025,008 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-02 22:19:04 | 000,000,988 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-07-02 22:18:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-07-02 22:18:39 | 453,640,191 | -HS- | M] () -- C:\hiberfil.sys
[2012-07-02 22:16:43 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012-07-02 22:05:39 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012-07-02 18:43:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-02 18:07:49 | 000,002,342 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012-07-02 18:07:49 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-06-26 23:26:09 | 005,432,904 | ---- | M] () -- C:\Users\Oscar\Desktop\RafaNadal.wmv
[2012-06-26 23:18:48 | 005,432,904 | ---- | M] () -- C:\Users\Oscar\Desktop\RafaNadal.mov.wmv
[2012-06-26 23:16:28 | 000,002,250 | ---- | M] () -- C:\Users\Oscar\Desktop\RafaNadal.mov.wlmp
[2012-06-26 22:48:25 | 002,794,749 | ---- | M] () -- C:\Users\Oscar\Desktop\IMG_3897.MOV
[2012-06-25 17:29:44 | 000,691,062 | ---- | M] () -- C:\Users\Oscar\Desktop\Grejskrivbord.png
[2012-06-23 21:51:17 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012-06-20 20:36:21 | 001,573,176 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012-06-20 20:36:21 | 000,661,744 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2012-06-20 20:36:21 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012-06-20 20:36:21 | 000,141,514 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2012-06-20 20:36:21 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012-06-15 18:57:10 | 000,348,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012-06-06 09:24:13 | 000,001,056 | ---- | M] () -- C:\Users\Oscar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012-06-06 09:24:07 | 000,001,024 | ---- | M] () -- C:\Users\Oscar\Desktop\Dropbox.lnk
[2012-06-02 23:19:47 | 000,008,869 | ---- | M] () -- C:\Users\Oscar\Desktop\Statistik - Golf - 2012.ods

========== Files Created - No Company Name ==========

[2012-07-02 22:29:52 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012-06-26 23:26:00 | 005,432,904 | ---- | C] () -- C:\Users\Oscar\Desktop\RafaNadal.wmv
[2012-06-26 23:18:38 | 005,432,904 | ---- | C] () -- C:\Users\Oscar\Desktop\RafaNadal.mov.wmv
[2012-06-26 23:16:28 | 000,002,250 | ---- | C] () -- C:\Users\Oscar\Desktop\RafaNadal.mov.wlmp
[2012-06-26 22:47:09 | 002,794,749 | ---- | C] () -- C:\Users\Oscar\Desktop\IMG_3897.MOV
[2012-06-25 17:29:44 | 000,691,062 | ---- | C] () -- C:\Users\Oscar\Desktop\Grejskrivbord.png
[2012-01-16 21:44:50 | 000,003,465 | -HS- | C] () -- C:\Windows\SysWow64\win_stlthdb_sys.dat
[2012-01-16 21:44:50 | 000,003,465 | -HS- | C] () -- C:\Users\Oscar\AppData\Local\win_stlthdb_sys.dat
[2012-01-16 21:44:50 | 000,002,568 | -HS- | C] () -- C:\ProgramData\win_mpwd_sys.dat
[2012-01-16 21:43:30 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nwsftUninstall.exe
[2011-10-10 21:05:05 | 000,000,000 | ---- | C] () -- C:\Windows\HMHud.INI
[2011-09-28 20:59:08 | 001,448,993 | ---- | C] () -- C:\Users\Oscar\wrar401.exe
[2011-09-23 16:17:45 | 000,000,031 | ---- | C] () -- C:\Program Files\plugins-04041e-fe8.dat
[2011-09-22 21:25:09 | 006,759,840 | ---- | C] () -- C:\Users\Oscar\Spotify Installer.exe
[2011-09-22 20:28:21 | 000,787,440 | ---- | C] () -- C:\Users\Oscar\PurpleLounge.exe
[2011-09-16 15:15:33 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011-09-16 15:15:31 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011-09-16 15:15:30 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011-02-24 01:12:26 | 000,002,182 | ---- | C] () -- C:\Users\Oscar\URPreferences.xml
[2011-02-15 13:09:53 | 001,551,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2012-07-02 22:21:26 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\Dropbox
[2011-09-22 19:59:11 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\Fingertapps
[2011-10-10 20:02:13 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\HEM Data
[2012-01-21 11:45:54 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\Microgaming
[2011-09-28 21:55:08 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\OpenOffice.org
[2011-09-24 12:02:46 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\PCDr
[2012-03-20 00:03:02 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\Personal
[2012-06-25 21:17:57 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\Spotify
[2011-09-30 00:12:00 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\TeamViewer
[2012-01-17 19:50:12 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\Template
[2012-01-29 22:37:22 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\uTorrent
[2011-09-22 20:14:58 | 000,000,000 | ---D | M] -- C:\Users\Oscar\AppData\Roaming\ZinioReader4
[2012-06-23 21:51:17 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012-04-20 23:31:01 | 000,032,514 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012-07-02 22:05:39 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

========== Purity Check ==========



< End of report >
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It looks gone from my end... How is it at your end
  • 0

#7
DanteAlighieri

DanteAlighieri

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
I removed two bad files after the malwarebytes scan. Unfortunately the log is in swedish:


Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Databasversion: v2012.07.02.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Oscar :: OSCAR-DATOR [administratör]

2012-07-02 22:49:21
mbam-log-2012-07-02 (22-49-21).txt

Skanningstyp: Snabbskanning
Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM
Inaktiverade skanningsalternativ: P2P
Antal skannade objekt: 246393
Förfluten tid: 3 minut(er), 47 sekund(er)

Upptäckta minnesprocesser: 0
(Inga skadliga poster hittades)

Upptäckta minnesmoduler: 0
(Inga skadliga poster hittades)

Upptäckta registernycklar: 0
(Inga skadliga poster hittades)

Upptäckta registervärden: 0
(Inga skadliga poster hittades)

Upptäckta registerdataposter: 0
(Inga skadliga poster hittades)

Upptäckta mappar: 0
(Inga skadliga poster hittades)

Upptäckta filer: 2
C:\Users\Oscar\PurpleLounge.exe (PUP.Casino.Gen) -> Sattes i karantän och togs bort.
C:\Users\Oscar\Downloads\setup.exe (PUP.BundleInstaller.VG) -> Sattes i karantän och togs bort.

(klar)


From my end the default starting page is still searchnu when I open Google Chrome. And it opens two pages when I start it. Don't know if it is gone and I can just change starting page or if it is still there?
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I can see nothing in Chrome... But then it does not state the start page

I do not use Chrome myself, but I will check it out.... Can you change the start page ?

EDIT:

Google Chrome:
1. Open Google Chrome.
2. Click on the Wrench icon on top right corner of the browser.
3. Choose “Settings” from the drop down list.
4. Select “Basics.”
5. Click on “Manage search engines” under SEARCH settings area.
6. Hover your mouse to a preferred search engine and click “Make default.”
7. You can now remove unwanted search provider by clicking on the X mark.

If you cannot find searchnu.com from the lists of search providers, it may have other names like iLivid or something.
  • 0

#9
DanteAlighieri

DanteAlighieri

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

I can see nothing in Chrome... But then it does not state the start page

I do not use Chrome myself, but I will check it out.... Can you change the start page ?

EDIT:

Google Chrome:
1. Open Google Chrome.
2. Click on the Wrench icon on top right corner of the browser.
3. Choose “Settings” from the drop down list.
4. Select “Basics.”
5. Click on “Manage search engines” under SEARCH settings area.
6. Hover your mouse to a preferred search engine and click “Make default.”
7. You can now remove unwanted search provider by clicking on the X mark.

If you cannot find searchnu.com from the lists of search providers, it may have other names like iLivid or something.


Wow, nasty. Removed all, but it is still there when I close down and open the browser again.


EDIT

There are also some strange desktop.ini files on my desktop. Also some strange backup word-files which wasnt there before.

Edited by DanteAlighieri, 02 July 2012 - 03:23 PM.

  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
They are system hidden files which are shown when I use my tools, they will be reset when I clean up


What is it called within Chrome ? As I can do a search for any files with that name
  • 0

Advertisements


#11
DanteAlighieri

DanteAlighieri

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts

They are system hidden files which are shown when I use my tools, they will be reset when I clean up


What is it called within Chrome ? As I can do a search for any files with that name


Oh.

I just also removed searchnu from the "group of pages" and it worked. I seems gone now.
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Go to control panel
  • Select folder options (Appearance > Folder options in category view)
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0

#13
DanteAlighieri

DanteAlighieri

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Thanks Essexboy!

Please keep this topic open as I will do these last steps tomorrow. I am tired and need to go to work tomorrow morning. :)
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a problem , I always leave two or three days just to be sure
  • 0

#15
DanteAlighieri

DanteAlighieri

    Member

  • Topic Starter
  • Member
  • PipPip
  • 50 posts
Hi again Essexboy,

If I do this step:

Now we can purge the infected ones
GoStart > All programs > Accessories > system tools
Right click Disc cleanup and select run as administrator
Select Your main drive and accept the warning if you get one
For a few moments the system will make some calculations
Select the More Options tab
In the System Restore and Shadow Backups select Clean up
Select Delete on the pop up
Select OK
Select Delete

Will I still have all my files, i.e. pictures, videos left? Will it delete anything except bad stuff?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP