Just nu i M3-nätverket
Gå till innehåll

Går det att få bort CouponDropDown?


TomasMood

Rekommendera Poster

ska försöka få med 2 filer här, jag har f-secure men det verkar inte hitta nåt alls.

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-02-2015

Ran by Tomas Mood at 2015-03-01 18:18:50

Running from C:\Users\Tomas Mood\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Antivirus (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}

AS: Antivirus (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

"Faces of War" (Remove Only) (HKLM\...\{2C2F85C4-62C3-4F59-A5E1-AB60E5F76ADF}_is1) (Version: 1.0.1 - Ubisoft)

Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)

Aliens vs. Predator 2 (HKLM\...\{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}) (Version: - )

Amnesia: The Dark Descent (HKLM\...\Steam App 57300) (Version: - )

applicationupdater (HKU\S-1-5-21-3767066173-520142290-2618287913-1004\...\SOE-C:/Users/Tomas Mood/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version: - Sony Online Entertainment)

ARMA 2 (HKLM\...\Steam App 33910) (Version: - Bohemia Interactive)

Arma 2: DayZ Mod (HKLM\...\Steam App 224580) (Version: - Bohemia Interactive)

ARMA 2: Free (HKLM\...\Steam App 107400) (Version: - Bohemia Interactive)

Arma 2: Operation Arrowhead (HKLM\...\Steam App 33930) (Version: - Bohemia Interactive)

Armageddon (HKLM\...\{E163BB62-2840-4C55-9A8E-5C5B9E9FF86C}) (Version: - )

Avinstallera EPSON XP-212 213 Series (HKLM\...\EPSON XP-212 213 Series) (Version: - SEIKO EPSON Corporation)

BankID säkerhetsprogram (HKLM\...\{2D6973ED-BBF2-434E-993C-37E05087B8C8}) (Version: 5.1.3.2 - Finansiell ID-Teknik BID AB)

Battlefield: Bad Company™ 2 (HKLM\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)

BattlEye (A2Free) Uninstall (HKLM\...\BattlEye A2 Free) (Version: - )

BattlEye Uninstall (HKLM\...\BattlEye for A2) (Version: - )

BioShock (HKLM\...\Steam App 7670) (Version: - 2K Boston)

Black & White® 2 (HKLM\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)

Blitzkrieg (HKLM\...\Blitzkrieg) (Version: - )

Brothers In Arms (HKLM\...\BrothersInArms) (Version: - Ubisoft)

Call of Duty® 2 (HKLM\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.3 - Activision)

Call of Duty® 2 (Version: 1.00.0000 - Activision) Hidden

Call of Duty® 2 Patch 1.3 (Version: 1.3 - ) Hidden

Call of Duty: Modern Warfare 2 - Multiplayer (HKLM\...\Steam App 10190) (Version: - Infinity Ward)

Call of Duty: Modern Warfare 2 (HKLM\...\Steam App 10180) (Version: - Infinity Ward)

CivCity (HKLM\...\{994E24A6-EC47-4201-8D0B-D4563B7AD66B}) (Version: 1.00.0000 - Firefly Studios)

Close Combat Invasion Normandy (HKLM\...\{66545400-DEF6-11D3-A09A-00E02919016C}) (Version: - )

Company of Heroes (HKLM\...\{66F78C51-D108-4F0C-A93C-1CBE74CE338F}) (Version: 1.0.0.99 - THQ Inc.)

Computer Security 14.115.100.0 (release) (Version: 14.115.100.0 - F-Secure Corporation) Hidden

Crusader Kings II (HKLM\...\Steam App 203770) (Version: - Paradox Development Studio)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Dawn Of War - Winter Assault (HKLM\...\{DD8408E9-9421-484F-979D-DB6361E3E828}) (Version: 1.4 - THQ)

Dawn Of War (HKLM\...\{83F12F73-D52E-40C0-93B1-463C311C4E17}) (Version: 1.40 - THQ)

Dead Island (HKLM\...\Steam App 91310) (Version: - Techland)

DEFCON (HKLM\...\Steam App 1520) (Version: - Introversion Software)

Doom 3 (HKLM\...\InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}) (Version: 1.00.0000 - Activision)

Doom 3 (Version: 1.00.0000 - Activision) Hidden

Doomsday (HKLM\...\{69464949-AD9C-4C98-933F-C32FFC86F3C8}) (Version: - )

Download Manager 2.3.6 (HKLM\...\Download Manager) (Version: 2.3.6 - IGN Entertainment, Inc.)

Dropbox (HKU\S-1-5-21-3767066173-520142290-2618287913-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)

Dropbox (HKU\S-1-5-21-3767066173-520142290-2618287913-1004\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)

Empire: Total War (HKLM\...\Steam App 10500) (Version: - The Creative Assembly)

Enemy Territory - QUAKE Wars Beta 1.1 Patch (Version: - ) Hidden

Enemy Territory - QUAKE Wars Beta 2 1.1 Patch (Version: - ) Hidden

EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)

EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)

Epsons handböcker (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)

Europa Universalis III (HKLM\...\{59C80C5E-8C92-40FF-B910-2BB5C7281F61}) (Version: - )

F.E.A.R. (HKLM\...\Steam App 21090) (Version: - Monolith Productions)

Fable III (HKLM\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)

Fable III (Version: 1.0.0000.131 - Microsoft Game Studios) Hidden

Fable III (Version: 1.0.0002.131 - Microsoft Game Studios) Hidden

Far Cry 2 (HKLM\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)

Fraps (HKLM\...\Fraps) (Version: - )

F-Secure CCF Reputation (Version: 2.0.1337.0 - F-Secure) Hidden

F-Secure CCF Scanning 1.51.111.300 (release) (Version: 1.51.111.300 - F-Secure Corporation) Hidden

F-Secure Launch pad (HKLM\...\F-Secure ServiceEnabler 666) (Version: 2.15.358.0 - F-Secure Corporation)

F-Secure Launch pad (Version: 2.15.358.0 - F-Secure Corporation) Hidden

F-Secure Network CCF 1.02.141 (Version: 1.02.141 - F-Secure Corporation) Hidden

F-Secure SafeSearch 1.03.159.0 (release) (Version: 1.03.159.0 - F-Secure Corporation) Hidden

FTL: Faster Than Light (HKLM\...\Steam App 212680) (Version: - Subset Games)

Galactic Civilizations II (HKLM\...\Galactic Civilizations II) (Version: - )

gamelauncher-ps2-psg (HKU\S-1-5-21-3767066173-520142290-2618287913-1004\...\SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 PSG) (Version: - Sony Online Entertainment)

GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden

Ghost Recon Advanced Warfighter (HKLM\...\{EFC97089-04D6-42CE-A707-A343B4A7D2CD}) (Version: 1.00.000 - )

Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)

Google SketchUp 8 (HKLM\...\{B700113B-24A8-4D4C-8484-0CC944F764C8}) (Version: 3.0.3117 - Google, Inc.)

Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden

Half-Life® 2 (HKLM\...\{D45EC259-4A19-4656-B588-C2C360DD18EA}) (Version: 1.0.0.0 - Valve)

HDClone 4.1 Free Edition (HKLM\...\HDClone.Free.4.1.3.1033-{E0421D44-8936-47A7-8FC4-BD6B85212644}) (Version: - )

Hearts of Iron 2 (HKLM\...\{98786147-80E3-41A5-A80C-1F3C028558CF}) (Version: - )

Hearts of Iron III (HKLM\...\{D0106CC2-E34B-4FA3-B6B6-91F0ACEA2CC3}) (Version: - )

Heroes of Might and Magic IV: Winds of War (HKLM\...\Heroes of Might and Magic IV) (Version: - )

Homeworld2 (HKLM\...\Homeworld2) (Version: - Sierra)

ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.1.0 - LIGHTNING UK!)

John Deere Drive Green (HKLM\...\{377C9E1B-28E9-40C3-836C-85F8E839D4E6}) (Version: 1.00.0000 - Valusoft)

Kalle Kunskap Lär dig engelska (HKLM\...\Kalle Kunskap Lär dig engelska_is1) (Version: - )

Kalle Kunskap Skolstart (HKLM\...\{24EBA8F3-8515-41C9-96C5-826CAE736E9C}) (Version: 1.00.000 - )

Kalle Kunskap Skolstart (HKLM\...\Kalle Kunskap Skolstart) (Version: - )

Left 4 Dead (HKLM\...\Steam App 500) (Version: - Valve)

Logitech Gaming Software (HKLM\...\{5C1DA723-24FC-48AD-93BA-925695C3EF26}) (Version: 4.60 - Logitech)

Mass Effect (HKLM\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)

Master of Orion 3 (HKLM\...\Master of Orion 3) (Version: - )

Medieval II Total War (HKLM\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)

Medieval II Total War : Kingdoms : Americas (HKLM\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)

Medieval II Total War : Kingdoms : Britannia (HKLM\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)

Medieval II Total War : Kingdoms : Crusades (HKLM\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)

Medieval II Total War : Kingdoms : Teutonic (HKLM\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)

Medieval Total War (HKLM\...\Medieval Total War) (Version: - )

Metro 2033 (HKLM\...\Steam App 43110) (Version: - THQ)

Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )

Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )

Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )

Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Games for Windows - LIVE (HKLM\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)

Minecraft (HKLM\...\{63227E62-F417-497E-9060-22B3A9A52D7A}) (Version: 1.0.1.0 - Mojang)

Mount&Blade (HKLM\...\Mount&Blade) (Version: - )

Mumble and Murmur (HKLM\...\Mumble) (Version: 1.2.2 - Mumble)

Napoleon: Total War (HKLM\...\Steam App 34030) (Version: - The Creative Assembly)

Need for Speed Underground 2 (HKLM\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )

NVIDIA 3D Vision drivrutin 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)

NVIDIA 3D Vision drivrutin för styrenhet 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)

NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9713 - NVIDIA Corporation)

NVIDIA Grafikdrivrutin 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)

NVIDIA HD audiodrivrutin 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)

NVIDIA PhysX systemprogramvara 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)

NVIDIA-uppdatering 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)

Online Safety 2.115.2783.1598 (Version: 2.115.2783.1598 - F-Secure Corporation) Hidden

OpenOffice.org 3.2 (HKLM\...\{0A5DAE9E-DD2A-40D1-9AEB-06F31133A9DE}) (Version: 3.2.9483 - OpenOffice.org)

Operation Flashpoint: Dragon Rising (HKLM\...\Steam App 12830) (Version: - Codemasters)

Pacific Fighters (HKLM\...\InstallShield_{E149E957-F289-45E3-8645-1794A173F5AB}) (Version: 1.00.0000 - Ubisoft)

Pacific Fighters (Version: 1.00.0000 - Ubisoft) Hidden

PlanetSide 2 (HKU\S-1-5-21-3767066173-520142290-2618287913-1004\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.181 - Sony Online Entertainment)

Portal (HKLM\...\Steam App 400) (Version: - Valve)

PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)

R.U.S.E (HKLM\...\Steam App 21970) (Version: - Ubisoft)

Razer DeathAdder Black Edition Mouse (HKLM\...\{DDF83FDD-89DB-47A4-A541-DD88C52F625A}) (Version: 1.02 - Razer USA Ltd.)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)

Rome - Total War (HKLM\...\InstallShield_{A642BB6B-CA1D-4142-8DD4-318C3F3DC834}) (Version: 1.0 - Activision)

Rome - Total War (Version: 1.0 - Activision) Hidden

Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)

S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006] (HKLM\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0006 - THQ)

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

Sid Meier's Civilization 4 Complete (HKLM\...\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}) (Version: 1.74 - Firaxis Games)

Silent Hunter 5 (HKLM\...\{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}) (Version: 1.2.0 - Ubisoft)

Silent Hunter III (HKLM\...\InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}) (Version: 1.00.0000 - Ubisoft)

Silent Hunter III (Version: 1.00.0000 - Ubisoft) Hidden

SimCity 4 (HKLM\...\{01339AE5-04D4-43F8-008E-13AD788DC4F7}) (Version: - )

Sins of a Solar Empire: Rebellion (HKLM\...\Steam App 204880) (Version: - )

Source SDK (HKLM\...\Steam App 211) (Version: - Valve)

Source SDK Base (HKLM\...\Steam App 215) (Version: - Valve)

Spore (HKLM\...\Steam App 17390) (Version: - Maxis™)

Spore: Creepy & Cute Parts Pack (HKLM\...\Steam App 17440) (Version: - Maxis™)

Spotify (HKU\S-1-5-21-3767066173-520142290-2618287913-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)

Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - sve) (Version: - Microsoft Corporation)

Star Wars Empire at War (HKLM\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)

StarCraft II (HKLM\...\StarCraft II) (Version: - Blizzard Entertainment)

Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)

Superbrothers: Sword & Sworcery EP (HKLM\...\Steam App 204060) (Version: - )

TeamSpeak 3 Client (HKU\S-1-5-21-3767066173-520142290-2618287913-1000\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH)

TeamSpeak 3 Client (HKU\S-1-5-21-3767066173-520142290-2618287913-1004\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH)

The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)

The Walking Dead (HKLM\...\Steam App 207610) (Version: - )

The Walking Dead: Season Two (HKLM\...\Steam App 261030) (Version: - Telltale Games)

Thief Gold (HKLM\...\Steam App 211600) (Version: - )

Tom Clancy's Ghost Recon: Advanced Warfighter 2 (HKLM\...\Steam App 13510) (Version: - Ubisoft)

Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Unity of Command (HKLM\...\Steam App 218090) (Version: - )

Unreal Tournament 3 (HKU\S-1-5-21-3767066173-520142290-2618287913-1000\...\InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}) (Version: 1.00.0000 - Epic Games)

Unreal Tournament 3 (HKU\S-1-5-21-3767066173-520142290-2618287913-1004\...\InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}) (Version: 1.00.0000 - Epic Games)

Unreal Tournament 3 (Version: 1.00.0000 - Epic Games) Hidden

Unreal Tournament 3 Demo (HKU\S-1-5-21-3767066173-520142290-2618287913-1004\...\InstallShield_{3266FEA9-98E9-448B-B235-DAC63D4CE781}) (Version: 1.00.0000 - Epic Games)

Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.5 - Flagship Industries, Inc.)

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)

World in Conflict: Soviet Assault (HKLM\...\{F11ADC64-C89E-47F4-A0B3-3665FF859397}) (Version: 1.0.1.0 - Ubisoft Entertainment)

World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tomas Mood\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{026371C0-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{030B4A80-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{030B4A81-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{030B4A82-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{0713E8A8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{0713E8D8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{1E216240-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{1F6F8D20-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{373FF7F4-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{43887C67-4D5D-4127-BAAC-87A288494C7C}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\xmergesync.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\Windows\system32\msinet.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\Windows\system32\msinet.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\Windows\system32\msinet.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{58DA8D93-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{58DA8D96-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{5ACBB955-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{5ACBB956-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{5ACBB957-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{5ACBB958-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{6027C2D4-FB28-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{612A8628-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{62823C20-41A3-11CE-9E8B-0020AF039CA3}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{67F2A879-82D5-4A6D-8CC5-FFB3C114B69D}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\program\so_activex.dll ()

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{6B7E6393-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{6B7E63A3-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\ooofiltproxy.dll (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{9ED94444-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{B66834C6-2E60-11CE-8748-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{BDD611C3-7BAB-460F-8711-5B9AC9EF6020}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\xmergesync.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C6AB3E74-9F4F-4370-8120-A8A6FABB7A7C}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\xmergesync.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{CB43F086-838D-4FA4-B5F6-3406B9A57439}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\xmergesync.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Tomas Mood\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Tomas Mood\Downloads\GT-I9100_JB_ClockworkMod-Recovery_6.0.2.9.tar(1).exe No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tomas Mood\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tomas Mood\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tomas Mood\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tomas Mood\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tomas Mood\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tomas Mood\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tomas Mood\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tomas Mood\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1000_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{026371C0-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{030B4A80-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{030B4A81-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{030B4A82-1B7C-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{0713E8A2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{0713E8A8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{0713E8D2-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{0713E8D8-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{1E216240-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{1F6F8D20-1B7D-11CF-9D53-00AA003C9CB6}\InprocServer32 -> C:\Windows\system32\comct232.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{373FF7F0-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{373FF7F4-EB8B-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{3C4F3BE3-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{3C4F3BE5-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{3C4F3BE7-47EB-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{43887C67-4D5D-4127-BAAC-87A288494C7C}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\xmergesync.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{48E59293-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\Windows\system32\msinet.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{48E59294-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\Windows\system32\msinet.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{48E59295-9880-11CF-9754-00AA00C00908}\InprocServer32 -> C:\Windows\system32\msinet.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{586A6352-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{586A6353-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{586A6354-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{586A6355-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{586A6356-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{586A6357-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{586A6359-87C8-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{58DA8D8A-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{58DA8D8F-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{58DA8D93-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{58DA8D96-9D6A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{5ACBB955-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{5ACBB956-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{5ACBB957-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{5ACBB958-5C57-11CF-8993-00AA00688B10}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{6027C2D4-FB28-11CD-8820-08002B2F4F5A}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{612A8624-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{612A8628-0FB3-11CE-8747-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{62823C20-41A3-11CE-9E8B-0020AF039CA3}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{67F2A879-82D5-4A6D-8CC5-FFB3C114B69D}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\program\so_activex.dll ()

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{6B7E638F-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{6B7E6393-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{6B7E63A3-850A-101B-AFC0-4210102A8DA7}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{7629CFA2-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{7629CFA4-3FE5-101B-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\ooofiltproxy.dll (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{9ED94440-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{9ED94444-E5E8-101B-B9B5-444553540000}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{B66834C6-2E60-11CE-8748-524153480004}\InprocServer32 -> C:\Windows\system32\comctl32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{BDD611C3-7BAB-460F-8711-5B9AC9EF6020}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\xmergesync.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE32-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE33-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE34-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE35-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE36-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE37-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE38-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE39-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE3A-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE3B-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE3C-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE3D-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE3E-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE3F-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE40-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE41-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C27CCE42-8596-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C6AB3E74-9F4F-4370-8120-A8A6FABB7A7C}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\xmergesync.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{CB43F086-838D-4FA4-B5F6-3406B9A57439}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\xmergesync.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomctl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\UpdatusUser\Downloads\GT-I9100_JB_ClockworkMod-Recovery_6.0.2.9.tar(1).exe No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\Windows\system32\comdlg32.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll No File

CustomCLSID: HKU\S-1-5-21-3767066173-520142290-2618287913-1004_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\Windows\system32\mscomct2.ocx (Microsoft Corporation)

 

==================== Restore Points =========================

 

29-01-2015 19:45:17 Schemalagd kontrollpunkt

30-01-2015 21:50:54 Schemalagd kontrollpunkt

02-02-2015 20:22:42 Schemalagd kontrollpunkt

03-02-2015 19:23:45 Schemalagd kontrollpunkt

08-02-2015 13:33:05 Schemalagd kontrollpunkt

09-02-2015 12:34:45 Schemalagd kontrollpunkt

10-02-2015 10:48:12 Schemalagd kontrollpunkt

11-02-2015 00:09:33 Schemalagd kontrollpunkt

11-02-2015 14:38:42 Windows Update

12-02-2015 18:12:12 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030

13-02-2015 21:21:38 Schemalagd kontrollpunkt

14-02-2015 13:05:16 Schemalagd kontrollpunkt

15-02-2015 19:38:46 Schemalagd kontrollpunkt

16-02-2015 20:03:35 Schemalagd kontrollpunkt

18-02-2015 16:33:37 Schemalagd kontrollpunkt

20-02-2015 11:17:12 Schemalagd kontrollpunkt

21-02-2015 18:49:08 Schemalagd kontrollpunkt

28-02-2015 02:55:31 Schemalagd kontrollpunkt

28-02-2015 12:31:53 Windows Update

28-02-2015 15:00:28 Removed Adobe Reader X (10.1.0) - Svenska.

28-02-2015 15:02:31 Removed TomTom HOME Visual Studio Merge Modules

01-03-2015 01:11:03 Removed ASUSUpdate

01-03-2015 01:13:09 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030

01-03-2015 01:33:56 Removed Java 7 Update 45

01-03-2015 01:36:26 Removed Software Updater

01-03-2015 17:20:13 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

01-03-2015 17:25:01 Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

01-03-2015 17:28:14 Removed DayZ Commander

01-03-2015 17:30:15 Microsoft Visual C++ 2005 Redistributable togs bort

01-03-2015 17:31:16 Removed Quake Live Mozilla Plugin

01-03-2015 17:31:48 Removed Java 6 Update 18

01-03-2015 17:34:12 Removed Java 6 Update 20

01-03-2015 17:36:04 Removed Java 6 Update 5

01-03-2015 17:39:02 Removed Java 6 Update 3

01-03-2015 17:41:08 Removed Java 6 Update 2

01-03-2015 17:43:28 Removed Java SE Runtime Environment 6 Update 1

01-03-2015 17:50:10 Microsoft Visual C++ 2005 Redistributable togs bort

01-03-2015 17:51:09 Microsoft Visual C++ 2005 Redistributable togs bort

01-03-2015 17:54:25 Removed Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

01-03-2015 18:00:25 Removed Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

01-03-2015 18:02:05 Removed Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

01-03-2015 18:02:35 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

01-03-2015 18:03:21 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

01-03-2015 18:06:21 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

01-03-2015 18:08:01 Configured Unreal Tournament 3 Demo

01-03-2015 18:09:52 Removed World in Conflict - DEMO

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

::1 localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {19EAB4A5-CA48-4B3C-8ACA-A9D439C12AF2} - System32\Tasks\Jelbrus Secure Web Task => C:\Program Files\Jelbrus Secure Web\jswtask.exe [2015-02-20] (Jelbrus) <==== ATTENTION

Task: {30EC24F6-9B5B-43D1-B43D-6CE88AB8A052} - System32\Tasks\EPSON XP-212 213 Series Update {AC4AA64F-DB4E-40DE-94B7-07595E6CAC8A} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {689658BE-81AF-4620-99EC-B9B6EE2B2F30} - System32\Tasks\{FB42F8C7-9505-42E5-ACD2-6C5C53E5911B} => pcalua.exe -a E:\setup.exe -d E:\

Task: {6B242DFB-DD55-466D-A441-C16FDEA6D9F6} - System32\Tasks\{689F64BF-6E13-412B-B982-565BFACAD6E9} => pcalua.exe -a "C:\Users\Tomas Mood\AppData\Roaming\SpeedTray\speedtray.exe" -c /uninstall

Task: {8829F386-D088-4FDC-9FAF-883E7ECA1B3D} - System32\Tasks\EPSON XP-212 213 Series Invitation {AC4AA64F-DB4E-40DE-94B7-07595E6CAC8A} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {94D8FA51-CD96-4654-B5D1-0B6A200F9F72} - System32\Tasks\EPSON XP-212 213 Series Invitation {0F542A2B-3970-432C-BAEF-90D68FFB1BE8} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {A12E4139-E556-4A0C-AD18-E22B3B427CC0} - System32\Tasks\Microsoft\Windows\RestartManager\{5AF8F835-7488-426f-B0AA-4879D375817B} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)

Task: {A8262401-D662-4790-930D-55BA8762B238} - System32\Tasks\EPSON XP-212 213 Series Invitation {941046A8-62E8-4D98-83FB-FAF009CF0964} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {A98254A9-1671-4B46-B96A-C8BBD35D14AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)

Task: {ADC58777-2936-48A8-A2B5-260BD23B7362} - System32\Tasks\GPUP => C:\Program Files\GetPrivate\gpup.exe <==== ATTENTION

Task: {C09F3FC4-5C51-457B-8D37-17CF13A8324C} - System32\Tasks\EPSON XP-212 213 Series Update {0F542A2B-3970-432C-BAEF-90D68FFB1BE8} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {CB212E87-9654-47DD-B554-853D5E7061EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)

Task: {D6DE36BF-C35C-4593-B1CE-CCA2602E5517} - System32\Tasks\{9FED53A4-E4E5-4346-A4F3-389029A46148} => pcalua.exe -a C:\Windows\system32\PhysX.cpl

Task: {F0813085-264B-4FCD-82CA-825767C55F48} - System32\Tasks\EPSON XP-212 213 Series Update {941046A8-62E8-4D98-83FB-FAF009CF0964} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {F747D4C3-8C79-465F-B791-911558BD4162} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Tomas Mood => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\Windows\Tasks\EPSON XP-212 213 Series Invitation {0F542A2B-3970-432C-BAEF-90D68FFB1BE8}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.EXE

Task: C:\Windows\Tasks\EPSON XP-212 213 Series Invitation {941046A8-62E8-4D98-83FB-FAF009CF0964}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.EXE

Task: C:\Windows\Tasks\EPSON XP-212 213 Series Invitation {AC4AA64F-DB4E-40DE-94B7-07595E6CAC8A}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.EXE

Task: C:\Windows\Tasks\EPSON XP-212 213 Series Update {0F542A2B-3970-432C-BAEF-90D68FFB1BE8}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.EXE:/EXE:{0F542A2B-3970-432C-BAEF-90D68FFB1BE8} /F:UpdateSYSTEM

Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

Task: C:\Windows\Tasks\EPSON XP-212 213 Series Update {941046A8-62E8-4D98-83FB-FAF009CF0964}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.EXE:/EXE:{941046A8-62E8-4D98-83FB-FAF009CF0964} /F:UpdateSYSTEM

Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

Task: C:\Windows\Tasks\EPSON XP-212 213 Series Update {AC4AA64F-DB4E-40DE-94B7-07595E6CAC8A}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLHE.EXE:/EXE:{AC4AA64F-DB4E-40DE-94B7-07595E6CAC8A} /F:UpdateSYSTEM

Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\User_Feed_Synchronization-{DDF4DA86-EC81-4C6A-9C1F-712DB234FBEA}.job => C:\Windows\system32\msfeedssync.exe

 

==================== Loaded Modules (whitelisted) ==============

 

2013-05-15 15:05 - 2013-05-15 15:05 - 00220096 _____ () C:\Program Files\F-Secure\daas2.dll

2007-07-18 00:06 - 2013-03-18 23:08 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe

2007-07-18 00:06 - 2013-05-03 20:23 - 00215128 _____ () C:\Windows\system32\PnkBstrB.exe

2015-02-20 10:26 - 2015-02-20 10:26 - 00086528 _____ () C:\Program Files\Jelbrus Secure Web\mgwz.dll

2012-06-06 20:29 - 2012-06-06 20:29 - 00030888 _____ () C:\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll

2012-06-06 20:24 - 2014-11-04 19:02 - 00212008 _____ () C:\Program Files\F-Secure\apps\ComputerSecurity\Spam Control\fsas.dll

2013-08-25 15:00 - 2011-03-21 13:20 - 00246272 _____ () C:\Program Files\Razer\DeathAdderBlackEdition\razerhid.exe

2014-11-04 18:57 - 2014-11-04 18:57 - 00592936 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dll

2013-08-25 15:00 - 2010-11-26 13:06 - 00218112 _____ () C:\Program Files\Razer\DeathAdderBlackEdition\razertra.exe

2013-08-25 15:00 - 2011-03-16 10:33 - 01758208 _____ () C:\Program Files\Razer\DeathAdderBlackEdition\vdDaemon.exe

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"

 

==================== EXE Association (whitelisted) ===============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-3767066173-520142290-2618287913-1000\Control Panel\Desktop\\Wallpaper -> C:\Gamla\Foto\Vyer\DSC00206.JPG

HKU\S-1-5-21-3767066173-520142290-2618287913-1004\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg

DNS Servers: 192.168.0.1

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\Services: TomTomHOMEService => 2

 

==================== Accounts: =============================

 

Administratör (S-1-5-21-3767066173-520142290-2618287913-500 - Administrator - Disabled)

ASPNET (S-1-5-21-3767066173-520142290-2618287913-1002 - Limited - Enabled)

Gäst (S-1-5-21-3767066173-520142290-2618287913-501 - Limited - Enabled)

Tomas Mood (S-1-5-21-3767066173-520142290-2618287913-1000 - Administrator - Enabled) => C:\Users\Tomas Mood

UpdatusUser (S-1-5-21-3767066173-520142290-2618287913-1004 - Limited - Enabled) => C:\Users\UpdatusUser

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (03/01/2015 06:16:32 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 1 2015-03-01 18:16:31+02:00 tm2 SYSTEM F-Secure DeepGuard

Application was blocked. This was determined to be a high-risk application by system control heuristics.

Application path: \\?\c:\users\tomas mood\desktop\frst.exe

File hash: 7b5281fb33535522a0076b6d0f73a58d29ee04da

 

Error: (03/01/2015 06:09:50 PM) (Source: VSS) (EventID: 8194) (User: )

Description: Fel i tjänsten Volume Shadow Copy: Oväntat fel när gränssnittet IVssWriterCallback skulle erhållas. hr = 0x80070005.

Det orsakas ofta av inkorrekta säkerhetsinställningar i processen för antingen skrivaren eller beställaren.

 

 

Åtgärd:

Samlar in skrivardata

 

Kontext:

Skrivarklass-ID: {e8132975-6f93-4464-a53e-1050253ae220}

Skrivarnamn: System Writer

Skrivarinstans-ID: {9f6ba8d5-6fbf-400f-9db7-89309a3659bf}

 

Error: (03/01/2015 06:08:01 PM) (Source: VSS) (EventID: 8194) (User: )

Description: Fel i tjänsten Volume Shadow Copy: Oväntat fel när gränssnittet IVssWriterCallback skulle erhållas. hr = 0x80070005.

Det orsakas ofta av inkorrekta säkerhetsinställningar i processen för antingen skrivaren eller beställaren.

 

 

Åtgärd:

Samlar in skrivardata

 

Kontext:

Skrivarklass-ID: {e8132975-6f93-4464-a53e-1050253ae220}

Skrivarnamn: System Writer

Skrivarinstans-ID: {9f6ba8d5-6fbf-400f-9db7-89309a3659bf}

 

Error: (03/01/2015 05:49:44 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programmet Au_.exe, version 5.20.0.6727, avslutades eftersom det slutade att samverka med Windows. Ytterligare information kan finnas i problemhistoriken på kontrollpanelen för Problemrapporter och lösningar.

Process-ID: 16d4

Starttid: 01d0543f341376c6

Avslutningstid: 0

 

Error: (03/01/2015 01:11:02 AM) (Source: VSS) (EventID: 8194) (User: )

Description: Fel i tjänsten Volume Shadow Copy: Oväntat fel när gränssnittet IVssWriterCallback skulle erhållas. hr = 0x80070005.

Det orsakas ofta av inkorrekta säkerhetsinställningar i processen för antingen skrivaren eller beställaren.

 

 

Åtgärd:

Samlar in skrivardata

 

Kontext:

Skrivarklass-ID: {e8132975-6f93-4464-a53e-1050253ae220}

Skrivarnamn: System Writer

Skrivarinstans-ID: {b4e6290d-b526-4f6e-8071-d6a73ae70556}

 

Error: (02/28/2015 11:23:29 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 2 2015-02-28 23:23:28+02:00 tm2 SYSTEM F-Secure DeepGuard

Application was blocked. This was determined to be a high-risk application by system control heuristics.

Application path: \\?\c:\program files\getprivate\gpup.exe

File hash: 1f1f560c29db6a61b05212eea0e3c68de0b9d61e

 

Error: (02/28/2015 08:17:05 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 1 2015-02-28 20:17:03+02:00 tm2 TM2\Tomas Mood F-Secure Anti-Virus

Manual scanning was finished - workstation was found infected!

 

Error: (02/28/2015 11:03:25 AM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 7 2015-02-28 11:03:25+02:00 tm2 SYSTEM F-Secure DeepGuard

Application was blocked. This was determined to be a high-risk application by system control heuristics.

Application path: \\?\c:\users\tomas mood\appdata\roaming\speedtray\speedtray.exe

File hash: 8e3490f1f5858347e1b7af8572f525f329340bc4

 

Error: (02/28/2015 11:01:56 AM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 6 2015-02-28 11:01:56+02:00 tm2 SYSTEM F-Secure DeepGuard

Application was blocked. This was determined to be a high-risk application by system control heuristics.

Application path: \\?\c:\users\tomas mood\appdata\roaming\speedtray\speedtray.exe

File hash: 8e3490f1f5858347e1b7af8572f525f329340bc4

 

Error: (02/28/2015 11:00:05 AM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 5 2015-02-28 11:00:05+02:00 tm2 SYSTEM F-Secure DeepGuard

Application was blocked. This was determined to be a high-risk application by system control heuristics.

Application path: \\?\c:\users\tomas mood\appdata\roaming\speedtray\speedtray.exe

File hash: 8e3490f1f5858347e1b7af8572f525f329340bc4

 

 

System errors:

=============

Error: (03/01/2015 05:15:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt

 

Error: (03/01/2015 02:22:52 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt

 

Error: (03/01/2015 02:07:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt

 

Error: (02/28/2015 03:11:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt

 

Error: (02/28/2015 03:01:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Windows Search%%1053

 

Error: (02/28/2015 03:01:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: 30000Windows Search

 

Error: (02/28/2015 03:01:13 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

 

Error: (02/28/2015 00:15:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Privoxy (PrivoxyService)1

 

Error: (02/28/2015 11:56:59 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt

 

Error: (02/28/2015 11:03:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: TomTomHOMEService1

 

 

Microsoft Office Sessions:

=========================

Error: (03/01/2015 06:16:32 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 1 2015-03-01 18:16:31+02:00 tm2 SYSTEM F-Secure DeepGuard

Application was blocked. This was determined to be a high-risk application by system control heuristics.

Application path: \\?\c:\users\tomas mood\desktop\frst.exe

File hash: 7b5281fb33535522a0076b6d0f73a58d29ee04da

 

Error: (03/01/2015 06:09:50 PM) (Source: VSS) (EventID: 8194) (User: )

Description: 0x80070005

 

Åtgärd:

Samlar in skrivardata

 

Kontext:

Skrivarklass-ID: {e8132975-6f93-4464-a53e-1050253ae220}

Skrivarnamn: System Writer

Skrivarinstans-ID: {9f6ba8d5-6fbf-400f-9db7-89309a3659bf}

 

Error: (03/01/2015 06:08:01 PM) (Source: VSS) (EventID: 8194) (User: )

Description: 0x80070005

 

Åtgärd:

Samlar in skrivardata

 

Kontext:

Skrivarklass-ID: {e8132975-6f93-4464-a53e-1050253ae220}

Skrivarnamn: System Writer

Skrivarinstans-ID: {9f6ba8d5-6fbf-400f-9db7-89309a3659bf}

 

Error: (03/01/2015 05:49:44 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Au_.exe5.20.0.672716d401d0543f341376c60

 

Error: (03/01/2015 01:11:02 AM) (Source: VSS) (EventID: 8194) (User: )

Description: 0x80070005

 

Åtgärd:

Samlar in skrivardata

 

Kontext:

Skrivarklass-ID: {e8132975-6f93-4464-a53e-1050253ae220}

Skrivarnamn: System Writer

Skrivarinstans-ID: {b4e6290d-b526-4f6e-8071-d6a73ae70556}

 

Error: (02/28/2015 11:23:29 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 2 2015-02-28 23:23:28+02:00 tm2 SYSTEM F-Secure DeepGuard

Application was blocked. This was determined to be a high-risk application by system control heuristics.

Application path: \\?\c:\program files\getprivate\gpup.exe

File hash: 1f1f560c29db6a61b05212eea0e3c68de0b9d61e

 

Error: (02/28/2015 08:17:05 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )

Description: 1 2015-02-28 20:17:03+02:00 tm2 TM2\Tomas Mood F-Secure Anti-Virus

Manual scanning was finished - workstation was found infected!

 

Error: (02/28/2015 11:03:25 AM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 7 2015-02-28 11:03:25+02:00 tm2 SYSTEM F-Secure DeepGuard

Application was blocked. This was determined to be a high-risk application by system control heuristics.

Application path: \\?\c:\users\tomas mood\appdata\roaming\speedtray\speedtray.exe

File hash: 8e3490f1f5858347e1b7af8572f525f329340bc4

 

Error: (02/28/2015 11:01:56 AM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 6 2015-02-28 11:01:56+02:00 tm2 SYSTEM F-Secure DeepGuard

Application was blocked. This was determined to be a high-risk application by system control heuristics.

Application path: \\?\c:\users\tomas mood\appdata\roaming\speedtray\speedtray.exe

File hash: 8e3490f1f5858347e1b7af8572f525f329340bc4

 

Error: (02/28/2015 11:00:05 AM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 5 2015-02-28 11:00:05+02:00 tm2 SYSTEM F-Secure DeepGuard

Application was blocked. This was determined to be a high-risk application by system control heuristics.

Application path: \\?\c:\users\tomas mood\appdata\roaming\speedtray\speedtray.exe

File hash: 8e3490f1f5858347e1b7af8572f525f329340bc4

 

 

CodeIntegrity Errors:

===================================

Date: 2015-03-01 18:18:19.528

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys because the set of per-page image hashes could not be found on the system.

 

Date: 2015-03-01 18:18:19.169

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys because the set of per-page image hashes could not be found on the system.

 

Date: 2015-03-01 18:18:18.779

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys because the set of per-page image hashes could not be found on the system.

 

Date: 2015-03-01 18:18:18.343

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys because the set of per-page image hashes could not be found on the system.

 

Date: 2015-02-27 00:02:00.353

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\updatetemp_10100\279c2d778b9f7acf62da6ef16f657fb11101d1cf6beb8617cd5493f616fea2f7\upd_fshs32.sys because the set of per-page image hashes could not be found on the system.

 

Date: 2015-02-27 00:01:59.979

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\updatetemp_10100\279c2d778b9f7acf62da6ef16f657fb11101d1cf6beb8617cd5493f616fea2f7\upd_fshs32.sys because the set of per-page image hashes could not be found on the system.

 

Date: 2015-02-27 00:01:59.558

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\updatetemp_10100\279c2d778b9f7acf62da6ef16f657fb11101d1cf6beb8617cd5493f616fea2f7\upd_fshs32.sys because the set of per-page image hashes could not be found on the system.

 

Date: 2015-02-27 00:01:59.199

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\F-Secure\apps\ComputerSecurity\Anti-Virus\updatetemp_10100\279c2d778b9f7acf62da6ef16f657fb11101d1cf6beb8617cd5493f616fea2f7\upd_fshs32.sys because the set of per-page image hashes could not be found on the system.

 

Date: 2015-02-07 21:49:42.403

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\BattlEye\BEDaisy.sys because the set of per-page image hashes could not be found on the system.

 

Date: 2015-02-07 21:49:41.935

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\BattlEye\BEDaisy.sys because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info ===========================

 

Processor: Pentium® Dual-Core CPU E5300 @ 2.60GHz

Percentage of memory in use: 44%

Total physical RAM: 3325.63 MB

Available physical RAM: 1833.75 MB

Total Pagefile: 6865.24 MB

Available Pagefile: 5230.48 MB

Total Virtual: 2047.88 MB

Available Virtual: 1912.07 MB

 

==================== Drives ================================

 

Drive c: (Partition_1) (Fixed) (Total:913.81 GB) (Free:328.18 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (Recovery) (Fixed) (Total:17.7 GB) (Free:14.14 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive e: (Disk_2) (CDROM) (Total:3.35 GB) (Free:0 GB) UDF

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: 5FD1B6A5)

Partition 1: (Not Active) - (Size=17.7 GB) - (Type=07 NTFS)

Partition 2: (Active) - (Size=913.8 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Länk till kommentar
Dela på andra webbplatser

1. Då får vi se hur FRST ser ut efter rensningen med AdwCleaner.

Starta FRST.

Bocka för Addition.txt.

Skanna och bifoga sen de två loggarna.

 

 

2. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Välj alternativet Enable detection of potentially unwanted applications.

Klicka på Advanced Settings.
Ta bort bocken framför Remove found threats.
Bocka för:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Om du klickar på knappen "Följ detta ämne" ovanför ditt första inlägg kan du få ett mejl när någon svarar.

Länk till kommentar
Dela på andra webbplatser

C:\AdwCleaner\Quarantine\C\Program Files\GetPrivate\gpup.exe.vir a variant of Win32/Techsnab.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.7z.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\AdwCleaner\Quarantine\C\Users\Tomas Mood\AppData\Roaming\GetPrivate\gp_upd.exe.vir a variant of Win32/Techsnab.B potentially unwanted application
C:\Gamla\patches and such\ådio\kazaa_setup.exe a variant of Win32/Adware.Kazaa.A application
C:\giz\SetupImgBurn_2.5.1.0.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Program Files\Jelbrus Secure Web\jswchromium.exe a variant of Win32/Techsnab.C potentially unwanted application
C:\Program Files\Jelbrus Secure Web\jswchromium64.exe a variant of Win32/Techsnab.C potentially unwanted application
C:\Program Files\Jelbrus Secure Web\jsweb.dll a variant of Win32/Techsnab.C potentially unwanted application
C:\Program Files\Jelbrus Secure Web\jsweb64.dll a variant of Win32/Techsnab.C potentially unwanted application
C:\Program Files\Jelbrus Secure Web\jswff.exe a variant of Win32/Techsnab.C potentially unwanted application
C:\Program Files\Jelbrus Secure Web\jswtask.exe a variant of Win32/Techsnab.C potentially unwanted application
C:\Users\Tomas Mood\AppData\Local\Temp\GPUpd54E6FDCA0.exe a variant of Win32/Techsnab.C potentially unwanted application
C:\Users\Tomas Mood\AppData\Local\Temp\TMP53C6ED43\SI.exe a variant of MSIL/Adware.WiseInstaller.A application
C:\Users\Tomas Mood\Downloads\coretemp_1236.exe a variant of Win32/InstallIQ.A potentially unwanted application
C:\Users\Tomas Mood\Downloads\EHNDROIX_V_14.8.21_GT-I9100.zip a variant of Android/Appinventor.A potentially unsafe application
C:\Users\Tomas Mood\Downloads\winamp565_full_emusic-7plus_sv-se.exe Win32/OpenCandy potentially unsafe application

 

Addition.txt

FRST.txt
 

Länk till kommentar
Dela på andra webbplatser

1. Dessa två installationsprogram ligger i mappen "Hämtade filer" och de har pekats ut av Esets skanner därför att de under installationen kommer att vilja installera onödiga program/webbläsartillägg:

C:\Users\Tomas Mood\Downloads\coretemp_1236.exe a variant of Win32/InstallIQ.A potentially unwanted application

C:\Users\Tomas Mood\Downloads\winamp565_full_emusic-7plus_sv-se.exe Win32/OpenCandy potentially unsafe application

 

 

2. Har du installerat detta program själv?

Download Manager 2.3.6 (HKLM\...\Download Manager) (Version: 2.3.6 - IGN Entertainment, Inc.)

 

 

3. Nedanstående skript kommer bland annat tömma papperskorgen så se till att där inte ligger något du vill ha kvar.

 

Starta programmet Anteckningar.

Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @fileplanet.com/fpdlm -> C:\Program Files\Download Manager\npfpdlm.dll No File
FF Plugin: @java.com/DTPlugin -> C:\Program Files\Java\jre6\bin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
R2 PrivoxyService; C:\Program Files\Jelbrus Secure Web\privoxy.exe [371200 2015-02-20] (The Privoxy team - www.privoxy.org) [File not signed] <==== ATTENTION
S3 nvcfsr; \??\C:\Program Files\Norman\Nvc\bin\nvcfsr.sys [X]
S3 nvcoafl4; \??\C:\Program Files\Norman\Nvc\bin\nvcoafl4.sys [X]
S3 nvcoaft4; \??\C:\Program Files\Norman\Nvc\bin\nvcoaft4.sys [X]
S3 nvcoarc4; \??\C:\Program Files\Norman\Nvc\bin\nvcoarc4.sys [X]
2015-02-20 10:28 - 2015-02-20 10:28 - 00000000 ____D () C:\Users\Tomas Mood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedTray
2015-02-20 10:26 - 2015-02-28 03:44 - 00000000 ____D () C:\Program Files\Jelbrus Secure Web
Task: {19EAB4A5-CA48-4B3C-8ACA-A9D439C12AF2} - System32\Tasks\Jelbrus Secure Web Task => C:\Program Files\Jelbrus Secure Web\jswtask.exe [2015-02-20] (Jelbrus) <==== ATTENTION
Task: {ADC58777-2936-48A8-A2B5-260BD23B7362} - System32\Tasks\GPUP => C:\Program Files\GetPrivate\gpup.exe <==== ATTENTION
c:\program files\getprivate
c:\users\tomas mood\appdata\roaming\speedtray
C:\Users\Tomas Mood\AppData\Roaming\GetPrivate
Folder: C:\Program Files\Mozilla Firefox\distribution\bundles\2dcd6e0fb051f2932a59b8b426ed319b
File: C:\Program Files\Mozilla Firefox\distribution\bundles\2dcd6e0fb051f2932a59b8b426ed319b
EmptyTemp:
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Stäng av alla program.

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Om datorn inte startas om automatiskt så gör det själv.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

Länk till kommentar
Dela på andra webbplatser

1. Tagit bort dem nu.

 

2. Ja, det är en matchningstjänst för onlinespel (med en massa reklam men den håller sig till när den används)

 

3. Fixlog.txt

 

Problemet kvarstår dock.

Länk till kommentar
Dela på andra webbplatser

1. På sidan http://www.virustotal.com klickar du på Choose File -knappen och klistrar in ett av följande filnamn i fältet "Filnamn", klicka på Öppna och sedan på Scan it!. Om det kommer upp en fråga om filen ska analyseras om så välj det alternativet. Vänta tills resultatet är klart. Klistra in länken (webbadressen) till resultatet här. Upprepa med nästa filnamn.

C:\Program Files\Mozilla Firefox\distribution\bundles\2dcd6e0fb051f2932a59b8b426ed319b\install.rdf

C:\Program Files\Mozilla Firefox\distribution\bundles\2dcd6e0fb051f2932a59b8b426ed319b\content\load.js

 

 

2. Starta programmet Anteckningar.

Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
Task: {7A65ADFA-C9A3-45C4-B314-A3E82720DA80} - \Jelbrus Secure Web Task No Task File <==== ATTENTION
ProxyServer: [S-1-5-21-3767066173-520142290-2618287913-1000] => 127.0.0.1:8118
SearchScopes: HKU\S-1-5-21-3767066173-520142290-2618287913-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt  
CMD: ipconfig /release
CMD: ipconfig /renew
Reboot:
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Stäng av alla program.

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Om datorn inte startas om automatiskt så gör det själv.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Godmorgon, och tack för all hjälp. Jag körde eset onlinescanner under natten och bifogarscan2.txt även den.
 
https://www.virustotal.com/sv/ed41ed8438856417a727aa17e953bfae5541f52e2cfb295936253095ee2d13b6/analysis/1425358412/
 
https://www.virustotal.com/sv/c28f3a8e6f29da41300468375f7e64b84722e3c9c9449398b6e5de98c6ec0ac5/analysis/1425358532/
 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-02-2015
Ran by Tomas Mood at 2015-03-03 06:01:19 Run:2
Running from C:\Users\Tomas Mood\Desktop
Loaded : Tomas Mood & UpdatusUser (Available: Tomas Mood & UpdatusUser)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
CreateRestorePoint:
CloseProcesses:
Task: {7A65ADFA-C9A3-45C4-B314-A3E82720DA80} - \Jelbrus Secure Web Task No Task File <==== ATTENTION
ProxyServer: [s-1-5-21-3767066173-520142290-2618287913-1000] => 127.0.0.1:8118
SearchScopes: HKU\S-1-5-21-3767066173-520142290-2618287913-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt  
CMD: ipconfig /release
CMD: ipconfig /renew
Reboot:
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A65ADFA-C9A3-45C4-B314-A3E82720DA80}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A65ADFA-C9A3-45C4-B314-A3E82720DA80}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Jelbrus Secure Web Task => Key not found. 
HKU\S-1-5-21-3767066173-520142290-2618287913-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\S-1-5-21-3767066173-520142290-2618287913-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} => not found.
 
=========  ipconfig /flushdns =========
 
 
IP-konfiguration f�r Windows
 
DNS-matcharens cacheminne har rensats.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset catalog =========
 
 
Winsock-katalogen har nollst�llts.
Du m�ste starta om datorn f�r att slutf�ra nollst�llningen.
 
 
========= End of CMD: =========
 
 
=========  netsh int ip reset c:\resetlog.txt =========
 
�terst�llning av Ekobeg�ran, OK!
�terst�llning av Allm�n, OK!
�terst�llning av Gr�nssnitt, OK!
Datorn m�ste startas om f�r att detta ska slutf�ras.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /release =========
 
 
IP-konfiguration f�r Windows
 
 
Ethernet-anslutning Anslutning till lokalt n�tverk:
 
   Anslutningsspecifika DNS-suffix . : 
   L�nklokal IPv6-adress . . . . . . : fe80::94a0:f2fa:5d9a:2a6c%9
   Standard-gateway. . . . . . . . . : 
 
Tunnelanslutning: Anslutning till lokalt n�tverk*:
 
   Anslutningsspecifika DNS-suffix . : 
   IPv6-adress . . . . . . . . . . . : 2001:0:5ef5:79fb:3851:2f77:3f57:ff3d
   L�nklokal IPv6-adress . . . . . . : fe80::3851:2f77:3f57:ff3d%8
   Standard-gateway. . . . . . . . . : ::
 
Tunnelanslutning: Anslutning till lokalt n�tverk* 11:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
========= End of CMD: =========
 
 
=========  ipconfig /renew =========
 
 
IP-konfiguration f�r Windows
 
 
Ethernet-anslutning Anslutning till lokalt n�tverk:
 
   Anslutningsspecifika DNS-suffix . : 
   L�nklokal IPv6-adress . . . . . . : fe80::94a0:f2fa:5d9a:2a6c%9
   IPv4-adress . . . . . . . . . . . : 192.168.0.194
   N�tmask . . . . . . . . . . . . . : 255.255.255.0
   Standard-gateway. . . . . . . . . : 192.168.0.1
 
Tunnelanslutning: Anslutning till lokalt n�tverk*:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
Tunnelanslutning: Anslutning till lokalt n�tverk* 11:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
========= End of CMD: =========
 
 
 
The system needed a reboot. 
 
==== End of Fixlog 06:02:25 ====

Länk till kommentar
Dela på andra webbplatser

Addition.txt

 

FRST.txt

 

Problemen är kvar, började nån gång efter att jag aktiverade "sökresultat filtreras" i f-secure browsing protection, då klickade jag säker godkänn till nåt som inte var ifrån f-secure. säkert då jag drog på mig jelbrus?

Länk till kommentar
Dela på andra webbplatser

Ok, avinstallera F-secure så här: http://community.f-secure.com/t5/Security/F-Secure-Uninstallation-Tool/td-p/31265

Kolla att inget med F-secure är kvar i Kontrollpanelens lista över installerade program.

 

Starta om datorn och så nya FRST-loggar så får vi se om något syns då, eller om problemet rent av försvinner. Ta det försiktigt med surfandet när du inte har något antivirusprogram..

Länk till kommentar
Dela på andra webbplatser

Likadant i Chrome och Internet Explorer?

När började problemet?

Kan du bifoga en bild på hur det ser ut?

 

Har du haft det här programmet länge?

Download Manager 2.3.6 (HKLM\...\Download Manager) (Version: 2.3.6 - IGN Entertainment, Inc.)

 

Hur blir det om du startar om datorn i felsäkert läge?

Tryck upprepade gånger på F8 efter att du har startat datorn tills en meny kommer upp där du väljer "Felsäkert läge".

 

Om inte det heller hjälper:

Spara ComboFix på Skrivbordet: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram, men lämna brandväggen på.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

Kör ComboFix och följ anvisningarna som visas.

Om det kommer upp en fråga om du vill installera återställningskonsolen så svara Ja.

Mer detaljerad vägledning finns på http://www.bleepingcomputer.com/combofix/se/hur-combofix-ska-anvandas

 

Om det kommer upp något meddelande, t ex att ett rootkit har hittats, från ComboFix skriv ner det och skriv det sedan i ditt svar.

 

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när det körs eftersom så det kan hänga upp sig då.

 

När ComboFix är färdig ska en logg komma upp, klistra in den i ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet.

 

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.

Alternativt gör en systemåterställning.

Länk till kommentar
Dela på andra webbplatser

angående Download Manager 2.3.6 (HKLM\...\Download Manager) (Version: 2.3.6 - IGN Entertainment, Inc.) så valde jag avinstallera nu i kontrollpanelen och då sade den att den inte fanns och frågade om jag ville ta bort den från listan, jag valde ja. Nu när jag skulle ta en skärmdump av hur det ser ut så händer inget, det konstiga är att jag haft programmet länge, flera år men problemet började i fredags.

 

Ska jag återinstallera f-secure innan jag fortsätter med instruktionerna i ditt tidigare svar, för nu kör jag helt utan antivirus?

Länk till kommentar
Dela på andra webbplatser

Problemet är visst kvar, jag är reklamfri så länge jag blockerar alla script, men då kan jag inte bifoga filer i tråden. Här är en skärmdump, det är ändå rätt milt post-136218-0-02268100-1425420462_thumb.jpg

Länk till kommentar
Dela på andra webbplatser

I felsäkert läge går det inte att logga in på forumet eller starta chrome, ie verkar funka men finns ingen "logga in" på forumet. Avinstallerar chrome och avinstallerar dropbox, anledningen att jag tar bort det är att jag definitivt haft det i mer än ett par veckor men inte enligt programhanteraren.

Länk till kommentar
Dela på andra webbplatser

Addition.txt

FRST.txt

 

Ingen reklam (eller ja, men inte i texterna och vilda fönster som poppar upp hittills) och det nyinstallerade f-secure varnar t o m innan jag körde frst igen något som det inte gjorde tidigare.

 

Vågar jag hoppas på att det är löst nu?

 

Länk till kommentar
Dela på andra webbplatser

Låter ju utmärkt att F-secure har börjat varna och att reklamen är borta även om jag inte riktigt förstod vad det var som gjorde att det försvann.
 

 

Avinstallerar chrome och avinstallerar dropbox, anledningen att jag tar bort det är att jag definitivt haft det i mer än ett par veckor men inte enligt programhanteraren.

Tiden kan vara sen senaste uppdateringen av programmen.

Du bör inte använda Internet Explorer version 8 utan antingen uppdatera till version 9 eller använda en annan webbläsare. Åtminstone har jag för mig att version 8 inte får några säkerhetsuppdateringar sen i våras.

 

 

problemet började i fredags.

Inte ens i första FRST-loggen syns det att det installerades något i fredags, men den 20 februari installerades Jelbrus, SpeedTray. Kan ju tänkas att de inte märktes förrän datorn startades om. Däremot i lördags var de en hel del förändringar.

 

Den 20:e uppdaterades en fil också så det är kanske bäst att kolla upp den närmare:

På sidan http://www.virustotal.com bläddrar du filen C:\Windows\system32\tasks.dll, klicka sedan på Scan it!. Om det kommer upp en fråga om filen ska analyseras om så välj det alternativet. Vänta tills resultatet är klart. Klistra in länken (webbadressen) till resultatet här.

 

 

angående Download Manager 2.3.6 (HKLM\...\Download Manager) (Version: 2.3.6 - IGN Entertainment, Inc.) så valde jag avinstallera nu i kontrollpanelen och då sade den att den inte fanns och frågade om jag ville ta bort den från listan, jag valde ja.

Det finns fortfarande två automatiska starter av det programmet i registret men det går att ta bort med FRST.

 

 

Starta programmet Anteckningar.
Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3767066173-520142290-2618287913-1000\...\Run: [igndlm.exe] => C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
HKU\S-1-5-21-3767066173-520142290-2618287913-1004\...\Run: [igndlm.exe] => C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Reboot:
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.
Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.
Om datorn inte startas om automatiskt så gör det själv.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.
Länk till kommentar
Dela på andra webbplatser

Ja, det är ju som du säger det började säkert tidigare och tog fart i lördags, men jag märkte ingenting förrens i fredags, jag kopplar ihop det med den här post-136218-0-62883700-1425499664_thumb.jpg som en tid hade hoppat upp vid varje omstart och jag bara klickat "skjut upp" på ett bra tag, utom just i fredags då.

 

 

Hittills verkar allt bra nu, du är min hjälte, Min hdklon är gammal, snart 2 år, hade varit trist att resa bakåt i tiden.

 

Fixlog.txt

 

https://www.virustotal.com/sv/file/77ea7c43e3543f13a0dd4d971900679df162f9e010d180e64c5993a8d8e2b4cc/analysis/1425495475/

 

Länk till kommentar
Dela på andra webbplatser

1. C:\Windows\system32\tasks.dll
Den filen verkar höra ihop med GetPrivate som vi har tagit bort en hel del av. Men eftersom den kanske används av något annat föreslår jag att du letar upp filen med Utforskaren och byter namn på den t ex till tasks.dll.bad.
Går det bra att göra det?

Om du får felmeddelanden eller något program inte fungerar byt tillbaks.
 

 

2. Jag skulle göra en systemåterställningspunkt och sen aktivera F-secure Search. Om du får problem efteråt med reklam så gör du en systemåterställning till återställningspunkten du gjorde samt kontaktar F-Secure.

 

 

Om du inte har fler frågor är det dags att avinstallera FRST mm.

 

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.
Klicka på Uninstall-knappen.

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe
Dubbelklicka på filen för att starta programmet.
Tryck på knappen CleanUp! och FRST kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.

3. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/
Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Länk till kommentar
Dela på andra webbplatser

Jag kunde inte ladda ner OTC, men annars har jag gjort som du skriver. Tusen tack.

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...