Gå till innehåll

Spion i datorn


Recommended Posts

Hej

skriver på min kompis Raffes/Birgittas vägnar - som har fått en dator som fullständigt har tappat all verklighetsförankring.

 

"Har försökt med Sky Hunter men den försvinner inte. SOS, skriver Birgitta "

 

Jag messar henne och det går bra, men fixa forumet gör inte hennes dator, snälla hjälp ....

Länk till kommentar
Dela på andra webbplatser

Hej

skriver på min kompis Raffes/Birgittas vägnar - som har fått en dator som fullständigt har tappat all verklighetsförankring.

 

"Har försökt med Sky Hunter men den försvinner inte. SOS, skriver Birgitta "

 

Jag messar henne och det går bra, men fixa forumet gör inte hennes dator, snälla hjälp ....

 

Testa med denna...

 

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Länk till kommentar
Dela på andra webbplatser

Hej

skriver på min kompis Raffes/Birgittas vägnar - som har fått en dator som fullständigt har tappat all verklighetsförankring.

 

"Har försökt med Sky Hunter men den försvinner inte. SOS, skriver Birgitta "

 

Jag messar henne och det går bra, men fixa forumet gör inte hennes dator, snälla hjälp ....

 

Hej!

 

Inte mycket information att gå på där. Beskriv gärna hur datorn uppför dig och varför ni tror att det beror på ett spionprogram.

Länk till kommentar
Dela på andra webbplatser

Hej!

V9 tar över som hemsida. Har försökt att få bort infektion med Sky Hunter, men just v9 går inte bort, så den infekterar hela tiden. Jag har googlat på v9 och vet att den är farlig.

Mvh Birgitta

Länk till kommentar
Dela på andra webbplatser

Hej!

 

Du har alltså fått in ett annonsprogram som ändrar start- och/eller söksidor.

 

Om du vill att jag ska handleda dig steg för steg följ anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn så gott det går.

 

Om du vill fixa på egen hand följ http://malwaretips.com/blogs/v9-portal-site-removal/

 

Avinstallera SpyHunter för det är ett dåligt program.

Länk till kommentar
Dela på andra webbplatser

Tack Cecilia!

Jag följer gärna dina råd, men just nu är min dator underlig, den släcker ner hela tiden för varm.

Jag vill gärna återkomma till dig, när jag har tjejen som skrev i forumet kommit hem från utlandet.

Du har hjälp henne så hon kan den här slingan.

Tack Cecilia jag hoppas att det går bra att återkomma till dig.

Länk till kommentar
Dela på andra webbplatser

Postad (redigerade)

Ingen orsak :)

Naturligtvis kan du återkomma till den här tråden när det passar dig, jag har bevakning på den.

Återkommer 8/4 Cecilia.....

Redigerad av Sandstone50
Länk till kommentar
Dela på andra webbplatser

  • 2 veckor senare...

Tillbaka på banan Cecilia efter 24 timmars försening, hualigen va mör man blir.

Sitter framför Brgittas dator nu och ska med din hjälp försöka få nån ordning på den

Kanske slöheten åtgärdas samtidigt :-)

Länk till kommentar
Dela på andra webbplatser

Egenskaper för "Den här datorn" och sedan vad som står vid "Systemtyp".

tack, hittade ändå inte, men det löste sej för programmet som skulle instaleras accepterade inte 32 eftersom hon har 64 i datorn

fiffigt värre :-)

Länk till kommentar
Dela på andra webbplatser

Postad (redigerade)

En amatörs analys:

Följande borde avinstalleras från kontrollpanelen, Lägg till/ta bort program
RegClean Pro
Optimizer Pro
Bonanza Deals
Desk 365     
Advanced System Protector
MySearchDial

 

Kanske städa upp lite bland antivirusprogrammen verkar finnas AVG Anti-Virus Free, AVG Internet Security 2015, McAfee Security Scan Plus, samt Windows eget.

Java och Flash bör uppdateras !! (och gamla javaversioner avinstalleras, även Skype om det används eller avinstalleras)

 

Java - http://www.java.com/sv/download/

Flash - https://get.adobe.com/se/flashplayer/

Skype - http://www.skype.com/sv/download-skype/skype-for-windows/downloading/

 

Minst 3 toolbars verkar vara installerade som också bör kunna avinstalleras:

WiseConvert Toolbar
uTorrentControl Toolbar
Google Toolbar

 

http://www.v9.com/uninstall.html

Redigerad av si3rra
Länk till kommentar
Dela på andra webbplatser

1. Enligt Kontrollpanelens lista så finns det två AVG-versioner installerade:

AVG 2015

AVG Free 9.0 (gammal version men verkar vara nyligen installera)

Det kan orsaka problem i datorn. Vilken är det meningen ska finnas?

2. Avinstallera:

uTorrentControl_v2 Toolbar, annonstillägg

WiseConvert Toolbar

samt:

Java 6 Update 22

Java 6 Update 33

eftersom det är gamla programversioner med många kända säkerhetshål som gör det lätt att infektera datorn från en webbsida. De flesta behöver inte ha Java installerat men om man måste ha Java är det väldigt viktigt att alltid ha senaste versionen.

3. Starta programmet Anteckningar.

Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
AppInit_DLLs: 0 => 0 File Not Found
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2449234904-2715240119-1125603432-1000 -> {58B66770-20E4-F78A-A418-45BE70669BD2} URL = 
SearchScopes: HKU\S-1-5-21-2449234904-2715240119-1125603432-1000 -> {ACE04446-5E4D-4A3C-9EC9-716853ED98ED} URL = 
SearchScopes: HKU\S-1-5-21-2449234904-2715240119-1125603432-1000 -> {B4FF267E-EE2F-4B82-A7F9-A1D01E7865B2} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: No Name - C:\Users\Birgitta\AppData\Roaming\Mozilla\Firefox\Profiles\5x8fs8fd.default\extensions\paffxtbr@FilmFanatic.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Task: {4DDD05CF-2060-417F-9037-C05FD737870B} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {628CF546-BFDA-4E1F-B813-6C88F28DC228} - System32\Tasks\OptimizerProUpdaterTask{FE54AC57-2851-4B04-A097-27E476C52D21} => C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe <==== ATTENTION
Task: {6C9E594F-6D32-440D-966F-0EDFD824956F} - System32\Tasks\{09F1BB3E-A05F-4D3A-8DA2-5C0E5A639663} => pcalua.exe -a "C:\Users\Birgitta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\44TS207G\VLCMediaPlayerSDM.exe" -d C:\Users\Birgitta\Desktop
Task: {7BF5FFFF-5CD8-4F47-8081-D3ED21320878} - \BonanzaDealsLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {80C2BE32-FE4F-43ED-95F9-28C3A8DA65B6} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {9B9F215E-00E6-4BBE-B852-C6FC8A05810A} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION
Task: {A9277520-EA9C-4285-9FBF-24416033DDC9} - \BonanzaDealsUpdate No Task File <==== ATTENTION
Task: {ADE5C402-9889-42D9-AA0D-00A42953FDC5} - \RegClean Pro_UPDATES No Task File <==== ATTENTION
Task: {D927C9FC-CAC3-4E74-9A71-5CD46F21E604} - \BonanzaDealsLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {DB01C658-23C4-44D5-A8DF-8BC1E105F332} - \RegClean Pro No Task File <==== ATTENTION
Task: {F5C9FB3C-47DD-44D4-9262-406EC1380898} - \MySearchDial No Task File <==== ATTENTION
Task: C:\Windows\Tasks\OptimizerProUpdaterTask{FE54AC57-2851-4B04-A097-27E476C52D21}.job => C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exeI/schedule /profilepath C:\ProgramData\Premium\OptimizerPro\profile.ini <==== ATTENTION
C:\ProgramData\Premium\OptimizerPro
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:98181191
Folder: C:\Windows\SysWOW64\mjcm
Folder: C:\Windows\system32\tprb
Reboot:
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Om datorn inte startas om automatiskt så gör det själv.

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

4. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Välj alternativet Enable detection of potentially unwanted applications.

Klicka på Advanced Settings.

Ta bort bocken framför Remove found threats.

Bocka för:

Scan Archives

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

5. Starta FRST.

Sätt en bock framför Addition.txt.

Låt programmet skanna och bifoga de två nya loggfilerna, FRST.txt och Addition.txt.

Länk till kommentar
Dela på andra webbplatser

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015

 

Ran by Birgitta at 2015-04-11 10:43:04 Run:2

 

Running from C:\Users\Birgitta\Desktop

 

Loaded Profiles: Birgitta (Available profiles: Birgitta)

 

Boot Mode: Normal

 

==============================================

 

 

Content of fixlist:

 

*****************

 

CreateRestorePoint:

 

CloseProcesses:

 

HKLM-x32\...\Run: [] => [X]

 

AppInit_DLLs: 0 => 0 File Not Found

 

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

 

SearchScopes: HKU\S-1-5-21-2449234904-2715240119-1125603432-1000 -> {58B66770-20E4-F78A-A418-45BE70669BD2} URL =

 

SearchScopes: HKU\S-1-5-21-2449234904-2715240119-1125603432-1000 -> {ACE04446-5E4D-4A3C-9EC9-716853ED98ED} URL =

 

SearchScopes: HKU\S-1-5-21-2449234904-2715240119-1125603432-1000 -> {B4FF267E-EE2F-4B82-A7F9-A1D01E7865B2} URL =

 

FF Plugin: @microsoft.com/GENUINE -> disabled No File

 

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

 

FF Extension: No Name - C:\Users\Birgitta\AppData\Roaming\Mozilla\Firefox\Profiles\5x8fs8fd.default\extensions\paffxtbr@FilmFanatic.com [Not Found]

 

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

 

Task: {4DDD05CF-2060-417F-9037-C05FD737870B} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION

 

Task: {628CF546-BFDA-4E1F-B813-6C88F28DC228} - System32\Tasks\OptimizerProUpdaterTask{FE54AC57-2851-4B04-A097-27E476C52D21} => C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exe <==== ATTENTION

 

Task: {6C9E594F-6D32-440D-966F-0EDFD824956F} - System32\Tasks\{09F1BB3E-A05F-4D3A-8DA2-5C0E5A639663} => pcalua.exe -a "C:\Users\Birgitta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\44TS207G\VLCMediaPlayerSDM.exe" -d C:\Users\Birgitta\Desktop

 

Task: {7BF5FFFF-5CD8-4F47-8081-D3ED21320878} - \BonanzaDealsLiveUpdateTaskMachineUA No Task File <==== ATTENTION

 

Task: {80C2BE32-FE4F-43ED-95F9-28C3A8DA65B6} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION

 

Task: {9B9F215E-00E6-4BBE-B852-C6FC8A05810A} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION

 

Task: {A9277520-EA9C-4285-9FBF-24416033DDC9} - \BonanzaDealsUpdate No Task File <==== ATTENTION

 

Task: {ADE5C402-9889-42D9-AA0D-00A42953FDC5} - \RegClean Pro_UPDATES No Task File <==== ATTENTION

 

Task: {D927C9FC-CAC3-4E74-9A71-5CD46F21E604} - \BonanzaDealsLiveUpdateTaskMachineCore No Task File <==== ATTENTION

 

Task: {DB01C658-23C4-44D5-A8DF-8BC1E105F332} - \RegClean Pro No Task File <==== ATTENTION

 

Task: {F5C9FB3C-47DD-44D4-9262-406EC1380898} - \MySearchDial No Task File <==== ATTENTION

 

Task: C:\Windows\Tasks\OptimizerProUpdaterTask{FE54AC57-2851-4B04-A097-27E476C52D21}.job => C:\ProgramData\Premium\OptimizerPro\OptimizerPro.exeI/schedule /profilepath C:\ProgramData\Premium\OptimizerPro\profile.ini <==== ATTENTION

 

C:\ProgramData\Premium\OptimizerPro

 

AlternateDataStreams: C:\ProgramData\Temp:373E1720

 

AlternateDataStreams: C:\ProgramData\Temp:98181191

 

Folder: C:\Windows\SysWOW64\mjcm

 

Folder: C:\Windows\system32\tprb

 

Reboot:

 

*****************

 

 

Restore point was successfully created.

 

Processes closed successfully.

 

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.

 

"0" => Value Data not found.

 

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.

 

HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.

 

HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.

 

HKU\S-1-5-21-2449234904-2715240119-1125603432-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{58B66770-20E4-F78A-A418-45BE70669BD2} => Key not found.

 

HKCR\CLSID\{58B66770-20E4-F78A-A418-45BE70669BD2} => Key not found.

 

HKU\S-1-5-21-2449234904-2715240119-1125603432-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ACE04446-5E4D-4A3C-9EC9-716853ED98ED} => Key not found.

 

HKCR\CLSID\{ACE04446-5E4D-4A3C-9EC9-716853ED98ED} => Key not found.

 

HKU\S-1-5-21-2449234904-2715240119-1125603432-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B4FF267E-EE2F-4B82-A7F9-A1D01E7865B2} => Key not found.

 

HKCR\CLSID\{B4FF267E-EE2F-4B82-A7F9-A1D01E7865B2} => Key not found.

 

HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => Key not found.

 

HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => Key not found.

 

C:\Users\Birgitta\AppData\Roaming\Mozilla\Firefox\Profiles\5x8fs8fd.default\extensions\paffxtbr@FilmFanatic.com not found.

 

C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DDD05CF-2060-417F-9037-C05FD737870B} => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{628CF546-BFDA-4E1F-B813-6C88F28DC228} => Key not found.

 

C:\Windows\System32\Tasks\OptimizerProUpdaterTask{FE54AC57-2851-4B04-A097-27E476C52D21} not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OptimizerProUpdaterTask{FE54AC57-2851-4B04-A097-27E476C52D21} => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C9E594F-6D32-440D-966F-0EDFD824956F} => Key not found.

 

C:\Windows\System32\Tasks\{09F1BB3E-A05F-4D3A-8DA2-5C0E5A639663} not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{09F1BB3E-A05F-4D3A-8DA2-5C0E5A639663} => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BF5FFFF-5CD8-4F47-8081-D3ED21320878} => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineUA => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80C2BE32-FE4F-43ED-95F9-28C3A8DA65B6} => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B9F215E-00E6-4BBE-B852-C6FC8A05810A} => Key not found.

 

C:\Windows\System32\Tasks\Advanced System Protector_startup not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Protector_startup => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9277520-EA9C-4285-9FBF-24416033DDC9} => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsUpdate => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADE5C402-9889-42D9-AA0D-00A42953FDC5} => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D927C9FC-CAC3-4E74-9A71-5CD46F21E604} => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BonanzaDealsLiveUpdateTaskMachineCore => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB01C658-23C4-44D5-A8DF-8BC1E105F332} => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5C9FB3C-47DD-44D4-9262-406EC1380898} => Key not found.

 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySearchDial => Key not found.

 

C:\Windows\Tasks\OptimizerProUpdaterTask{FE54AC57-2851-4B04-A097-27E476C52D21}.job not found.

 

"C:\ProgramData\Premium\OptimizerPro" => File/Directory not found.

 

"C:\ProgramData\Temp" => ":373E1720" ADS not found.

 

"C:\ProgramData\Temp" => ":98181191" ADS not found.

 

 

========================= Folder: C:\Windows\SysWOW64\mjcm ========================

 

 

2014-08-27 12:02 - 2014-08-27 12:02 - 0027136 _____ (IncrediMail, Ltd.) C:\Windows\SysWOW64\mjcm\ImHttpComm.dll

 

2014-08-27 11:24 - 2014-08-27 11:24 - 0421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mjcm\msvcp100.dll

 

2014-08-27 11:24 - 2014-08-27 11:24 - 0773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mjcm\msvcr100.dll

 

2014-07-03 19:28 - 2014-07-03 19:28 - 0000000 ____D () C:\Windows\SysWOW64\mjcm\5113

 

2014-06-24 16:09 - 2014-06-24 16:09 - 0027136 _____ (IncrediMail, Ltd.) C:\Windows\SysWOW64\mjcm\5113\ImHttpComm.dll

 

2014-06-24 15:09 - 2014-06-24 15:09 - 0421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mjcm\5113\msvcp100.dll

 

2014-06-24 15:09 - 2014-06-24 15:09 - 0773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mjcm\5113\msvcr100.dll

 

2014-06-24 16:15 - 2014-06-24 16:15 - 1581872 _____ () C:\Windows\SysWOW64\mjcm\5113\nsib.dll

 

2014-07-20 18:02 - 2014-07-20 18:02 - 0000000 ____D () C:\Windows\SysWOW64\mjcm\5119

 

2014-07-17 13:38 - 2014-07-17 13:38 - 0027136 _____ (IncrediMail, Ltd.) C:\Windows\SysWOW64\mjcm\5119\ImHttpComm.dll

 

2014-07-16 12:10 - 2014-07-16 12:10 - 0421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mjcm\5119\msvcp100.dll

 

2014-07-16 12:10 - 2014-07-16 12:10 - 0773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mjcm\5119\msvcr100.dll

 

2014-07-17 13:43 - 2014-07-17 13:43 - 1575216 _____ () C:\Windows\SysWOW64\mjcm\5119\nsib.dll

 

2014-08-13 20:16 - 2014-08-13 20:16 - 0000000 ____D () C:\Windows\SysWOW64\mjcm\5123

 

2014-07-24 09:07 - 2014-07-24 09:07 - 0027136 _____ (IncrediMail, Ltd.) C:\Windows\SysWOW64\mjcm\5123\ImHttpComm.dll

 

2014-07-22 15:01 - 2014-07-22 15:01 - 0421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mjcm\5123\msvcp100.dll

 

2014-07-22 15:01 - 2014-07-22 15:01 - 0773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mjcm\5123\msvcr100.dll

 

2014-07-24 09:12 - 2014-07-24 09:12 - 1628976 _____ () C:\Windows\SysWOW64\mjcm\5123\nsib.dll

 

2014-08-25 17:44 - 2014-08-25 17:44 - 0000000 ____D () C:\Windows\SysWOW64\mjcm\5131

 

2014-08-21 11:47 - 2014-08-21 11:47 - 0027136 _____ (IncrediMail, Ltd.) C:\Windows\SysWOW64\mjcm\5131\ImHttpComm.dll

 

2014-06-17 08:29 - 2014-06-17 08:29 - 0421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mjcm\5131\msvcp100.dll

 

2014-06-17 08:29 - 2014-06-17 08:29 - 0773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mjcm\5131\msvcr100.dll

 

2014-08-21 11:53 - 2014-08-21 11:53 - 1774896 _____ () C:\Windows\SysWOW64\mjcm\5131\nsib.dll

 

2014-08-27 22:02 - 2014-08-27 22:02 - 0000000 ____D () C:\Windows\SysWOW64\mjcm\5132

 

2014-08-27 12:02 - 2014-08-27 12:02 - 0027136 _____ (IncrediMail, Ltd.) C:\Windows\SysWOW64\mjcm\5132\ImHttpComm.dll

 

2014-08-27 11:24 - 2014-08-27 11:24 - 0421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mjcm\5132\msvcp100.dll

 

2014-08-27 11:24 - 2014-08-27 11:24 - 0773968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mjcm\5132\msvcr100.dll

 

2014-08-27 12:08 - 2014-08-27 12:08 - 1775920 _____ () C:\Windows\SysWOW64\mjcm\5132\nsib.dll

 

 

====== End of Folder: ======

 

 

 

========================= Folder: C:\Windows\system32\tprb ========================

 

 

2014-08-27 12:04 - 2014-08-27 12:04 - 0033792 _____ (IncrediMail, Ltd.) C:\Windows\system32\tprb\ImHttpComm.dll

 

2014-08-27 11:24 - 2014-08-27 11:24 - 0608080 _____ (Microsoft Corporation) C:\Windows\system32\tprb\msvcp100.dll

 

2014-08-27 11:24 - 2014-08-27 11:24 - 0829264 _____ (Microsoft Corporation) C:\Windows\system32\tprb\msvcr100.dll

 

2014-07-03 19:28 - 2014-07-03 19:28 - 0000000 ____D () C:\Windows\system32\tprb\5113

 

2014-06-24 16:11 - 2014-06-24 16:11 - 0033792 _____ (IncrediMail, Ltd.) C:\Windows\system32\tprb\5113\ImHttpComm.dll

 

2014-06-24 15:09 - 2014-06-24 15:09 - 0608080 _____ (Microsoft Corporation) C:\Windows\system32\tprb\5113\msvcp100.dll

 

2014-06-24 15:09 - 2014-06-24 15:09 - 0829264 _____ (Microsoft Corporation) C:\Windows\system32\tprb\5113\msvcr100.dll

 

2014-06-24 16:15 - 2014-06-24 16:15 - 1969456 _____ () C:\Windows\system32\tprb\5113\nsib.dll

 

2014-07-20 18:02 - 2014-07-20 18:02 - 0000000 ____D () C:\Windows\system32\tprb\5119

 

2014-07-17 13:40 - 2014-07-17 13:40 - 0033792 _____ (IncrediMail, Ltd.) C:\Windows\system32\tprb\5119\ImHttpComm.dll

 

2014-07-16 12:10 - 2014-07-16 12:10 - 0608080 _____ (Microsoft Corporation) C:\Windows\system32\tprb\5119\msvcp100.dll

 

2014-07-16 12:10 - 2014-07-16 12:10 - 0829264 _____ (Microsoft Corporation) C:\Windows\system32\tprb\5119\msvcr100.dll

 

2014-07-17 13:43 - 2014-07-17 13:43 - 1961776 _____ () C:\Windows\system32\tprb\5119\nsib.dll

 

2014-08-13 20:16 - 2014-08-13 20:16 - 0000000 ____D () C:\Windows\system32\tprb\5123

 

2014-07-24 09:09 - 2014-07-24 09:09 - 0034304 _____ (IncrediMail, Ltd.) C:\Windows\system32\tprb\5123\ImHttpComm.dll

 

2014-07-22 15:01 - 2014-07-22 15:01 - 0608080 _____ (Microsoft Corporation) C:\Windows\system32\tprb\5123\msvcp100.dll

 

2014-07-22 15:01 - 2014-07-22 15:01 - 0829264 _____ (Microsoft Corporation) C:\Windows\system32\tprb\5123\msvcr100.dll

 

2014-07-24 09:12 - 2014-07-24 09:12 - 2027824 _____ () C:\Windows\system32\tprb\5123\nsib.dll

 

2014-08-25 17:44 - 2014-08-25 17:44 - 0000000 ____D () C:\Windows\system32\tprb\5131

 

2014-08-21 11:50 - 2014-08-21 11:50 - 0033792 _____ (IncrediMail, Ltd.) C:\Windows\system32\tprb\5131\ImHttpComm.dll

 

2014-06-17 08:29 - 2014-06-17 08:29 - 0608080 _____ (Microsoft Corporation) C:\Windows\system32\tprb\5131\msvcp100.dll

 

2014-06-17 08:29 - 2014-06-17 08:29 - 0829264 _____ (Microsoft Corporation) C:\Windows\system32\tprb\5131\msvcr100.dll

 

2014-08-21 11:53 - 2014-08-21 11:53 - 2236720 _____ () C:\Windows\system32\tprb\5131\nsib.dll

 

2014-08-27 22:02 - 2014-08-27 22:02 - 0000000 ____D () C:\Windows\system32\tprb\5132

 

2014-08-27 12:04 - 2014-08-27 12:04 - 0033792 _____ (IncrediMail, Ltd.) C:\Windows\system32\tprb\5132\ImHttpComm.dll

 

2014-08-27 11:24 - 2014-08-27 11:24 - 0608080 _____ (Microsoft Corporation) C:\Windows\system32\tprb\5132\msvcp100.dll

 

2014-08-27 11:24 - 2014-08-27 11:24 - 0829264 _____ (Microsoft Corporation) C:\Windows\system32\tprb\5132\msvcr100.dll

 

2014-08-27 12:08 - 2014-08-27 12:08 - 2237232 _____ () C:\Windows\system32\tprb\5132\nsib.dll

 

 

====== End of Folder: ======

 

 

 

 

The system needed a reboot.

 

 

==== End of Fixlog 10:44:35 ====

Länk till kommentar
Dela på andra webbplatser

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8hEI\Installr\1.bin\8hEIPlug.dll.vir a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8hEI\Installr\1.bin\8hEZSETP.dll.vir a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Allin1Convert_8hEI\Installr\1.bin\NP8hEISb.dll.vir a variant of Win32/Toolbar.MyWebSearch.AI potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ask.com\GenericAskToolbar.dll.vir a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ask.com\precache.exe.vir a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ask.com\SaUpdate.exe.vir a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ask.com\UpdateTask.exe.vir a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ask.com\Updater\Updater.exe.vir a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\FileConverter_1.6\hk64tbFil0.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\FileConverter_1.6\hk64tbFil2.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\FlvPlayer\FLVPlayerApp.exe.vir Win32/InstallCore.A potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\uTorrentControl_v2\hk64tbuTo2.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\wiseconvert\hk64tbWis0.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\wiseconvert\hk64tbWis2.dll.vir a variant of Win64/Toolbar.Conduit.B potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.8.3.8\~BabylonToolbarApp.dll.vir a variant of Win32/Toolbar.Montiera.A potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.8.3.8\~BabylonToolbarEng.dll.vir a variant of Win32/Toolbar.Babylon.AA potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.8.3.8\~BabylonToolbarTlbr.dll.vir a variant of Win32/Toolbar.Montiera.F potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\~BabylonToolbar\~BabylonToolbar\~1.8.3.8\~escortShld.dll.vir Win32/Toolbar.Montiera.J potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Users\Birgitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.31.4.510_0\APISupport\APISupport.dll.vir a variant of Win32/Conduit.SearchProtect.P potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Users\Birgitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Users\Birgitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Users\Birgitta\AppData\LocalLow\Allin1Convert_8hEI\Installr\Cache\00100750.exe.vir a variant of Win32/Toolbar.MyWebSearch.O potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Users\Birgitta\AppData\LocalLow\FileConverter_1.6\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Users\Birgitta\AppData\LocalLow\uTorrentControl_v2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.8\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Windows\System32\sasnative64.exe.vir Win64/AdvancedSystemProtector.A potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\ARFC\wrtc.exe.vir a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\jmdp\lmrn.dll.vir a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\WNLT\InstallationFiles\SvcHelper\wrtc.exe.vir a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\Program Files (x86)\SearchProtect174081\Main\bin\SPtool.dll_1386081155406 a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

 

C:\Program Files (x86)\SearchProtect174081\Main\bin\SPtool.dll_1387265724275 a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

 

C:\Program Files (x86)\SearchProtect174081\Main\bin\SPtool.dll_1389951168679 a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

 

C:\Program Files (x86)\SearchProtect174081\Main\bin\SPtool.dll_1389951168684 a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

 

C:\Program Files (x86)\SearchProtect174081\Main\bin\SPtool.dll_1390841496024 Win32/Conduit.SearchProtect.H potentially unwanted application

 

C:\Program Files (x86)\SearchProtect174081\Main\bin\SPtool.dll_1391019891255 a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

 

C:\Program Files (x86)\SearchProtect174081\Main\bin\SPtool.dll_1391019891803 a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

 

C:\Program Files (x86)\SearchProtect174081\Main\bin\SPtool.dll_1391019896408 a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

 

C:\Program Files (x86)\SearchProtect174081\SearchProtect\bin\SPTool64.exe a variant of Win64/Conduit.SearchProtect.A potentially unwanted application

 

C:\Program Files (x86)\SearchProtect174081\SearchProtect\bin\SPVC64.dll a variant of Win64/Conduit.SearchProtect.A potentially unwanted application

 

C:\ProgramData\InstallMate\{E1202DE5-813C-8932-6BD9-C91E3AC30F13}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application

 

C:\Users\All Users\InstallMate\{E1202DE5-813C-8932-6BD9-C91E3AC30F13}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application

 

C:\Users\Birgitta\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000036 Win32/PriceGong.B potentially unwanted application

 

C:\Users\Birgitta\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000047 Win32/PriceGong.B potentially unwanted application

 

C:\Windows\Installer\2dae9.msi a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application

 

C:\Windows\System32\mjcm\5113\nsib.dll a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\Windows\System32\mjcm\5119\nsib.dll a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\Windows\System32\mjcm\5123\nsib.dll a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\Windows\System32\mjcm\5131\nsib.dll a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\Windows\System32\mjcm\5132\nsib.dll a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\Windows\SysWOW64\mjcm\5113\nsib.dll a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\Windows\SysWOW64\mjcm\5119\nsib.dll a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\Windows\SysWOW64\mjcm\5123\nsib.dll a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\Windows\SysWOW64\mjcm\5131\nsib.dll a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\Windows\SysWOW64\mjcm\5132\nsib.dll a variant of Win32/Toolbar.Perion.H potentially unwanted application

 

C:\Windows\Temp\nsa347D.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nsaB73F.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nscC3A0.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nsdA71B.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nsdF569.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nsi74B7.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nsiAE58.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nsj51CC.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nsjA5F4.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nsl302A.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nslD81B.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nslD81C.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nsp25E8.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nsrB6A1.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nssFE7B.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nsx1303.exe Win32/Conduit.SearchProtect.V potentially unwanted application

 

C:\Windows\Temp\nsbBA95.tmp\SPtool.dll a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

 

C:\Windows\Temp\nsi31A.tmp\SPtool.dll a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

 

C:\Windows\Temp\nss9CE8.tmp\SPtool.dll a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

 

Länk till kommentar
Dela på andra webbplatser

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015

 

Ran by Birgitta (administrator) on BIRGITTA-HP on 11-04-2015 14:27:29

 

Running from C:\Users\Birgitta\Desktop

 

Loaded Profiles: Birgitta (Available profiles: Birgitta)

 

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Svenska (Sverige)

 

Internet Explorer Version 11 (Default browser not detected!)

 

Boot Mode: Normal

 

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

 

==================== Processes (Whitelisted) =================

 

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

 

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

 

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

 

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

 

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

 

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

 

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

 

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

 

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

 

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

 

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

 

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

 

() C:\ProgramData\MobileBrServ\mbbService.exe

 

(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe

 

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

 

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

 

(Intel Corporation) C:\Windows\System32\igfxtray.exe

 

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

 

(Intel Corporation) C:\Windows\System32\hkcmd.exe

 

(Intel Corporation) C:\Windows\System32\igfxpers.exe

 

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

 

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

 

(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

 

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

 

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

 

(Spotify Ltd) C:\Users\Birgitta\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

 

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

 

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

 

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

 

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

 

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

 

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

 

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

 

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

 

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

 

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

 

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

 

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe

 

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

 

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

 

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

 

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

 

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

 

 

 

==================== Registry (Whitelisted) ==================

 

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-12] (Realtek Semiconductor)

 

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-21] (Synaptics Incorporated)

 

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-03-02] (Atheros Communications)

 

HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-02] (Atheros Commnucations)

 

HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-22] (Hewlett-Packard Company)

 

HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)

 

HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)

 

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

 

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)

 

HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)

 

HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)

 

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)

 

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

 

HKU\S-1-5-21-2449234904-2715240119-1125603432-1000\...\Run: [spotify Web Helper] => C:\Users\Birgitta\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-18] (Spotify Ltd)

 

HKU\S-1-5-21-2449234904-2715240119-1125603432-1000\...\Run: [spotify] => C:\Users\Birgitta\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-18] (Spotify Ltd)

 

HKU\S-1-5-21-2449234904-2715240119-1125603432-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)

 

HKU\S-1-5-21-2449234904-2715240119-1125603432-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\WLXPGSS.scr [302448 2012-03-08] (Microsoft Corporation)

 

 

==================== Internet (Whitelisted) ====================

 

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

 

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

 

HKU\S-1-5-21-2449234904-2715240119-1125603432-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/

 

SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF

 

SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox

 

SearchScopes: HKU\S-1-5-21-2449234904-2715240119-1125603432-1000 -> {46C56D5D-72AC-45DB-B30A-A35131C49498} URL = https://www.google.com/search?q={searchTerms}

 

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

 

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-19] (Google Inc.)

 

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

 

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File

 

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-09] (Oracle Corporation)

 

BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-02] (Atheros Commnucations)

 

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

 

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-19] (Google Inc.)

 

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

 

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-09] (Oracle Corporation)

 

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)

 

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-19] (Google Inc.)

 

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-19] (Google Inc.)

 

Toolbar: HKU\S-1-5-21-2449234904-2715240119-1125603432-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

 

Toolbar: HKU\S-1-5-21-2449234904-2715240119-1125603432-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-19] (Google Inc.)

 

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab

 

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

 

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

 

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

 

 

FireFox:

 

========

 

FF ProfilePath: C:\Users\Birgitta\AppData\Roaming\Mozilla\Firefox\Profiles\5x8fs8fd.default

 

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

 

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()

 

FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-02-11] (Finansiell ID-Teknik BID AB)

 

FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-09] (Oracle Corporation)

 

FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-09] (Oracle Corporation)

 

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

 

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

 

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

 

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

 

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

 

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-19] (Google Inc.)

 

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-19] (Google Inc.)

 

FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)

 

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()

 

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

 

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-03-05]

 

FF Extension: No Name - C:\Users\Birgitta\AppData\Roaming\Mozilla\Firefox\Profiles\5x8fs8fd.default\extensions\paffxtbr@FilmFanatic.com [Not Found]

 

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

 

 

Chrome:

 

=======

 

CHR Profile: C:\Users\Birgitta\AppData\Local\Google\Chrome\User Data\Default

 

CHR Extension: (Google Wallet) - C:\Users\Birgitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-11]

 

 

==================== Services (Whitelisted) =================

 

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

 

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-02] (Atheros) [File not signed]

 

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-03-02] (Atheros Commnucations) [File not signed]

 

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

 

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

 

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]

 

R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [File not signed]

 

R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [233864 2012-09-04] ()

 

R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)

 

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

 

S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-02-25] (Xobni Corporation)

 

 

==================== Drivers (Whitelisted) ====================

 

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

 

 

==================== NetSvcs (Whitelisted) ===================

 

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

 

==================== One Month Created Files and Folders ========

 

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

 

2015-04-11 14:17 - 2015-04-11 14:17 - 00009896 _____ () C:\Users\Birgitta\Desktop\eset 72 fel.txt

 

2015-04-11 11:01 - 2015-04-11 11:01 - 00000000 ____D () C:\Program Files (x86)\ESET

 

2015-04-10 09:52 - 2015-04-10 09:52 - 00054493 _____ () C:\Users\Birgitta\Desktop\FRST text.txt

 

2015-04-10 09:46 - 2015-04-11 14:28 - 00016149 _____ () C:\Users\Birgitta\Desktop\FRST.txt

 

2015-04-09 23:35 - 2015-04-09 23:35 - 00000000 ____D () C:\Users\Birgitta\AppData\Local\Skype

 

2015-04-09 23:34 - 2015-04-09 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

 

2015-04-09 23:32 - 2015-04-09 23:30 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

 

2015-04-09 23:31 - 2015-04-09 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

 

2015-04-09 23:30 - 2015-04-09 23:32 - 00000000 ____D () C:\ProgramData\Oracle

 

2015-04-09 23:29 - 2015-04-09 23:29 - 00000000 ____D () C:\Program Files (x86)\Java

 

2015-04-09 22:30 - 2015-04-09 22:33 - 00032418 _____ () C:\Users\Birgitta\Desktop\Addition.txt

 

2015-04-09 22:28 - 2015-04-11 14:27 - 00000000 ____D () C:\FRST

 

2015-04-09 22:28 - 2015-04-09 22:28 - 02095616 _____ (Farbar) C:\Users\Birgitta\Desktop\FRST64.exe

 

2015-04-04 16:44 - 2015-04-04 16:45 - 00000000 ___SD () C:\Windows\system32\GWX

 

2015-04-04 16:44 - 2015-04-04 16:44 - 00000000 ___SD () C:\Windows\SysWOW64\GWX

 

2015-04-04 16:10 - 2015-04-04 16:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

 

2015-04-02 21:27 - 2015-04-02 21:27 - 00000000 ____D () C:\Users\Birgitta\AppData\Local\{610307AB-80FF-4609-A2C6-9487BDEC5CC1}

 

2015-03-28 22:45 - 2015-03-28 22:46 - 00000000 ____D () C:\Users\Birgitta\AppData\Local\{1F3C4483-5564-4B21-8680-3D531DCB2D0C}

 

2015-03-28 22:26 - 2015-04-09 23:03 - 00000000 ____D () C:\AdwCleaner

 

2015-03-27 20:26 - 2015-03-27 20:26 - 00000000 ____D () C:\Users\Birgitta\AppData\Local\{547AE589-6DBE-46F8-A293-7BEF7C84195F}

 

2015-03-25 14:49 - 2015-03-25 14:49 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\avg

 

2015-03-25 10:28 - 2015-04-10 19:46 - 00000000 ____D () C:\ProgramData\avg9

 

2015-03-25 09:50 - 2015-03-11 06:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

 

2015-03-25 09:50 - 2015-03-11 06:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

 

2015-03-25 09:50 - 2015-03-11 06:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

 

2015-03-25 09:50 - 2015-03-11 06:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

 

2015-03-25 09:50 - 2015-03-11 06:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

 

2015-03-25 09:50 - 2015-03-11 06:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

 

2015-03-25 09:50 - 2015-03-11 06:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

 

2015-03-25 09:50 - 2015-03-11 06:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

 

2015-03-25 09:45 - 2015-03-25 09:46 - 04816784 _____ (AVG Technologies) C:\Users\Birgitta\Downloads\avg_isc_stb_all_2015_ltst_206.exe

 

2015-03-19 17:25 - 2015-03-19 17:39 - 00000000 ____D () C:\Users\Birgitta\AppData\Roaming\Google

 

2015-03-19 17:06 - 2015-04-11 14:18 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

 

2015-03-19 17:06 - 2015-04-11 10:49 - 00000990 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

 

2015-03-19 17:06 - 2015-03-19 17:13 - 00003990 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

 

2015-03-19 17:06 - 2015-03-19 17:13 - 00003738 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

 

2015-03-19 17:06 - 2015-03-19 17:06 - 00000000 ____D () C:\ProgramData\Google

 

2015-03-19 17:05 - 2015-04-11 13:49 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

 

2015-03-19 17:05 - 2015-03-19 17:05 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

 

2015-03-19 17:05 - 2015-03-19 17:05 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

 

2015-03-19 17:05 - 2015-03-19 17:05 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

 

2015-03-18 18:43 - 2015-03-18 18:43 - 00000000 ____D () C:\Users\Birgitta\AppData\Local\{FB94EFCE-233A-4202-9294-C71542B290EA}

 

2015-03-17 22:36 - 2015-03-17 22:36 - 00000000 ____D () C:\Users\Birgitta\AppData\Local\{7C8D9050-5282-4F25-92BF-97A806E9DE84}

 

2015-03-17 10:39 - 2015-03-17 10:39 - 00000000 _____ () C:\Windows\SysWOW64\shoFCC6.tmp

 

 

==================== One Month Modified Files and Folders =======

 

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

 

2015-04-11 14:23 - 2012-12-08 14:39 - 00003948 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7EBE7FDE-D241-47F1-ACBA-2AB578539639}

 

2015-04-11 14:15 - 2012-04-06 02:28 - 01809421 _____ () C:\Windows\WindowsUpdate.log

 

2015-04-11 10:58 - 2009-07-14 06:45 - 00035040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

 

2015-04-11 10:58 - 2009-07-14 06:45 - 00035040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

 

2015-04-11 10:56 - 2011-11-17 00:26 - 00666022 _____ () C:\Windows\system32\perfh01D.dat

 

2015-04-11 10:56 - 2011-11-17 00:26 - 00143632 _____ () C:\Windows\system32\perfc01D.dat

 

2015-04-11 10:56 - 2009-07-14 07:13 - 01582130 _____ () C:\Windows\system32\PerfStringBackup.INI

 

2015-04-11 10:50 - 2012-07-12 18:10 - 00000000 ____D () C:\Users\Birgitta\AppData\Roaming\Spotify

 

2015-04-11 10:50 - 2012-04-06 03:01 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini

 

2015-04-11 10:50 - 2011-11-17 01:27 - 00000000 ____D () C:\ProgramData\PDFC

 

2015-04-11 10:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

 

2015-04-11 10:49 - 2009-07-14 06:51 - 00161679 _____ () C:\Windows\setupact.log

 

2015-04-11 10:31 - 2012-06-25 09:00 - 00000000 ____D () C:\Users\Birgitta\AppData\Roaming\Skype

 

2015-04-10 19:58 - 2012-06-25 09:55 - 00000000 ____D () C:\Program Files (x86)\AVG

 

2015-04-10 19:58 - 2012-06-25 09:50 - 00000000 ____D () C:\ProgramData\MFAData

 

2015-04-10 19:58 - 2010-11-21 05:47 - 00603050 _____ () C:\Windows\PFRO.log

 

2015-04-09 23:35 - 2012-06-25 09:00 - 00000000 ___RD () C:\Program Files (x86)\Skype

 

2015-04-09 23:35 - 2011-11-17 01:28 - 00000000 ____D () C:\ProgramData\Skype

 

2015-04-08 14:07 - 2013-11-12 18:44 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForBirgitta.job

 

2015-04-07 17:43 - 2013-11-12 18:44 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForBirgitta

 

2015-04-07 17:42 - 2012-06-29 17:38 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log

 

2015-04-06 11:14 - 2012-10-18 10:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

 

2015-03-29 14:56 - 2012-11-10 18:03 - 00000000 ____D () C:\Program Files (x86)\Google

 

2015-03-28 22:39 - 2012-06-25 07:48 - 00000997 _____ () C:\Users\Birgitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

 

2015-03-28 18:45 - 2012-06-25 12:27 - 00014265 _____ () C:\Users\Birgitta\Desktop\lösen.ods

 

2015-03-27 10:46 - 2014-07-03 19:28 - 00000000 ____D () C:\Windows\SysWOW64\mjcm

 

2015-03-27 10:46 - 2014-07-03 19:28 - 00000000 ____D () C:\Windows\system32\tprb

 

2015-03-27 10:46 - 2012-06-25 20:14 - 00000000 ____D () C:\Users\Birgitta\AppData\Local\CRE

 

2015-03-26 22:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

 

2015-03-26 17:50 - 2012-06-25 07:39 - 00000000 ____D () C:\Users\Birgitta

 

2015-03-26 17:48 - 2013-11-28 18:53 - 00000000 ____D () C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP

 

2015-03-26 12:21 - 2014-12-12 10:41 - 00000000 ____D () C:\Windows\system32\appraiser

 

2015-03-26 12:21 - 2014-05-06 10:35 - 00000000 ___SD () C:\Windows\system32\CompatTel

 

2015-03-25 11:27 - 2011-11-17 01:16 - 00000000 ____D () C:\Program Files (x86)\HP Games

 

2015-03-25 10:54 - 2012-04-06 02:49 - 00000000 ____D () C:\ProgramData\Temp

 

2015-03-25 09:48 - 2012-06-30 19:46 - 00000000 ____D () C:\Users\Birgitta\AppData\Local\CrashDumps

 

2015-03-19 17:25 - 2012-06-25 20:14 - 00000000 ____D () C:\Users\Birgitta\AppData\Local\Google

 

2015-03-19 17:24 - 2013-04-23 15:51 - 00000000 ____D () C:\Users\Birgitta\AppData\Local\Adobe

 

2015-03-19 17:06 - 2012-11-10 18:03 - 00000000 ____D () C:\Program Files\Google

 

2015-03-12 09:46 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD

 

2015-03-12 09:45 - 2012-06-25 07:48 - 00000000 ___RD () C:\Users\Birgitta\Virtual Machines

 

2015-03-12 09:45 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

 

2015-03-12 09:43 - 2009-07-14 06:45 - 00295208 _____ () C:\Windows\system32\FNTCACHE.DAT

 

2015-03-12 09:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

 

2015-03-12 09:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism

 

 

==================== Files in the root of some directories =======

 

 

2012-09-14 00:23 - 2012-09-14 00:23 - 0022231 _____ () C:\Users\Birgitta\AppData\Roaming\UserTile.png

 

2013-09-16 10:06 - 2015-02-17 10:08 - 0000198 _____ () C:\Users\Birgitta\AppData\Roaming\WB.CFG

 

2013-01-02 13:43 - 2013-11-12 13:10 - 0038400 _____ () C:\Users\Birgitta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 

 

Some content of TEMP:

 

====================

 

C:\Users\Birgitta\AppData\Local\Temp\Quarantine.exe

 

C:\Users\Birgitta\AppData\Local\Temp\sqlite3.dll

 

 

 

==================== Bamital & volsnap Check =================

 

 

(There is no automatic fix for files that do not pass verification.)

 

 

C:\Windows\System32\winlogon.exe => File is digitally signed

 

C:\Windows\System32\wininit.exe => File is digitally signed

 

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

 

C:\Windows\explorer.exe => File is digitally signed

 

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

 

C:\Windows\System32\svchost.exe => File is digitally signed

 

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

 

C:\Windows\System32\services.exe => File is digitally signed

 

C:\Windows\System32\User32.dll => File is digitally signed

 

C:\Windows\SysWOW64\User32.dll => File is digitally signed

 

C:\Windows\System32\userinit.exe => File is digitally signed

 

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

 

C:\Windows\System32\rpcss.dll => File is digitally signed

 

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

 

LastRegBack: 2015-04-09 18:25

 

 

==================== End Of Log ============================

Länk till kommentar
Dela på andra webbplatser

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015

 

Ran by Birgitta at 2015-04-11 14:28:42

 

Running from C:\Users\Birgitta\Desktop

 

Boot Mode: Normal

 

==========================================================

 

 

 

==================== Security Center ========================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

 

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

 

==================== Installed Programs ======================

 

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

 

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)

 

Adobe Reader XI (11.0.10) - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

 

Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)

 

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

 

Apple-programstöd (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)

 

Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)

 

BankID säkerhetsprogram (HKLM-x32\...\{2D6973ED-BBF2-434E-993C-37E05087B8C8}) (Version: 5.1.3.2 - Finansiell ID-Teknik BID AB)

 

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.60 - Atheros Communications)

 

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

 

Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version:  - )

 

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)

 

Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)

 

Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)

 

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.2.1.3726 - CyberLink Corp.)

 

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

 

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)

 

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

 

ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)

 

Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.)

 

Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)

 

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

 

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

 

Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden

 

Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

 

HP Documentation (HKLM-x32\...\{2BF8B295-A214-42AC-B4EC-2AE15E08B0E7}) (Version: 1.1.0.0 - Hewlett-Packard)

 

HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)

 

HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)

 

HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company)

 

HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)

 

HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)

 

HP Software Framework (HKLM-x32\...\{97174E88-52F9-445A-A28E-704A45332D19}) (Version: 4.0.108.1 - Hewlett-Packard Company)

 

HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)

 

HP Wireless Assistant (HKLM\...\{13DCC2C7-454D-42F0-A892-E0E9A5DE4E67}) (Version: 4.0.10.0 - Hewlett-Packard Company)

 

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

 

Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)

 

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

 

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)

 

iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)

 

Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)

 

Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Microsoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation)

 

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

 

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

 

Microsoft Office Klicka-och-kör 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

 

Microsoft Office Starter 2010 - svenska (HKLM-x32\...\{90140011-0066-041D-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)

 

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

 

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

 

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

 

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

 

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

 

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

 

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

 

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

 

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

 

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)

 

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

 

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

 

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

 

Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)

 

Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.18.00.03 - Huawei Technologies Co.,Ltd)

 

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

 

Mozilla Thunderbird 31.6.0 (x86 sv-SE) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 sv-SE)) (Version: 31.6.0 - Mozilla)

 

Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

OpenOffice 4.1.1 (HKLM-x32\...\{224BABA5-F494-479C-807B-4356A72CAA10}) (Version: 4.11.9775 - Apache Software Foundation)

 

PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.34 - PDF Complete, Inc)

 

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)

 

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6287 - Realtek Semiconductor Corp.)

 

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)

 

Recovery Manager (x32 Version: 1.0.22 - Hewlett-Packard) Hidden

 

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)

 

Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)

 

Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Spotify (HKU\S-1-5-21-2449234904-2715240119-1125603432-1000\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)

 

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.3 - Synaptics Incorporated)

 

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

 

WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden

 

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

 

WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )

 

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)

 

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

 

Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

 

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

 

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

 

VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)

 

Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13209 - Xobni Corp.)

 

Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden

 

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

 

==================== Custom CLSID (selected items): ==========================

 

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

 

 

==================== Restore Points  =========================

 

 

26-03-2015 17:44:00 Removed SpyHunter

 

04-04-2015 16:43:22 Windows Update

 

09-04-2015 23:16:13 Removed Java 6 Update 22 (64-bit)

 

09-04-2015 23:26:53 Removed Java 6 Update 33

 

10-04-2015 19:32:35 Removed AVG 2015

 

10-04-2015 19:39:52 Removed AVG 2015

 

10-04-2015 19:44:02 Removed AVG Free 9.0

 

10-04-2015 19:46:12 Installed AVG Free 9.0

 

10-04-2015 19:56:43 Restore Point Created by FRST

 

11-04-2015 10:43:23 Restore Point Created by FRST

 

11-04-2015 11:05:01 Windows Update

 

 

==================== Hosts content: ==========================

 

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

 

 

==================== Scheduled Tasks (whitelisted) =============

 

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

 

Task: {0998412D-B191-4D10-886E-DF745A8A4F06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

 

Task: {16B1868A-48AB-4BA3-82DC-0CC4DF7939B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

 

Task: {178C9E45-1B4A-4D30-BB7D-AD39B02854FC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-19] (Google Inc.)

 

Task: {1F70C84F-47C7-41F2-B960-CD45928065F0} - System32\Tasks\{0B6DBE6F-1D7A-484F-824B-12F64D648298} => C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe [2012-03-08] (Microsoft Corporation)

 

Task: {2D1A6B53-CC9E-4EEE-B18C-A1523094179F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-19] (Google Inc.)

 

Task: {36C330A7-462D-4B40-B306-B5BCAB19BD9A} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)

 

Task: {70665371-AE78-49F8-9DDF-BB9C6E9AD142} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

 

Task: {842287FD-352C-41B5-BDAB-CB81B466A28C} - System32\Tasks\{51D90722-4DFE-4DE8-BB72-3122E9279B5E} => C:\Users\Birgitta\AppData\Roaming\uTorrent\uTorrent.exe

 

Task: {879EA53A-C2D9-4241-80CE-3A535C04AC29} - System32\Tasks\HPCeeScheduleForBirgitta => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)

 

Task: {8DBFBCD3-A928-4AF6-8B3D-4944C72C26AC} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)

 

Task: {A6CC5FC0-1AA1-4039-857C-67F4D17E2D8F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

 

Task: {AA14B5FA-FCB1-4B22-AF5C-87362E2DE02B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)

 

Task: {D467734B-6E96-48B4-96BB-08DB55910E6D} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-02-10] (CyberLink)

 

Task: {D9E88784-94EB-486A-A07C-71E19D208CB0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-19] (Adobe Systems Incorporated)

 

Task: {E230AC6D-BCEC-4FB3-92AD-6BDE5D1FCE77} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)

 

Task: {E651BDCA-F415-41D9-9F53-16D9E7684BD0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)

 

Task: {F3FE3258-1392-4357-86D1-740046DBD059} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)

 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

 

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

Task: C:\Windows\Tasks\HPCeeScheduleForBirgitta.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

 

 

==================== Loaded Modules (whitelisted) ==============

 

 

2013-04-10 13:25 - 2012-09-04 10:27 - 00233864 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe

 

2010-07-22 00:33 - 2010-07-22 00:33 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll

 

2010-07-22 00:33 - 2010-07-22 00:33 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll

 

2010-07-22 00:33 - 2010-07-22 00:33 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll

 

2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

 

2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

 

2014-10-18 09:56 - 2014-10-18 09:56 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll

 

2012-04-06 02:29 - 2010-09-14 03:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

 

 

==================== Alternate Data Streams (whitelisted) =========

 

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

 

==================== Safe Mode (whitelisted) ===================

 

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

 

==================== EXE Association (whitelisted) ===============

 

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

 

==================== Other Areas ============================

 

 

(Currently there is no automatic fix for this section.)

 

 

HKU\S-1-5-21-2449234904-2715240119-1125603432-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Birgitta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

 

DNS Servers: 192.168.1.1

 

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

 

(Currently there is no automatic fix for this section.)

 

 

 

==================== Accounts: =============================

 

 

Administratör (S-1-5-21-2449234904-2715240119-1125603432-500 - Administrator - Disabled)

 

Birgitta (S-1-5-21-2449234904-2715240119-1125603432-1000 - Administrator - Enabled) => C:\Users\Birgitta

 

Gäst (S-1-5-21-2449234904-2715240119-1125603432-501 - Limited - Disabled)

 

 

==================== Faulty Device Manager Devices =============

 

 

 

==================== Event log errors: =========================

 

 

Application errors:

 

==================

 

Error: (04/11/2015 10:52:22 AM) (Source: Application Hang) (EventID: 1002) (User: )

 

Description: Programmet iexplore.exe, version 11.0.9600.17689, avslutades eftersom det slutade att samverka med Windows. Ytterligare information kan finnas i problemhistoriken på kontrollpanelen för Åtgärdscentret och lösningar.

 

 

Process-ID: 1484

 

 

Starttid: 01d074349875721f

 

 

Avslutningstid: 10

 

 

Programsökväg: C:\Program Files\Internet Explorer\iexplore.exe

 

 

Rapport-ID: f57a3411-e027-11e4-87f4-9cb70dff8658

 

 

Error: (04/11/2015 10:50:14 AM) (Source: WinMgmt) (EventID: 10) (User: )

 

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

Error: (04/11/2015 10:43:13 AM) (Source: VSS) (EventID: 8194) (User: )

 

Description: Fel i tjänsten Volume Shadow Copy: Oväntat fel när gränssnittet IVssWriterCallback skulle erhållas.  hr = 0x80070005, Åtkomst nekad.

 

.

 

Det orsakas ofta av inkorrekta säkerhetsinställningar i processen för antingen skrivaren eller beställaren.

 

 

Åtgärd:

   Samlar in skrivardata

Kontext:

   Skrivarklass-ID: {e8132975-6f93-4464-a53e-1050253ae220}

   Skrivarnamn: System Writer

   Skrivarinstans-ID: {afda1450-1600-4e0d-9e41-f9ac71e6c8a2}

 

 

Error: (04/10/2015 08:06:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )

 

Description: Task Scheduling Error: m->NextScheduledSPRetry 10000

 

 

Error: (04/10/2015 08:06:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )

 

Description: Task Scheduling Error: m->NextScheduledEvent 10000

 

 

Error: (04/10/2015 08:06:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )

 

Description: Task Scheduling Error: Continuously busy for more than a second

 

 

Error: (04/10/2015 07:59:48 PM) (Source: XobniService) (EventID: 0) (User: )

 

Description: Det går inte att starta tjänsten. Referensen (handle) är felaktig

 

 

Error: (04/10/2015 07:59:42 PM) (Source: WinMgmt) (EventID: 10) (User: )

 

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

Error: (04/10/2015 07:56:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

 

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver.

System Error:

Det går inte att hitta filen.

 

.

 

 

Error: (04/10/2015 07:56:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

 

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary AVG network filter service.

System Error:

Det går inte att hitta filen.

 

.

 

 

 

System errors:

 

=============

 

Error: (04/11/2015 10:48:48 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT instans)

 

Description: Modulen för WLAN-utökningsmöjligheter stoppades oväntat.

 

 

Modulsökväg: C:\Windows\system32\athihvs.dll

 

 

Error: (04/11/2015 10:48:48 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT instans)

 

Description: Modulen för WLAN-utökningsmöjligheter stoppades oväntat.

 

 

Modulsökväg: C:\Windows\system32\athihvs.dll

 

 

Error: (04/11/2015 10:47:42 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT instans)

 

Description: Modulen för WLAN-utökningsmöjligheter stoppades oväntat.

 

 

Modulsökväg: C:\Windows\system32\athihvs.dll

 

 

Error: (04/11/2015 10:46:13 AM) (Source: Service Control Manager) (EventID: 7032) (User: )

 

Description: Tjänsthanteraren försökte utföra en korrigeringsåtgärd (Starta om tjänsten) efter att tjänsten Windows Modules Installer avslutats oväntat, men denna åtgärd misslyckades med följande fel:

 

%%1056

 

 

Error: (04/11/2015 10:44:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

 

Description: Tjänsten Intel® Rapid Storage Technology avslutades oväntat. Detta har skett 1 gånger.

 

 

Error: (04/11/2015 10:44:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

 

Description: Tjänsten HP Wireless Assistant Service avslutades oväntat. Detta har skett 1 gånger.

 

 

Error: (04/11/2015 10:44:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

 

Description: Tjänsten HP Support Assistant Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 60000 millisekunder: Starta om tjänsten.

 

 

Error: (04/11/2015 10:44:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )

 

Description: Tjänsten Intel® Management & Security Application User Notification Service avslutades oväntat. Detta har skett 1 gånger.

 

 

Error: (04/11/2015 10:44:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

 

Description: Tjänsten Apple Mobile Device avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 60000 millisekunder: Starta om tjänsten.

 

 

Error: (04/11/2015 10:44:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

 

Description: Tjänsten Print Spooler avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 60000 millisekunder: Starta om tjänsten.

 

 

 

Microsoft Office Sessions:

 

=========================

 

Error: (04/11/2015 10:52:22 AM) (Source: Application Hang) (EventID: 1002) (User: )

 

Description: iexplore.exe11.0.9600.17689148401d074349875721f10C:\Program Files\Internet Explorer\iexplore.exef57a3411-e027-11e4-87f4-9cb70dff8658

 

 

Error: (04/11/2015 10:50:14 AM) (Source: WinMgmt) (EventID: 10) (User: )

 

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

Error: (04/11/2015 10:43:13 AM) (Source: VSS) (EventID: 8194) (User: )

 

Description: 0x80070005, Åtkomst nekad.

 

 

Åtgärd:

   Samlar in skrivardata

Kontext:

   Skrivarklass-ID: {e8132975-6f93-4464-a53e-1050253ae220}

   Skrivarnamn: System Writer

   Skrivarinstans-ID: {afda1450-1600-4e0d-9e41-f9ac71e6c8a2}

 

 

Error: (04/10/2015 08:06:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )

 

Description: Task Scheduling Error: m->NextScheduledSPRetry 10000

 

 

Error: (04/10/2015 08:06:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )

 

Description: Task Scheduling Error: m->NextScheduledEvent 10000

 

 

Error: (04/10/2015 08:06:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )

 

Description: Task Scheduling Error: Continuously busy for more than a second

 

 

Error: (04/10/2015 07:59:48 PM) (Source: XobniService) (EventID: 0) (User: )

 

Description: Det går inte att starta tjänsten. Referensen (handle) är felaktig

 

 

Error: (04/10/2015 07:59:42 PM) (Source: WinMgmt) (EventID: 10) (User: )

 

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

Error: (04/10/2015 07:56:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

 

Description:

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary AVGIDSDriver.

System Error:

Det går inte att hitta filen.

 

 

Error: (04/10/2015 07:56:43 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

 

Description:

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary AVG network filter service.

System Error:

Det går inte att hitta filen.

 

 

 

==================== Memory info ===========================

 

 

Processor: Intel® Core i3 CPU M 380 @ 2.53GHz

 

Percentage of memory in use: 67%

 

Total physical RAM: 1909.86 MB

 

Available physical RAM: 622.63 MB

 

Total Pagefile: 3819.71 MB

 

Available Pagefile: 2139.79 MB

 

Total Virtual: 8192 MB

 

Available Virtual: 8191.86 MB

 

 

==================== Drives ================================

 

 

Drive c: () (Fixed) (Total:279.74 GB) (Free:111.08 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

Drive d: (RECOVERY) (Fixed) (Total:18.06 GB) (Free:2.21 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

 

==================== MBR & Partition Table ==================

 

 

========================================================

 

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 9368A068)

 

Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)

 

Partition 2: (Not Active) - (Size=279.7 GB) - (Type=07 NTFS)

 

Partition 3: (Not Active) - (Size=18.1 GB) - (Type=07 NTFS)

 

Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

 

 

==================== End Of Log ============================

Länk till kommentar
Dela på andra webbplatser

1. Jag ser att båda AVG är avinstallerade. Om ni inte har kört AVG Remover för att få bort allt så gör det: http://www.avg.com/us-en/utilities

2. Nedanstående skript kommer bland annat att tömma papperskorgen så ha inget viktigt i den.

 

Starta programmet Anteckningar.

Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
C:\Program Files (x86)\SearchProtect174081
C:\Windows\System32\mjcm\
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKU\S-1-5-21-2449234904-2715240119-1125603432-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Extension: No Name - C:\Users\Birgitta\AppData\Roaming\Mozilla\Firefox\Profiles\5x8fs8fd.default\extensions\paffxtbr@FilmFanatic.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
2015-03-25 14:49 - 2015-03-25 14:49 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\avg
2015-03-25 10:28 - 2015-04-10 19:46 - 00000000 ____D () C:\ProgramData\avg9
C:\Program Files (x86)\AVG
C:\Windows\system32\tprb
EmptyTemp:
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Om datorn inte startas om automatiskt så gör det själv.

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Denna står det ju inte .txt på. Nåt jag missat ?

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015

 

Ran by Birgitta at 2015-04-11 16:14:10 Run:3

 

Running from C:\Users\Birgitta\Desktop

 

Loaded Profiles: Birgitta (Available profiles: Birgitta)

 

Boot Mode: Normal

 

==============================================

 

 

Content of fixlist:

 

*****************

 

CreateRestorePoint:

 

CloseProcesses:

 

C:\Program Files (x86)\SearchProtect174081

 

C:\Windows\System32\mjcm\

 

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File

 

Toolbar: HKU\S-1-5-21-2449234904-2715240119-1125603432-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

 

FF Extension: No Name - C:\Users\Birgitta\AppData\Roaming\Mozilla\Firefox\Profiles\5x8fs8fd.default\extensions\paffxtbr@FilmFanatic.com [Not Found]

 

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

 

2015-03-25 14:49 - 2015-03-25 14:49 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\avg

 

2015-03-25 10:28 - 2015-04-10 19:46 - 00000000 ____D () C:\ProgramData\avg9

 

C:\Program Files (x86)\AVG

 

C:\Windows\system32\tprb

 

EmptyTemp:

 

*****************

 

 

Restore point was successfully created.

Länk till kommentar
Dela på andra webbplatser

Det där ser inte ut som hela Fixlog. Pröva en gång till.

CCleaner är inget säkerhetsprogram.

Som gratis bra antivirusprogram fungerar AVG, Avira, Avast, Ad-Aware, Bitdefender mm. Ett viktigt kriterium är att man ska förstå sig på programmet.

Länk till kommentar
Dela på andra webbplatser

Delta i dialogen

Du kan skriva svaret nu och registrera dig senare, Om du har ett konto, logga in nu för att svara på inlägget.

Gäst
Svara i detta ämne...

×   Du har klistrat in innehåll med formatering.   Ta bort formatering

  Only 75 emoji are allowed.

×   Din länk har automatiskt bäddats in.   Visa som länk istället

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Skapa nytt...