Mammas dator är trött vid inloggning

16 februari, 2014

Mammas dator är väldigt trött vid inloggning, har hon något dolt virus?

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 11.0.9600.16428

Run by Kattas at 17:02:21 on 2014-02-16

.

============== Running Processes ================

.

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Prey\platform\windows\cronsvc.exe

C:\Program Files (x86)\Launch Manager\dsiwmis.exe

C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

C:\Program Files\Acer\Acer Updater\UpdaterService.exe

C:\ProgramData\MobileBrServ\mbbservice.exe

C:\Program Files (x86)\Launch Manager\LMutilps32.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://badoo.com/startpage/

uSearch Bar = hxxp://www.google.com

uSearch Page = hxxp://www.google.com

mStart Page = hxxp://www.google.com

uSearchAssistant = hxxp://www.google.com

BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL

BHO: DVDVideoSoft WebPageAdjuster Class: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll

uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}

uPolicies-Explorer: NoDrives = dword:0

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000

IE: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

IE: Free YouTube to DVD Converter - C:\Users\Kattas\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm

IE: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

IE: LastPass - C:\Users\Kattas\AppData\LocalLow\LastPass\context.html?cmd=lastpass

IE: LastPass-formulärifyllning - C:\Users\Kattas\AppData\LocalLow\LastPass\context.html?cmd=fillforms

IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

TCP: NameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{4544B149-1FFE-4784-BC3E-B01D84A9BE1A} : DHCPNameServer = 192.168.1.250

TCP: Interfaces\{539A14BF-114F-4E3A-8C24-1719F4205F8C} : DHCPNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{58EDEBBA-0158-4D6F-9032-BFAEF9370488} : DHCPNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{60CAECBD-AF52-4418-B5B3-C77EECAE9A94} : NameServer = 8.8.8.8,8.8.4.4

TCP: Interfaces\{60CAECBD-AF52-4418-B5B3-C77EECAE9A94} : DHCPNameServer = 192.168.1.1 192.168.1.1

TCP: Interfaces\{A870F957-E6EB-4951-83E0-D364BA18E72A}\0596E676 : DHCPNameServer = 172.20.10.1

Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

AppInit_DLLs= c:\progra~2\movies~1\datamngr\mgrldr.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

IFEO: bitguard.exe - tasklist.exe

IFEO: bprotect.exe - tasklist.exe

IFEO: bpsvc.exe - tasklist.exe

IFEO: browserdefender.exe - tasklist.exe

IFEO: browserprotect.exe - tasklist.exe

x64-mStart Page = hxxp://start.mysearchdial.com/?f=1&a=filemsd1103&cd=2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0E0E0B0B0F0CyCzzyDyDtN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1965521094&ir=

x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll

x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL

x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL

x64-BHO: DVDVideoSoft WebPageAdjuster Class: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll

x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll

x64-Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll

x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

x64-IFEO: bitguard.exe - tasklist.exe

x64-IFEO: bprotect.exe - tasklist.exe

x64-IFEO: bpsvc.exe - tasklist.exe

x64-IFEO: browserdefender.exe - tasklist.exe

x64-IFEO: browserprotect.exe - tasklist.exe

.

Note: multiple IFEO entries found. Please refer to Attach.txt

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Kattas\AppData\Roaming\Mozilla\Firefox\Profiles\hl13t4f5.default\

FF - plugin: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll

FF - plugin: C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

FF - plugin: C:\Users\Kattas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

FF - plugin: C:\Users\Kattas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R? AmUStor;AM USB Stroage Driver

R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86

R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64

R? EgisTec Ticket Service;EgisTec Ticket Service

R? GamesAppIntegrationService;GamesAppIntegrationService

R? GamesAppService;GamesAppService

R? ggflt;SEMC USB Flash Driver Filter

R? hwdatacard;Huawei DataCard USB Modem and USB Serial

R? IEEtwCollectorService;Internet Explorer ETW Collector Service

R? seu3bus;Sony Ericsson MD400g Mobile Broadband Composite Device driver (WDM)

R? seu3card;Sony Ericsson MD400g Device Mgmt

R? seu3mdfl;Sony Ericsson MD400g Mobile Broadband Modem Filter

R? seu3mdfl2;Sony Ericsson MD400g Mobile Broadband Data Modem Filter

R? seu3mdm;Sony Ericsson MD400g Mobile Broadband Modem Driver

R? seu3mdm2;Sony Ericsson MD400g Mobile Broadband Data Modem Driver

R? seu3nd5;Sony Ericsson MD400g Mobile Broadband Network Adapter (NDIS)

R? seu3unic;Sony Ericsson MD400g Mobile Broadband Network Adapter (WDM)

R? SkypeUpdate;Skype Updater

R? Sony PC Companion;Sony PC Companion

R? Sony_EricssonWWSC;Sony Ericsson PC SC Port

R? TsUsbFlt;TsUsbFlt

R? TsUsbGD;Remote Desktop Generic USB Device

R? WatAdminSvc;Aktiveringsteknologier f”r Windows-tj„nst

.

=============== Created Last 30 ================

.

2014-02-16 15:51:12 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B29FD93B-A98B-4E18-B1C2-A4BC448E5285}\mpengine.dll

2014-02-15 23:08:14 -------- d-----w- C:\ProgramData\InterAction studios

2014-02-15 23:06:13 -------- d-----w- C:\Program Files\Chicken Invaders 4 - Ultimate Omelette

2014-02-15 12:52:40 10315576 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2014-02-02 15:16:56 -------- d-----w- C:\Users\Kattas\AppData\Local\Macromedia

2014-02-01 16:47:39 -------- d-----w- C:\Users\Kattas\AppData\Local\Mozilla

2014-02-01 16:47:28 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2014-01-26 00:57:40 -------- d-----w- C:\ProgramData\MobileBrServ

2014-01-23 21:07:40 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E39D9C48-A82C-4BD8-BCFD-A9C27AB0DB65}\gapaengine.dll

2014-01-22 22:40:10 -------- d-----w- C:\Program Files (x86)\SkypeWebPlugin

.

==================== Find3M ====================

.

2014-02-16 15:39:35 31 ----a-w- C:\Windows\SysWow64\TempWmicBatchFile.bat

2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe

2014-01-11 14:57:02 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-01-11 14:57:02 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-07-03 23:21:38 14880256 ----a-w- C:\Program Files (x86)\Common Files\lpuninstall.exe

.

============= FINISH: 17:03:30,45 ===============

attach.txt

16 februari, 2014

1. Vore det inte bra om datorn har ett antivirusprogram när ni misstänker att det finns något skadligt i den?

2. Avinstallera uTorrent för att ta reda på om det är det som segar ner datorn.

3. Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på Report-knappen.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt

16 februari, 2014

1. Vore det inte bra om datorn har ett antivirusprogram när ni misstänker att det finns något skadligt i den?

2. Avinstallera uTorrent för att ta reda på om det är det som segar ner datorn.

3. Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på Report-knappen.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt

Jag har MS antivirus

Det gav ingen effekt på det fast jag avinstallera utorrent

Jag kör AdwCleaner

16 februari, 2014

# AdwCleaner v3.018 - Report created 17/02/2014 at 00:35:36

# Updated 28/01/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Kattas - KATTAS-DATOR

# Running from : C:\Users\Kattas\Desktop\adwcleaner.exe

# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\user.js

File Found : C:\Users\Public\Desktop\iLivid.lnk

Folder Found C:\Program Files (x86)\MyPC Backup

Folder Found C:\ProgramData\apn

Folder Found C:\Users\Kattas\AppData\Local\torch

Folder Found C:\Users\Kattas\AppData\Roaming\dvdvideosoftiehelpers

Folder Found C:\Users\Kattas\AppData\Roaming\Systweak

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\datamngr\x64\mgrldr.dll

Key Found : HKCU\Software\filescout

Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Found : HKCU\Software\PrivitizeVPNInstallDates

Key Found : HKCU\Software\smartbarbackup

Key Found : HKCU\Software\smartbarlog

Key Found : HKCU\Software\systweak

Key Found : HKCU\Software\torch

Key Found : [x64] HKCU\Software\filescout

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

Key Found : [x64] HKCU\Software\PrivitizeVPNInstallDates

Key Found : [x64] HKCU\Software\smartbarbackup

Key Found : [x64] HKCU\Software\smartbarlog

Key Found : [x64] HKCU\Software\systweak

Key Found : [x64] HKCU\Software\torch

Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Found : HKLM\SOFTWARE\Classes\speedupmypc

Key Found : HKLM\Software\DataMngr

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hgojaaaiddhmiiakpejiklijbalpckih

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_splash-pro_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_splash-pro_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Found : HKLM\Software\systweak

Key Found : HKLM\Software\torch

Key Found : HKLM\Software\Uniblue\DriverScanner

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff

Key Found : [x64] HKLM\SOFTWARE\IB Updater

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=filemsd1103&cd=2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0E0E0B0B0F0CyCzzyDyDtN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1965521094&ir=

Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://start.mysearchdial.com/?f=1&a=filemsd1103&cd=2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0E0E0B0B0F0CyCzzyDyDtN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1965521094&ir=

-\\ Mozilla Firefox v27.0.1 (sv-SE)

[ File : C:\Users\Kattas\AppData\Roaming\Mozilla\Firefox\Profiles\hl13t4f5.default\prefs.js ]

-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Kattas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [6028 octets] - [17/02/2014 00:35:36]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6088 octets] ##########

16 februari, 2014

# AdwCleaner v3.018 - Report created 17/02/2014 at 00:38:11

# Updated 28/01/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Kattas - KATTAS-DATOR

# Running from : C:\Users\Kattas\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn

Folder Deleted : C:\Program Files (x86)\MyPC Backup

Folder Deleted : C:\Users\Kattas\AppData\Local\torch

Folder Deleted : C:\Users\Kattas\AppData\Roaming\dvdvideosoftiehelpers

Folder Deleted : C:\Users\Kattas\AppData\Roaming\Systweak

File Deleted : C:\Users\Public\Desktop\iLivid.lnk

File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon

Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hgojaaaiddhmiiakpejiklijbalpckih

Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff

Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_splash-pro_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_splash-pro_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

Key Deleted : HKCU\Software\filescout

Key Deleted : HKCU\Software\PrivitizeVPNInstallDates

Key Deleted : HKCU\Software\smartbarbackup

Key Deleted : HKCU\Software\smartbarlog

Key Deleted : HKCU\Software\systweak

Key Deleted : HKCU\Software\torch

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\systweak

Key Deleted : HKLM\Software\torch

Key Deleted : HKLM\Software\Uniblue\DriverScanner

Key Deleted : [x64] HKLM\SOFTWARE\IB Updater

Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\movies~1\datamngr\x64\mgrldr.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]

-\\ Mozilla Firefox v27.0.1 (sv-SE)

[ File : C:\Users\Kattas\AppData\Roaming\Mozilla\Firefox\Profiles\hl13t4f5.default\prefs.js ]

-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Kattas\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [6244 octets] - [17/02/2014 00:35:36]

AdwCleaner[s0].txt - [5327 octets] - [17/02/2014 00:38:11]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5387 octets] ##########

17 februari, 2014

1. Okej, det syntes inte i loggen. Men det är annan information som saknas där också.

2. Kontrollera att Windows kontroll av användarkonton (UAC) är på en hög nivå:
Kontrollpanelen - System och säkerhet - Åtgärdscenter följt av UAC i vänsterkolumnen

3. Ladda ner Farbar Recovery Scan Tool (FRST) och spara på skrivbordet. http://download.bleepingcomputer.com/farbar/FRST64.exe

Starta FRST.
Läs villkoren för programmet.
Klicka på Yes för att acceptera.
Klicka på Scan-knappen.
När det är klart kommer det att ha skapats två loggar FRST.txt och Addition.txt på skrivbordet.
Om du använder en annan webbläsare än Internet Explorer 11, klistra in innehållet i FRST.txt direkt i ditt svar och bifoga Addition.txt.
Om du använder Internet Explorer 11, får du bifoga båda loggarna till ditt svar.
Klicka på Använd fullständig editor för att se hur du bifogar filer.

4. Spara RougueKiller på Skrivbordet: http://www.adlice.com/softs/roguekiller/RogueKillerX64.exe
Stäng av alla program.
Ta bort alla externa enheter, t ex USB-minnen och externa hårddiskar, utom tangentbord och mus. Låt dem vara bortkopplade medan rensningen pågår.

Kör RogueKiller (i Vista och Windows 7 högerklicka på programmet och välj "Kör som administratör). Om det inte går att köra så pröva flera gång, men om det fortfarande inte går så pröva med att döpa om programmet till winlogon.exe.

Vänta tills "Prescan" har avslutats.
Klicka på "Scan"-knappen uppe till höger.
Vänta tills skanningen är klar.
En rapport "RKreport.txt" ska då ha skapats på Skrivbordet. Klistra in innehållet i den i ditt svar (eller bifoga).

5. Skanna datorn online på http://www.eset.com/onlinescan/
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Avbocka alternativet Remove found threats
Bocka för Scan Archives

Klicka på Advanced Settings
Bocka för:
Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Scan

När skanningen är klar klicka på List of threats found, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar (eller bifoga).

17 februari, 2014

Det gick inte att klistra in allt i ett enda inlägg så jag bifogar.

FRST.txt

Addition.txt

17 februari, 2014

Loggen för RogueKiller:

RogueKiller V8.8.7 _x64_ [Feb 11 2014] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://forum.adlice.com

Website : http://www.adlice.com/softwares/roguekiller/

Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Kattas [Admin rights]

Mode : Scan -- Date : 02/17/2014 04:22:56

| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤

[sUSP PATH] mbbService.exe -- C:\ProgramData\MobileBrServ\mbbservice.exe [7] -> KILLED [TermProc]

¤¤¤ Registry Entries : 16 ¤¤¤

[iFEO] HKLM\[...]\bitguard.exe : Debugger (tasklist.exe [x]) -> FOUND

[iFEO] HKLM\[...]\bprotect.exe : Debugger (tasklist.exe [x]) -> FOUND

[iFEO] HKLM\[...]\bpsvc.exe : Debugger (tasklist.exe [x]) -> FOUND

[iFEO] HKLM\[...]\browserdefender.exe : Debugger (tasklist.exe [x]) -> FOUND

[iFEO] HKLM\[...]\browserprotect.exe : Debugger (tasklist.exe [x]) -> FOUND

[iFEO] HKLM\[...]\browsersafeguard.exe : Debugger (tasklist.exe [x]) -> FOUND

[iFEO] HKLM\[...]\protectedsearch.exe : Debugger (tasklist.exe [x]) -> FOUND

[iFEO] HKLM\[...]\searchprotection.exe : Debugger (tasklist.exe [x]) -> FOUND

[iFEO] HKLM\[...]\snapdo.exe : Debugger (tasklist.exe [x]) -> FOUND

[iFEO] HKLM\[...]\stinst32.exe : Debugger (tasklist.exe [x]) -> FOUND

[iFEO] HKLM\[...]\stinst64.exe : Debugger (tasklist.exe [x]) -> FOUND

[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BEVT-22A23T0 +++++

--- User ---

[MBR] eed86e376fc7938a15df172e23a9cf23

[bSP] c2a5bf77bc0a2a4c9655ad3b0be2ddd2 : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 15360 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 31459328 | Size: 100 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31664128 | Size: 289783 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[0]_S_02172014_042256.txt >>

Eset får köra nu under natten

17 februari, 2014

Logg för Eset:

C:\Users\Kattas\AppData\Local\Temp\uninstaller.exe.10993250 Win32/InstallCore.AZ potentially unwanted application

C:\Users\Kattas\AppData\Local\Temp\10973578.Uninstall\uninstaller.exe Win32/InstallCore.AZ potentially unwanted application

C:\Users\Kattas\AppData\Local\Temp\DTX\Reporting\ReportingHelper.dll a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\Users\Kattas\AppData\Local\Temp\is1852162411\19832041_Setup.EXE Win32/OpenCandy potentially unsafe application

C:\Users\Kattas\AppData\Local\Temp\is1852162411\1288438_stp\wajam_validate.exe Win32/Wajam.F potentially unwanted application

C:\Users\Kattas\AppData\Local\Temp\is1852162411\1288672_stp\Cloud_Backup_Setup_ROW.exe Win32/MyPCBackup.A potentially unwanted application

C:\Users\Kattas\AppData\Local\Temp\is1852162411\1288800_stp\uninstaller.exe Win32/InstallCore.AZ potentially unwanted application

C:\Users\Kattas\AppData\Local\Temp\nstFA0.tmp\Uninstall.exe a variant of Win32/Toolbar.SearchSuite.G potentially unwanted application

C:\Users\Kattas\AppData\Local\Temp\nstFA0.tmp\nsn660B.tmp\SetupDataMngr_iLivid.exe a variant of Win32/Toolbar.SearchSuite.G potentially unwanted application

C:\Users\Kattas\Desktop\Office 2013\Används Ej - Reserv för aktivering\KMSpico v4.5\KMSpico Install\KMSpico_Install_v4.5.exe a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application

C:\Users\Kattas\Desktop\Office 2013\Används Ej - Reserv för aktivering\KMSpico v4.5\KMSpico OEM\$OEM$\$$\Setup\Scripts\KMSpico.exe a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application

C:\Users\Kattas\Desktop\Office 2013\Crack\KMSpicl_v4.5.exe a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application

C:\Users\Kattas\Documents\APNSetup.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application

C:\Windows\Installer\MSI667F.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

C:\Windows\Installer\MSI7581.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application

17 februari, 2014

1. Det är riskfyllt att hålla på med crackade program. Det finns ju gratis alternativ till MS Office, t ex LibreOffice.

C:\Users\Kattas\Desktop\Office 2013\Crack\KMSpicl_v4.5.exe a variant of MSIL/HackTool.IdleKMS.A potentially unsafe application

2. Vad är iPumper för tillägg som finns i Firefox och Chrome?

FF HKLM-x32\...\Firefox\Extensions: [ntfdsaftsfdfdxx@mozilla.org] - C:\Users\Kattas\AppData\Roaming\iPumper\extension_firefox.xpi

CHR HKLM-x32\...\Chrome\Extension: [kekfoodhbhpjhjcdecjngamojfhknooc] - C:\Users\Kattas\AppData\Roaming\iPumper\extension_chrome.crx [2013-07-04]

Jag hittar ingen säker information om det.

3. Följ https://support.google.com/chrome/answer/113907?hl=sv och avinstallera alla tillägg din mamma inte använder i Chrome.

CHR Extension: (Topface 2.0) - C:\Users\Kattas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hppaelnlbojhnjbjcdoaddedbnbaiocf [2014-02-14]

Ovanstående är nyligen installerat och därför misstänkt för att kunna orsaka problem.

4. Starta Anteckningar.

Kopiera alla rader i rutan:

AlternateDataStreams: C:\ProgramData\Temp:98181191
AppInit_DLLs-x32: c:\progra~2\movies~1\datamngr\mgrldr.dll => File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Kattas\AppData\Local\Temp\uninstaller.exe.10993250 
C:\Users\Kattas\AppData\Local\Temp\10973578.Uninstall\uninstaller.exe 
C:\Users\Kattas\AppData\Local\Temp\DTX\Reporting\ReportingHelper.dll
C:\Users\Kattas\AppData\Local\Temp\is1852162411\19832041_Setup.EXE
C:\Users\Kattas\AppData\Local\Temp\is1852162411\1288438_stp\wajam_validate.exe 
C:\Users\Kattas\AppData\Local\Temp\is1852162411\1288672_stp\Cloud_Backup_Setup_ROW.exe 
C:\Users\Kattas\AppData\Local\Temp\is1852162411\1288800_stp\uninstaller.exe 
C:\Users\Kattas\AppData\Local\Temp\nstFA0.tmp\Uninstall.exe 
C:\Users\Kattas\AppData\Local\Temp\nstFA0.tmp\nsn660B.tmp\SetupDataMngr_iLivid.exe

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

5. Starta om datorn och kör FRST igen.

Klistra in (bifoga) den nya FRST.txt så får vi se om det är något kvar där.

17 februari, 2014

2. Vad är iPumper för tillägg som finns i Firefox och Chrome?
FF HKLM-x32\...\Firefox\Extensions: [ntfdsaftsfdfdxx@mozilla.org] - C:\Users\Kattas\AppData\Roaming\iPumper\extension_firefox.xpi
CHR HKLM-x32\...\Chrome\Extension: [kekfoodhbhpjhjcdecjngamojfhknooc] - C:\Users\Kattas\AppData\Roaming\iPumper\extension_chrome.crx [2013-07-04]
Jag hittar ingen säker information om det.

3. Följ https://support.google.com/chrome/answer/113907?hl=sv och avinstallera alla tillägg din mamma inte använder i Chrome.
CHR Extension: (Topface 2.0) - C:\Users\Kattas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hppaelnlbojhnjbjcdoaddedbnbaiocf [2014-02-14]
Ovanstående är nyligen installerat och därför misstänkt för att kunna orsaka problem.

Det verkar vara insticksmoduler, för det finns inget att ta bort i tillägg däremot insticksmoduler är det fullt av saker

Spara filen på skrivbordet med namnet fixlist.txt.

Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.

Loggen:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-02-2014

Ran by Kattas at 2014-02-17 18:34:40 Run:1

Running from C:\Users\Kattas\Desktop

Boot Mode: Normal

==============================================

Content of fixlist:

*****************

AlternateDataStreams: C:\ProgramData\Temp:98181191

AppInit_DLLs-x32: c:\progra~2\movies~1\datamngr\mgrldr.dll => File Not Found

IFEO\bitguard.exe: [Debugger] tasklist.exe

IFEO\bprotect.exe: [Debugger] tasklist.exe

IFEO\bpsvc.exe: [Debugger] tasklist.exe

IFEO\browserdefender.exe: [Debugger] tasklist.exe

IFEO\browserprotect.exe: [Debugger] tasklist.exe

IFEO\browsersafeguard.exe: [Debugger] tasklist.exe

IFEO\protectedsearch.exe: [Debugger] tasklist.exe

IFEO\searchprotection.exe: [Debugger] tasklist.exe

IFEO\snapdo.exe: [Debugger] tasklist.exe

IFEO\stinst32.exe: [Debugger] tasklist.exe

IFEO\stinst64.exe: [Debugger] tasklist.exe

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

C:\Users\Kattas\AppData\Local\Temp\uninstaller.exe.10993250

C:\Users\Kattas\AppData\Local\Temp\10973578.Uninstall\uninstaller.exe

C:\Users\Kattas\AppData\Local\Temp\DTX\Reporting\ReportingHelper.dll

C:\Users\Kattas\AppData\Local\Temp\is1852162411\19832041_Setup.EXE

C:\Users\Kattas\AppData\Local\Temp\is1852162411\1288438_stp\wajam_validate.exe

C:\Users\Kattas\AppData\Local\Temp\is1852162411\1288672_stp\Cloud_Backup_Setup_ROW.exe

C:\Users\Kattas\AppData\Local\Temp\is1852162411\1288800_stp\uninstaller.exe

C:\Users\Kattas\AppData\Local\Temp\nstFA0.tmp\Uninstall.exe

C:\Users\Kattas\AppData\Local\Temp\nstFA0.tmp\nsn660B.tmp\SetupDataMngr_iLivid.exe

*****************

C:\ProgramData\Temp => ":98181191" ADS removed successfully.

"c:\\progra~2\\movies~1\\datamngr\\mgrldr.dll" => Value Data removed successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe => Key deleted successfully.

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe => Key deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.

HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.

HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2 => Key deleted successfully.

C:\Windows\SysWOW64\npDeployJava1.dll => Moved successfully.

HKLM\SOFTWARE\Policies\Google => Key deleted successfully.

"C:\Users\Kattas\AppData\Local\Temp\uninstaller.exe.10993250" => File/Directory not found.

C:\Users\Kattas\AppData\Local\Temp\10973578.Uninstall\uninstaller.exe => Moved successfully.

"C:\Users\Kattas\AppData\Local\Temp\DTX\Reporting\ReportingHelper.dll" => File/Directory not found.

"C:\Users\Kattas\AppData\Local\Temp\is1852162411\19832041_Setup.EXE" => File/Directory not found.

"C:\Users\Kattas\AppData\Local\Temp\is1852162411\1288438_stp\wajam_validate.exe" => File/Directory not found.

"C:\Users\Kattas\AppData\Local\Temp\is1852162411\1288672_stp\Cloud_Backup_Setup_ROW.exe" => File/Directory not found.

"C:\Users\Kattas\AppData\Local\Temp\is1852162411\1288800_stp\uninstaller.exe" => File/Directory not found.

"C:\Users\Kattas\AppData\Local\Temp\nstFA0.tmp\Uninstall.exe" => File/Directory not found.

"C:\Users\Kattas\AppData\Local\Temp\nstFA0.tmp\nsn660B.tmp\SetupDataMngr_iLivid.exe" => File/Directory not found.

==== End of Fixlog ====

17 februari, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014

Ran by Kattas (administrator) on KATTAS-DATOR on 17-02-2014 18:43:51

Running from C:\Users\Kattas\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: Swedish

Internet Explorer Version 11

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Fork Ltd.) C:\Prey\platform\windows\cronsvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

() C:\ProgramData\MobileBrServ\mbbservice.exe

() C:\Program Files\KMSpico\Service_KMS.exe

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe

() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\.DEFAULT\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}

HKU\S-1-5-21-1391602624-105662421-2298022518-1000\...\Run: [uTorrent] - "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED

Startup: C:\Users\Kattas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://badoo.com/startpage/

SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://badoo.com/startpage/?source=bsb&q={searchTerms}

BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)

Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip\..\Interfaces\{60CAECBD-AF52-4418-B5B3-C77EECAE9A94}: [NameServer]8.8.8.8,8.8.4.4

FireFox:

========

FF ProfilePath: C:\Users\Kattas\AppData\Roaming\Mozilla\Firefox\Profiles\8x0gr4tw.default-1392658075365

FF Plugin: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @lastpass.com/NPLastPass - C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File

FF Plugin-x32: @Skype.com/Skype Web Plugin - C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)

FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Kattas\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File

FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml

FF HKLM-x32\...\Firefox\Extensions: [ntfdsaftsfdfdxx@mozilla.org] - C:\Users\Kattas\AppData\Roaming\iPumper\extension_firefox.xpi

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:

=======

CHR HomePage: hxxp://www.google.se/

CHR Extension: (LastPass: Free Password Manager) - C:\Users\Kattas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-02-17]

CHR Extension: (Google Wallet) - C:\Users\Kattas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]

CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-06-12]

CHR HKLM-x32\...\Chrome\Extension: [kekfoodhbhpjhjcdecjngamojfhknooc] - C:\Users\Kattas\AppData\Roaming\iPumper\extension_chrome.crx [2013-06-12]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]

CHR HKLM-x32\...\Chrome\Extension: [niogeckbkdcabhnapjbkeiklablhjoca] - C:\Program Files (x86)\Perion\ChromeInfoBar\ChromeInfoBar.crx [2012-10-02]

==================== Services (Whitelisted) =================

R2 CronService; C:\Prey\platform\windows\cronsvc.exe [23552 2012-11-28] (Fork Ltd.)

R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-28] ()

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-06-20] (Microsoft Corporation)

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-06-20] (Microsoft Corporation)

R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [454144 2013-03-27] ()

==================== Drivers (Whitelisted) ====================

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)

S3 seu3bus; C:\Windows\System32\DRIVERS\seu3bus.sys [354816 2008-08-13] (MCCI Corporation)

S3 seu3card; C:\Windows\System32\DRIVERS\seu3card.sys [408576 2008-08-13] (MCCI Corporation)

S3 seu3mdfl; C:\Windows\System32\DRIVERS\seu3mdfl.sys [18944 2008-08-13] (MCCI Corporation)

S3 seu3mdfl2; C:\Windows\System32\DRIVERS\seu3mdfl2.sys [18944 2008-08-13] (MCCI Corporation)

S3 seu3mdm; C:\Windows\System32\DRIVERS\seu3mdm.sys [454144 2008-08-13] (MCCI Corporation)

S3 seu3mdm2; C:\Windows\System32\DRIVERS\seu3mdm2.sys [505856 2008-08-13] (MCCI Corporation)

S3 seu3nd5; C:\Windows\System32\DRIVERS\seu3nd5.sys [34816 2008-08-13] (MCCI Corporation)

S3 seu3unic; C:\Windows\System32\DRIVERS\seu3unic.sys [467968 2008-08-13] (MCCI Corporation)

S3 Sony_EricssonWWSC; C:\Windows\System32\DRIVERS\seu3scard64.sys [30760 2008-08-08] (Sony Ericsson)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit

C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit

C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit

C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit

C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit

C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit

C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228

C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit

C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49

C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit

C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048

C:\Windows\System32\drivers\AmUStor.SYS 92A848F962DA91C631147D566414BB7E

C:\Windows\system32\drivers\appid.sys ==> MD5 is legit

C:\Windows\system32\drivers\arc.sys ==> MD5 is legit

C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit

C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\athrx.sys CC406DA84E7DD3FA3AD20340DBC66CF2

C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit

C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit

C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit

C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B

C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit

C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit

C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit

C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit

C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit

C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit

C:\Windows\System32\CLFS.sys ==> MD5 is legit

C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit

C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit

C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706

C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit

C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit

C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit

C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit

C:\Windows\System32\drivers\discache.sys ==> MD5 is legit

C:\Windows\System32\drivers\disk.sys ==> MD5 is legit

C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit

C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52

C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit

C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit

C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit

C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit

C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit

C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit

C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit

C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit

C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit

C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit

C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B

C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0

C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F

C:\Windows\System32\DRIVERS\ggflt.sys 16C2A6BCDDA8952C2035DEC861492A19

C:\Windows\System32\DRIVERS\ggsemc.sys 6B503DF845EABF3457E49FBBDA26C10E

C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit

C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A

C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit

C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit

C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit

C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit

C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit

C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit

C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit

C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit

C:\Windows\System32\drivers\iaStor.sys F7CE9BE72EDAC499B713ECA6DAE5D26F

C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366

C:\Windows\System32\DRIVERS\igdkmd64.sys 795C99DC4F574C97C03D0BB39CF099EE

C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit

C:\Windows\System32\drivers\RTKVHD64.sys 718A4008EE5DA174400396B27509EF82

C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381

C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit

C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit

C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit

C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit

C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit

C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit

C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit

C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64

C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C

C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\L1C62x64.sys 655A5D8E80869781CCE23760ADA7E695

C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit

C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit

C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit

C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit

C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit

C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit

C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit

C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567

C:\Windows\System32\drivers\modem.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit

C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\MpFilter.sys FC1D590039EF06A381768710E6C07E75

C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit

C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404

C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC

C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163

C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C

C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit

C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit

C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit

C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit

C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit

C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit

C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit

C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mwlPSDFilter.sys C009123B206C56854F4E88596035231D

C:\Windows\System32\DRIVERS\mwlPSDNServ.sys BF3739EEB9F008B1DEBAC115089A53F8

C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys 38DD143D95E7A01B86F219DDA9C28779

C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit

C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88

C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit

C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit

C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\NisDrvWFP.sys 8FB3C853E886E1E4D57271672486111C

C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0

C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit

C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD

C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A

C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit

C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit

C:\Windows\system32\drivers\parport.sys ==> MD5 is legit

C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C

C:\Windows\System32\drivers\pci.sys ==> MD5 is legit

C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit

C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit

C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit

C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit

C:\Windows\system32\drivers\processr.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit

C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit

C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit

C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit

C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit

C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A

C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit

C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit

C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit

C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit

C:\Windows\system32\drivers\serial.sys ==> MD5 is legit

C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\seu3bus.sys 0AA643BD04B2A5A8989E0BF597EF69C8

C:\Windows\System32\DRIVERS\seu3card.sys 7B72679BA23B97F7B17CDB3364D3DC73

C:\Windows\System32\DRIVERS\seu3mdfl.sys 1AF162C1FFA508F8A00050CE2E3DB59A

C:\Windows\System32\DRIVERS\seu3mdfl2.sys 42445EEECC7248BF6337EBEE1C1AF0EA

C:\Windows\System32\DRIVERS\seu3mdm.sys 2AF818FD2DCC4660E1A87484507D1F49

C:\Windows\System32\DRIVERS\seu3mdm2.sys 75D16DDBB5381B5DBF94E9DB97972E63

C:\Windows\System32\DRIVERS\seu3nd5.sys 4AFC88A4351866F0A11DD2C88C91ED3F

C:\Windows\System32\DRIVERS\seu3unic.sys D0946845201211B544F405D0A0DE96F4

C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit

C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit

C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit

C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit

C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit

C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\seu3scard64.sys 224880C9E498ADEFCA7A859666BA56E5

C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B

C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28

C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3

C:\Windows\system32\Drivers\SSPORT.sys 0211AB46B73A2623B86C1CFCB30579AB

C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit

C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\SynTP.sys BC642D540AEDF9A253C74D10C848EBD2

C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51

C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51

C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC

C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit

C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8

C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit

C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09

C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit

C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8

C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit

C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit

C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit

C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\usbccgp.sys ACCEA6BC68D0C9A78EB97EE159028B4E

C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31

C:\Windows\system32\drivers\usbehci.sys 311C1DD1088E55BEAE15954D17F50646

C:\Windows\System32\DRIVERS\usbhub.sys 280E90CBF4B2DDD169F0728CB44D726F

C:\Windows\system32\drivers\usbohci.sys 9406D801042FAF859CF81B2C886413DC

C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit

C:\Windows\system32\drivers\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24

C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6

C:\Windows\system32\drivers\usbuhci.sys A83D0EC9AE4C31704442099D40BA2471

C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7

C:\Windows\System32\DRIVERS\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29

C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit

C:\Windows\System32\drivers\vga.sys ==> MD5 is legit

C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit

C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit

C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit

C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit

C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit

C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit

C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit

C:\Windows\system32\drivers\wd.sys ==> MD5 is legit

C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8

C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit

C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit

C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D

C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit

C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit

C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F

C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-17 18:42 - 2014-02-17 18:43 - 00027907 _____ () C:\Users\Kattas\Desktop\FRST.txt

2014-02-17 18:41 - 2014-02-17 18:42 - 00421240 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-02-17 18:28 - 2014-02-17 18:28 - 00000000 ____D () C:\Users\Kattas\Desktop\Gammal Firefox-data

2014-02-17 18:27 - 2014-02-17 18:27 - 00022832 _____ () C:\Users\Kattas\Documents\bookmarks.html

2014-02-17 13:27 - 2014-02-17 18:41 - 00000090 _____ () C:\Windows\setupact.log

2014-02-17 13:27 - 2014-02-17 13:27 - 00000000 _____ () C:\Windows\setuperr.log

2014-02-17 13:01 - 2014-02-17 13:01 - 00001194 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk

2014-02-17 12:59 - 2014-02-17 12:59 - 13024768 _____ (LastPass) C:\Users\Kattas\Downloads\lastpass_x64.exe

2014-02-17 08:17 - 2014-02-17 08:17 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-02-17 04:25 - 2014-02-17 10:52 - 00000000 ____D () C:\Users\Kattas\Desktop\Loggar

2014-02-17 04:13 - 2014-02-17 18:43 - 00000000 ____D () C:\FRST

2014-02-17 03:38 - 2014-02-17 03:38 - 00000000 ____D () C:\Program Files\geek

2014-02-17 01:24 - 2014-02-17 01:24 - 04408320 _____ () C:\Users\Kattas\Desktop\RogueKillerX64.exe

2014-02-17 01:24 - 2014-02-17 01:24 - 02152448 _____ (Farbar) C:\Users\Kattas\Desktop\FRST64.exe

2014-02-17 01:18 - 2014-02-17 01:28 - 00010752 ___SH () C:\Users\Kattas\Documents\Thumbs.db

2014-02-17 00:51 - 2014-02-17 00:52 - 00000000 ____D () C:\Program Files (x86)\ERUNT

2014-02-17 00:51 - 2014-02-17 00:51 - 00000928 _____ () C:\Users\Kattas\Desktop\NTREGOPT.lnk

2014-02-17 00:51 - 2014-02-17 00:51 - 00000909 _____ () C:\Users\Kattas\Desktop\ERUNT.lnk

2014-02-16 00:56 - 2014-02-16 00:56 - 00001908 _____ () C:\Users\Kattas\Desktop\CI4.exe.lnk

2014-02-16 00:08 - 2014-02-16 00:08 - 00000000 ____D () C:\ProgramData\InterAction studios

2014-02-16 00:06 - 2014-02-16 00:55 - 00000000 ____D () C:\Program Files\Chicken Invaders 4 - Ultimate Omelette

2014-02-14 19:33 - 2014-02-17 00:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-02-09 23:54 - 2014-02-09 23:56 - 00000000 ____D () C:\Users\Kattas\Downloads\skorpioner

2014-02-02 16:16 - 2014-02-02 16:16 - 00000000 ____D () C:\Users\Kattas\AppData\Local\Macromedia

2014-02-01 17:47 - 2014-02-16 16:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-02-01 17:47 - 2014-02-01 17:48 - 00000000 ____D () C:\Users\Kattas\AppData\Local\Mozilla

2014-02-01 17:47 - 2014-02-01 17:47 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-02-01 17:47 - 2014-02-01 17:47 - 00000000 ____D () C:\ProgramData\Mozilla

2014-01-27 03:30 - 2014-01-27 03:30 - 00000000 ____D () C:\Users\Kattas\Downloads\Getaway.2013.SWESUB.DVDRip.XviD.AC3-Haribo

2014-01-27 03:25 - 2014-01-27 03:28 - 00000000 ____D () C:\Users\Kattas\Downloads\Dallas.2012.S02.SWESUB.DVDRip.XviD.AC3-Haggebulle

2014-01-27 03:24 - 2014-01-27 11:58 - 875269884 _____ () C:\Users\Kattas\Downloads\Sel8nne.2013.SWESUB.DVDRip.XViD.MP3-Devil.avi

2014-01-26 01:57 - 2014-01-26 01:58 - 00000000 ____D () C:\ProgramData\MobileBrServ

2014-01-22 23:40 - 2014-01-22 23:40 - 00000000 ____D () C:\Program Files (x86)\SkypeWebPlugin

==================== One Month Modified Files and Folders =======

2014-02-17 18:43 - 2014-02-17 18:42 - 00027907 _____ () C:\Users\Kattas\Desktop\FRST.txt

2014-02-17 18:43 - 2014-02-17 04:13 - 00000000 ____D () C:\FRST

2014-02-17 18:43 - 2013-11-28 02:10 - 00000000 ____D () C:\Program Files\KMSpico

2014-02-17 18:42 - 2014-02-17 18:41 - 00421240 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-02-17 18:42 - 2012-11-26 01:59 - 00000000 ____D () C:\ProgramData\clear.fi

2014-02-17 18:41 - 2014-02-17 13:27 - 00000090 _____ () C:\Windows\setupact.log

2014-02-17 18:41 - 2012-12-08 20:45 - 00000031 _____ () C:\Windows\SysWOW64\TempWmicBatchFile.bat

2014-02-17 18:41 - 2012-12-08 19:17 - 00000990 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-17 18:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-17 18:40 - 2014-01-11 16:16 - 01171571 _____ () C:\Windows\WindowsUpdate.log

2014-02-17 18:28 - 2014-02-17 18:28 - 00000000 ____D () C:\Users\Kattas\Desktop\Gammal Firefox-data

2014-02-17 18:27 - 2014-02-17 18:27 - 00022832 _____ () C:\Users\Kattas\Documents\bookmarks.html

2014-02-17 18:12 - 2012-12-08 19:17 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-17 18:01 - 2013-04-04 19:56 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1391602624-105662421-2298022518-1000UA.job

2014-02-17 13:30 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-17 13:30 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-17 13:27 - 2014-02-17 13:27 - 00000000 _____ () C:\Windows\setuperr.log

2014-02-17 13:01 - 2014-02-17 13:01 - 00001194 _____ () C:\Users\Public\Desktop\My LastPass Vault.lnk

2014-02-17 13:01 - 2013-07-04 00:08 - 00000000 ____D () C:\Users\Kattas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LastPass

2014-02-17 13:01 - 2013-07-04 00:08 - 00000000 ____D () C:\Program Files (x86)\LastPass

2014-02-17 12:59 - 2014-02-17 12:59 - 13024768 _____ (LastPass) C:\Users\Kattas\Downloads\lastpass_x64.exe

2014-02-17 10:52 - 2014-02-17 04:25 - 00000000 ____D () C:\Users\Kattas\Desktop\Loggar

2014-02-17 10:50 - 2007-07-12 02:49 - 00000000 ____D () C:\Windows\Panther

2014-02-17 08:17 - 2014-02-17 08:17 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-02-17 04:09 - 2013-05-08 21:00 - 00000000 ____D () C:\Windows\erdnt

2014-02-17 03:45 - 2012-11-24 23:53 - 00000000 ____D () C:\Users\Kattas\AppData\Roaming\Skype

2014-02-17 03:41 - 2013-04-04 19:56 - 00000000 ____D () C:\Users\Kattas\AppData\Local\Facebook

2014-02-17 03:39 - 2013-09-22 15:55 - 00000000 ____D () C:\Users\Kattas\AppData\Roaming\WildTangent

2014-02-17 03:39 - 2011-10-13 14:19 - 00000000 ____D () C:\ProgramData\WildTangent

2014-02-17 03:38 - 2014-02-17 03:38 - 00000000 ____D () C:\Program Files\geek

2014-02-17 03:36 - 2013-01-26 08:07 - 00000000 ____D () C:\Program Files (x86)\Sony

2014-02-17 03:34 - 2013-06-11 20:43 - 00000000 ____D () C:\Program Files (x86)\Free Video Converter

2014-02-17 01:28 - 2014-02-17 01:18 - 00010752 ___SH () C:\Users\Kattas\Documents\Thumbs.db

2014-02-17 01:24 - 2014-02-17 01:24 - 04408320 _____ () C:\Users\Kattas\Desktop\RogueKillerX64.exe

2014-02-17 01:24 - 2014-02-17 01:24 - 02152448 _____ (Farbar) C:\Users\Kattas\Desktop\FRST64.exe

2014-02-17 01:19 - 2013-09-02 02:30 - 00000000 ____D () C:\Users\Kattas\AppData\Roaming\vlc

2014-02-17 00:52 - 2014-02-17 00:51 - 00000000 ____D () C:\Program Files (x86)\ERUNT

2014-02-17 00:52 - 2012-11-24 23:34 - 00000000 ___RD () C:\Users\Kattas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-02-17 00:51 - 2014-02-17 00:51 - 00000928 _____ () C:\Users\Kattas\Desktop\NTREGOPT.lnk

2014-02-17 00:51 - 2014-02-17 00:51 - 00000909 _____ () C:\Users\Kattas\Desktop\ERUNT.lnk

2014-02-17 00:50 - 2012-11-24 23:31 - 00000000 ____D () C:\Users\Kattas

2014-02-17 00:38 - 2014-02-14 19:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-02-17 00:30 - 2012-12-09 17:12 - 00000000 ____D () C:\Program Files (x86)\uTorrent

2014-02-16 21:01 - 2013-04-04 19:56 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1391602624-105662421-2298022518-1000Core.job

2014-02-16 20:31 - 2013-11-25 22:24 - 00000099 _____ () C:\Users\Public\LMDebug.log

2014-02-16 16:38 - 2014-02-01 17:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-02-16 00:56 - 2014-02-16 00:56 - 00001908 _____ () C:\Users\Kattas\Desktop\CI4.exe.lnk

2014-02-16 00:55 - 2014-02-16 00:06 - 00000000 ____D () C:\Program Files\Chicken Invaders 4 - Ultimate Omelette

2014-02-16 00:08 - 2014-02-16 00:08 - 00000000 ____D () C:\ProgramData\InterAction studios

2014-02-16 00:08 - 2012-11-25 07:31 - 00626006 _____ () C:\Windows\system32\perfh01D.dat

2014-02-16 00:08 - 2012-11-25 07:31 - 00124128 _____ () C:\Windows\system32\perfc01D.dat

2014-02-16 00:08 - 2009-07-14 06:13 - 01466674 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-02-12 18:18 - 2012-12-06 19:41 - 00001094 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk

2014-02-11 19:07 - 2012-12-08 19:17 - 00003990 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-02-11 19:07 - 2012-12-08 19:17 - 00003738 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-02-09 23:56 - 2014-02-09 23:54 - 00000000 ____D () C:\Users\Kattas\Downloads\skorpioner

2014-02-02 16:16 - 2014-02-02 16:16 - 00000000 ____D () C:\Users\Kattas\AppData\Local\Macromedia

2014-02-01 17:56 - 2013-09-02 02:30 - 00000027 _____ () C:\Program Files\plugins.dat

2014-02-01 17:48 - 2014-02-01 17:47 - 00000000 ____D () C:\Users\Kattas\AppData\Local\Mozilla

2014-02-01 17:47 - 2014-02-01 17:47 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-02-01 17:47 - 2014-02-01 17:47 - 00000000 ____D () C:\ProgramData\Mozilla

2014-01-27 22:35 - 2013-01-26 03:57 - 00000000 ____D () C:\Users\Kattas\Desktop\bilder på mig

2014-01-27 20:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-01-27 11:58 - 2014-01-27 03:24 - 875269884 _____ () C:\Users\Kattas\Downloads\Sel8nne.2013.SWESUB.DVDRip.XViD.MP3-Devil.avi

2014-01-27 03:30 - 2014-01-27 03:30 - 00000000 ____D () C:\Users\Kattas\Downloads\Getaway.2013.SWESUB.DVDRip.XviD.AC3-Haribo

2014-01-27 03:28 - 2014-01-27 03:25 - 00000000 ____D () C:\Users\Kattas\Downloads\Dallas.2012.S02.SWESUB.DVDRip.XviD.AC3-Haggebulle

2014-01-26 01:58 - 2014-01-26 01:57 - 00000000 ____D () C:\ProgramData\MobileBrServ

2014-01-26 01:56 - 2011-10-13 14:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-01-22 23:40 - 2014-01-22 23:40 - 00000000 ____D () C:\Program Files (x86)\SkypeWebPlugin

2014-01-22 23:31 - 2014-01-12 22:06 - 00000000 ____D () C:\Users\Kattas\Desktop\CV

2014-01-19 08:33 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:

====================

C:\Users\Kattas\jagex_cl_runescape_LIVE.dat

C:\Users\Kattas\random.dat

Some content of TEMP:

====================

C:\Users\Kattas\AppData\Local\Temp\geek_x64.exe

C:\Users\Kattas\AppData\Local\Temp\ntdll_dump.dll

C:\Users\Kattas\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Starthanteraren

---------------

identifier {bootmgr}

device partition=\Device\HarddiskVolume2

description Windows Boot Manager

locale sv-SE

inherit {globalsettings}

default {current}

resumeobject {90f9c3ef-36c8-11e2-8bf9-9383b11d0e89}

displayorder {current}

toolsdisplayorder {memdiag}

timeout 30

Startinl„saren

--------------

identifier {current}

device partition=C:

path \Windows\system32\winload.exe

description Windows 7

locale sv-SE

inherit {bootloadersettings}

recoverysequence {90f9c3f1-36c8-11e2-8bf9-9383b11d0e89}

recoveryenabled Yes

osdevice partition=C:

systemroot \Windows

resumeobject {90f9c3ef-36c8-11e2-8bf9-9383b11d0e89}

nx OptIn

Startinl„saren

--------------

identifier {90f9c3f1-36c8-11e2-8bf9-9383b11d0e89}

device ramdisk=[C:]\Recovery\90f9c3f1-36c8-11e2-8bf9-9383b11d0e89\Winre.wim,{90f9c3f2-36c8-11e2-8bf9-9383b11d0e89}

path \windows\system32\winload.exe

description Windows Recovery Environment

inherit {bootloadersettings}

osdevice ramdisk=[C:]\Recovery\90f9c3f1-36c8-11e2-8bf9-9383b11d0e89\Winre.wim,{90f9c3f2-36c8-11e2-8bf9-9383b11d0e89}

systemroot \windows

nx OptIn

winpe Yes

Start fr†n vilol„ge

-------------------

identifier {90f9c3ef-36c8-11e2-8bf9-9383b11d0e89}

device partition=C:

path \Windows\system32\winresume.exe

description Windows Resume Application

locale sv-SE

inherit {resumeloadersettings}

filedevice partition=C:

filepath \hiberfil.sys

debugoptionenabled No

Minnestestaren

--------------

identifier {memdiag}

device partition=\Device\HarddiskVolume2

path \boot\memtest.exe

description Windows Memory Diagnostic

locale sv-SE

inherit {globalsettings}

badmemoryaccess Yes

EMS-inst„llningar

-----------------

identifier {emssettings}

bootems Yes

Inst„llningar f”r fels”kare

---------------------------

identifier {dbgsettings}

debugtype Serial

debugport 1

baudrate 115200

RAM-fel

-------

identifier {badmemory}

Globala inst„llningar

---------------------

identifier {globalsettings}

inherit {dbgsettings}

{emssettings}

{badmemory}

Inst„llningar f”r Startinl„saren

------------------------------

identifier {bootloadersettings}

inherit {globalsettings}

{hypervisorsettings}

Hypervisorinst„llningar

-------------------

identifier {hypervisorsettings}

hypervisordebugtype Serial

hypervisordebugport 1

hypervisorbaudrate 115200

terst„ll inst„llningar f”r inl„saren

-------------------------------------

identifier {resumeloadersettings}

inherit {globalsettings}

Enhetsalternativ

----------------

identifier {90f9c3f2-36c8-11e2-8bf9-9383b11d0e89}

description Ramdisk Options

ramdisksdidevice partition=C:

ramdisksdipath \Recovery\90f9c3f1-36c8-11e2-8bf9-9383b11d0e89\boot.sdi

LastRegBack: 2014-02-08 18:49

==================== End Of Log ============================

17 februari, 2014

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2014

Ran by Kattas at 2014-02-17 18:44:26

Running from C:\Users\Kattas\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.)

Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden

Acer ePower Management (x32 Version: 6.00.3008 - Acer Incorporated)

Acer eRecovery Management (x32 Version: 5.00.3504 - Acer Incorporated)

Acer Registration (x32 Version: 1.04.3504 - Acer Incorporated)

Acer ScreenSaver (x32 Version: 1.1.0517.2011 - Acer Incorporated)

Acer Updater (x32 Version: 1.02.3502 - Acer Incorporated)

Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden

Alcor Micro USB Card Reader (x32 Version: 1.2.42.68439 - Alcor Micro Corp.)

Alcor Micro USB Card Reader (x32 Version: 1.2.42.68439 - Alcor Micro Corp.) Hidden

Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)

Apple-programstöd (x32 Version: 2.3.6 - Apple Inc.)

Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.2.43 - Atheros Communications Inc.)

AVS DVD Copy 4.1.2.283 (x32 Version: - Online Media Technologies Ltd.)

AVS Image Converter 2.3.1.244 (x32 Version: - Online Media Technologies Ltd.)

AVS Update Manager 1.0 (x32 Version: - Online Media Technologies Ltd.)

AVS4YOU Software Navigator 1.4 (x32 Version: - Online Media Technologies Ltd.)

Badoo Desktop (x32 Version: 1.6.58.1220 - Badoo)

BleachBit (x32 Version: - BleachBit)

CCleaner (Version: 4.01 - Piriform)

clear.fi (x32 Version: 1.0.2921_44380 - CyberLink Corp.) Hidden

clear.fi (x32 Version: 1.0.3318.00 - CyberLink Corp.)

clear.fi (x32 Version: 1.0.3318.00 - CyberLink Corp.) Hidden

clear.fi (x32 Version: 9.0.9023 - CyberLink Corp.) Hidden

clear.fi Client (x32 Version: 1.00.3500 - Acer Incorporated)

Common Desktop Agent (Version: 1.62.0 - OEM) Hidden

Definition update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (x32 Version: - Microsoft)

ERUNT 1.1j (x32 Version: - Lars Hederer)

ESET Online Scanner v3 (x32 Version: - )

Facebook Video Calling 2.0.0.447 (x32 Version: 2.0.447 - Skype Limited)

Free YouTube Download version 3.2.3.610 (x32 Version: 3.2.3.610 - DVDVideoSoft Ltd.)

Free YouTube to DVD Converter version 3.1.3.610 (x32 Version: 3.1.3.610 - DVDVideoSoft Ltd.)

Free YouTube to MP3 Converter version 3.12.3.610 (x32 Version: 3.12.3.610 - DVDVideoSoft Ltd.)

Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)

Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden

Identity Card (x32 Version: 1.00.3501 - Acer Incorporated)

Intel® Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)

Intel® Processor Graphics (x32 Version: 8.15.10.2342 - Intel Corporation)

Intel® Rapid Storage Technology (x32 Version: 10.0.0.1046 - Intel Corporation)

iTunes (Version: 11.1.0.126 - Apple Inc.)

LastPass (uninstall only) (x32 Version: - LastPass)

Launch Manager (x32 Version: 5.1.4 - Acer Inc.)

LibreOffice 4.0.2.2 (x32 Version: 4.0.2.2 - The Document Foundation)

Läs bruksanvisningen (x32 Version: 3.60.02.0 - )

Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)

Media Go (x32 Version: 2.6.205 - Sony)

Media Go Video Playback Engine 2.0.111.09020 (x32 Version: 2.0.111.09020 - Sony)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile Language Pack - SVE (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile SVE Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Access MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft DCF MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Excel MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Groove MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft InfoPath MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Lync MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Office 64-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden

Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden

Microsoft Office OSM MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Office OSM UX MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - Svenska (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (Swedish) 2013 (Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Officen tarkistustyökalut 2013 - suomi (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden

Microsoft OneNote MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Outlook MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft PowerPoint MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Publisher MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Microsoft Security Client (Version: 4.3.0215.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (Version: 4.3.215.0 - Microsoft Corporation)

Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft SkyDrive (HKCU Version: 17.0.2011.0627 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Word MUI (Swedish) 2013 (x32 Version: 15.0.4433.1507 - Microsoft Corporation) Hidden

Mobile Broadband HL Service (x32 Version: 22.001.20.00.03 - Huawei Technologies Co.,Ltd)

Mozilla Firefox 27.0.1 (x86 sv-SE) (x32 Version: 27.0.1 - Mozilla)

Mozilla Maintenance Service (x32 Version: 27.0.1 - Mozilla)

MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden

MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden

MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.)

MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden

Notification Tool (x32 Version: - Huawei technologies Co., Ltd.)

QuickShare (x32 Version: 1.6.1.872 - Linkury Inc.) <==== ATTENTION

Realtek High Definition Audio Driver (x32 Version: 6.0.1.6392 - Realtek Semiconductor Corp.)

Samsung CLP-360 Series (x32 Version: 1.10 (2013-06-25) - Samsung Electronics Co., Ltd.)

Samsung Easy Printer Manager (x32 Version: 1.03.17.00(2013-04-12) - Samsung Electronics Co., Ltd.)

Samsung Printer Live Update (x32 Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)

Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden

Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden

Skype Web Plugin (x32 Version: 2.2.12059.16911 - Skype)

Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)

Sony Ericsson Update Engine (x32 Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)

Sony PC Companion 2.10.173 (x32 Version: 2.10.173 - Sony)

Synaptics Pointing Device Driver (Version: 15.1.18.0 - Synaptics Incorporated)

TeamViewer 8 (x32 Version: 8.0.26038 - TeamViewer)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)

Update for Microsoft Access 2013 (KB2760350) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Excel 2013 (KB2760339) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Lync 2013 (KB2760512) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2013 (KB2726961) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2013 (KB2752025) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2013 (KB2752094) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2013 (KB2752101) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2013 (KB2767845) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2013 (KB2768333) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2013 (KB2768349) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Office 2013 (KB2768355) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft OneNote 2013 (KB2768011) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Outlook 2013 (KB2727079) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2726947) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft SkyDrive Pro (KB2768356) 32-Bit Edition (x32 Version: - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2767856) 32-Bit Edition (x32 Version: - Microsoft)

Welcome Center (x32 Version: 1.02.3504 - Acer Incorporated)

WiMP 2.5.1 (x32 Version: 2.5.1 - Aspiro AS)

WiMP 2.5.1 (x32 Version: 2.5.1 - Aspiro AS) Hidden

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

VirtualDJ PRO Full (x32 Version: 7.3 - Atomix Productions)

VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)

==================== Restore Points =========================

30-01-2014 12:54:08 Windows Update

02-02-2014 15:37:07 Windows Update

05-02-2014 21:43:22 Windows Update

09-02-2014 10:53:42 Windows Update

12-02-2014 21:28:24 Windows Update

16-02-2014 15:50:28 Windows Update

17-02-2014 02:33:13 Removed Facebook Video Calling 1.2.0.287

17-02-2014 02:35:23 Removed PlayStation®Store.

17-02-2014 02:41:15 Removed Facebook Video Calling 1.2.0.287

17-02-2014 02:44:42 Removed Skype Click to Call

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-05-08 21:15 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0E2ACE95-F97C-4859-B044-3E2DAB8D1E3B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.)

Task: {1D21F3B7-9D88-4E36-A013-9A9D51735CD2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe

Task: {326131A2-2D35-4B0E-BD07-ECE7EB559133} - System32\Tasks\{DEFE7840-18B0-4230-9664-82CBCB6B4B15} => Chrome.exe http://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?source=lightinstaller&page=tsMain

Task: {4598EC6B-75BE-4FCF-A02E-6AD803185B4D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1391602624-105662421-2298022518-1000UA => C:\Users\Kattas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-04] (Facebook Inc.)

Task: {50C281A7-0F91-469E-9CC0-6FB8B6377D95} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2012-09-18] (CyberLink)

Task: {5413CC6F-9639-4C4E-8B26-F27B60A5767E} - System32\Tasks\Escolade => C:\Users\Kattas\AppData\Roaming\iPumper\Updater.exe

Task: {5CE96D04-E71C-46D4-A53C-0FB65CCCDBFC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)

Task: {A2769693-14AE-4745-8CCC-776333F75945} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2012-09-18] (Acer Incorporated)

Task: {B7C4572E-7D7E-41FE-96CB-BE8FC0728D8E} - System32\Tasks\{A7DF8E8D-926D-40BB-B2F8-15C078C3595B} => C:\Program Files (x86)\Huawei technologies\Mobile Connect\Mobile Connect.exe

Task: {B7D696F1-3A1F-46E9-81C9-5F814B110511} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)

Task: {BC20D7AB-0912-45AB-B0DE-E5A59E7B5566} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)

Task: {C0947527-52FF-4716-916F-02661B16E1FD} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2012-09-18] (CyberLink Corp.)

Task: {C27CD519-FDB4-47B0-A185-B0F7F2D11077} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)

Task: {D46DDBF8-5CC3-4C90-84CD-001060E53CDD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)

Task: {E693524E-D1BD-4A14-BA24-611B48AFD816} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1391602624-105662421-2298022518-1000Core => C:\Users\Kattas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-04] (Facebook Inc.)

Task: {F0684FDA-3269-45AA-811C-9B9FB5058E50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.)

Task: {FAEAAB21-0FD9-4C85-BF5E-8409DB3C4577} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1391602624-105662421-2298022518-1000Core.job => C:\Users\Kattas\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1391602624-105662421-2298022518-1000UA.job => C:\Users\Kattas\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-01-21 16:45 - 2009-01-21 16:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll

2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe

2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll

2012-09-18 14:24 - 2012-09-18 14:24 - 00208080 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (02/17/2014 06:42:42 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2014 06:41:55 PM) (Source: Windows Search Service) (User: )

Description: Det går inte att initiera indexet.

Information:

Innehållsindexets katalog är skadad. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/17/2014 06:41:55 PM) (Source: Windows Search Service) (User: )

Description: Det går inte att initiera programmet.

Kontext: program Windows

Information:

Innehållsindexets katalog är skadad. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/17/2014 06:41:55 PM) (Source: Windows Search Service) (User: )

Description: Det går inte att initiera insamlingsobjektet.

Kontext: program Windows, katalog SystemIndex

Information:

Innehållsindexets katalog är skadad. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/17/2014 06:41:55 PM) (Source: Windows Search Service) (User: )

Description: Det går inte att initiera plugin-programmet i <Search.TripoliIndexer>.

Kontext: program Windows, katalog SystemIndex

Information:

Det gick inte att hitta elementet. (HRESULT : 0x80070490) (0x80070490)

Error: (02/17/2014 06:41:54 PM) (Source: Windows Search Service) (User: )

Description: Det går inte att initiera plugin-programmet i <Search.JetPropStore>.

Kontext: program Windows, katalog SystemIndex

Information:

Innehållsindexets katalog är skadad. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/17/2014 06:41:54 PM) (Source: Windows Search Service) (User: )

Description: Det går inte att läsa in informationen i egenskapsarkivet.

Kontext: program Windows, katalog SystemIndex

Information:

Innehållsindexets databas är skadad. (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/17/2014 06:41:54 PM) (Source: Windows Search Service) (User: )

Description: Windows Search-tjänsten har stoppats eftersom det finns ett problem med indexeraren The catalog is corrupt.

Information:

Innehållsindexets katalog är skadad. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/17/2014 06:41:54 PM) (Source: Windows Search Service) (User: )

Description: Skadade datafiler har upptäckts i indexet {id=4700}. Det görs ett försök att korrigera det här problemet automatiskt genom att återskapa indexet.

Information:

Innehållsindexets katalog är skadad. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/17/2014 06:41:54 PM) (Source: Windows Search Service) (User: )

Description: Det går inte att öppna Jet-egenskapsarkivet.

Information:

0x%08x (0xc0041800 - Innehållsindexets databas är skadad. (HRESULT : 0xc0041800))

System errors:

=============

Error: (02/17/2014 06:42:25 PM) (Source: Service Control Manager) (User: )

Description: Tjänsthanteraren försökte utföra en korrigeringsåtgärd (Starta om tjänsten) efter att tjänsten Windows Search avslutats oväntat, men denna åtgärd misslyckades med följande fel:

%%1056

Error: (02/17/2014 06:41:55 PM) (Source: Service Control Manager) (User: )

Description: Tjänsten Windows Search avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

Error: (02/17/2014 06:41:55 PM) (Source: Service Control Manager) (User: )

Description: Tjänsten Windows Search avbröts med det tjänstspecifika felet %%-1073473535.

Error: (02/17/2014 06:41:36 PM) (Source: Service Control Manager) (User: )

Description: Tjänsten DgiVecp kunde inte startas på grund av följande fel:

%%2

Error: (02/17/2014 08:12:18 AM) (Source: Service Control Manager) (User: )

Description: Tjänsten Windows Search stannade under start.

Error: (02/17/2014 08:06:51 AM) (Source: Service Control Manager) (User: )

Description: Tjänsten DgiVecp kunde inte startas på grund av följande fel:

%%2

Error: (02/17/2014 04:21:01 AM) (Source: Service Control Manager) (User: )

Description: Tjänsten Mobile Broadband HL Service avslutades oväntat. Detta har skett 1 gånger.

Error: (02/17/2014 04:09:11 AM) (Source: Service Control Manager) (User: )

Description: Tjänsten DgiVecp kunde inte startas på grund av följande fel:

%%2

Error: (02/17/2014 01:43:29 AM) (Source: Service Control Manager) (User: )

Description: En timeout (30000 ms) inträffade vid väntan på transaktionssvar från tjänsten TeamViewer8.

Error: (02/17/2014 00:40:01 AM) (Source: Service Control Manager) (User: )

Description: Tjänsten DgiVecp kunde inte startas på grund av följande fel:

%%2

Microsoft Office Sessions:

=========================

Error: (02/17/2014 06:42:42 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2014 06:41:55 PM) (Source: Windows Search Service)(User: )

Description: Information:

Innehållsindexets katalog är skadad. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/17/2014 06:41:55 PM) (Source: Windows Search Service)(User: )

Description: Kontext: program Windows

Information:

Innehållsindexets katalog är skadad. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/17/2014 06:41:55 PM) (Source: Windows Search Service)(User: )

Description: Kontext: program Windows, katalog SystemIndex

Information:

Innehållsindexets katalog är skadad. (HRESULT : 0xc0041801) (0xc0041801)

Error: (02/17/2014 06:41:55 PM) (Source: Windows Search Service)(User: )

Description: Kontext: program Windows, katalog SystemIndex

Information:

Det gick inte att hitta elementet. (HRESULT : 0x80070490) (0x80070490)

Search.TripoliIndexer

Error: (02/17/2014 06:41:54 PM) (Source: Windows Search Service)(User: )

Description: Kontext: program Windows, katalog SystemIndex

Information:

Innehållsindexets katalog är skadad. (HRESULT : 0xc0041801) (0xc0041801)

Search.JetPropStore

Error: (02/17/2014 06:41:54 PM) (Source: Windows Search Service)(User: )

Description: Kontext: program Windows, katalog SystemIndex

Information:

Innehållsindexets databas är skadad. (HRESULT : 0xc0041800) (0xc0041800)

Error: (02/17/2014 06:41:54 PM) (Source: Windows Search Service)(User: )

Description: Information:

Innehållsindexets katalog är skadad. (HRESULT : 0xc0041801) (0xc0041801)

The catalog is corrupt

Error: (02/17/2014 06:41:54 PM) (Source: Windows Search Service)(User: )

Description: Information:

Innehållsindexets katalog är skadad. (HRESULT : 0xc0041801) (0xc0041801)

4700

Error: (02/17/2014 06:41:54 PM) (Source: Windows Search Service)(User: )

Description: Information:

0x%08x (0xc0041800 - Innehållsindexets databas är skadad. (HRESULT : 0xc0041800))

CodeIntegrity Errors:

===================================

Date: 2013-05-08 22:11:04.447

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-05-08 22:11:04.387

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-12-07 02:38:17.641

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\SET4994.tmp because the set of per-page image hashes could not be found on the system.

Date: 2012-12-07 02:38:17.637

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\SET4994.tmp because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 39%

Total physical RAM: 2923.86 MB

Available physical RAM: 1779.33 MB

Total Pagefile: 5845.9 MB

Available Pagefile: 4558.39 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:282.99 GB) (Free:77.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: DCBB38BF)

Partition 1: (Not Active) - (Size=15 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS)

==================== End Of Log ============================

17 februari, 2014

Det verkar vara insticksmoduler, för det finns inget att ta bort i tillägg däremot insticksmoduler är det fullt av saker

Okej, men se till att ta bort allt som inte används. Det kan vara säkerhetsproblem med sådana man inte känner till och litar på.

Om du tittar på slutet av Addition.txt så ser du felloggar och det finns mycket där som är med sökfunktionen i Windows att göra.

Innehållsindexets databas är skadad

Description: Tjänsten Windows Search avbröts med det tjänstspecifika felet %%-1073473535.

Description: Skadade datafiler har upptäckts i indexet {id=4700}.

Error: (02/17/2014 06:41:55 PM) (Source: Windows Search Service) (User: )

Description: Det går inte att initiera indexet.

Det kan vara den grundläggande orsaken till lång start av Windows.

17 februari, 2014

Okej, men se till att ta bort allt som inte används. Det kan vara säkerhetsproblem med sådana man inte känner till och litar på.

Om du tittar på slutet av Addition.txt så ser du felloggar och det finns mycket där som är med sökfunktionen i Windows att göra.

Innehållsindexets databas är skadad

Description: Tjänsten Windows Search avbröts med det tjänstspecifika felet %%-1073473535.

Description: Skadade datafiler har upptäckts i indexet {id=4700}.

Error: (02/17/2014 06:41:55 PM) (Source: Windows Search Service) (User: )

Description: Det går inte att initiera indexet.

Det kan vara den grundläggande orsaken till lång start av Windows.

Är det något som går att fixa till på något sätt?

18 februari, 2014

Kan tydligen bero på CCleaner, se http://social.technet.microsoft.com/Forums/windows/en-US/e286be80-ed7e-4026-b6b7-d512ff642db5/windows-search-esent-errors-after-every-reboot?forum=w7itprogeneral

it appears one of the recent updates changed or added an item labled "MS Search" under 'Applications' > 'Windows'.

Upon unchecking this option in the settings of CCleaner, I am no longer experiencing the symptoms posted above.

18 februari, 2014

Kan tydligen bero på CCleaner, se http://social.technet.microsoft.com/Forums/windows/en-US/e286be80-ed7e-4026-b6b7-d512ff642db5/windows-search-esent-errors-after-every-reboot?forum=w7itprogeneral

och Ccleaner har jag ju kört ett par gånger innan, visste inte att den kunde ställa till såna grejer

ska jag testa det tipset som står på den sidan?

18 februari, 2014

Ja, det tycker jag.

18 februari, 2014

Ja, det tycker jag.

okej, återkommer med resultat sedan men vad innebär uppgradering på plats?

kb/2255099 är det något som den hämtar från en windows 7 dvd?

För isåfall kan det bli rätt jobbigt då jag inte har något sådant :/

18 februari, 2014

Varför ska du göra en uppgradering på plats?

KB står för Knowledge Base och 2255099 är ett löpnummer. Kb/2255099 är alltså artikel nummer 2255099 i kunskapsdatabasen, dvs sidan du länkade till.

18 februari, 2014

Varför ska du göra en uppgradering på plats?

KB står för Knowledge Base och 2255099 är ett löpnummer. Kb/2255099 är alltså artikel nummer 2255099 i kunskapsdatabasen, dvs sidan du länkade till.

Okej, If the issue persists, try to perform an in-place upgrade to fix the issue

Place upgrade översatte jag uppgradering på plats

18 februari, 2014

Med tanke på hur många som blivit hjälpta av ändringen i CCleaner tror jag knappast det behövs något mer avancerat. Nöj dig med att ändra i CCleaner och starta sen om datorn några gånger för att se om det blir bättre.

En uppgradering på plats brukar kräva att man har en standard Windows-skiva, även om det finns datortillverkare som har lagt med den funktionen. Apropå att du skriver att ni inte har någon installationsskiva så tänk på att det är bra att bränna ut sådana med datortillverkarens program så att det går att installera Windows när hårddisken går sönder och behöver bytas ut. Det står i manualen hur man gör och den kan laddas ner från datortillverkarens webbplats.

18 februari, 2014

Med tanke på hur många som blivit hjälpta av ändringen i CCleaner tror jag knappast det behövs något mer avancerat. Nöj dig med att ändra i CCleaner och starta sen om datorn några gånger för att se om det blir bättre.

En uppgradering på plats brukar kräva att man har en standard Windows-skiva, även om det finns datortillverkare som har lagt med den funktionen. Apropå att du skriver att ni inte har någon installationsskiva så tänk på att det är bra att bränna ut sådana med datortillverkarens program så att det går att installera Windows när hårddisken går sönder och behöver bytas ut. Det står i manualen hur man gör och den kan laddas ner från datortillverkarens webbplats.

Okej, jag ska testa så fort hon har kommit hem igen, så kör jag upp med teamviewer och testar

Tack så mycket för att du tar dig tid och hjälpa mig

18 februari, 2014

kan du inte skapa recovery skivor med programmet kan man beställa det kostnadsfritt från tillverkaren (jag har haft det problemet innan) så det är bara ett tips om det inte skulle fungera

18 februari, 2014

ta egenskaper på C:

bocka bort rutan: Tillåt att innehåll i filer på den här enheten indexeras utöver filegenskaperna sedan testar du det som står på denna sidan

sedan startar du om datorn ett par gånger och aktiverar Tillåt att innehåll i filer på den här enheten indexeras utöver filegenskaperna igen. då ska det lösa sig

Mammas dator är trött vid inloggning

Rekommendera Poster

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

Datornörd_1994

Länk till kommentar

Dela på andra webbplatser

cybertears

Länk till kommentar

Dela på andra webbplatser

cybertears

Länk till kommentar

Dela på andra webbplatser

Arkiverat

Vem är online 0 Medlemmar, 0 anonym, 59 gäster (Visa hela listan)

Populära medlemmar