Just nu i M3-nätverket
Gå till innehåll

En annan vän har lyckats få in Hej,Pc Optimizer Pro


cybertears

Rekommendera Poster

Hon har windows 7.

 

DDS. 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16521  BrowserJavaVersion: 10.51.2
Run by Acer at 22:31:01 on 2014-03-14
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.46.1053.18.2800.1269 [GMT 1:00]
.
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
 
C:\Windows\system32\svchost.exe -k DcomLaunch
 
C:\Windows\system32\svchost.exe -k RPCSS
 
C:\Windows\system32\atiesrxx.exe
 
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
 
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
 
C:\Windows\system32\svchost.exe -k LocalService
 
C:\Windows\system32\svchost.exe -k netsvcs
 
C:\Windows\system32\svchost.exe -k NetworkService
 
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 
C:\Windows\System32\spoolsv.exe
 
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
 
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
 
C:\Windows\system32\rundll32.exe
 
C:\Windows\SysWOW64\rundll32.exe
 
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
 
C:\Program Files\LSI SoftModem\agr64svc.exe
 
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
 
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
 
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
 
C:\Windows\system32\svchost.exe -k imgsvc
 
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
 
C:\Windows\System32\svchost.exe -k secsvcs
 
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
 
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
 
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
 
C:\Windows\System32\WUDFHost.exe
 
C:\Windows\system32\atieclxx.exe
 
C:\Windows\system32\taskhost.exe
 
C:\Windows\system32\Dwm.exe
 
C:\Windows\Explorer.EXE
 
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
 
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
 
C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
 
C:\Windows\system32\SearchIndexer.exe
 
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
 
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
 
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
 
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
 
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
 
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
 
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
 
C:\Program Files\Windows Media Player\wmpnetwk.exe
 
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
 
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
 
C:\Windows\system32\svchost.exe -k SDRSVC
 
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
 
C:\Windows\system32\taskhost.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
C:\Windows\system32\taskeng.exe
 
C:\Windows\system32\SearchProtocolHost.exe
 
C:\Windows\system32\SearchFilterHost.exe
 
C:\Windows\system32\wbem\wmiprvse.exe
 
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd0202ch&cd=2XzuyEtN2Y1L1QzuzytD0F0B0AyCzzyE0FyEyE0F0B0FtCyDtN0D0Tzu0SyBzztDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1738153613&ir=
 
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&m=aspire_m3203&r=17360810z706pe405v1l5w45m1t65n
 
mStart Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd0202ch&cd=2XzuyEtN2Y1L1QzuzytD0F0B0AyCzzyE0FyEyE0F0B0FtCyDtN0D0Tzu0SyBzztDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1738153613&ir=
 
uURLSearchHooks: {bc355688-39a0-4c1b-826a-892ce39e0801} - <orphaned>
 
uURLSearchHooks: FCToolbarURLSearchHook Class: {fa887e92-8f5f-4ec9-99ca-09be0e4120d6} - C:\Program Files (x86)\AddThis Toolbar\Helper.dll
 
uURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
 
uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyng.dll
 
mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyng.dll
 
mWinlogon: Userinit = userinit.exe
 
BHO: SaverAddon: {28F731B4-A8EF-FD1E-AFA6-CFB78D195B1A} - C:\ProgramData\SaverAddon\yiAxA453X.dll
 
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
 
BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyng.dll
 
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
 
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 
BHO: AddThis Toolbar BHO: {9EBF8AAF-0A31-4786-909A-97A0EF101743} - C:\Program Files (x86)\AddThis Toolbar\Toolbar.dll
 
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
 
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
 
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
 
BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
 
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 
 
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
 
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
 
TB: AddThis Toolbar: {B43176CC-4D9E-493B-A636-D9CBFE39C6DA} - C:\Program Files (x86)\AddThis Toolbar\Toolbar.dll
 
TB: Zynga Toolbar: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files (x86)\Zynga\prxtbZyng.dll
 
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
 
TB: AddThis Toolbar: {B43176CC-4D9E-493B-A636-D9CBFE39C6DA} - C:\Program Files (x86)\AddThis Toolbar\Toolbar.dll
 
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
 
TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyng.dll
 
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
 
uRun: [Tele2swReport] C:\Program Files (x86)\Tele2\Tele2 installationshjaelp\Tele2swOR.exe
 
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
 
mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
 
mRun: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
 
mRun: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
 
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
 
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
 
mRun: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
 
mRun: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
 
mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
 
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
 
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
 
mPolicies-Explorer: NoActiveDesktop = dword:1
 
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
 
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
 
mPolicies-System: ConsentPromptBehaviorUser = dword:3
 
mPolicies-System: EnableUIADesktopToggle = dword:0
 
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
 
IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
 
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
 
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
 
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
 
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
 
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
 
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
 
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldsv-se.cab
 
TCP: NameServer = 192.168.0.254
 
TCP: Interfaces\{5F15462E-FD58-4B5C-825E-70B62BA92504} : DHCPNameServer = 192.168.0.254
 
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
 
AppInit_DLLs= c:\progra~2\optimi~1\optpro~1.dll
 
SSODL: WebCheck - <orphaned>
 
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
 
x64-mStart Page = hxxp://start.mysearchdial.com/?f=1&a=irmsd0202ch&cd=2XzuyEtN2Y1L1QzuzytD0F0B0AyCzzyE0FyEyE0F0B0FtCyDtN0D0Tzu0SyBzztDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1738153613&ir=
 
x64-BHO: SaverAddon: {28F731B4-A8EF-FD1E-AFA6-CFB78D195B1A} - C:\ProgramData\SaverAddon\yiAxA453X.x64.dll
 
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
 
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
 
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll
 
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
 
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
 
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
 
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
 
x64-Run: [PLD_FrameworkRun] C:\Windows\System32\oem\setEvent.exe
 
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
 
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-9 65336]
 
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-3-9 22600]
 
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-21 1025808]
 
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-8-11 377920]
 
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576]
 
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016]
 
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]
 
R2 70e6ca8c;Optimizer Pro Crash Monitor;C:\Windows\System32\rundll32.exe [2009-7-14 45568]
 
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-10-12 203264]
 
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-8-11 33400]
 
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-8-11 80816]
 
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-3-9 45248]
 
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
 
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-8-12 62208]
 
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-10-12 240160]
 
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264]
 
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
 
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
 
S2 savesenselive;SaveSenseLive Service (savesenselive);C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-2-18 146920]
 
S3 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-9 178624]
 
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
 
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-20 48488]
 
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
 
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-13 111616]
 
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-10 305448]
 
S3 savesenselivem;SaveSenseLive Service (savesenselivem);C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-2-18 146920]
 
S3 Tdsshbecr;Handelsbanken card reader;C:\Windows\System32\drivers\shbecr.sys [2008-9-23 50176]
 
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-9 59392]
 
S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-11 1255736]
 
S4 APNMCP;Ask Update Service;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-1-11 166352]
 
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-03-14 17:10:05 -------- d-----w- C:\Users\Acer\AppData\Local\{A7DD395F-BCC2-4B7B-90BA-EEFCD11CEA36}
 
2014-03-14 16:46:50 -------- d-----w- C:\Users\Acer\AppData\Roaming\Optimizer Pro
 
2014-03-14 15:25:23 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2F5DC168-8D96-4119-BFB7-6B661249619C}\mpengine.dll
 
2014-03-13 06:24:31 228864 ----a-w- C:\Windows\System32\wwansvc.dll
 
2014-03-13 06:19:19 484864 ----a-w- C:\Windows\System32\wer.dll
 
2014-03-13 06:19:18 381440 ----a-w- C:\Windows\SysWow64\wer.dll
 
2014-03-13 06:19:15 3156480 ----a-w- C:\Windows\System32\win32k.sys
 
2014-03-13 06:19:13 624128 ----a-w- C:\Windows\System32\qedit.dll
 
2014-03-13 06:19:12 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
 
2014-03-13 06:17:45 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
 
2014-03-13 06:17:44 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
 
2014-03-12 11:26:51 -------- d-----w- C:\Users\Acer\AppData\Local\{AB2E89D4-011A-46B0-8FAA-754E31106B2F}
 
2014-03-12 08:28:36 -------- d-----w- C:\ProgramData\bf2a2622971297c6
 
2014-03-12 08:28:15 -------- d-----w- C:\ProgramData\SaverAddon
 
2014-03-10 07:29:18 -------- d-----w- C:\Users\Acer\AppData\Local\Packages
 
2014-03-10 07:28:58 -------- d-----w- C:\ProgramData\saivinshoopa
 
2014-03-09 15:24:36 -------- d-----w- C:\Users\Acer\AppData\Local\{52EB8ED5-2FE7-4CF1-A76A-0EB028E201B0}
 
2014-03-08 00:03:49 -------- d-----w- C:\0e6ea85b542c1872bf87c2fa2fd007
 
2014-03-07 23:23:02 -------- d-----w- C:\Users\Acer\AppData\Local\{1E632337-50EF-41EF-B336-1C266BDED465}
 
2014-03-06 23:06:52 -------- d-----w- C:\Windows\Migration
 
2014-03-06 23:02:51 -------- d-----w- C:\918794183415a6313165
 
2014-03-03 12:06:56 -------- d-----w- C:\Users\Acer\AppData\Local\{45791B96-755A-4B55-842E-4FACD3652D97}
 
2014-03-02 00:06:09 -------- d-----w- C:\4ab26a6d0410818ca1759a
 
2014-02-28 22:59:45 -------- d-----w- C:\1003a51ce0d6727de5
 
2014-02-26 23:11:56 -------- d-----w- C:\c60b274150f8ead71173ec1ff747cd
 
2014-02-26 22:10:57 -------- d-----w- C:\Users\Acer\AppData\Local\{42748BEE-9E39-47E3-86D7-09E8C181614A}
 
2014-02-23 19:32:42 -------- d-----w- C:\Users\Acer\AppData\Local\{51505222-EA44-4DE7-9BF3-3326DF3FCC12}
 
2014-02-18 13:49:10 -------- d-----w- C:\Users\Acer\AppData\Local\{2BACD05A-6445-4A5D-A0AA-BC76514584D2}
 
2014-02-18 12:30:43 -------- d-----w- C:\Users\Acer\AppData\Roaming\1H1Q
 
2014-02-18 12:25:54 -------- d-----w- C:\Users\Acer\AppData\Local\SaveSenseLive
 
2014-02-18 12:25:54 -------- d-----w- C:\ProgramData\SaveSenseLive
 
2014-02-18 12:25:54 -------- d-----w- C:\Program Files (x86)\SaveSenseLive
 
2014-02-18 12:25:41 -------- d-----w- C:\Users\Acer\AppData\Roaming\SaveSense
 
2014-02-18 12:25:28 -------- d-----w- C:\Program Files (x86)\Optimizer Pro
 
2014-02-18 12:25:24 -------- d-----w- C:\Users\Acer\AppData\Local\Programs
 
2014-02-18 12:25:23 -------- d-----w- C:\Users\Acer\AppData\Local\SaveSense
 
2014-02-18 12:25:11 -------- d-----w- C:\Users\Acer\AppData\Roaming\mysearchdial
 
2014-02-17 07:36:18 -------- d-----w- C:\Users\Acer\AppData\Local\{7DD1584F-49A8-4A5E-82B3-9E2917C94AAC}
 
2014-02-15 16:05:50 -------- d-----w- C:\Users\Acer\AppData\Local\{2C3A3873-48F7-4F4E-9337-A2C731B3A4F3}
 
2014-02-14 16:14:12 -------- d-----w- C:\Users\Acer\AppData\Local\{478AB50E-EA4D-485A-A0E3-3AE3CF18C33C}
 
2014-02-13 11:56:25 -------- d-----w- C:\Users\Acer\AppData\Local\{4A011EF7-1F36-4F96-B02B-6BA8D44D22BD}
 
2014-02-13 00:17:46 548864 ----a-w- C:\Windows\System32\vbscript.dll
 
2014-02-13 00:17:46 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
 
2014-02-12 21:42:12 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
 
2014-02-12 21:42:12 2048 ----a-w- C:\Windows\System32\msxml3r.dll
 
2014-02-12 21:42:12 1882112 ----a-w- C:\Windows\System32\msxml3.dll
 
2014-02-12 21:42:12 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
.
==================== Find3M  ====================
.
2014-03-12 10:51:35 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
 
2014-03-12 10:51:35 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
 
2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
 
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
 
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
 
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
 
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
 
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
 
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
 
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
 
2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
 
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
 
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
 
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
 
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
 
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
 
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
 
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
 
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
 
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
 
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
 
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
 
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
 
2013-12-18 20:09:39 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
 
2013-12-18 05:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 22:32:54,61 ===============
 
 
Vad Jag har bett henne göra: 
 
Avinstallera följande program så gott det går med Geek uninstaller
 
SaverAddon
PS_AIO_06_B109a-m_SW_Min
Optimizer Pro v3.2
Toolbox
Zynga Toolbar
 
Spara AdwCleaner av Xplode på Skrivbordet.
 
Nu väntar jag bara på att hon ska skicka logg på det, något annat som jag bör använda?
 
Har inte så mycket erfarenhet av FRST och vad jag fått veta så kan den ställa till med rätt mycket om man gör fel.

 

attach.txt

Länk till kommentar
Dela på andra webbplatser

Det duger bra att avinstallera dem på vanligt sätt i Kontrollpanelen eftersom AdwCleaner i alla fall kommer att rensa bort rester av dem.

 

Avinstallera även:

Ask Toolbar
 

Så länge man bara skannar med FRST händer inget alls i datorn, men vi får väl som det går bra utan FRST eller om det behövs.

Länk till kommentar
Dela på andra webbplatser

Det duger bra att avinstallera dem på vanligt sätt i Kontrollpanelen eftersom AdwCleaner i alla fall kommer att rensa bort rester av dem.

 

Avinstallera även:

Ask Toolbar

 

Så länge man bara skannar med FRST händer inget alls i datorn, men vi får väl som det går bra utan FRST eller om det behövs.

Hon skrev att det hade gått bra men jag fick inga loggar på vad Awdcleaner hittade eller vad den hade tagit bort -.- 

 

Så typiskt att vissa är som dom är, så fort datorn går lite snabbare så vill dom inte fortsätta, Ska se om hon har kvar loggarna.

Länk till kommentar
Dela på andra webbplatser

Om hon har rensat med AdwCleaner är det viktigaste en ny DDS-logg för att se om det är något kvar.

Länk till kommentar
Dela på andra webbplatser

# AdwCleaner v3.022 - Report created 16/03/2014 at 22:25:44

# Updated 13/03/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Acer - ACER-DATOR

# Running from : C:\Users\Acer\Desktop\AdwCleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

Service Found : 70e6ca8c

Service Found : APNMCP

Service Found : BackupStack

Service Found : CltMngSvc

Service Found : savesenselive

Service Found : savesenselivem

 

***** [ Files / Folders ] *****

 

File Found : C:\Users\Acer\AppData\Local\Temp\Searchqu.ini

File Found : C:\Users\Acer\AppData\Local\Temp\searchqutoolbar-manifest.xml

File Found : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk

File Found : C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore

File Found : C:\Windows\SysWOW64\conduitEngine.tmp

File Found : C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job

Folder Found C:\Program Files (x86)\AskPartnerNetwork

Folder Found C:\Program Files (x86)\Bandoo

Folder Found C:\Program Files (x86)\Conduit

Folder Found C:\Program Files (x86)\MyPC Backup

Folder Found C:\Program Files (x86)\Optimizer Pro

Folder Found C:\Program Files (x86)\SaveSenseLive

Folder Found C:\Program Files (x86)\SearchProtect

Folder Found C:\Program Files (x86)\Windows Searchqu Toolbar

Folder Found C:\ProgramData\apn

Folder Found C:\ProgramData\Ask

Folder Found C:\ProgramData\AskPartnerNetwork

Folder Found C:\ProgramData\Bandoo

Folder Found C:\ProgramData\Partner

Folder Found C:\ProgramData\SaveSenseLive

Folder Found C:\ProgramData\Trymedia

Folder Found C:\Users\Acer\AppData\Local\Conduit

Folder Found C:\Users\Acer\AppData\Local\PackageAware

Folder Found C:\Users\Acer\AppData\Local\SaveSense

Folder Found C:\Users\Acer\AppData\Local\SaveSenseLive

Folder Found C:\Users\Acer\AppData\Local\SearchProtect

Folder Found C:\Users\Acer\AppData\Local\Temp\apn

Folder Found C:\Users\Acer\AppData\Local\Temp\boost_interprocess

Folder Found C:\Users\Acer\AppData\LocalLow\Conduit

Folder Found C:\Users\Acer\AppData\LocalLow\PriceGong

Folder Found C:\Users\Acer\AppData\LocalLow\searchquband

Folder Found C:\Users\Acer\AppData\LocalLow\Searchqutoolbar

Folder Found C:\Users\Acer\AppData\LocalLow\Toolbar4

Folder Found C:\Users\Acer\AppData\Roaming\Bandoo

Folder Found C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup

Folder Found C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense

Folder Found C:\Users\Acer\AppData\Roaming\Mysearchdial

Folder Found C:\Users\Acer\AppData\Roaming\Optimizer Pro

Folder Found C:\Users\Acer\AppData\Roaming\SaveSense

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL

Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Found : HKCU\Software\AppDataLow\Software\Freecause

Key Found : HKCU\Software\AppDataLow\Software\PriceGong

Key Found : HKCU\Software\AppDataLow\Software\Toolbar

Key Found : HKCU\Software\AskPartnerNetwork

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\InstallCore

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71E129FF-6C2A-4984-818C-7E2C998B8D99}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E129FF-6C2A-4984-818C-7E2C998B8D99}

Key Found : HKCU\Software\SaveSenseLive

Key Found : [x64] HKCU\Software\AskPartnerNetwork

Key Found : [x64] HKCU\Software\Conduit

Key Found : [x64] HKCU\Software\InstallCore

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : [x64] HKCU\Software\SaveSenseLive

Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Key Found : HKLM\Software\AskPartnerNetwork

Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}

Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.FCTB000061107Pos

Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.FCTB000061107Pos.1

Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.IEToolbar

Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.IEToolbar.1

Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.IEToolbar.3

Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.JSOptionsImpl

Key Found : HKLM\SOFTWARE\Classes\FCTB000061107.JSOptionsImpl.1

Key Found : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook

Key Found : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1

Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2204383

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2438727

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\DealPlyLive

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

Key Found : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3

Key Found : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9

Key Found : HKLM\Software\SaveSenseLive

Key Found : HKLM\Software\SearchProtect

Key Found : HKLM\Software\Trymedia Systems

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16521

 

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] - hxxp://www.trovigo.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPC60DB9C8-D505-4B35-8A1D-C57865CF0F58&SSPV=

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://start.mysearchdial.com/?f=1&a=irmsd0202ch&cd=2XzuyEtN2Y1L1QzuzytD0F0B0AyCzzyE0FyEyE0F0B0FtCyDtN0D0Tzu0SyBzztDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1738153613&ir=

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=irmsd0202ch&cd=2XzuyEtN2Y1L1QzuzytD0F0B0AyCzzyE0FyEyE0F0B0FtCyDtN0D0Tzu0SyBzztDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1738153613&ir=

Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://start.mysearchdial.com/?f=1&a=irmsd0202ch&cd=2XzuyEtN2Y1L1QzuzytD0F0B0AyCzzyE0FyEyE0F0B0FtCyDtN0D0Tzu0SyBzztDtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1738153613&ir=

 

-\\ Google Chrome v33.0.1750.146

 

[ File : C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Found : homepage

Found : icon_url

Found : search_url

Found : keyword

 

*************************

 

AdwCleaner[R0].txt - [9511 octets] - [15/03/2014 00:15:39]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9748 octets] ##########
Länk till kommentar
Dela på andra webbplatser

# AdwCleaner v3.022 - Report created 16/03/2014 at 22:29:55

# Updated 13/03/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Acer - ACER-DATOR

# Running from : C:\Users\Acer\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

Service Deleted : 70e6ca8c

[#] Service Deleted : APNMCP

Service Deleted : BackupStack

Service Deleted : CltMngSvc

[#] Service Deleted : savesenselive

[#] Service Deleted : savesenselivem

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\apn

Folder Deleted : C:\ProgramData\Ask

Folder Deleted : C:\ProgramData\AskPartnerNetwork

Folder Deleted : C:\ProgramData\Bandoo

Folder Deleted : C:\ProgramData\Partner

Folder Deleted : C:\ProgramData\SaveSenseLive

Folder Deleted : C:\ProgramData\Trymedia

Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork

Folder Deleted : C:\Program Files (x86)\Bandoo

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\MyPC Backup

Folder Deleted : C:\Program Files (x86)\Optimizer Pro

Folder Deleted : C:\Program Files (x86)\SaveSenseLive

Folder Deleted : C:\Program Files (x86)\SearchProtect

Folder Deleted : C:\Program Files (x86)\Windows Searchqu Toolbar

Folder Deleted : C:\Users\Acer\AppData\Local\Conduit

Folder Deleted : C:\Users\Acer\AppData\Local\PackageAware

Folder Deleted : C:\Users\Acer\AppData\Local\SaveSense

Folder Deleted : C:\Users\Acer\AppData\Local\SaveSenseLive

Folder Deleted : C:\Users\Acer\AppData\Local\SearchProtect

Folder Deleted : C:\Users\Acer\AppData\Local\Temp\apn

Folder Deleted : C:\Users\Acer\AppData\Local\Temp\boost_interprocess

Folder Deleted : C:\Users\Acer\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Acer\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\Acer\AppData\LocalLow\searchquband

Folder Deleted : C:\Users\Acer\AppData\LocalLow\Searchqutoolbar

Folder Deleted : C:\Users\Acer\AppData\LocalLow\Toolbar4

Folder Deleted : C:\Users\Acer\AppData\Roaming\Bandoo

Folder Deleted : C:\Users\Acer\AppData\Roaming\Mysearchdial

Folder Deleted : C:\Users\Acer\AppData\Roaming\Optimizer Pro

Folder Deleted : C:\Users\Acer\AppData\Roaming\SaveSense

Folder Deleted : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup

Folder Deleted : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense

File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp

File Deleted : C:\Users\Acer\AppData\Local\Temp\Searchqu.ini

File Deleted : C:\Users\Acer\AppData\Local\Temp\searchqutoolbar-manifest.xml

File Deleted : C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk

File Deleted : C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job

File Deleted : C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook

Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9

Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.FCTB000061107Pos

Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.FCTB000061107Pos.1

Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.IEToolbar

Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.IEToolbar.1

Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.IEToolbar.3

Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.JSOptionsImpl

Key Deleted : HKLM\SOFTWARE\Classes\FCTB000061107.JSOptionsImpl.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2204383

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71E129FF-6C2A-4984-818C-7E2C998B8D99}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E129FF-6C2A-4984-818C-7E2C998B8D99}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71E129FF-6C2A-4984-818C-7E2C998B8D99}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

Key Deleted : HKCU\Software\AskPartnerNetwork

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\SaveSenseLive

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar

Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Key Deleted : HKLM\Software\AskPartnerNetwork

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\DealPlyLive

Key Deleted : HKLM\Software\SaveSenseLive

Key Deleted : HKLM\Software\SearchProtect

Key Deleted : HKLM\Software\Trymedia Systems

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll

Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll

Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16521

 

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]

 

-\\ Google Chrome v33.0.1750.146

 

[ File : C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Deleted : homepage

Deleted : icon_url

Deleted : search_url

Deleted : keyword

 

*************************

 

AdwCleaner[R0].txt - [9511 octets] - [15/03/2014 00:15:39]

AdwCleaner[R1].txt - [9888 octets] - [16/03/2014 22:25:44]

AdwCleaner[s0].txt - [8869 octets] - [16/03/2014 22:29:55]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8929 octets] ##########
Länk till kommentar
Dela på andra webbplatser

Ny DDS logg (endast dds.txt)

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16521  BrowserJavaVersion: 10.51.2
Run by Acer at 22:38:50 on 2014-03-16
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.46.1053.18.2800.1602 [GMT 1:00]
.
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\wmiprvse.exe
c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\sdclt.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&m=aspire_m3203&r=17360810z706pe405v1l5w45m1t65n
mStart Page = hxxp://www.google.com
uURLSearchHooks: {bc355688-39a0-4c1b-826a-892ce39e0801} - <orphaned>
uURLSearchHooks: FCToolbarURLSearchHook Class: {fa887e92-8f5f-4ec9-99ca-09be0e4120d6} - C:\Program Files (x86)\AddThis Toolbar\Helper.dll
uURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
mWinlogon: Userinit = userinit.exe
BHO: SaverAddon: {28F731B4-A8EF-FD1E-AFA6-CFB78D195B1A} - 
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AddThis Toolbar BHO: {9EBF8AAF-0A31-4786-909A-97A0EF101743} - C:\Program Files (x86)\AddThis Toolbar\Toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
BHO: Google Dictionary Compression sdch: {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: AddThis Toolbar: {B43176CC-4D9E-493B-A636-D9CBFE39C6DA} - C:\Program Files (x86)\AddThis Toolbar\Toolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: AddThis Toolbar: {B43176CC-4D9E-493B-A636-D9CBFE39C6DA} - C:\Program Files (x86)\AddThis Toolbar\Toolbar.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
uRun: [Tele2swReport] C:\Program Files (x86)\Tele2\Tele2 installationshjaelp\Tele2swOR.exe
mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
mRun: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
mRun: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
mRun: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldsv-se.cab
TCP: NameServer = 192.168.0.254
TCP: Interfaces\{5F15462E-FD58-4B5C-825E-70B62BA92504} : DHCPNameServer = 192.168.0.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs=  
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.google.com
x64-BHO: SaverAddon: {28F731B4-A8EF-FD1E-AFA6-CFB78D195B1A} - 
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
x64-Run: [PLD_FrameworkRun] C:\Windows\System32\oem\setEvent.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-9 65336]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2013-3-9 22600]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-21 1025808]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2010-8-11 377920]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\System32\drivers\mwlPSDFilter.sys [2009-6-2 22576]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\System32\drivers\mwlPSDNserv.sys [2009-6-2 20016]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\System32\drivers\mwlPSDVDisk.sys [2009-6-2 60464]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-10-12 203264]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2010-8-11 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2010-8-11 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-3-9 45248]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-8-12 62208]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-3-16 4915040]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-10-12 240160]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-9-28 395264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-3-9 178624]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-20 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-3-13 111616]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-10 305448]
S3 Tdsshbecr;Handelsbanken card reader;C:\Windows\System32\drivers\shbecr.sys [2008-9-23 50176]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-9 59392]
S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-11 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-03-16 16:59:02 -------- d-----w- C:\Users\Acer\AppData\Roaming\TeamViewer
2014-03-16 16:58:25 -------- d-----w- C:\Program Files (x86)\TeamViewer
2014-03-15 06:21:20 -------- d-----w- C:\Users\Acer\AppData\Local\{9D66C9A1-9CBA-4B1F-9AAF-69FC45960A99}
2014-03-14 23:14:58 -------- d-----w- C:\AdwCleaner
2014-03-14 22:37:06 -------- d-----w- C:\Users\Acer\AppData\Roaming\Geek Uninstaller
2014-03-14 17:10:05 -------- d-----w- C:\Users\Acer\AppData\Local\{A7DD395F-BCC2-4B7B-90BA-EEFCD11CEA36}
2014-03-14 15:25:23 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2F5DC168-8D96-4119-BFB7-6B661249619C}\mpengine.dll
2014-03-13 06:24:31 228864 ----a-w- C:\Windows\System32\wwansvc.dll
2014-03-13 06:19:19 484864 ----a-w- C:\Windows\System32\wer.dll
2014-03-13 06:19:18 381440 ----a-w- C:\Windows\SysWow64\wer.dll
2014-03-13 06:19:15 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-03-13 06:19:13 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-03-13 06:19:12 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-03-13 06:17:45 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-03-13 06:17:44 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-03-12 11:26:51 -------- d-----w- C:\Users\Acer\AppData\Local\{AB2E89D4-011A-46B0-8FAA-754E31106B2F}
2014-03-12 08:28:36 -------- d-----w- C:\ProgramData\bf2a2622971297c6
2014-03-10 07:29:18 -------- d-----w- C:\Users\Acer\AppData\Local\Packages
2014-03-10 07:28:58 -------- d-----w- C:\ProgramData\saivinshoopa
2014-03-09 15:24:36 -------- d-----w- C:\Users\Acer\AppData\Local\{52EB8ED5-2FE7-4CF1-A76A-0EB028E201B0}
2014-03-08 00:03:49 -------- d-----w- C:\0e6ea85b542c1872bf87c2fa2fd007
2014-03-07 23:23:02 -------- d-----w- C:\Users\Acer\AppData\Local\{1E632337-50EF-41EF-B336-1C266BDED465}
2014-03-06 23:06:52 -------- d-----w- C:\Windows\Migration
2014-03-06 23:02:51 -------- d-----w- C:\918794183415a6313165
2014-03-03 12:06:56 -------- d-----w- C:\Users\Acer\AppData\Local\{45791B96-755A-4B55-842E-4FACD3652D97}
2014-03-02 00:06:09 -------- d-----w- C:\4ab26a6d0410818ca1759a
2014-02-28 22:59:45 -------- d-----w- C:\1003a51ce0d6727de5
2014-02-26 23:11:56 -------- d-----w- C:\c60b274150f8ead71173ec1ff747cd
2014-02-26 22:10:57 -------- d-----w- C:\Users\Acer\AppData\Local\{42748BEE-9E39-47E3-86D7-09E8C181614A}
2014-02-23 19:32:42 -------- d-----w- C:\Users\Acer\AppData\Local\{51505222-EA44-4DE7-9BF3-3326DF3FCC12}
2014-02-18 13:49:10 -------- d-----w- C:\Users\Acer\AppData\Local\{2BACD05A-6445-4A5D-A0AA-BC76514584D2}
2014-02-18 12:30:43 -------- d-----w- C:\Users\Acer\AppData\Roaming\1H1Q
2014-02-18 12:25:24 -------- d-----w- C:\Users\Acer\AppData\Local\Programs
2014-02-17 07:36:18 -------- d-----w- C:\Users\Acer\AppData\Local\{7DD1584F-49A8-4A5E-82B3-9E2917C94AAC}
2014-02-15 16:05:50 -------- d-----w- C:\Users\Acer\AppData\Local\{2C3A3873-48F7-4F4E-9337-A2C731B3A4F3}
.
==================== Find3M  ====================
.
2014-03-12 10:51:35 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-12 10:51:35 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-03-01 05:17:02 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-03-01 05:16:26 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-01 04:52:55 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-01 04:51:59 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-01 04:33:52 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-01 04:33:34 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-01 04:32:59 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-01 04:23:49 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-01 04:11:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-03-01 03:54:33 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-01 03:52:43 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-01 03:51:53 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:38:26 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-01 03:37:35 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-01 03:35:11 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-01 03:14:15 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-01 03:10:28 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-03-01 03:00:08 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-01 02:32:16 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-18 20:09:39 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-18 05:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 22:42:07,95 ===============
Länk till kommentar
Dela på andra webbplatser

Får be henne att uppdatera sin java sen.

 

Internet Explorer: 11.0.9600.16521  BrowserJavaVersion: 10.51.2

Länk till kommentar
Dela på andra webbplatser

1. Avinstallera (med webbläsare avstängda)

AddThis Toolbar pga http://www.systemlookup.com/CLSID/64580-Toolbar_dll.html

Se sen till att mappen C:\Program Files (x86)\AddThis Toolbar är borta.

 

Något mer skadligt eller olämpligt ser jag inte till i loggen.

 

2. Oracle har ändrat versionshanteringen och den installerade Java-versionen är 7 Update 51, vilket jag tror är den senaste.

 

3. Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet Remove found threats

Bocka för Scan Archives

 

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Scan

 

När skanningen är klar klicka på List of threats found, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Skickar som en fil istället, nog lättare för dig :) 

 

Som jag förstår det så är det mycket som Adwcleaner redan har tagit hand om 

Eset.txt

Länk till kommentar
Dela på andra webbplatser

C:\Program Files (x86)\NCH Software\Disketch\disketch.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application

C:\Program Files (x86)\NCH Software\Disketch\disketchsetup_v3.07.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application

C:\Users\Acer\AppData\Roaming\1H1Q\Aff Packages\uninstaller.exe Win32/InstallCore.AZ potentially unwanted application

Risk för att en olämplig toolbar eller liknande installeras när man använder programmet. Jag föreslår att de avinstalleras.

 

C:\Users\Acer\Downloads\AcrobatReaderSetup.exe a variant of Win32/InstallCore.KD potentially unwanted application

C:\Users\Acer\Downloads\cbsidlm-cbsi183-AdwCleaner-ORG-75851221.exe a variant of Win32/CNETInstaller.B potentially unwanted application

C:\Users\Acer\Downloads\speedupmypc_1807632_ (1).exe Win32/SpeedUpMyPC.A potentially unwanted application

C:\Users\Acer\Downloads\speedupmypc_1807632_.exe Win32/SpeedUpMyPC.A potentially unwanted application

Installationsfiler i mappen "Hämtade filer" och under installationen kommer de att försöka installera onödiga/olämpliga tillägg. Jag rekommenderar att filerna tas bort.

 

AdwCleaner ska alltid hämtas från den officiella webbplatsen http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner och inte från andra ställen som har lagt till onödiga tillägg.

 

Kör Windows Diskrensning för att tömma mappar för tillfälliga filer och tillfälliga internetfiler eftersom det var mycket rester där efter nedladdningar och installationer av oönskade program.

 

D:\ACER-DATOR\Backup Set ...

Notera att i dessa backupfiler finns dessa oönskade program/tillägg och om man läser tillbaks innehållet i backupfilerna kommer programmen/tilläggen tillbaka.

 

Några fler frågor?

Länk till kommentar
Dela på andra webbplatser

C:\Program Files (x86)\NCH Software\Disketch\disketch.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application

 

C:\Program Files (x86)\NCH Software\Disketch\disketchsetup_v3.07.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application

 

C:\Users\Acer\AppData\Roaming\1H1Q\Aff Packages\uninstaller.exe Win32/InstallCore.AZ potentially unwanted application

 

Risk för att en olämplig toolbar eller liknande installeras när man använder programmet. Jag föreslår att de avinstalleras.

 

C:\Users\Acer\Downloads\AcrobatReaderSetup.exe a variant of Win32/InstallCore.KD potentially unwanted application

 

C:\Users\Acer\Downloads\cbsidlm-cbsi183-AdwCleaner-ORG-75851221.exe a variant of Win32/CNETInstaller.B potentially unwanted application

 

C:\Users\Acer\Downloads\speedupmypc_1807632_ (1).exe Win32/SpeedUpMyPC.A potentially unwanted application

 

C:\Users\Acer\Downloads\speedupmypc_1807632_.exe Win32/SpeedUpMyPC.A potentially unwanted application

 

Installationsfiler i mappen "Hämtade filer" och under installationen kommer de att försöka installera onödiga/olämpliga tillägg. Jag rekommenderar att filerna tas bort.

 

AdwCleaner ska alltid hämtas från den officiella webbplatsen http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner och inte från andra ställen som har lagt till onödiga tillägg.

 

Kör Windows Diskrensning för att tömma mappar för tillfälliga filer och tillfälliga internetfiler eftersom det var mycket rester där efter nedladdningar och installationer av oönskade program.

 

D:\ACER-DATOR\Backup Set ...

 

Notera att i dessa backupfiler finns dessa oönskade program/tillägg och om man läser tillbaks innehållet i backupfilerna kommer programmen/tilläggen tillbaka.

 

Några fler frågor?

Tack så mycket Cecilia

Tidigare hade hon bara hämtat från en annan sida trots att jag gav henne direkt länk till deras officiella sida.

Jag fick köra upp med teamviewer och köra Adwcleaner igen för att försäkra mig om att allt var genomsökt och rensat.

 

Jag ska avinstallera och ta bort det som är olämpligt :) 

 

Annars har jag inte fler frågor just nu :) 

Länk till kommentar
Dela på andra webbplatser

Japp :)

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.
Klicka på Uninstall-knappen.

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe
Dubbelklicka på filen för att starta programmet.
Tryck på knappen CleanUp! och DDS  kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.

3. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/
Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...