Just nu i M3-nätverket
Gå till innehåll

Se hit snälla! Privacy dr..


Gelikan

Rekommendera Poster

Snälla hjälp mig. Har fått Privacy dr på min dator och jag får inte bort det! Hur gör jag?

 

Jag kan i princip ingenting så snälla guida mig som att ni pratar svenska och inte latin med mig :)

 

Fick tips att någon som hette Cecilia brukar vara duktig på att hjälpa!?

 

Har Windows 8 också ska tilläggas.

 

Tack på förhand!

Länk till kommentar
Dela på andra webbplatser

  • Svars 53
  • Skapad
  • Senaste svar

1, Vi får börja med att se hur det ser ut i din dator med hjälp av programmet FRST.

 

Ladda ner Farbar Recovery Scan Tool (FRST) och spara på skrivbordet.
För 64-bitars Windows: http://download.bleepingcomputer.com/farbar/FRST64.exe
För 32-bitars Windows: http://download.bleepingcomputer.com/farbar/FRST.exe

Starta FRST.
Läs villkoren för programmet.
Klicka på Yes för att acceptera.
Klicka på Scan-knappen.
När det är klart kommer det att ha skapats två loggar FRST.txt och Addition.txt på skrivbordet.
Om du använder en annan webbläsare än Internet Explorer 11, klistra in innehållet i FRST.txt direkt i ditt svar och bifoga Addition.txt.
Om du använder Internet Explorer 11, får du bifoga båda loggarna till ditt svar.
Klicka på Använd fullständig editor för att se hur du bifogar filer.

 

2. Se till att du har säkerhetskopior på viktiga filer utifall att Windows måste installeras om t ex för att det skadliga programmet förstör något i Windows.

Länk till kommentar
Dela på andra webbplatser

Kan jag pröva att systemåterställa till en viss punkt bara, till sist den gjorde en? Tror du det funkar?

Länk till kommentar
Dela på andra webbplatser

Det vet jag inte eftersom jag inte vet hur programmet har installerat sig i datorn.

Länk till kommentar
Dela på andra webbplatser

Ok.. Men när jag gjort det där med frst, hur går jag vidare då? Eller är det klart efter det? Eller får jag någon viss info efter på något jag ska skriva till dig?

Länk till kommentar
Dela på andra webbplatser

1. Om det går avinstallera följande i Kontrollpanelen:

WPM pga http://www.systemlookup.com/Drivers/10153-wprotectmanager_exe.html

Re-Markable http://www.systemlookup.com/CLSID/80862-150_dll.html

Search Protect http://www.systemlookup.com/O20/1134-SPVC32Loader_dll_SPVC64Loader_dll.html

 

2. Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på Report-knappen.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt
 

Länk till kommentar
Dela på andra webbplatser

# AdwCleaner v3.023 - Report created 17/04/2014 at 14:20:06
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : angel_000 - GELIKAN
# Running from : C:\Users\angel_000\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : CltMngSvc
Service Found : IePluginService

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\windows\System32\Tasks\Re-Markable Update
File Found : C:\windows\Tasks\Re-Markable Update.job
Folder Found C:\Program Files (x86)\BitLord 2
Folder Found C:\Program Files (x86)\myfree codec
Folder Found C:\Program Files (x86)\Re-Markable-soft
Folder Found C:\Program Files (x86)\SupTab
Folder Found C:\ProgramData\IePluginService
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Found C:\ProgramData\WPM
Folder Found C:\Users\angel_000\AppData\Roaming\BitLord
Folder Found C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Found C:\Users\angel_000\AppData\Roaming\SupTab
Folder Found C:\Users\angel_000\Documents\BitLord
Folder Found C:\windows\SysWOW64\AI_RecycleBin
Folder Found C:\windows\SysWOW64\SearchProtect

***** [ Shortcuts ] *****

Shortcut Found : C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://start.qone8.com/?type=sc&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018 )
Shortcut Found : C:\Users\angel_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://start.qone8.com/?type=sc&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018 )
Shortcut Found : C:\Users\angel_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( hxxp://start.qone8.com/?type=sc&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018 )

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found : HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\Software\IePlugin
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Found : HKLM\Software\Myfree Codec
Key Found : HKLM\Software\qone8Software
Key Found : HKLM\Software\supTab
Key Found : HKLM\Software\supWPM
Key Found : HKLM\Software\Wpm
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://start.qone8.com/?type=hp&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.qone8.com/web/?type=ds&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://start.qone8.com/?type=hp&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://start.qone8.com/?type=hp&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] - hxxp://www.qone8.com/web/?type=ds&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.qone8.com/web/?type=ds&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://start.qone8.com/?type=hp&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://start.qone8.com/?type=hp&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] - hxxp://www.qone8.com/web/?type=ds&ts=1397594400&from=vtt&uid=C400-MTFDDAK128MAM_000000001322037B6018&q={searchTerms}

*************************

AdwCleaner[R0].txt - [6861 octets] - [17/04/2014 14:20:06]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6921 octets] ##########

Länk till kommentar
Dela på andra webbplatser

Är det okej att AdwCleaner tar bort BitLord?

Du kan ju installera det igen när vi är klara med rensningen, om du nu verkligen behöver det.

 

I så fall:

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.

Klicka på Clean-knappen.
Tryck på OK.
Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[s0].txt

 

2. Kör FRST och klistra in den nya FRST.txt.

 

3. Skanna datorn online på http://www.eset.com/onlinescan/
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Avbocka alternativet Remove found threats
Bocka för Scan Archives

Klicka på Advanced Settings
Bocka för:
Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Scan

När skanningen är klar klicka på List of threats found, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Länk till kommentar
Dela på andra webbplatser

# AdwCleaner v3.023 - Report created 18/04/2014 at 22:23:43
# Updated 01/04/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : angel_000 - GELIKAN
# Running from : C:\Users\angel_000\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : CltMngSvc
Service Deleted : IePluginService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginService
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\Program Files (x86)\BitLord 2
Folder Deleted : C:\Program Files (x86)\myfree codec
Folder Deleted : C:\Program Files (x86)\Re-Markable-soft
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\windows\SysWOW64\AI_RecycleBin
Folder Deleted : C:\windows\SysWOW64\SearchProtect
Folder Deleted : C:\Users\angel_000\AppData\Roaming\BitLord
Folder Deleted : C:\Users\angel_000\AppData\Roaming\SupTab
Folder Deleted : C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Deleted : C:\Users\angel_000\Documents\BitLord
File Deleted : C:\END
File Deleted : C:\windows\Tasks\Re-Markable Update.job
File Deleted : C:\windows\System32\Tasks\Re-Markable Update

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\angel_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\angel_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKLM\Software\IePlugin
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\qone8Software
Key Deleted : HKLM\Software\supTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\Wpm
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]

*************************

AdwCleaner[R0].txt - [7045 octets] - [17/04/2014 14:20:06]
AdwCleaner[R1].txt - [7105 octets] - [18/04/2014 22:22:41]
AdwCleaner[s0].txt - [5414 octets] - [18/04/2014 22:23:43]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5474 octets] ##########

Länk till kommentar
Dela på andra webbplatser

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01
Ran by angel_000 (administrator) on GELIKAN on 18-04-2014 22:26:54
Running from C:\Users\angel_000\Desktop
Windows 8 (X64) OS Language: Swedish
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\FUJITSU\PSUtility\PSUService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.EXE
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2912056 2012-08-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DeskUpdateNotifier] => C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe [101288 2012-07-25] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-83414722-3780537285-3091295023-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-83414722-3780537285-3091295023-1001\...\Run: [Google Update] => C:\Users\angel_000\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-05] (Google Inc.)
HKU\S-1-5-21-83414722-3780537285-3091295023-1001\...\Run: [PrivacyDr] => C:\Program Files (x86)\Privacy Dr\PrivacyDr.exe
HKU\S-1-5-21-83414722-3780537285-3091295023-1001\...\RunOnce: [uninstall C:\Users\angel_000\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\angel_000\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {1F8DC5F6-6480-4B67-97B1-442C0E4AEEAA} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM-x32 - {1F8DC5F6-6480-4B67-97B1-442C0E4AEEAA} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKCU - DefaultScope {1F8DC5F6-6480-4B67-97B1-442C0E4AEEAA} URL =
SearchScopes: HKCU - {1F8DC5F6-6480-4B67-97B1-442C0E4AEEAA} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.2.21 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\angel_000\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\angel_000\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-25]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{9A963233-37BD-837B-48FF-3AD40489A05D}] - C:\Program Files (x86)\Re-Markable-soft\158.xpi

==================== Services (Whitelisted) =================

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [80752 2012-07-18] (FUJITSU LIMITED)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2219520 2012-07-11] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\FUJITSU\PSUtility\PSUService.exe [51608 2012-08-07] (FUJITSU LIMITED)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
S2 Re-Markable; C:\Program Files (x86)\Re-Markable-soft\Re-MarkableyfY158.exe [X]

==================== Drivers (Whitelisted) ====================

S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [104960 2012-07-07] (ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-24] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [20848 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\drivers\FUJ02B1.sys [16368 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\drivers\FUJ02E3.sys [17264 2012-08-01] (FUJITSU LIMITED)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140416.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140416.018\ENG64.SYS [126040 2014-03-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140416.018\EX64.SYS [2099288 2014-03-22] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-10] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-10] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1058552 2012-08-24] (Sunplus)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1502000.026\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-25] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 Tdsshbecr; C:\Windows\system32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-18 22:26 - 2014-04-18 22:26 - 00000000 ____D () C:\Users\angel_000\Desktop\FRST-OlderVersion
2014-04-17 14:20 - 2014-04-18 22:23 - 00000000 ____D () C:\AdwCleaner
2014-04-17 14:19 - 2014-04-17 14:19 - 01426178 _____ () C:\Users\angel_000\Desktop\adwcleaner.exe
2014-04-16 18:59 - 2014-04-16 19:01 - 00027008 _____ () C:\Users\angel_000\Desktop\Addition.txt
2014-04-16 18:58 - 2014-04-18 22:26 - 00015817 _____ () C:\Users\angel_000\Desktop\FRST.txt
2014-04-16 18:58 - 2014-04-18 22:26 - 00000000 ____D () C:\FRST
2014-04-16 18:57 - 2014-04-18 22:26 - 02158592 _____ (Farbar) C:\Users\angel_000\Desktop\FRST64.exe
2014-04-15 22:43 - 2014-04-15 22:46 - 00003362 _____ () C:\windows\System32\Tasks\PrivacyDr_Splash
2014-04-15 22:43 - 2014-04-15 22:43 - 00000000 ____D () C:\Users\angel_000\Documents\PrivacyDr
2014-04-15 22:43 - 2014-04-15 22:43 - 00000000 ____D () C:\Users\angel_000\AppData\Local\HistoryCleaner
2014-04-15 22:42 - 2014-04-15 22:42 - 00000000 ____D () C:\Users\angel_000\AppData\Local\iConvertor
2014-04-15 22:40 - 2014-04-15 22:40 - 00000000 ____D () C:\Users\angel_000\AppData\Roaming\qone8
2014-04-15 22:39 - 2014-04-15 22:39 - 00000254 __RSH () C:\ProgramData\ntuser.pol
2014-04-14 18:32 - 2014-04-14 19:05 - 00000000 ____D () C:\Users\angel_000\Documents\Vistaprint Fotoböcker
2014-04-14 18:32 - 2014-04-14 18:32 - 00001937 _____ () C:\Users\angel_000\Desktop\Vistaprint Fotoböcker.lnk
2014-04-14 18:32 - 2014-04-14 18:32 - 00000000 ____D () C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vistaprint Fotoböcker
2014-04-14 18:32 - 2014-04-14 18:32 - 00000000 ____D () C:\Users\angel_000\AppData\Local\Vistaprint Fotoböcker
2014-04-13 21:10 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-13 21:10 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-13 21:10 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-13 21:10 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-13 21:10 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-13 21:10 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-13 21:10 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-13 21:10 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-13 21:10 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-13 21:10 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-13 21:10 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-13 21:10 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-13 21:10 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-13 21:10 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-13 21:10 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-13 21:10 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-13 21:10 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-13 21:10 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-13 21:10 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-13 21:09 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-13 21:09 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-13 21:09 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-13 21:09 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-13 21:09 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-13 21:09 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-13 21:09 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-12 16:28 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-12 16:28 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-12 16:28 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-12 16:28 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-12 16:28 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-12 16:28 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 16:28 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 16:28 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-12 16:28 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-12 16:28 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 16:28 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-12 16:28 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-12 16:28 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-12 16:28 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-12 16:28 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-12 16:28 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-12 16:28 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-12 16:28 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-12 16:28 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 16:28 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-10 00:16 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-10 00:16 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-04-10 00:16 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-04-10 00:16 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-09 19:56 - 2014-04-09 19:56 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-04-09 19:50 - 2014-04-09 19:51 - 00422128 _____ () C:\windows\system32\FNTCACHE.DAT
2014-04-09 19:14 - 2014-04-09 19:14 - 00124129 _____ () C:\Users\angel_000\Downloads\image.jpeg
2014-04-08 20:09 - 2014-04-08 20:09 - 00000218 _____ () C:\Users\angel_000\AppData\Local\recently-used.xbel
2014-03-27 21:29 - 2014-03-27 21:29 - 00011749 _____ () C:\Users\angel_000\Downloads\Sons.of.Anarchy.S04E11.SWESUB.HDTV.XviD-Martin.6825189.TPB.torrent

==================== One Month Modified Files and Folders =======

2014-04-18 22:27 - 2014-04-16 18:58 - 00015817 _____ () C:\Users\angel_000\Desktop\FRST.txt
2014-04-18 22:26 - 2014-04-18 22:26 - 00000000 ____D () C:\Users\angel_000\Desktop\FRST-OlderVersion
2014-04-18 22:26 - 2014-04-16 18:58 - 00000000 ____D () C:\FRST
2014-04-18 22:26 - 2014-04-16 18:57 - 02158592 _____ (Farbar) C:\Users\angel_000\Desktop\FRST64.exe
2014-04-18 22:25 - 2013-12-26 20:42 - 00000000 ____D () C:\Users\angel_000\Documents\Youcam
2014-04-18 22:25 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-04-18 22:24 - 2013-12-24 11:18 - 01648373 _____ () C:\windows\WindowsUpdate.log
2014-04-18 22:24 - 2013-02-13 11:01 - 00070706 _____ () C:\windows\PFRO.log
2014-04-18 22:24 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-18 22:24 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-04-18 22:23 - 2014-04-17 14:20 - 00000000 ____D () C:\AdwCleaner
2014-04-18 22:23 - 2013-12-24 11:19 - 00001006 _____ () C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-18 22:18 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-18 22:17 - 2014-03-05 11:07 - 00001036 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-83414722-3780537285-3091295023-1001UA.job
2014-04-17 14:19 - 2014-04-17 14:19 - 01426178 _____ () C:\Users\angel_000\Desktop\adwcleaner.exe
2014-04-17 14:11 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-04-16 19:01 - 2014-04-16 18:59 - 00027008 _____ () C:\Users\angel_000\Desktop\Addition.txt
2014-04-16 18:51 - 2014-02-04 17:07 - 00027648 ___SH () C:\Users\angel_000\Documents\Thumbs.db
2014-04-16 18:37 - 2013-02-13 11:28 - 00721676 _____ () C:\windows\system32\perfh01D.dat
2014-04-16 18:37 - 2013-02-13 11:28 - 00149042 _____ () C:\windows\system32\perfc01D.dat
2014-04-16 18:37 - 2012-07-26 09:28 - 01709686 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-16 18:36 - 2014-01-12 23:24 - 00000000 ____D () C:\Users\angel_000\Desktop\Familjen Vintheden
2014-04-15 22:46 - 2014-04-15 22:43 - 00003362 _____ () C:\windows\System32\Tasks\PrivacyDr_Splash
2014-04-15 22:43 - 2014-04-15 22:43 - 00000000 ____D () C:\Users\angel_000\Documents\PrivacyDr
2014-04-15 22:43 - 2014-04-15 22:43 - 00000000 ____D () C:\Users\angel_000\AppData\Local\HistoryCleaner
2014-04-15 22:42 - 2014-04-15 22:42 - 00000000 ____D () C:\Users\angel_000\AppData\Local\iConvertor
2014-04-15 22:40 - 2014-04-15 22:40 - 00000000 ____D () C:\Users\angel_000\AppData\Roaming\qone8
2014-04-15 22:39 - 2014-04-15 22:39 - 00000254 __RSH () C:\ProgramData\ntuser.pol
2014-04-15 22:39 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2014-04-15 22:39 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2014-04-14 19:05 - 2014-04-14 18:32 - 00000000 ____D () C:\Users\angel_000\Documents\Vistaprint Fotoböcker
2014-04-14 18:32 - 2014-04-14 18:32 - 00001937 _____ () C:\Users\angel_000\Desktop\Vistaprint Fotoböcker.lnk
2014-04-14 18:32 - 2014-04-14 18:32 - 00000000 ____D () C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vistaprint Fotoböcker
2014-04-14 18:32 - 2014-04-14 18:32 - 00000000 ____D () C:\Users\angel_000\AppData\Local\Vistaprint Fotoböcker
2014-04-14 09:45 - 2013-12-24 11:20 - 00000000 ___RD () C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 09:45 - 2013-12-24 11:20 - 00000000 ___RD () C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 09:42 - 2013-12-25 17:47 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-14 09:41 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-14 09:41 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-04-13 21:23 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\NDF
2014-04-11 17:11 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-04-11 17:10 - 2013-12-25 20:15 - 00000000 ____D () C:\windows\system32\MRT
2014-04-11 17:09 - 2013-12-25 20:15 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-09 19:56 - 2014-04-09 19:56 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-04-09 19:51 - 2014-04-09 19:50 - 00422128 _____ () C:\windows\system32\FNTCACHE.DAT
2014-04-09 19:51 - 2013-12-25 15:38 - 00003206 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-04-09 19:51 - 2013-12-25 15:38 - 00002326 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-04-09 19:51 - 2013-12-25 15:36 - 00000000 ____D () C:\windows\system32\Drivers\N360x64
2014-04-09 19:45 - 2013-12-25 15:30 - 00105984 ___SH () C:\Users\angel_000\Desktop\Thumbs.db
2014-04-09 19:14 - 2014-04-09 19:14 - 00124129 _____ () C:\Users\angel_000\Downloads\image.jpeg
2014-04-08 20:31 - 2014-02-20 00:30 - 00000000 ____D () C:\Users\angel_000\AppData\Roaming\vlc
2014-04-08 20:09 - 2014-04-08 20:09 - 00000218 _____ () C:\Users\angel_000\AppData\Local\recently-used.xbel
2014-04-06 12:13 - 2012-07-26 09:21 - 00041060 _____ () C:\windows\setupact.log
2014-04-03 02:17 - 2014-03-05 11:07 - 00000984 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-83414722-3780537285-3091295023-1001Core.job
2014-04-03 02:12 - 2014-03-05 11:07 - 00003990 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-83414722-3780537285-3091295023-1001UA
2014-04-03 02:12 - 2014-03-05 11:07 - 00003610 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-83414722-3780537285-3091295023-1001Core
2014-03-31 23:18 - 2014-02-10 16:33 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-02-10 16:33 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-27 21:29 - 2014-03-27 21:29 - 00011749 _____ () C:\Users\angel_000\Downloads\Sons.of.Anarchy.S04E11.SWESUB.HDTV.XviD-Martin.6825189.TPB.torrent
2014-03-26 01:34 - 2013-12-24 11:18 - 00000000 ____D () C:\Users\angel_000\AppData\Local\Packages

Some content of TEMP:
====================
C:\Users\angel_000\AppData\Local\Temp\nspB3A5.exe
C:\Users\angel_000\AppData\Local\Temp\PrivacyDrSetup_S.exe
C:\Users\angel_000\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-07 20:18

==================== End Of Log ============================

Länk till kommentar
Dela på andra webbplatser

Alltså dum fråga men jag är inne och ska köra Scan och har bockat i allt men ser inte någon Scan knapp?! Det är bara som en ruta och all text är inte helt fullt läsbart? Även om jag gör rutan större så kommer det inte upp någon knapp för att gå vidare med??

Länk till kommentar
Dela på andra webbplatser

"Start" står det visst på knappen och så här ser det ut för mig:

 

Skärmklipp.PNG

 

Hjälper det om du klickar på det avrivna pappret uppe till höger?

Länk till kommentar
Dela på andra webbplatser

Ja, det var konstigt. Pröva med en InPrivate-surfning i Internet Explorer eller en annan webbläsare.

Länk till kommentar
Dela på andra webbplatser

C:\$RECYCLE.BIN\S-1-5-21-83414722-3780537285-3091295023-1001\$RJO657S.exe    a variant of Win32/AdWare.iBryte.W application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BitLord 2\StubInstaller.exe.vir    Win32/Toolbar.Conduit potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Re-Markable-soft\Re-MarkableyfY.exe.vir    a variant of Win32/AdWare.AddLyrics.AJ application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir    Win64/Thinknice.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir    Win32/Thinknice.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir    Win64/Thinknice.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir    a variant of Win32/ELEX.AD potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\angel_000\AppData\Roaming\SupTab\SupTab.dll.vir    Win32/Thinknice.A potentially unwanted application
C:\Users\angel_000\AppData\Local\Temp\fullpackage_temp1397594383\tmp\SupTab.exe    a variant of Win32/ELEX.AD potentially unwanted application
C:\Users\angel_000\AppData\Local\Temp\fullpackage_temp1397594383\tmp\wpm.exe    a variant of Win32/ELEX.AE potentially unwanted application
C:\Users\angel_000\Downloads\avc-free.exe    Win32/OpenCandy potentially unsafe application
 

Länk till kommentar
Dela på andra webbplatser

1. Den första filen där är något som ligger i en papperskorg så det är lämpligt att tömma papperskorgar.

 

C:\Users\angel_000\Downloads\avc-free.exe Win32/OpenCandy potentially unsafe application

Detta innebär att installationsprogrammet kommer att vilja installera något onödigt/olämpligt.

 

2. Starta Anteckningar.

Kopiera alla rader i rutan:

HKU\S-1-5-21-83414722-3780537285-3091295023-1001\...\Run: [PrivacyDr] => C:\Program Files (x86)\Privacy Dr\PrivacyDr.exe
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
S2 Re-Markable; C:\Program Files (x86)\Re-Markable-soft\Re-MarkableyfY158.exe [X]
2014-04-15 22:43 - 2014-04-15 22:46 - 00003362 _____ () C:\windows\System32\Tasks\PrivacyDr_Splash
2014-04-15 22:40 - 2014-04-15 22:40 - 00000000 ____D () C:\Users\angel_000\AppData\Roaming\qone8
C:\Users\angel_000\AppData\Local\Temp\nspB3A5.exe
C:\Users\angel_000\AppData\Local\Temp\PrivacyDrSetup_S.exe
C:\Users\angel_000\AppData\Local\Temp\Quarantine.exe
Task: {36774BD8-E412-4648-A69E-FBB9B33B69CC} - System32\Tasks\Re-Markable Update => C:\Program Files (x86)\Re-Markable-soft\Re-MarkableyfY.exe [2014-04-15] ()
Task: {CBC7836E-1479-4DC7-9685-302ECE8DD5F0} - System32\Tasks\PrivacyDr_Splash => C:\Program Files (x86)\Privacy Dr\Splash.exe
Task: C:\windows\Tasks\Re-Markable Update.job => C:\Program Files (x86)\Re-Markable-soft\Re-MarkableyfY.exe
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

 

3. Starta om datorn och se om det nu går att avinstallera PrivacyDr.

Om det gick bra kör FRST igen och klistra in den nya FRST.txt.

Länk till kommentar
Dela på andra webbplatser

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-04-2014
Ran by angel_000 at 2014-04-19 20:52:28 Run:1
Running from C:\Users\angel_000\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-83414722-3780537285-3091295023-1001\...\Run: [PrivacyDr] => C:\Program Files (x86)\Privacy Dr\PrivacyDr.exe
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
S2 Re-Markable; C:\Program Files (x86)\Re-Markable-soft\Re-MarkableyfY158.exe [X]
2014-04-15 22:43 - 2014-04-15 22:46 - 00003362 _____ () C:\windows\System32\Tasks\PrivacyDr_Splash
2014-04-15 22:40 - 2014-04-15 22:40 - 00000000 ____D () C:\Users\angel_000\AppData\Roaming\qone8
C:\Users\angel_000\AppData\Local\Temp\nspB3A5.exe
C:\Users\angel_000\AppData\Local\Temp\PrivacyDrSetup_S.exe
C:\Users\angel_000\AppData\Local\Temp\Quarantine.exe
Task: {36774BD8-E412-4648-A69E-FBB9B33B69CC} - System32\Tasks\Re-Markable Update => C:\Program Files (x86)\Re-Markable-soft\Re-MarkableyfY.exe [2014-04-15] ()
Task: {CBC7836E-1479-4DC7-9685-302ECE8DD5F0} - System32\Tasks\PrivacyDr_Splash => C:\Program Files (x86)\Privacy Dr\Splash.exe
Task: C:\windows\Tasks\Re-Markable Update.job => C:\Program Files (x86)\Re-Markable-soft\Re-MarkableyfY.exe
*****************

HKU\S-1-5-21-83414722-3780537285-3091295023-1001\Software\Microsoft\Windows\CurrentVersion\Run\\PrivacyDr => Value deleted successfully.
"C:\PROGRA~2\SupTab\SEARCH~2.DLL" => Value Data removed successfully.
"C:\PROGRA~2\SupTab\SEARCH~1.DLL" => Value Data removed successfully.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
Re-Markable => Service deleted successfully.
C:\windows\System32\Tasks\PrivacyDr_Splash => Moved successfully.
C:\Users\angel_000\AppData\Roaming\qone8 => Moved successfully.
C:\Users\angel_000\AppData\Local\Temp\nspB3A5.exe => Moved successfully.
C:\Users\angel_000\AppData\Local\Temp\PrivacyDrSetup_S.exe => Moved successfully.
C:\Users\angel_000\AppData\Local\Temp\Quarantine.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36774BD8-E412-4648-A69E-FBB9B33B69CC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36774BD8-E412-4648-A69E-FBB9B33B69CC} => Key deleted successfully.
C:\Windows\System32\Tasks\Re-Markable Update not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Re-Markable Update => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CBC7836E-1479-4DC7-9685-302ECE8DD5F0} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CBC7836E-1479-4DC7-9685-302ECE8DD5F0} => Key deleted successfully.
C:\Windows\System32\Tasks\PrivacyDr_Splash not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PrivacyDr_Splash => Key deleted successfully.
C:\windows\Tasks\Re-Markable Update.job not found.

The system needed a reboot.

==== End of Fixlog ====

Länk till kommentar
Dela på andra webbplatser

Okej, då får det bli ett försök med att ta bort programmets mapp med FRST men det kommer att bli en del rester i registret.

 

Starta Anteckningar.

Kopiera alla rader i rutan:

C:\Program Files (x86)\Privacy Dr
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

 

Starta om datorn och kör FRST igen och klistra in den nya FRST.txt.

Länk till kommentar
Dela på andra webbplatser

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-04-2014 01
Ran by angel_000 at 2014-04-20 21:09:11 Run:2
Running from C:\Users\angel_000\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Program Files (x86)\Privacy Dr
*****************

"C:\Program Files (x86)\Privacy Dr" => File/Directory not found.

==== End of Fixlog ====

Länk till kommentar
Dela på andra webbplatser

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2014 01
Ran by angel_000 (administrator) on GELIKAN on 20-04-2014 21:12:09
Running from C:\Users\angel_000\Desktop
Windows 8 (X64) OS Language: Swedish
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\FUJITSU\PSUtility\PSUService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2912056 2012-08-10] (Synaptics Incorporated)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DeskUpdateNotifier] => C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe [101288 2012-07-25] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-83414722-3780537285-3091295023-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-83414722-3780537285-3091295023-1001\...\Run: [Google Update] => C:\Users\angel_000\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-05] (Google Inc.)
HKU\S-1-5-21-83414722-3780537285-3091295023-1001\...\RunOnce: [uninstall C:\Users\angel_000\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] - C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\angel_000\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {1F8DC5F6-6480-4B67-97B1-442C0E4AEEAA} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKLM-x32 - {1F8DC5F6-6480-4B67-97B1-442C0E4AEEAA} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAFSJS
SearchScopes: HKCU - DefaultScope {1F8DC5F6-6480-4B67-97B1-442C0E4AEEAA} URL =
SearchScopes: HKCU - {1F8DC5F6-6480-4B67-97B1-442C0E4AEEAA} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\angel_000\AppData\Roaming\Mozilla\Firefox\Profiles\80h4d1fn.default
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.2.21 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\angel_000\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\angel_000\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-25]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{9A963233-37BD-837B-48FF-3AD40489A05D}] - C:\Program Files (x86)\Re-Markable-soft\158.xpi

==================== Services (Whitelisted) =================

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [80752 2012-07-18] (FUJITSU LIMITED)
S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2219520 2012-07-11] (FUJITSU LIMITED)
R2 PowerSavingUtilityService; C:\Program Files\FUJITSU\PSUtility\PSUService.exe [51608 2012-08-07] (FUJITSU LIMITED)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [104960 2012-07-07] (ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-24] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [20848 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\drivers\FUJ02B1.sys [16368 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\drivers\FUJ02E3.sys [17264 2012-08-01] (FUJITSU LIMITED)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140417.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140418.016\ENG64.SYS [126040 2014-03-22] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140418.016\EX64.SYS [2099288 2014-03-22] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-10] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-10] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1058552 2012-08-24] (Sunplus)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1502000.026\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-25] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 Tdsshbecr; C:\Windows\system32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-19 19:51 - 2014-04-19 19:51 - 00001424 _____ () C:\Users\angel_000\Desktop\eset.txt
2014-04-19 14:11 - 2014-04-19 14:12 - 02347384 _____ (ESET) C:\Users\angel_000\Downloads\esetsmartinstaller_enu(2).exe
2014-04-19 14:10 - 2014-04-19 14:10 - 02347384 _____ (ESET) C:\Users\angel_000\Downloads\esetsmartinstaller_enu(1).exe
2014-04-19 14:09 - 2014-04-19 14:09 - 02347384 _____ (ESET) C:\Users\angel_000\Downloads\esetsmartinstaller_enu.exe
2014-04-19 14:07 - 2014-04-19 14:07 - 00001154 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-19 14:07 - 2014-04-19 14:07 - 00000000 ____D () C:\Users\angel_000\AppData\Roaming\Mozilla
2014-04-19 14:07 - 2014-04-19 14:07 - 00000000 ____D () C:\Users\angel_000\AppData\Local\Mozilla
2014-04-19 14:07 - 2014-04-19 14:07 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-19 14:07 - 2014-04-19 14:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 14:07 - 2014-04-19 14:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-18 22:32 - 2014-04-18 22:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-18 22:26 - 2014-04-20 21:09 - 00000000 ____D () C:\Users\angel_000\Desktop\FRST-OlderVersion
2014-04-17 14:20 - 2014-04-18 22:23 - 00000000 ____D () C:\AdwCleaner
2014-04-17 14:19 - 2014-04-17 14:19 - 01426178 _____ () C:\Users\angel_000\Desktop\adwcleaner.exe
2014-04-16 18:59 - 2014-04-16 19:01 - 00027008 _____ () C:\Users\angel_000\Desktop\Addition.txt
2014-04-16 18:58 - 2014-04-20 21:12 - 00015739 _____ () C:\Users\angel_000\Desktop\FRST.txt
2014-04-16 18:58 - 2014-04-20 21:12 - 00000000 ____D () C:\FRST
2014-04-16 18:57 - 2014-04-20 21:09 - 02056192 _____ (Farbar) C:\Users\angel_000\Desktop\FRST64.exe
2014-04-15 22:43 - 2014-04-15 22:43 - 00000000 ____D () C:\Users\angel_000\Documents\PrivacyDr
2014-04-15 22:43 - 2014-04-15 22:43 - 00000000 ____D () C:\Users\angel_000\AppData\Local\HistoryCleaner
2014-04-15 22:42 - 2014-04-15 22:42 - 00000000 ____D () C:\Users\angel_000\AppData\Local\iConvertor
2014-04-15 22:39 - 2014-04-19 20:53 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-14 18:32 - 2014-04-14 19:05 - 00000000 ____D () C:\Users\angel_000\Documents\Vistaprint Fotoböcker
2014-04-14 18:32 - 2014-04-14 18:32 - 00001937 _____ () C:\Users\angel_000\Desktop\Vistaprint Fotoböcker.lnk
2014-04-14 18:32 - 2014-04-14 18:32 - 00000000 ____D () C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vistaprint Fotoböcker
2014-04-14 18:32 - 2014-04-14 18:32 - 00000000 ____D () C:\Users\angel_000\AppData\Local\Vistaprint Fotoböcker
2014-04-13 21:10 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-13 21:10 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-13 21:10 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-13 21:10 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-13 21:10 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-13 21:10 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-13 21:10 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-13 21:10 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-13 21:10 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-13 21:10 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-13 21:10 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-13 21:10 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-13 21:10 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-13 21:10 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-13 21:10 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-13 21:10 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-13 21:10 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-13 21:10 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-13 21:10 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-13 21:10 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-13 21:09 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-13 21:09 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-13 21:09 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-13 21:09 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-13 21:09 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-13 21:09 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-13 21:09 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-12 16:28 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-12 16:28 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-12 16:28 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-12 16:28 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-12 16:28 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-12 16:28 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 16:28 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 16:28 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-12 16:28 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-12 16:28 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 16:28 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-12 16:28 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-12 16:28 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-12 16:28 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-12 16:28 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-12 16:28 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-12 16:28 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-12 16:28 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-12 16:28 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 16:28 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-10 00:16 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-10 00:16 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-04-10 00:16 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-04-10 00:16 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-09 19:56 - 2014-04-09 19:56 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-04-09 19:50 - 2014-04-09 19:51 - 00422128 _____ () C:\windows\system32\FNTCACHE.DAT
2014-04-09 19:14 - 2014-04-09 19:14 - 00124129 _____ () C:\Users\angel_000\Downloads\image.jpeg
2014-04-08 20:09 - 2014-04-08 20:09 - 00000218 _____ () C:\Users\angel_000\AppData\Local\recently-used.xbel
2014-03-27 21:29 - 2014-03-27 21:29 - 00011749 _____ () C:\Users\angel_000\Downloads\Sons.of.Anarchy.S04E11.SWESUB.HDTV.XviD-Martin.6825189.TPB.torrent

==================== One Month Modified Files and Folders =======

2014-04-20 21:12 - 2014-04-16 18:58 - 00015739 _____ () C:\Users\angel_000\Desktop\FRST.txt
2014-04-20 21:12 - 2014-04-16 18:58 - 00000000 ____D () C:\FRST
2014-04-20 21:11 - 2013-12-26 20:42 - 00000000 ____D () C:\Users\angel_000\Documents\Youcam
2014-04-20 21:10 - 2013-12-24 11:18 - 01699943 _____ () C:\windows\WindowsUpdate.log
2014-04-20 21:10 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-20 21:09 - 2014-04-18 22:26 - 00000000 ____D () C:\Users\angel_000\Desktop\FRST-OlderVersion
2014-04-20 21:09 - 2014-04-16 18:57 - 02056192 _____ (Farbar) C:\Users\angel_000\Desktop\FRST64.exe
2014-04-20 21:03 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-19 20:58 - 2013-12-25 15:30 - 00115200 ___SH () C:\Users\angel_000\Desktop\Thumbs.db
2014-04-19 20:57 - 2013-02-13 11:28 - 00721676 _____ () C:\windows\system32\perfh01D.dat
2014-04-19 20:57 - 2013-02-13 11:28 - 00149042 _____ () C:\windows\system32\perfc01D.dat
2014-04-19 20:57 - 2012-07-26 09:28 - 01709686 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-19 20:53 - 2014-04-15 22:39 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-19 20:52 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2014-04-19 20:52 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-04-19 19:51 - 2014-04-19 19:51 - 00001424 _____ () C:\Users\angel_000\Desktop\eset.txt
2014-04-19 19:21 - 2013-12-25 23:27 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-83414722-3780537285-3091295023-1001
2014-04-19 19:17 - 2014-03-05 11:07 - 00001036 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-83414722-3780537285-3091295023-1001UA.job
2014-04-19 14:12 - 2014-04-19 14:11 - 02347384 _____ (ESET) C:\Users\angel_000\Downloads\esetsmartinstaller_enu(2).exe
2014-04-19 14:10 - 2014-04-19 14:10 - 02347384 _____ (ESET) C:\Users\angel_000\Downloads\esetsmartinstaller_enu(1).exe
2014-04-19 14:09 - 2014-04-19 14:09 - 02347384 _____ (ESET) C:\Users\angel_000\Downloads\esetsmartinstaller_enu.exe
2014-04-19 14:07 - 2014-04-19 14:07 - 00001154 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-19 14:07 - 2014-04-19 14:07 - 00000000 ____D () C:\Users\angel_000\AppData\Roaming\Mozilla
2014-04-19 14:07 - 2014-04-19 14:07 - 00000000 ____D () C:\Users\angel_000\AppData\Local\Mozilla
2014-04-19 14:07 - 2014-04-19 14:07 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-19 14:07 - 2014-04-19 14:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 14:07 - 2014-04-19 14:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-18 22:32 - 2014-04-18 22:32 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-18 22:25 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-04-18 22:24 - 2013-02-13 11:01 - 00070706 _____ () C:\windows\PFRO.log
2014-04-18 22:23 - 2014-04-17 14:20 - 00000000 ____D () C:\AdwCleaner
2014-04-18 22:23 - 2013-12-24 11:19 - 00001006 _____ () C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-17 14:19 - 2014-04-17 14:19 - 01426178 _____ () C:\Users\angel_000\Desktop\adwcleaner.exe
2014-04-17 14:12 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-04-16 19:01 - 2014-04-16 18:59 - 00027008 _____ () C:\Users\angel_000\Desktop\Addition.txt
2014-04-16 18:51 - 2014-02-04 17:07 - 00027648 ___SH () C:\Users\angel_000\Documents\Thumbs.db
2014-04-16 18:36 - 2014-01-12 23:24 - 00000000 ____D () C:\Users\angel_000\Desktop\Familjen Vintheden
2014-04-15 22:43 - 2014-04-15 22:43 - 00000000 ____D () C:\Users\angel_000\Documents\PrivacyDr
2014-04-15 22:43 - 2014-04-15 22:43 - 00000000 ____D () C:\Users\angel_000\AppData\Local\HistoryCleaner
2014-04-15 22:42 - 2014-04-15 22:42 - 00000000 ____D () C:\Users\angel_000\AppData\Local\iConvertor
2014-04-15 22:39 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2014-04-14 19:05 - 2014-04-14 18:32 - 00000000 ____D () C:\Users\angel_000\Documents\Vistaprint Fotoböcker
2014-04-14 18:32 - 2014-04-14 18:32 - 00001937 _____ () C:\Users\angel_000\Desktop\Vistaprint Fotoböcker.lnk
2014-04-14 18:32 - 2014-04-14 18:32 - 00000000 ____D () C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vistaprint Fotoböcker
2014-04-14 18:32 - 2014-04-14 18:32 - 00000000 ____D () C:\Users\angel_000\AppData\Local\Vistaprint Fotoböcker
2014-04-14 09:45 - 2013-12-24 11:20 - 00000000 ___RD () C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 09:45 - 2013-12-24 11:20 - 00000000 ___RD () C:\Users\angel_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 09:42 - 2013-12-25 17:47 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-14 09:41 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-14 09:41 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-04-13 21:23 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\NDF
2014-04-11 17:11 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-04-11 17:10 - 2013-12-25 20:15 - 00000000 ____D () C:\windows\system32\MRT
2014-04-11 17:09 - 2013-12-25 20:15 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-09 19:56 - 2014-04-09 19:56 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-04-09 19:51 - 2014-04-09 19:50 - 00422128 _____ () C:\windows\system32\FNTCACHE.DAT
2014-04-09 19:51 - 2013-12-25 15:38 - 00003206 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-04-09 19:51 - 2013-12-25 15:38 - 00002326 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-04-09 19:51 - 2013-12-25 15:36 - 00000000 ____D () C:\windows\system32\Drivers\N360x64
2014-04-09 19:14 - 2014-04-09 19:14 - 00124129 _____ () C:\Users\angel_000\Downloads\image.jpeg
2014-04-08 20:31 - 2014-02-20 00:30 - 00000000 ____D () C:\Users\angel_000\AppData\Roaming\vlc
2014-04-08 20:09 - 2014-04-08 20:09 - 00000218 _____ () C:\Users\angel_000\AppData\Local\recently-used.xbel
2014-04-06 12:13 - 2012-07-26 09:21 - 00041060 _____ () C:\windows\setupact.log
2014-04-03 02:17 - 2014-03-05 11:07 - 00000984 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-83414722-3780537285-3091295023-1001Core.job
2014-04-03 02:12 - 2014-03-05 11:07 - 00003990 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-83414722-3780537285-3091295023-1001UA
2014-04-03 02:12 - 2014-03-05 11:07 - 00003610 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-83414722-3780537285-3091295023-1001Core
2014-03-31 23:18 - 2014-02-10 16:33 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-02-10 16:33 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-27 21:29 - 2014-03-27 21:29 - 00011749 _____ () C:\Users\angel_000\Downloads\Sons.of.Anarchy.S04E11.SWESUB.HDTV.XviD-Martin.6825189.TPB.torrent
2014-03-26 01:34 - 2013-12-24 11:18 - 00000000 ____D () C:\Users\angel_000\AppData\Local\Packages

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-19 19:21

==================== End Of Log ============================

Länk till kommentar
Dela på andra webbplatser

1. Ser du till Privacy Dr nu?

I så fall hur?

 

2. Spara SystemLook på Skrivbordet: http://jpshortstuff.247fixes.com/SystemLook_x64.exe

 

Dubbelklicka på SystemLook-filen för att köra den.

 

Kopiera alla rader i rutan

:dir
C:\Users\angel_000\AppData\Local\HistoryCleaner
C:\Users\angel_000\AppData\Local\iConvertor
och klistra in i det stora textfältet i SýstemLook.

Tryck på knappen Look för att starta sökningen.

När det är klart så kommer Anteckningar upp med en logg, och den klistrar du in här. Om loggen inte kommer upp så finns den som SystemLook.txt på Skrivbordet.

 

3. Starta Anteckningar.

 

Kopiera alla rader i rutan:

FF HKCU\...\Firefox\Extensions: [{9A963233-37BD-837B-48FF-3AD40489A05D}] - C:\Program Files (x86)\Re-Markable-soft\158.xpi
2014-04-15 22:43 - 2014-04-15 22:43 - 00000000 ____D () C:\Users\angel_000\Documents\PrivacyDr
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Privacy Dr ligger fortfarande som en app när jag söker på den med windows 8.. Men den ligger inte på skrivbordet.

 

SystemLook 30.07.11 by jpshortstuff
Log created at 19:52 on 21/04/2014 by angel_000
Administrator - Elevation successful

========== dir ==========

C:\Users\angel_000\AppData\Local\HistoryCleaner - Parameters: "(none)"

---Files---
None found.

---Folders---
PrivacyDr.exe_Url_urhfk54vvfoy10pla5pcxzf3diftfwob d------ [20:43 15/04/2014]

C:\Users\angel_000\AppData\Local\iConvertor - Parameters: "(none)"

---Files---
None found.

---Folders---
FastMedia_Converter.exe_Url_lwpvxkoegrrnsgqkfls1ilq0cqas4g5z d------ [20:42 15/04/2014]

-= EOF =-

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...