Just nu i M3-nätverket
Gå till innehåll

Ev, skit i datorn?


Euro

Rekommendera Poster

  • Svars 64
  • Skapad
  • Senaste svar

Gokväll,

 

Om jag fattar det rätt så var det inget knas med dessa filer. Vad gör jag nu? Jag har inte använt datorn till något annat än din "rensning" så jag vet egentligen inte hur den funkar. Det känns som att Explorer fungerar bättre efter den senaste genomkörningen för innan fick jag uppdatera den här sidan flera gånger innan den laddade helt + att den kunde haka upp sig vid scrollning men det verkar inte vara så nu. Chrome har jag inte installerat igen sen jag tog bort det.

 

Vågar inte göra nåt på egen hand utan väntar på dina instruktioner Cecilia.

Länk till kommentar
Dela på andra webbplatser

God natt/morgon!

 

Filerna verkar mycket riktigt vara ofarliga, även om de är underliga, så de får vara kvar i datorn.

 

Starta Anteckningar.

Kopiera alla rader i rutan:

U3 aqe8x0rc; C:\Windows\system32\Drivers\aqe8x0rc.sys [0 ] (Microsoft Corporation)
R0 imekozip; vbahupac\imekozip.sys [X]
EmtpyTemp:
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Datorn startas om.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

 

 

Innan du installerar Google Chrome på nytt är det nog bra att ta bort profilmappen så att inget gammalt ligger kvar och stör.

Profilmapp för Cricke: C:\Användare\Cricke\AppData\Local\Google\Chrome\User Data\Default

Motsvarande ställe för andra användarkonton.

 

Eftersom det finns flera användarkonton i datorn är det nog bra om du kör FRST från de andra användarkontona och bifogar FRST.txt från var och en av dem (ingen Addition.txt). Döp om de olika FRST.txt så att du vet vilken fil som hör ihop med vilket användarkonto, t ex FRST_William.txt.

Länk till kommentar
Dela på andra webbplatser

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 30-10-2014
Ran by Cricke at 2014-10-30 08:24:20 Run:3
Running from C:\Users\Cricke\Desktop
Loaded Profiles: Cricke &  (Available profiles: Cricke & William & Pappa & Gäst A)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
U3 aqe8x0rc; C:\Windows\system32\Drivers\aqe8x0rc.sys [0 ] (Microsoft Corporation)
R0 imekozip; vbahupac\imekozip.sys [X]
EmtpyTemp:
*****************

aqe8x0rc => Service deleted successfully.
imekozip => Unable to stop service
imekozip => Service deleted successfully.
EmtpyTemp: => Error: No automatic fix found for this entry.

The system needed a reboot.

==== End of Fixlog ====

Länk till kommentar
Dela på andra webbplatser

Blev visst en felstavning där, förlåt.

 

Starta Anteckningar.

Kopiera alla rader i rutan:

EmptyTemp:
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

 

Hur fungerar datorn nu?

Länk till kommentar
Dela på andra webbplatser

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 30-10-2014
Ran by Cricke at 2014-10-30 21:39:03 Run:4
Running from C:\Users\Cricke\Desktop
Loaded Profile: Cricke (Available profiles: Cricke & William & Pappa & Gäst A)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
EmptyTemp:
*****************

EmptyTemp: => Removed 3.8 GB temporary data.

The system needed a reboot.

==== End of Fixlog ====

Länk till kommentar
Dela på andra webbplatser

Se bif.

Gäst

 

Starta Anteckningar.

Kopiera alla rader i rutan:

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} ->  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Se bif

William

 

Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på Report-knappen.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt

Länk till kommentar
Dela på andra webbplatser

Spara RougueKiller på Skrivbordet: http://www.adlice.com/softs/roguekiller/RogueKiller.exe

Stäng av alla program.

Ta bort alla externa enheter, t ex USB-minnen och externa hårddiskar, utom tangentbord och mus. Låt dem vara bortkopplade medan rensningen pågår.

 

Kör RogueKiller (i Vista och Windows 7 högerklicka på programmet och välj "Kör som administratör). Om det inte går att köra så pröva flera gång, men om det fortfarande inte går så pröva med att döpa om programmet till winlogon.exe.

 

Vänta tills "Prescan" har avslutats.

Klicka på "Scan"-knappen uppe till höger.

Vänta tills skanningen är klar.

En rapport "RKreport.txt" ska då ha skapats på Skrivbordet. Klistra in innehållet i den i ditt svar.

 

Se bif

Pappa

 

Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på Report-knappen.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt

Länk till kommentar
Dela på andra webbplatser

Gäst

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 30-10-2014 01
Ran by Gäst A at 2014-10-31 07:45:15 Run:5
Running from C:\Users\Gäst A\Desktop
Loaded Profiles: Cricke & William & Gäst A &  (Available profiles: Cricke & William & Pappa & Gäst A)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} ->  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U29) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
*****************

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}" => Key deleted successfully.
"HKCR\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => Key deleted successfully.
"HKCR\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}" => Key deleted successfully.
"HKCR\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key deleted successfully.
"HKCR\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}" => Key not found.
C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll not found.
C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll not found.

==== End of Fixlog ====

Länk till kommentar
Dela på andra webbplatser

William

 

 

# AdwCleaner v3.311 - Report created 31/10/2014 at 08:00:41
# Updated 30/09/2014 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)
# Username : Cricke - CRICKE-HP
# Running from : C:\Users\William\Desktop\adwcleaner_3.311.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16575

-\\ Google Chrome v

[ File : C:\Users\Gäst A\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [search Provider] : hxxp://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934
Found [search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2452474
Found [search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcnnbie7-sv-se
Found [search Provider] : hxxp://www.daemon-search.com/search?q={searchTerms}
Found [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Found [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Found [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Found [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Found [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Found [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Found [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

*************************

AdwCleaner[R0].txt - [5122 octets] - [26/10/2014 13:51:02]
AdwCleaner[R1].txt - [5182 octets] - [26/10/2014 14:34:15]
AdwCleaner[R2].txt - [5298 octets] - [27/10/2014 00:08:15]
AdwCleaner[R3].txt - [5358 octets] - [27/10/2014 00:13:41]
AdwCleaner[R4].txt - [1289 octets] - [27/10/2014 10:25:55]
AdwCleaner[R5].txt - [1935 octets] - [31/10/2014 08:00:41]
AdwCleaner[s0].txt - [5528 octets] - [27/10/2014 00:16:12]
AdwCleaner[s1].txt - [1347 octets] - [27/10/2014 10:29:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [2115 octets] ##########

Länk till kommentar
Dela på andra webbplatser

William

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

 

Klicka på Clean-knappen.

Tryck på OK.

Tryck på OK fler gånger om det kommer upp meddelanden.

 

Datorn kommer att startas om.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[s0].txt

Länk till kommentar
Dela på andra webbplatser

Här kommer RougeKiller-loggen

 

 

RogueKiller V10.0.4.0 [Oct 29 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Cricke [Administrator]
Mode : Scan -- Date : 10/31/2014  17:24:01

¤¤¤ Processes : 1 ¤¤¤
[Tr.Zeus] mbam.exe -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe[7] -> Killed [TermProc]

¤¤¤ Registry : 31 ¤¤¤
[PUM.HomePage] HKEY_USERS\S-1-5-21-2223298635-2595870890-1169053488-1003\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.leta.se/  -> Found
[PUM.HomePage] HKEY_USERS\S-1-5-21-2223298635-2595870890-1169053488-1005\Software\Microsoft\Internet Explorer\Main | Start Page : http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=84&bd=Pavilion&pf=cnnb  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{245E89A1-B4E1-4697-BF78-3C9FEEC15A9B} | DhcpNameServer : 193.150.193.150 83.255.245.11 [EUROPEAN UNION (EU)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{27064E32-5C7B-4AD0-B24B-78BCFFC43FD7} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{31CC5287-1B95-45DD-AE41-1C5F2B6F9002} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{32AA6E2D-CA02-44CD-ACB3-1EDE3DD04B37} | DhcpNameServer : 195.67.199.27 195.67.199.28 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{44412726-591D-48B3-8955-FD5B4E029290} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{557B8083-2C52-4B0B-A8C9-A0FFE1167510} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5BBB6559-E46E-4C69-82D7-C6514FB46CB4} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C7A677EC-EE98-4553-8721-19B144432E3B} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{245E89A1-B4E1-4697-BF78-3C9FEEC15A9B} | DhcpNameServer : 193.150.193.150 83.255.245.11 [EUROPEAN UNION (EU)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{27064E32-5C7B-4AD0-B24B-78BCFFC43FD7} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{31CC5287-1B95-45DD-AE41-1C5F2B6F9002} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{32AA6E2D-CA02-44CD-ACB3-1EDE3DD04B37} | DhcpNameServer : 195.67.199.27 195.67.199.28 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{44412726-591D-48B3-8955-FD5B4E029290} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{557B8083-2C52-4B0B-A8C9-A0FFE1167510} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5BBB6559-E46E-4C69-82D7-C6514FB46CB4} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{C7A677EC-EE98-4553-8721-19B144432E3B} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{245E89A1-B4E1-4697-BF78-3C9FEEC15A9B} | DhcpNameServer : 193.150.193.150 83.255.245.11 [EUROPEAN UNION (EU)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{27064E32-5C7B-4AD0-B24B-78BCFFC43FD7} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{31CC5287-1B95-45DD-AE41-1C5F2B6F9002} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{32AA6E2D-CA02-44CD-ACB3-1EDE3DD04B37} | DhcpNameServer : 195.67.199.27 195.67.199.28 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{44412726-591D-48B3-8955-FD5B4E029290} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{557B8083-2C52-4B0B-A8C9-A0FFE1167510} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{5BBB6559-E46E-4C69-82D7-C6514FB46CB4} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{C7A677EC-EE98-4553-8721-19B144432E3B} | DhcpNameServer : 130.244.127.161 130.244.127.169 [sWEDEN (SE)]  -> Found
[PUM.StartMenu] HKEY_USERS\S-1-5-21-2223298635-2595870890-1169053488-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0  -> Found
[PUM.StartMenu] HKEY_USERS\S-1-5-21-2223298635-2595870890-1169053488-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRun : 0  -> Found
[PUM.StartMenu] HKEY_USERS\S-1-5-21-2223298635-2595870890-1169053488-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowRecentDocs : 0  -> Found
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 19 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    activate.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    practivate.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    ereg.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    activate.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    3dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    3dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    adobe-dns.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    adobe-dns-2.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    adobe-dns-3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    ereg.wip3.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    activate-sea.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    wwis-dubc1-vip60.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1    activate-sjc0.adobe.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1                               adobe.activate.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1                               adobeereg.com                       
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1                               www.adobeereg.com                   
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1                               wwis-dubc1-vip60.adobe.com          
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1                               hl2rcv.adobe.com

¤¤¤ Antirootkit : 16 (Driver: Loaded) ¤¤¤
[sSDT:Addr(Hook.SSDT)] NtCreateFile[60] : C:\Program Files\Norman\Ngs\Bin\nprosec.sys @ 0x97485f36
[sSDT:Addr(Hook.SSDT)] NtCreateProcess[72] : C:\Program Files\Norman\Ngs\Bin\nprosec.sys @ 0x9748495a
[sSDT:Addr(Hook.SSDT)] NtCreateProcessEx[73] : C:\Program Files\Norman\Ngs\Bin\nprosec.sys @ 0x9748498a
[sSDT:Addr(Hook.SSDT)] NtCreateThread[78] : C:\Program Files\Norman\Ngs\Bin\nprosec.sys @ 0x974849ba
[sSDT:Addr(Hook.SSDT)] NtSetSystemInformation[317] : C:\Program Files\Norman\Ngs\Bin\nprosec.sys @ 0x9748608e
[sSDT:Addr(Hook.SSDT)] NtTerminateProcess[334] : C:\Program Files\Norman\Ngs\Bin\nprosec.sys @ 0x97485792
[sSDT:Addr(Hook.SSDT)] NtWriteVirtualMemory[358] : C:\Program Files\Norman\Ngs\Bin\nprosec.sys @ 0x974859e8
[sSDT:Addr(Hook.SSDT)] NtCreateThreadEx[382] : C:\Program Files\Norman\Ngs\Bin\nprosec.sys @ 0x97485048
[sSDT:Addr(Hook.SSDT)] NtCreateUserProcess[383] : C:\Program Files\Norman\Ngs\Bin\nprosec.sys @ 0x974844f0
[iRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_CREATE[0] : Unknown @ 0x875371f8
[iRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x875371f8
[iRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x875371f8
[iRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x875371f8
[iRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_POWER[22] : Unknown @ 0x875371f8
[iRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x875371f8
[iRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_PNP[27] : Unknown @ 0x875371f8

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK3252GSX +++++
--- User ---
[MBR] a1a5d1c11a8af8bf8c4e5450b7df3bbf
[bSP] 2c36e54067c600ac7af2054084c31f52 : Toshiba MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 293760 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 601622528 | Size: 11481 MB
User = LL1 ... OK
User = LL2 ... OK

Länk till kommentar
Dela på andra webbplatser

# AdwCleaner v3.311 - Report created 31/10/2014 at 17:58:58
# Updated 30/09/2014 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)
# Username : Cricke - CRICKE-HP
# Running from : C:\Users\Cricke\Desktop\adwcleaner_3.311.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16575

-\\ Google Chrome v

[ File : C:\Users\Gäst A\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [search Provider] : hxxp://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934
Found [search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2452474
Found [search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcnnbie7-sv-se
Found [search Provider] : hxxp://www.daemon-search.com/search?q={searchTerms}
Found [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Found [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Found [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Found [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Found [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Found [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Found [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

*************************

AdwCleaner[R0].txt - [5122 octets] - [26/10/2014 13:51:02]
AdwCleaner[R1].txt - [5182 octets] - [26/10/2014 14:34:15]
AdwCleaner[R2].txt - [5298 octets] - [27/10/2014 00:08:15]
AdwCleaner[R3].txt - [5358 octets] - [27/10/2014 00:13:41]
AdwCleaner[R4].txt - [1289 octets] - [27/10/2014 10:25:55]
AdwCleaner[R5].txt - [2195 octets] - [31/10/2014 08:00:41]
AdwCleaner[R6].txt - [1994 octets] - [31/10/2014 17:58:58]
AdwCleaner[s0].txt - [5528 octets] - [27/10/2014 00:16:12]
AdwCleaner[s1].txt - [1347 octets] - [27/10/2014 10:29:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R6].txt - [2174 octets] ##########

Länk till kommentar
Dela på andra webbplatser

Jag körde RougeKiller på "huvudkontot" och sen blev det AdwCleaner där också av bara farten. Återkommer med den för "Pappa" som du instruerat om.

Länk till kommentar
Dela på andra webbplatser

"Pappa"

 

 

# AdwCleaner v3.311 - Report created 31/10/2014 at 19:03:07
# Updated 30/09/2014 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)
# Username : Pappa - CRICKE-HP
# Running from : C:\Users\Pappa\Desktop\adwcleaner_3.311.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Found : HKCU\Software\Myfree Codec
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16575

*************************

AdwCleaner[R0].txt - [5122 octets] - [26/10/2014 13:51:02]
AdwCleaner[R1].txt - [5182 octets] - [26/10/2014 14:34:15]
AdwCleaner[R2].txt - [5298 octets] - [27/10/2014 00:08:15]
AdwCleaner[R3].txt - [5358 octets] - [27/10/2014 00:13:41]
AdwCleaner[R4].txt - [1289 octets] - [27/10/2014 10:25:55]
AdwCleaner[R5].txt - [2195 octets] - [31/10/2014 08:00:41]
AdwCleaner[R6].txt - [2254 octets] - [31/10/2014 17:58:58]
AdwCleaner[R7].txt - [1501 octets] - [31/10/2014 19:03:07]
AdwCleaner[s0].txt - [5528 octets] - [27/10/2014 00:16:12]
AdwCleaner[s1].txt - [1347 octets] - [27/10/2014 10:29:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R7].txt - [1681 octets] ##########

Länk till kommentar
Dela på andra webbplatser

"William"

 

 

 

# AdwCleaner v3.311 - Report created 31/10/2014 at 19:21:53
# Updated 30/09/2014 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)
# Username : Cricke - CRICKE-HP
# Running from : C:\Users\William\Desktop\adwcleaner_3.311.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16575

-\\ Google Chrome v

[ File : C:\Users\Gäst A\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [search Provider] : hxxp://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934
Found [search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2452474
Found [search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcnnbie7-sv-se
Found [search Provider] : hxxp://www.daemon-search.com/search?q={searchTerms}
Found [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Found [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Found [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Found [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Found [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Found [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Found [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

*************************

AdwCleaner[R0].txt - [5122 octets] - [26/10/2014 13:51:02]
AdwCleaner[R1].txt - [5182 octets] - [26/10/2014 14:34:15]
AdwCleaner[R2].txt - [5298 octets] - [27/10/2014 00:08:15]
AdwCleaner[R3].txt - [5358 octets] - [27/10/2014 00:13:41]
AdwCleaner[R4].txt - [1289 octets] - [27/10/2014 10:25:55]
AdwCleaner[R5].txt - [2195 octets] - [31/10/2014 08:00:41]
AdwCleaner[R6].txt - [2254 octets] - [31/10/2014 17:58:58]
AdwCleaner[R7].txt - [1761 octets] - [31/10/2014 19:03:07]
AdwCleaner[R8].txt - [2115 octets] - [31/10/2014 19:21:53]
AdwCleaner[s0].txt - [5528 octets] - [27/10/2014 00:16:12]
AdwCleaner[s1].txt - [1347 octets] - [27/10/2014 10:29:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R8].txt - [2295 octets] ##########

Länk till kommentar
Dela på andra webbplatser

Gokväll,

 

Nu tror jag att jag kommit ikapp med alla loggar på de olika kontona... phuuuu... det blev rörigt det här men jag hoppas det ger resultat.

 

Det har dykt upp några "felmeddelanden" de senaste dagarna typ:

 

"CLShed Module har slutat fungera... Stäng och sök efter en lösning osv..."

 

Den senaste nyss sa att denna inte fanns/fungerade "Njeeves.exe"

 

Det har nog varit ett par till men de la jag inte på minnet utan klickade bara bort direkt.

Länk till kommentar
Dela på andra webbplatser

Sorry...

 

 

 

# AdwCleaner v3.311 - Report created 01/11/2014 at 10:31:43
# Updated 30/09/2014 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (32 bits)
# Username : Cricke - CRICKE-HP
# Running from : C:\Users\William\Desktop\adwcleaner_3.311.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16575

-\\ Google Chrome v

[ File : C:\Users\Gäst A\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [search Provider] : hxxp://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934
Deleted [search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2452474
Deleted [search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcnnbie7-sv-se
Deleted [search Provider] : hxxp://www.daemon-search.com/search?q={searchTerms}
Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

*************************

AdwCleaner[R0].txt - [5122 octets] - [26/10/2014 13:51:02]
AdwCleaner[R1].txt - [5182 octets] - [26/10/2014 14:34:15]
AdwCleaner[R2].txt - [5298 octets] - [27/10/2014 00:08:15]
AdwCleaner[R3].txt - [5358 octets] - [27/10/2014 00:13:41]
AdwCleaner[R4].txt - [1289 octets] - [27/10/2014 10:25:55]
AdwCleaner[R5].txt - [2195 octets] - [31/10/2014 08:00:41]
AdwCleaner[R6].txt - [2254 octets] - [31/10/2014 17:58:58]
AdwCleaner[R7].txt - [1761 octets] - [31/10/2014 19:03:07]
AdwCleaner[R8].txt - [2375 octets] - [31/10/2014 19:21:53]
AdwCleaner[R9].txt - [2435 octets] - [01/11/2014 10:23:49]
AdwCleaner[s0].txt - [5528 octets] - [27/10/2014 00:16:12]
AdwCleaner[s1].txt - [1347 octets] - [27/10/2014 10:29:56]
AdwCleaner[s2].txt - [2378 octets] - [01/11/2014 10:31:43]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [2438 octets] ##########

Länk till kommentar
Dela på andra webbplatser

För säkerhets skull kör igenom AdwCleaner på alla kontona och om något hittas så klicka på Clean-knappen.

 

Hur fungerar datorn efter det?

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...