Just nu i M3-nätverket
Gå till innehåll
Eforum är stängt för nya inlägg och svar sedan 20 juni 2022. Klicka för att läsa vad som hände och om alternativ.

Föräldrarnas dator har nog samlat på sig en hel del.

Temp298547562

Startad av Temp298547562,
i Virus, skadliga program & botemedel

Rekommendera Poster

Temp298547562

Temp298547562

Postad
Postad

Föräldrarna dator känns gammal och väldigt seg så jag gjorde en Scan med FRST och här är resultaten. Jag har lite svårt att tyda dem och vet heller inte hur jag ska gå vidare, så jag hoppas att någon vänlig själ kan hjälpa mig.

(Jag skriver detta från en annan dator).




Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2014
Ran by Ägaren (administrator) on XXXXXXX on 12-11-2014 22:36:19
Running from C:\Documents and Settings\Ägaren\Skrivbord
Loaded Profile: Ägaren (Available profiles: Ägaren)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Svenska
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program\Alwil Software\Avast5\AvastSvc.exe
(Apple Inc.) C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe
(Hewlett-Packard Company) C:\WINDOWS\system\hpsysdrv.exe
(Hewlett-Packard Company) C:\Program\HP\hpcoretech\hpcmpmgr.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTHELPER.EXE
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(Creative Technology Ltd) C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
() C:\Program\Razer\Diamondback 3G\razerhid.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(AVAST Software) C:\Program\Alwil Software\Avast5\AvastUI.exe
(Samsung) C:\Program\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
() C:\Program\Razer\Diamondback 3G\razertra.exe
(Hewlett-Packard Co.) C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
(Razer Inc.) C:\Program\Razer\Diamondback 3G\razerofa.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\windows\system\hpsysdrv.exe [52736 1998-05-07] (Hewlett-Packard Company)
HKLM\...\Run: [HP Component Manager] => C:\Program\HP\hpcoretech\hpcmpmgr.exe [241664 2004-05-12] (Hewlett-Packard Company)
HKLM\...\Run: [Recguard] => C:\WINDOWS\SMINST\RECGUARD.EXE [233472 2004-04-14] ()
HKLM\...\Run: [AlcxMonitor] => C:\WINDOWS\ALCXMNTR.EXE [50176 2003-04-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [VTTimer] => VTTimer.exe
HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\CTHELPER.EXE [24576 2003-11-14] (Creative Technology Ltd)
HKLM\...\Run: [AGRSMMSG] => C:\WINDOWS\AGRSMMSG.exe [88209 2005-03-04] (Agere Systems)
HKLM\...\Run: [CTDVDDET] => C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE [45056 2003-06-18] (Creative Technology Ltd)
HKLM\...\Run: [updReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [updateManager] => c:\Program\Delade filer\Sonic\Update Manager\sgtray.exe [110592 2003-08-19] (Sonic Solutions)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [Diamondback] => C:\Program\Razer\Diamondback 3G\razerhid.exe [147456 2007-08-01] ()
HKLM\...\Run: [nwiz] => C:\Program\NVIDIA Corporation\nView\nwiz.exe [1657376 2009-08-12] ()
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [APSDaemon] => C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program\Alwil Software\Avast5\AvastUI.exe [5225064 2014-11-12] (AVAST Software)
HKLM\...\Winlogon: [userinit] C:\WINDOWS\system32\userinit.exe,userinit.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
HKU\S-1-5-21-1131355022-546111532-1923971138-1003\...\Run: [backupNotify] => c:\Program\HP\Digital Imaging\bin\backupnotify.exe [32768 2004-01-09] (Hewlett-Packard Company)
HKU\S-1-5-21-1131355022-546111532-1923971138-1003\...\Run: [Google Update] => C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe [107912 2014-10-26] (Google Inc.)
HKU\S-1-5-21-1131355022-546111532-1923971138-1003\...\Run: [] => C:\Program\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-1131355022-546111532-1923971138-1003\...\MountPoints2: K - K:\Startme.exe
HKU\S-1-5-21-1131355022-546111532-1923971138-1003\...\MountPoints2: {26d29678-d6c0-11de-91bc-00112f4e0cb3} - K:\WDSetup.exe
HKU\S-1-5-21-1131355022-546111532-1923971138-1003\...\MountPoints2: {50dbfcac-3ec1-11dd-8d04-00112f4e0cb3} - L:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [setDefaultMIDI] => C:\WINDOWS\MIDIDEF.EXE [49152 2003-06-21] (Creative Technology Ltd)
HKU\S-1-5-18\...\RunOnce: [startMS] => "C:\Program\Creative\Shared Files\Media Sniffer\StartMS.EXE" /s
HKU\S-1-5-18\...\RunOnce: [CMSRegOW.exe] => "C:\Program\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe" /r
IFEO\Your Image File Name Here without a path: [Debugger]
Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program\Alwil Software\Avast5\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/results.aspx?q={searchTerms}&mkt=sv-SE&FORM=MICVE5
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q304&bd=pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
SearchScopes: HKLM - {26B18350-31A9-4B39-B5C4-5B5B388431DB} URL = http://swedish.toggle.com/sv/index.php?rvs=google
SearchScopes: HKCU - Live Search URL = http://search.live.com/results.aspx?q={searchTerms}&mkt=sv-SE&FORM=MICVE5
SearchScopes: HKCU - {26B18350-31A9-4B39-B5C4-5B5B388431DB} URL = http://swedish.toggle.com/sv/index.php?rvs=google
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live inloggningshjälpen -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: e-kort Helper Class -> {9065E913-4F23-4B47-9B5D-B055D32DB1F3} -> C:\Program\ekort\EKortHelper.dll ()
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - HP-vy - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program\hp\digital imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
Toolbar: HKLM - e-kort Toolbar - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program\ekort\EKortToolbar.dll ()
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} http://www.powerchallange.se/applet/PowerLoader.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} http://a532.g.akamai.net/7/532/6712/6c5b0a1ae398e3/player.virtools.com/downloads/player/Install2.5/Installer.exe
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @bankid.com/BankID säkerhetsprogram,version=5.1.4.3 -> C:\Program\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin: @java.com/JavaPlugin -> C:\Program\Java\jre6\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [ekort@orbiscom] - C:\Program\ekort
FF Extension: e-kort for Firefox - C:\Program\ekort [2009-07-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program\Alwil Software\Avast5\WebRep\FF [2011-11-22]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.se/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-26]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-12]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-11-12]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) [File not signed]
R3 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Apple Mobile Device; C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624 2013-09-07] (Apple Inc.)
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) [File not signed]
R2 avast! Antivirus; C:\Program\Alwil Software\Avast5\AvastSvc.exe [50344 2014-11-12] (AVAST Software)
R3 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Bonjour Service; C:\Program\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
S2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\WINDOWS\System32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126464 2008-04-14] (Microsoft Corporation) [File not signed]
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [225280 2008-04-14] (Microsoft Corporation, Veritas Software) [File not signed]
S3 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed]
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33280 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-09] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\System32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed]
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
S3 fsssvc; C:\Program\Windows Live\Family Safety\fsssvc.exe [704872 2010-04-28] (Microsoft Corporation)
S2 gupdate; C:\Program\Google\Update\GoogleUpdate.exe [107912 2014-10-29] (Google Inc.)
S3 gupdatem; C:\Program\Google\Update\GoogleUpdate.exe [107912 2014-10-29] (Google Inc.)
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) [File not signed]
R2 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) [File not signed]
S3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ImapiService; C:\WINDOWS\System32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) [File not signed]
S3 iPod Service; C:\Program\iPod\bin\iPodService.exe [553288 2013-11-02] (Apple Inc.)
R2 lanmanserver; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
S3 mnmsrvc; C:\WINDOWS\System32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [95744 2008-05-19] (Microsoft Corporation) [File not signed]
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [112640 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [112640 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\WINDOWS\System32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Nla; C:\WINDOWS\System32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation) [File not signed]
S3 NtLmSsp; C:\WINDOWS\System32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435712 2008-04-14] (Microsoft Corporation) [File not signed]
S4 nvsvc; C:\WINDOWS\system32\nvsvc32.exe [168004 2009-08-17] (NVIDIA Corporation) [File not signed]
S3 ose; C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-09] (Microsoft Corporation) [File not signed]
S3 Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [65795 2003-09-18] (HP) [File not signed]
R2 PolicyAgent; C:\WINDOWS\System32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\WINDOWS\System32\locator.exe [75264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
S3 RSVP; C:\WINDOWS\System32\rsvp.exe [132608 2004-02-11] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [98304 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [193024 2008-04-14] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [330752 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed]
R2 srservice; C:\WINDOWS\System32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SwPrv; C:\WINDOWS\System32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [91648 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TermService; C:\WINDOWS\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usprserv; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation) [File not signed]
S3 VSS; C:\WINDOWS\System32\vssvc.exe [290304 2008-04-14] (Microsoft Corporation) [File not signed]
R2 W32Time; C:\WINDOWS\System32\w32time.dll [174080 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R2 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [145408 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation) [File not signed]
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2006-10-18] (Microsoft Corporation) [File not signed]
S3 WmiApSrv; C:\WINDOWS\System32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program\Windows Media Player\WMPNetwk.exe [912384 2006-11-15] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation) [File not signed]
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) [File not signed]
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) [File not signed]
U4 avast! Firewall; "C:\Program\Alwil Software\Avast5\afwServ.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187648 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [11776 2004-02-11] (Microsoft Corporation) [File not signed]
R3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) [File not signed]
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [43672 2004-01-01] (Oak Technology Inc.)
R3 AgereSoftModem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [1066278 2005-03-04] (Agere Systems) [File not signed]
S3 ALCXSENS; C:\WINDOWS\System32\drivers\ALCXSENS.SYS [391424 2003-12-12] (Sensaura Ltd) [File not signed]
S3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [611836 2004-02-14] (Realtek Semiconductor Corp.) [File not signed]
R3 Arp1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [60800 2008-04-13] (Microsoft Corporation) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-12] ()
R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [18544 2012-08-21] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-12] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [422760 2014-11-12] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-12] ()
R3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-13] (Microsoft Corporation) [File not signed]
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-13] (Microsoft Corporation) [File not signed]
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [271360 2007-04-21] () [File not signed]
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-13] (Microsoft Corporation) [File not signed]
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-18] (Microsoft Corporation) [File not signed]
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2004-02-11] (Microsoft Corporation) [File not signed]
R3 Cap7134; C:\WINDOWS\System32\DRIVERS\Cap7134.sys [333664 2003-12-25] (Philips Semiconductors) [File not signed]
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2004-02-11] (Microsoft Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) [File not signed]
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2004-02-11] (Microsoft Corporation) [File not signed]
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-13] (Microsoft Corporation) [File not signed]
R3 ctac32k; C:\WINDOWS\System32\drivers\ctac32k.sys [645360 2003-11-14] (Creative Technology Ltd) [File not signed]
R3 ctaud2k; C:\WINDOWS\System32\drivers\ctaud2k.sys [366480 2004-02-06] (Creative Technology Ltd) [File not signed]
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [333600 2003-11-13] (Creative Technology Ltd) [File not signed]
R3 ctprxy2k; C:\WINDOWS\System32\drivers\ctprxy2k.sys [6096 2003-11-14] (Creative Technology Ltd) [File not signed]
R3 ctsfm2k; C:\WINDOWS\System32\drivers\ctsfm2k.sys [130288 2003-11-14] (Creative Technology Ltd) [File not signed]
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-13] (Microsoft Corporation) [File not signed]
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [800000 2008-04-14] (Microsoft Corporation, Veritas Software) [File not signed]
S4 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153856 2008-04-14] (Microsoft Corporation, Veritas Software) [File not signed]
S4 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2004-02-11] (Microsoft Corp., Veritas Software.) [File not signed]
R3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Corporation) [File not signed]
S3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-18] (3Com Corporation) [File not signed]
R3 emupia; C:\WINDOWS\System32\drivers\emupia2k.sys [145488 2003-11-14] (Creative Technology Ltd) [File not signed]
R4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-13] (Microsoft Corporation) [File not signed]
S3 Fdc; C:\WINDOWS\System32\DRIVERS\fdc.sys [27392 2008-04-13] (Microsoft Corporation) [File not signed]
S3 FETNDISB; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [41984 2003-11-12] (VIA Technologies, Inc.              ) [File not signed]
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Flpydisk; C:\WINDOWS\System32\DRIVERS\flpydisk.sys [20480 2008-04-13] (Microsoft Corporation) [File not signed]
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-13] (Microsoft Corporation) [File not signed]
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2004-02-11] (Microsoft Corporation) [File not signed]
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125696 2004-02-11] (Microsoft Corporation) [File not signed]
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-13] (Microsoft Corporation) [File not signed]
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [904496 2003-11-14] (Creative Technology Ltd) [File not signed]
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [148432 2003-11-14] (Creative Technology Ltd) [File not signed]
R3 HidUsb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-13] (Microsoft Corporation) [File not signed]
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51056 2003-05-14] (HP) [File not signed]
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2003-05-14] (HP) [File not signed]
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21488 2003-09-18] (HP) [File not signed]
S3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed]
S1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [711005 2004-04-20] (Intel Corporation) [File not signed]
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-13] (Microsoft Corporation) [File not signed]
R0 IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R1 intelppm; C:\WINDOWS\System32\DRIVERS\intelppm.sys [40320 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ip6fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-13] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2004-02-11] (Microsoft Corporation) [File not signed]
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-13] (Microsoft Corporation) [File not signed]
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-13] (Microsoft Corporation) [File not signed]
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-13] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-13] (Microsoft Corporation) [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37504 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [21060 2003-09-10] (InterVideo, Inc.) [File not signed]
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24832 2008-04-14] (Microsoft Corporation) [File not signed]
R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14720 2008-04-14] (Microsoft Corporation) [File not signed]
R3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Corporation) [File not signed]
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2007-04-21] () [File not signed]
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2004-02-11] (Microsoft Corporation) [File not signed]
R3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30208 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23296 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2001-09-06] (Microsoft Corporation) [File not signed]
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-13] (Microsoft Corporation) [File not signed]
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-13] (Microsoft Corporation) [File not signed]
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-13] (Microsoft Corporation) [File not signed]
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-13] (Microsoft Corporation) [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-13] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-13] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NIC1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [61824 2008-04-13] (Microsoft Corporation) [File not signed]
S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-13] (Microsoft Corporation) [File not signed]
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2004-02-11] (Microsoft Corporation) [File not signed]
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [7729568 2009-08-17] (NVIDIA Corporation) [File not signed]
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2004-02-11] (Microsoft Corporation) [File not signed]
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2004-02-11] (Microsoft Corporation) [File not signed]
R0 ohci1394; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [61696 2008-04-13] (Microsoft Corporation) [File not signed]
R3 ossrv; C:\WINDOWS\System32\drivers\ctoss2k.sys [178672 2003-11-14] (Creative Technology Ltd.) [File not signed]
R3 Parport; C:\WINDOWS\System32\DRIVERS\parport.sys [80128 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-13] (Microsoft Corporation) [File not signed]
R2 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6912 2004-02-12] (Microsoft Corporation) [File not signed]
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2004-02-12] (Microsoft Corporation) [File not signed]
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120320 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2003-09-19] (Padus, Inc.) [File not signed]
R2 PfModNT; C:\WINDOWS\System32\drivers\PfModNT.sys [15840 2003-03-05] (Creative Technology Ltd.) [File not signed]
R3 PhTVTune; C:\WINDOWS\System32\DRIVERS\PhTVTune.sys [24192 2003-12-25] (Philips Semiconductors) [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-13] (Microsoft Corporation) [File not signed]
S1 Processor; C:\WINDOWS\System32\DRIVERS\processr.sys [39808 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Ps2; C:\WINDOWS\System32\DRIVERS\PS2.sys [14112 2001-06-04] (Hewlett-Packard Company) [File not signed]
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2004-02-11] (Parallel Technologies, Inc.) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20176 2004-03-03] (Sonic Solutions) [File not signed]
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2004-02-11] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-13] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2004-02-11] (Microsoft Corporation) [File not signed]
R3 Razerlow; C:\WINDOWS\System32\Drivers\DB3G.sys [13225 2005-04-24] (Razer (Asia-Pacific) Pte Ltd) [File not signed]
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-13] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2004-02-12] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation) [File not signed]
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [58240 2008-04-14] (Microsoft Corporation) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [46976 2002-10-04] (Realtek Semiconductor Corporation       ) [File not signed]
S3 s0017bus; C:\WINDOWS\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\WINDOWS\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\WINDOWS\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\WINDOWS\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\WINDOWS\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\WINDOWS\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\WINDOWS\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
R2 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2007-11-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 seehcri; C:\WINDOWS\System32\DRIVERS\seehcri.sys [27632 2010-05-22] (Sony Ericsson Mobile Communications) [File not signed]
S3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-13] (Microsoft Corporation) [File not signed]
S1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [64768 2008-04-14] (Microsoft Corporation) [File not signed]
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-13] (Microsoft Corporation) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed]
S3 SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [432000 2004-01-02] (Silicon Integrated Systems Corporation) [File not signed]
R0 SISAGP; C:\WINDOWS\System32\DRIVERS\SISAGPX.sys [36992 2003-07-18] (Silicon Integrated Systems Corporation) [File not signed]
R1 SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [11520 2004-01-02] (Silicon Integrated Systems Corporation) [File not signed]
S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation) [File not signed]
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Corporation) [File not signed]
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73344 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation) [File not signed]
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-13] (Microsoft Corporation) [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Corporation) [File not signed]
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) [File not signed]
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-13] (Microsoft Corporation) [File not signed]
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-17] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-03] (Microsoft Corporation) [File not signed]
R3 USBSTOR; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [20608 2008-04-13] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-13] (Microsoft Corporation) [File not signed]
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.) [File not signed]
S3 viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [134144 2004-02-04] (Copyright © VIA/S3 Graphics, Inc.) [File not signed]
R0 ViaIde; C:\WINDOWS\System32\DRIVERS\viaide.sys [5376 2008-04-13] (Microsoft Corporation) [File not signed]
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52864 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-13] (Microsoft Corporation) [File not signed]
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Corporation) [File not signed]
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation) [File not signed]
R0 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation) [File not signed]
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] (Microsoft Corporation) [File not signed]
S3 efipsk; \??\C:\DOCUME~1\GAREN~1\LOKALA~1\Temp\efipsk.sys [X]
S3 F-Secure Standalone Minifilter; \??\C:\DOCUME~1\GAREN~1\LOKALA~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys [X]
S0 IFP700; system32\drivers\ifp700.sys [X]
S2 npkcrypt; \??\C:\Program\NEXON\EuropeMapleStory\npkcrypt.sys [X]
S3 npkcusb; \??\C:\Program\NEXON\EuropeMapleStory\npkcusb.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) [File not signed]
S2 vcs; \??\C:\Documents and Settings\Ägaren\Mina dokument\Mina mottagna filer\voice\voice\vcs.sys [X]
S3 XDva098; \??\C:\WINDOWS\system32\XDva098.sys [X]
S3 XDva136; \??\C:\WINDOWS\system32\XDva136.sys [X]
S3 XDva143; \??\C:\WINDOWS\system32\XDva143.sys [X]
S3 XDva145; \??\C:\WINDOWS\system32\XDva145.sys [X]
S3 XDva170; \??\C:\WINDOWS\system32\XDva170.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 22:36 - 2014-11-12 22:36 - 00047870 _____ () C:\Documents and Settings\Ägaren\Skrivbord\FRST.txt
2014-11-12 22:27 - 2014-11-12 22:36 - 00000000 ____D () C:\FRST
2014-11-12 22:26 - 2014-11-12 22:35 - 01107968 _____ (Farbar) C:\Documents and Settings\Ägaren\Skrivbord\FRST.exe
2014-11-12 22:24 - 2014-11-12 22:24 - 00018701 _____ () C:\WINDOWS\setupapi.log
2014-11-12 18:58 - 2014-11-12 18:58 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-11-12 18:58 - 2014-11-12 18:58 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\AVAST Software
2014-11-12 18:49 - 2014-11-12 18:49 - 00001697 _____ () C:\Documents and Settings\All Users\Skrivbord\Avast Free Antivirus.lnk
2014-11-12 18:48 - 2014-11-12 18:48 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-11-12 18:48 - 2014-11-12 18:48 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-11-12 18:48 - 2014-11-12 18:48 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-11-12 18:44 - 2014-11-12 18:48 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-11-12 18:44 - 2014-11-12 18:48 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-11-12 18:44 - 2014-11-12 18:48 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-11-12 18:44 - 2014-11-12 18:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-10-22 17:26 - 2014-10-22 17:26 - 00000000 ____D () C:\Program\ESET
2014-10-21 14:39 - 2014-10-21 14:39 - 00000060 _____ () C:\WINDOWS\setupact.log
2014-10-21 14:39 - 2014-10-21 14:39 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-10-21 14:31 - 2014-10-21 14:31 - 00000000 ____D () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Sony
2014-10-21 14:29 - 2014-10-21 14:29 - 00000000 ____D () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Samsung
2014-10-16 17:37 - 2014-10-16 17:37 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-16 17:28 - 2014-10-16 17:29 - 00000000 ____D () C:\Program\Malwarebytes Anti-Malware
2014-10-16 17:28 - 2014-05-12 06:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 22:36 - 2004-01-01 18:24 - 00000000 ____D () C:\Documents and Settings\Ägaren\Skrivbord
2014-11-12 22:36 - 2004-01-01 18:24 - 00000000 ____D () C:\Documents and Settings\Ägaren\Lokala inställningar\Temp
2014-11-12 22:35 - 2011-11-24 17:06 - 00000000 ____D () C:\Documents and Settings\Ägaren\Skrivbord\Chrome Nerladdat
2014-11-12 22:35 - 2005-05-17 19:07 - 00000342 _____ () C:\WINDOWS\Tasks\Symantec NetDetect.job
2014-11-12 22:21 - 2010-02-02 11:09 - 00000970 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-12 22:11 - 2004-10-01 13:40 - 01707770 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-12 22:10 - 2004-01-01 18:24 - 00032550 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-12 22:09 - 2004-01-02 02:09 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-12 22:07 - 2014-03-23 13:04 - 00000224 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP - Inloggningsmeddelande gällande när tjänsten upphör.job
2014-11-12 22:07 - 2012-09-21 11:28 - 00000354 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-11-12 22:07 - 2010-02-02 11:09 - 00000966 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-12 22:07 - 2009-08-17 03:03 - 00249324 _____ () C:\WINDOWS\system32\NvApps.xml
2014-11-12 22:07 - 2004-09-11 18:00 - 00000188 _____ () C:\WINDOWS\system\hpsysdrv.DAT
2014-11-12 22:07 - 2004-01-01 19:16 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-11-12 22:07 - 2004-01-01 19:16 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-11-12 22:07 - 2004-01-01 18:21 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-12 21:00 - 2004-09-11 18:16 - 00001080 _____ () C:\WINDOWS\system32\settingsbkup.sfm
2014-11-12 21:00 - 2004-09-11 18:16 - 00001080 _____ () C:\WINDOWS\system32\settings.sfm
2014-11-12 21:00 - 2004-09-11 17:56 - 00000384 _____ () C:\WINDOWS\system32\DVCStateBkp-{00000003-00000000-00000006-00001102-00000004-20051102}.dat
2014-11-12 21:00 - 2004-09-11 17:56 - 00000384 _____ () C:\WINDOWS\system32\DVCState-{00000003-00000000-00000006-00001102-00000004-20051102}.dat
2014-11-12 20:58 - 2013-08-17 15:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-12 20:53 - 2005-05-11 20:00 - 100445232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-12 20:52 - 2004-09-11 17:56 - 04932268 _____ () C:\WINDOWS\{00000003-00000000-00000006-00001102-00000004-20051102}.CDF
2014-11-12 20:52 - 2004-01-01 18:24 - 00000304 ___SH () C:\Documents and Settings\Ägaren\ntuser.ini
2014-11-12 20:42 - 2013-02-23 20:46 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-12 20:06 - 2011-11-24 17:01 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1131355022-546111532-1923971138-1003UA.job
2014-11-12 20:06 - 2011-11-24 17:01 - 00001038 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1131355022-546111532-1923971138-1003Core.job
2014-11-12 19:42 - 2013-02-23 20:46 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-11-12 19:42 - 2012-02-28 19:51 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-11-12 19:08 - 2010-02-25 22:14 - 00000000 ____D () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Temp
2014-11-12 18:49 - 2004-01-01 19:13 - 00000000 ____D () C:\Documents and Settings\All Users\Skrivbord
2014-11-12 18:49 - 2004-01-01 15:37 - 00000000 ___RD () C:\Documents and Settings\All Users\Start-meny\Program
2014-11-12 18:48 - 2011-01-21 18:49 - 00422760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-11-12 18:48 - 2011-01-21 18:49 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-11-12 18:48 - 2011-01-21 18:49 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-11-12 18:47 - 2011-11-22 18:01 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-11-12 18:44 - 2004-01-01 18:21 - 00002578 ____C () C:\WINDOWS\system32\CONFIG.NT
2014-11-12 17:45 - 2009-08-11 16:05 - 00000412 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{0DEEA983-823A-4DFB-910E-88E2A22D1AB5}.job
2014-11-08 20:08 - 2014-03-23 13:04 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP - Månatligt meddelande gällande när tjänsten upphör.job
2014-11-05 16:32 - 2009-10-21 15:33 - 00000448 _____ () C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
2014-10-29 14:16 - 2004-01-01 15:37 - 00000000 ___RD () C:\Program
2014-10-26 19:48 - 2004-01-02 02:09 - 00448012 ____C () C:\WINDOWS\system32\perfh01D.dat
2014-10-26 19:48 - 2004-01-02 02:09 - 00085626 ____C () C:\WINDOWS\system32\perfc01D.dat
2014-10-26 19:48 - 2004-01-01 19:14 - 01067040 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-21 15:20 - 2013-11-13 17:24 - 00191248 _____ () C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat
2014-10-21 14:32 - 2004-01-01 15:37 - 00000000 ___RD () C:\Documents and Settings\Ägaren\Mina dokument
2014-10-21 14:29 - 2004-01-01 15:37 - 00000000 ___RD () C:\Documents and Settings\Ägaren\Start-meny\Program
2014-10-16 20:17 - 2009-11-21 18:25 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\vlc
2014-10-16 18:02 - 2012-10-25 17:37 - 00000000 ____D () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\CRE
2014-10-16 17:29 - 2013-03-01 13:45 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\Malwarebytes
2014-10-16 17:28 - 2014-01-10 13:42 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-10-16 17:19 - 2010-05-22 20:41 - 00000000 ____D () C:\Program\Sony Ericsson
2014-10-16 17:17 - 2004-09-30 21:05 - 00121344 ____C () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-15 23:20 - 2004-01-01 19:13 - 00157160 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-15 20:42 - 2004-10-16 16:36 - 00035544 ____C () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\GDIPFONTCACHEV1.DAT
2014-10-15 20:18 - 2004-01-01 15:37 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokument
2014-10-15 20:10 - 2005-01-08 22:18 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\Skype
2014-10-15 19:48 - 2012-09-21 13:27 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\Dropbox
2014-10-15 19:48 - 2010-05-22 21:08 - 00000000 ____D () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Sony Ericsson
2014-10-15 19:26 - 2013-11-13 16:42 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\Samsung
2014-10-15 14:25 - 2011-10-21 17:05 - 00060416 __SHC () C:\WINDOWS\Thumbs.db
2014-10-15 14:14 - 2009-11-21 19:23 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\dvdcss

Files to move or delete:
====================
C:\Documents and Settings\All Users\hash.dat
C:\Documents and Settings\Ägaren\jogl.dll


Some content of TEMP:
====================
C:\Documents and Settings\Ägaren\Lokala inställningar\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4poiwc.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2004-01-01 15:12] - [2008-04-14 17:05] - 1034240 ____A (Microsoft Corporation) 74bb7dcd2bfdcc0e52869db3582ca781     

C:\WINDOWS\system32\winlogon.exe
[2004-01-01 15:16] - [2008-04-14 17:05] - 0507904 ____A (Microsoft Corporation) abd2d070be76a9386a0a283a332e3862     

C:\WINDOWS\system32\svchost.exe
[2004-01-01 15:14] - [2008-04-14 17:05] - 0014336 ____A (Microsoft Corporation) 6ccef19d7301d9861f90e299c798ad3f     

C:\WINDOWS\system32\services.exe
[2004-01-01 15:14] - [2009-02-09 12:27] - 0110592 ____A (Microsoft Corporation) 8870b0c4a094c1ce80cea6f85fa38ff2     

C:\WINDOWS\system32\User32.dll
[2004-01-02 02:09] - [2008-04-14 17:04] - 0578560 ____A (Microsoft Corporation) e3cf0ec59316ea8e856db1e1f442cd57     

C:\WINDOWS\system32\userinit.exe
[2004-01-01 15:16] - [2008-04-14 17:05] - 0026112 ____A (Microsoft Corporation) 317799a2e42b5ea048a8a70f482cba9f     

C:\WINDOWS\system32\rpcss.dll
[2004-01-01 20:03] - [2009-02-09 11:56] - 0401408 ____A (Microsoft Corporation) 87dadc3f6e6cd5aaeb913e19cbff922c     

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-01-01 15:16] - [2008-04-14 16:36] - 0052864 ____A (Microsoft Corporation) 57187ec04878147e1f4f2d9224b12205     


==================== End Of Log ============================


 

Addition.txt

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

1. Total physical RAM: 1023.29 MB

Det är nog en stor anledning till att datorn är seg. Med modernt antivirusprogram, dagens allt tyngre webbsidor mm går det inte att få en gammal Pentium 4 dator med bara 1 GB RAM att bli något annat än seg.

 

2. Avinstallera:

Java™ 6 Update 31

Det är en mycket gammal version med mängder av kända säkerhetshål som gör det lätt att infektera datorn från en webbsida. De flesta klarar sig bra utan att ha Java installerat men om man måste är det mycket viktigt att alltid ha senaste versionen, vilket är Java 8 Update 25 för närvarande.

 

3. Det finns lite kvar av annonsprogram som andra program har hållit på och tagit bort.

Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på Report-knappen.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt

 

4. Gå igenom alla installerade program och kolla att de verkligen behövs fortfarande, t ex är det fortfarande tre sorters mobiler som ska anslutas:

Apple Mobile Device Support

Samsung Kies

Media Go från Sony

 

5. Sen finns det en del rester av tidigare antivirusprogram som går att rensa bort, men först gäller det att ta bort annonsprogrammen.

Länk till kommentar
Dela på andra webbplatser
Temp298547562

Temp298547562

Postad
  • Trådskapare
Postad

Jo att den sjunger på sista versen förstår jag. Men jag trodde ändå att det skulle vara tillräckligt för att surfa och kolla Outlook.
De flesta Java versioner har jag avinstallerat men just den där Java™ 6 Update 31 vägrar försvinna.
Ett av mobilprogrammen kan jag ta bort iallafall.

Och här kommer loggen från AdwCleaner:




# AdwCleaner v4.101 - Report created 13/11/2014 at 02:23:29
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Ägaren - XXXXXXX
# Running from : C:\Documents and Settings\Ägaren\Skrivbord\adwcleaner_4.101.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Conduit
Folder Found : C:\Program\Conduit

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Found : HKCU\Software\Smartbar
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BF0118D4-63FF-4138-9327-F3028FB1A578}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Found : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [2385 octets] - [13/11/2014 02:23:29]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2445 octets] ##########

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

1. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

 

Klicka på Clean-knappen.

Tryck på OK.

Tryck på OK fler gånger om det kommer upp meddelanden.

 

Datorn kommer att startas om.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s0].txt

 

 

2. Kör FRST igen och klistra in den nya FRST.txt så får vi se vad som är kvar.

 

 

3. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Välj alternativet Enable detection of potentially unwanted applications.

 

Klicka på Advanced Settings.

Ta bort bocken framför Remove found threats.

Bocka för:

Scan Archives

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Start

 

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Länk till kommentar
Dela på andra webbplatser
Temp298547562

Temp298547562

Postad
  • Trådskapare
Postad

Här är rapporten från AdwCleaner efter att den rensat:




# AdwCleaner v4.101 - Report created 13/11/2014 at 02:59:18
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Ägaren - XXXXXXX
# Running from : C:\Documents and Settings\Ägaren\Skrivbord\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program\Conduit
Folder Deleted : C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Conduit

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF0118D4-63FF-4138-9327-F3028FB1A578}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [2525 octets] - [13/11/2014 02:23:29]
AdwCleaner[s0].txt - [2458 octets] - [13/11/2014 02:59:18]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2518 octets] ##########

Länk till kommentar
Dela på andra webbplatser
Temp298547562

Temp298547562

Postad
  • Trådskapare
Postad

Och här är rapporten från FRST:

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2014
Ran by Ägaren (administrator) on XXXXXXX on 13-11-2014 16:25:18
Running from C:\Documents and Settings\Ägaren\Skrivbord
Loaded Profile: Ägaren (Available profiles: Ägaren)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Svenska
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program\Alwil Software\Avast5\AvastSvc.exe
(Apple Inc.) C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\system32\MsPMSPSv.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Hewlett-Packard Company) C:\WINDOWS\system\hpsysdrv.exe
(Hewlett-Packard Company) C:\Program\HP\hpcoretech\hpcmpmgr.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTHELPER.EXE
(Agere Systems) C:\WINDOWS\AGRSMMSG.exe
(Creative Technology Ltd) C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
() C:\Program\Razer\Diamondback 3G\razerhid.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(AVAST Software) C:\Program\Alwil Software\Avast5\AvastUI.exe
(Samsung) C:\Program\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Hewlett-Packard Co.) C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
(Razer Inc.) C:\Program\Razer\Diamondback 3G\razerofa.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
() C:\Program\Razer\Diamondback 3G\razertra.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\windows\system\hpsysdrv.exe [52736 1998-05-07] (Hewlett-Packard Company)
HKLM\...\Run: [HP Component Manager] => C:\Program\HP\hpcoretech\hpcmpmgr.exe [241664 2004-05-12] (Hewlett-Packard Company)
HKLM\...\Run: [Recguard] => C:\WINDOWS\SMINST\RECGUARD.EXE [233472 2004-04-14] ()
HKLM\...\Run: [AlcxMonitor] => C:\WINDOWS\ALCXMNTR.EXE [50176 2003-04-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [VTTimer] => VTTimer.exe
HKLM\...\Run: [CTHelper] => C:\WINDOWS\system32\CTHELPER.EXE [24576 2003-11-14] (Creative Technology Ltd)
HKLM\...\Run: [AGRSMMSG] => C:\WINDOWS\AGRSMMSG.exe [88209 2005-03-04] (Agere Systems)
HKLM\...\Run: [CTDVDDET] => C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE [45056 2003-06-18] (Creative Technology Ltd)
HKLM\...\Run: [updReg] => C:\WINDOWS\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [updateManager] => c:\Program\Delade filer\Sonic\Update Manager\sgtray.exe [110592 2003-08-19] (Sonic Solutions)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [Diamondback] => C:\Program\Razer\Diamondback 3G\razerhid.exe [147456 2007-08-01] ()
HKLM\...\Run: [nwiz] => C:\Program\NVIDIA Corporation\nView\nwiz.exe [1657376 2009-08-12] ()
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [APSDaemon] => C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program\Alwil Software\Avast5\AvastUI.exe [5225064 2014-11-12] (AVAST Software)
HKLM\...\Winlogon: [userinit] C:\WINDOWS\system32\userinit.exe,userinit.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxsrvc.dll (Intel Corporation)
HKU\S-1-5-21-1131355022-546111532-1923971138-1003\...\Run: [backupNotify] => c:\Program\HP\Digital Imaging\bin\backupnotify.exe [32768 2004-01-09] (Hewlett-Packard Company)
HKU\S-1-5-21-1131355022-546111532-1923971138-1003\...\Run: [Google Update] => C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe [107912 2014-10-26] (Google Inc.)
HKU\S-1-5-21-1131355022-546111532-1923971138-1003\...\Run: [] => C:\Program\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-11-06] (Samsung)
HKU\S-1-5-21-1131355022-546111532-1923971138-1003\...\MountPoints2: K - K:\Startme.exe
HKU\S-1-5-21-1131355022-546111532-1923971138-1003\...\MountPoints2: {26d29678-d6c0-11de-91bc-00112f4e0cb3} - K:\WDSetup.exe
HKU\S-1-5-21-1131355022-546111532-1923971138-1003\...\MountPoints2: {50dbfcac-3ec1-11dd-8d04-00112f4e0cb3} - L:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [setDefaultMIDI] => C:\WINDOWS\MIDIDEF.EXE [49152 2003-06-21] (Creative Technology Ltd)
HKU\S-1-5-18\...\RunOnce: [startMS] => "C:\Program\Creative\Shared Files\Media Sniffer\StartMS.EXE" /s
HKU\S-1-5-18\...\RunOnce: [CMSRegOW.exe] => "C:\Program\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\CMSRegOW.exe" /r
IFEO\Your Image File Name Here without a path: [Debugger]
Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program\Alwil Software\Avast5\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.live.com/results.aspx?q={searchTerms}&mkt=sv-SE&FORM=MICVE5
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=SV_SE&c=Q304&bd=pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
SearchScopes: HKLM - {26B18350-31A9-4B39-B5C4-5B5B388431DB} URL = http://swedish.toggle.com/sv/index.php?rvs=google
SearchScopes: HKCU - Live Search URL = http://search.live.com/results.aspx?q={searchTerms}&mkt=sv-SE&FORM=MICVE5
SearchScopes: HKCU - {26B18350-31A9-4B39-B5C4-5B5B388431DB} URL = http://swedish.toggle.com/sv/index.php?rvs=google
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live inloggningshjälpen -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: e-kort Helper Class -> {9065E913-4F23-4B47-9B5D-B055D32DB1F3} -> C:\Program\ekort\EKortHelper.dll ()
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKLM - HP-vy - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program\hp\digital imaging\bin\hpdtlk02.dll (Hewlett-Packard Company)
Toolbar: HKLM - e-kort Toolbar - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program\ekort\EKortToolbar.dll ()
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} http://www.powerchallange.se/applet/PowerLoader.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/buxus/docs/OnlineScanner.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} http://a532.g.akamai.net/7/532/6712/6c5b0a1ae398e3/player.virtools.com/downloads/player/Install2.5/Installer.exe
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @bankid.com/BankID säkerhetsprogram,version=5.1.4.3 -> C:\Program\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin: @java.com/JavaPlugin -> C:\Program\Java\jre6\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [ekort@orbiscom] - C:\Program\ekort
FF Extension: e-kort for Firefox - C:\Program\ekort [2009-07-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program\Alwil Software\Avast5\WebRep\FF [2011-11-22]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.se/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-26]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-12]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-11-12]
CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 Alerter; C:\WINDOWS\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Corporation) [File not signed]
R3 ALG; C:\WINDOWS\System32\alg.exe [44544 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Apple Mobile Device; C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624 2013-09-07] (Apple Inc.)
R2 AudioSrv; C:\WINDOWS\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Corporation) [File not signed]
R2 avast! Antivirus; C:\Program\Alwil Software\Avast5\AvastSvc.exe [50344 2014-11-12] (AVAST Software)
R3 BITS; C:\WINDOWS\system32\qmgr.dll [409088 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Bonjour Service; C:\Program\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
S2 Browser; C:\WINDOWS\System32\browser.dll [78336 2012-07-06] (Microsoft Corporation) [File not signed]
S3 CiSvc; C:\WINDOWS\system32\cisvc.exe [5632 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ClipSrv; C:\WINDOWS\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\WINDOWS\System32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\WINDOWS\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\WINDOWS\System32\dhcpcsvc.dll [126464 2008-04-14] (Microsoft Corporation) [File not signed]
S3 dmadmin; C:\WINDOWS\System32\dmadmin.exe [225280 2008-04-14] (Microsoft Corporation, Veritas Software) [File not signed]
S3 dmserver; C:\WINDOWS\System32\dmserver.dll [23552 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [45568 2009-04-20] (Microsoft Corporation) [File not signed]
S3 Dot3svc; C:\WINDOWS\System32\dot3svc.dll [132608 2008-04-14] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\WINDOWS\System32\eapsvc.dll [33280 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ERSvc; C:\WINDOWS\System32\ersvc.dll [23040 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Eventlog; C:\WINDOWS\system32\services.exe [110592 2009-02-09] (Microsoft Corporation) [File not signed]
R3 EventSystem; C:\WINDOWS\System32\es.dll [253952 2008-07-07] (Microsoft Corporation) [File not signed]
R3 FastUserSwitchingCompatibility; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
S3 fsssvc; C:\Program\Windows Live\Family Safety\fsssvc.exe [704872 2010-04-28] (Microsoft Corporation)
S2 gupdate; C:\Program\Google\Update\GoogleUpdate.exe [107912 2014-10-29] (Google Inc.)
S3 gupdatem; C:\Program\Google\Update\GoogleUpdate.exe [107912 2014-10-29] (Google Inc.)
R2 helpsvc; C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Corporation) [File not signed]
R2 HidServ; C:\WINDOWS\System32\hidserv.dll [21504 2008-04-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\WINDOWS\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Corporation) [File not signed]
S3 HTTPFilter; C:\WINDOWS\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ImapiService; C:\WINDOWS\System32\imapi.exe [150528 2008-04-14] (Microsoft Corporation) [File not signed]
S3 iPod Service; C:\Program\iPod\bin\iPodService.exe [553288 2013-11-02] (Apple Inc.)
R2 lanmanserver; C:\WINDOWS\System32\srvsvc.dll [99840 2010-08-27] (Microsoft Corporation) [File not signed]
R2 lanmanworkstation; C:\WINDOWS\System32\wkssvc.dll [132096 2009-06-10] (Microsoft Corporation) [File not signed]
R2 LmHosts; C:\WINDOWS\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Messenger; C:\WINDOWS\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Corporation) [File not signed]
S3 mnmsrvc; C:\WINDOWS\System32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\WINDOWS\System32\msdtc.exe [6144 2008-04-14] (Microsoft Corporation) [File not signed]
S3 MSIServer; C:\WINDOWS\System32\msiexec.exe [95744 2008-05-19] (Microsoft Corporation) [File not signed]
S3 napagent; C:\WINDOWS\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDE; C:\WINDOWS\system32\netdde.exe [112640 2008-04-14] (Microsoft Corporation) [File not signed]
S4 NetDDEdsdm; C:\WINDOWS\system32\netdde.exe [112640 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\WINDOWS\System32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\WINDOWS\System32\netman.dll [198144 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Nla; C:\WINDOWS\System32\mswsock.dll [247296 2008-06-20] (Microsoft Corporation) [File not signed]
S3 NtLmSsp; C:\WINDOWS\System32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 NtmsSvc; C:\WINDOWS\system32\ntmssvc.dll [435712 2008-04-14] (Microsoft Corporation) [File not signed]
S4 nvsvc; C:\WINDOWS\system32\nvsvc32.exe [168004 2009-08-17] (NVIDIA Corporation) [File not signed]
S3 ose; C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 PlugPlay; C:\WINDOWS\system32\services.exe [110592 2009-02-09] (Microsoft Corporation) [File not signed]
S3 Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [65795 2003-09-18] (HP) [File not signed]
R2 PolicyAgent; C:\WINDOWS\System32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ProtectedStorage; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RasAuto; C:\WINDOWS\System32\rasauto.dll [88576 2008-04-14] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\WINDOWS\System32\rasmans.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RDSessMgr; C:\WINDOWS\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [53248 2008-04-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\WINDOWS\System32\locator.exe [75264 2008-04-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [401408 2009-02-09] (Microsoft Corporation) [File not signed]
S3 RSVP; C:\WINDOWS\System32\rsvp.exe [132608 2004-02-11] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\WINDOWS\system32\lsass.exe [13312 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\WINDOWS\System32\SCardSvr.exe [98304 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\WINDOWS\system32\schedsvc.dll [193024 2008-04-14] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\WINDOWS\System32\seclogon.dll [18944 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\WINDOWS\system32\sens.dll [39424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [330752 2008-04-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\WINDOWS\system32\spoolsv.exe [58880 2010-08-17] (Microsoft Corporation) [File not signed]
R2 srservice; C:\WINDOWS\System32\srsvc.dll [171008 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SSDPSRV; C:\WINDOWS\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\WINDOWS\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SwPrv; C:\WINDOWS\System32\dllhost.exe [5120 2008-04-14] (Microsoft Corporation) [File not signed]
S3 SysmonLog; C:\WINDOWS\system32\smlogsvc.exe [91648 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\WINDOWS\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Corporation) [File not signed]
R3 TermService; C:\WINDOWS\System32\termsrv.dll [295424 2008-04-14] (Microsoft Corporation) [File not signed]
R2 Themes; C:\WINDOWS\System32\shsvcs.dll [135168 2009-07-28] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\WINDOWS\system32\trkwks.dll [90112 2008-04-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\WINDOWS\System32\upnphost.dll [186368 2008-04-14] (Microsoft Corporation) [File not signed]
S3 UPS; C:\WINDOWS\System32\ups.exe [18432 2008-04-14] (Microsoft Corporation) [File not signed]
S3 usprserv; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation) [File not signed]
S3 VSS; C:\WINDOWS\System32\vssvc.exe [290304 2008-04-14] (Microsoft Corporation) [File not signed]
R2 W32Time; C:\WINDOWS\System32\w32time.dll [174080 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WebClient; C:\WINDOWS\System32\webclnt.dll [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R2 winmgmt; C:\WINDOWS\system32\wbem\WMIsvc.dll [145408 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [53520 2000-06-26] (Microsoft Corporation) [File not signed]
S3 WmdmPmSN; C:\WINDOWS\system32\MsPMSNSv.dll [27136 2006-10-18] (Microsoft Corporation) [File not signed]
S3 WmiApSrv; C:\WINDOWS\System32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Corporation) [File not signed]
S3 WMPNetworkSvc; C:\Program\Windows Media Player\WMPNetwk.exe [912384 2006-11-15] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\WINDOWS\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\WINDOWS\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Corporation) [File not signed]
R2 WudfSvc; C:\WINDOWS\System32\WUDFSvc.dll [55808 2006-09-28] (Microsoft Corporation) [File not signed]
R2 WZCSVC; C:\WINDOWS\System32\wzcsvc.dll [483840 2008-04-14] (Microsoft Corporation) [File not signed]
S3 xmlprov; C:\WINDOWS\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Corporation) [File not signed]
U4 avast! Firewall; "C:\Program\Alwil Software\Avast5\afwServ.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 ACPI; C:\WINDOWS\System32\DRIVERS\ACPI.sys [187648 2008-04-14] (Microsoft Corporation) [File not signed]
S4 ACPIEC; C:\WINDOWS\system32\Drivers\ACPIEC.sys [11776 2004-02-11] (Microsoft Corporation) [File not signed]
S3 aec; C:\WINDOWS\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Corporation) [File not signed]
R1 AFD; C:\WINDOWS\System32\drivers\afd.sys [138496 2011-08-17] (Microsoft Corporation) [File not signed]
R1 AFS2K; C:\WINDOWS\system32\Drivers\AFS2K.sys [43672 2004-01-01] (Oak Technology Inc.)
R3 AgereSoftModem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [1066278 2005-03-04] (Agere Systems) [File not signed]
S3 ALCXSENS; C:\WINDOWS\System32\drivers\ALCXSENS.SYS [391424 2003-12-12] (Sensaura Ltd) [File not signed]
S3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [611836 2004-02-14] (Realtek Semiconductor Corp.) [File not signed]
R3 Arp1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [60800 2008-04-13] (Microsoft Corporation) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-12] ()
R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [18544 2012-08-21] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-12] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [422760 2014-11-12] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-12] ()
R3 AsyncMac; C:\WINDOWS\System32\DRIVERS\asyncmac.sys [14336 2008-04-13] (Microsoft Corporation) [File not signed]
R0 atapi; C:\WINDOWS\System32\DRIVERS\atapi.sys [96512 2008-04-13] (Microsoft Corporation) [File not signed]
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [271360 2007-04-21] () [File not signed]
S3 Atmarpc; C:\WINDOWS\System32\DRIVERS\atmarpc.sys [59904 2008-04-13] (Microsoft Corporation) [File not signed]
R3 audstub; C:\WINDOWS\System32\DRIVERS\audstub.sys [3072 2001-08-18] (Microsoft Corporation) [File not signed]
R1 Beep; C:\WINDOWS\system32\Drivers\Beep.sys [4224 2004-02-11] (Microsoft Corporation) [File not signed]
R3 Cap7134; C:\WINDOWS\System32\DRIVERS\Cap7134.sys [333664 2003-12-25] (Philips Semiconductors) [File not signed]
S4 cbidf2k; C:\WINDOWS\system32\Drivers\cbidf2k.sys [13952 2004-02-11] (Microsoft Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation) [File not signed]
S1 Cdaudio; C:\WINDOWS\system32\Drivers\Cdaudio.sys [18688 2004-02-11] (Microsoft Corporation) [File not signed]
R4 Cdfs; C:\WINDOWS\system32\Drivers\Cdfs.sys [63744 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Cdrom; C:\WINDOWS\System32\DRIVERS\cdrom.sys [62976 2008-04-13] (Microsoft Corporation) [File not signed]
R3 ctac32k; C:\WINDOWS\System32\drivers\ctac32k.sys [645360 2003-11-14] (Creative Technology Ltd) [File not signed]
R3 ctaud2k; C:\WINDOWS\System32\drivers\ctaud2k.sys [366480 2004-02-06] (Creative Technology Ltd) [File not signed]
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [333600 2003-11-13] (Creative Technology Ltd) [File not signed]
R3 ctprxy2k; C:\WINDOWS\System32\drivers\ctprxy2k.sys [6096 2003-11-14] (Creative Technology Ltd) [File not signed]
R3 ctsfm2k; C:\WINDOWS\System32\drivers\ctsfm2k.sys [130288 2003-11-14] (Creative Technology Ltd) [File not signed]
R0 Disk; C:\WINDOWS\System32\DRIVERS\disk.sys [36352 2008-04-13] (Microsoft Corporation) [File not signed]
S4 dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [800000 2008-04-14] (Microsoft Corporation, Veritas Software) [File not signed]
S4 dmio; C:\WINDOWS\System32\drivers\dmio.sys [153856 2008-04-14] (Microsoft Corporation, Veritas Software) [File not signed]
S4 dmload; C:\WINDOWS\System32\drivers\dmload.sys [5888 2004-02-11] (Microsoft Corp., Veritas Software.) [File not signed]
S3 DMusic; C:\WINDOWS\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\WINDOWS\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Corporation) [File not signed]
S3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-18] (3Com Corporation) [File not signed]
R3 emupia; C:\WINDOWS\System32\drivers\emupia2k.sys [145488 2003-11-14] (Creative Technology Ltd) [File not signed]
R4 Fastfat; C:\WINDOWS\system32\Drivers\Fastfat.sys [143744 2008-04-13] (Microsoft Corporation) [File not signed]
S3 Fdc; C:\WINDOWS\System32\DRIVERS\fdc.sys [27392 2008-04-13] (Microsoft Corporation) [File not signed]
S3 FETNDISB; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [41984 2003-11-12] (VIA Technologies, Inc.              ) [File not signed]
R1 Fips; C:\WINDOWS\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Flpydisk; C:\WINDOWS\System32\DRIVERS\flpydisk.sys [20480 2008-04-13] (Microsoft Corporation) [File not signed]
R0 FltMgr; C:\WINDOWS\System32\drivers\fltmgr.sys [129792 2008-04-13] (Microsoft Corporation) [File not signed]
R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
U1 Fs_Rec; C:\WINDOWS\system32\Drivers\Fs_Rec.sys [7936 2004-02-11] (Microsoft Corporation) [File not signed]
R0 Ftdisk; C:\WINDOWS\System32\DRIVERS\ftdisk.sys [125696 2004-02-11] (Microsoft Corporation) [File not signed]
R3 Gpc; C:\WINDOWS\System32\DRIVERS\msgpc.sys [35072 2008-04-13] (Microsoft Corporation) [File not signed]
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [904496 2003-11-14] (Creative Technology Ltd) [File not signed]
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [148432 2003-11-14] (Creative Technology Ltd) [File not signed]
R3 HidUsb; C:\WINDOWS\System32\DRIVERS\hidusb.sys [10368 2008-04-13] (Microsoft Corporation) [File not signed]
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [51056 2003-05-14] (HP) [File not signed]
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2003-05-14] (HP) [File not signed]
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21488 2003-09-18] (HP) [File not signed]
S3 HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [265728 2009-10-20] (Microsoft Corporation) [File not signed]
S1 i8042prt; C:\WINDOWS\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [711005 2004-04-20] (Intel Corporation) [File not signed]
R1 Imapi; C:\WINDOWS\System32\DRIVERS\imapi.sys [42112 2008-04-13] (Microsoft Corporation) [File not signed]
R0 IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [5504 2008-04-14] (Microsoft Corporation) [File not signed]
R1 intelppm; C:\WINDOWS\System32\DRIVERS\intelppm.sys [40320 2008-04-14] (Microsoft Corporation) [File not signed]
S3 ip6fw; C:\WINDOWS\System32\drivers\ip6fw.sys [36608 2008-04-13] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys [32896 2004-02-11] (Microsoft Corporation) [File not signed]
S3 IpInIp; C:\WINDOWS\System32\DRIVERS\ipinip.sys [20864 2008-04-13] (Microsoft Corporation) [File not signed]
R3 IpNat; C:\WINDOWS\System32\DRIVERS\ipnat.sys [152832 2008-04-13] (Microsoft Corporation) [File not signed]
R1 IPSec; C:\WINDOWS\System32\DRIVERS\ipsec.sys [75264 2008-04-13] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\WINDOWS\System32\DRIVERS\irenum.sys [11264 2008-04-13] (Microsoft Corporation) [File not signed]
R0 isapnp; C:\WINDOWS\System32\DRIVERS\isapnp.sys [37504 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [21060 2003-09-10] (InterVideo, Inc.) [File not signed]
R1 Kbdclass; C:\WINDOWS\System32\DRIVERS\kbdclass.sys [24832 2008-04-14] (Microsoft Corporation) [File not signed]
R1 kbdhid; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [14720 2008-04-14] (Microsoft Corporation) [File not signed]
S3 kmixer; C:\WINDOWS\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Corporation) [File not signed]
R0 KSecDD; C:\WINDOWS\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Corporation) [File not signed]
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2007-04-21] () [File not signed]
R1 mnmdd; C:\WINDOWS\system32\Drivers\mnmdd.sys [4224 2004-02-11] (Microsoft Corporation) [File not signed]
R3 Modem; C:\WINDOWS\system32\Drivers\Modem.sys [30208 2008-04-14] (Microsoft Corporation) [File not signed]
R1 Mouclass; C:\WINDOWS\System32\DRIVERS\mouclass.sys [23296 2008-04-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\WINDOWS\System32\DRIVERS\mouhid.sys [12160 2001-09-06] (Microsoft Corporation) [File not signed]
R0 MountMgr; C:\WINDOWS\system32\Drivers\MountMgr.sys [42368 2008-04-13] (Microsoft Corporation) [File not signed]
R3 MRxDAV; C:\WINDOWS\System32\DRIVERS\mrxdav.sys [180608 2008-04-13] (Microsoft Corporation) [File not signed]
R1 MRxSmb; C:\WINDOWS\System32\DRIVERS\mrxsmb.sys [456320 2011-07-15] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\WINDOWS\system32\Drivers\Msfs.sys [19072 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\WINDOWS\System32\drivers\MSKSSRV.sys [7552 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\WINDOWS\System32\drivers\MSPCLOCK.sys [5376 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\WINDOWS\System32\drivers\MSPQM.sys [4992 2008-04-13] (Microsoft Corporation) [File not signed]
R3 mssmbios; C:\WINDOWS\System32\DRIVERS\mssmbios.sys [15488 2008-04-13] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\WINDOWS\System32\drivers\MSTEE.sys [5504 2008-04-13] (Microsoft Corporation) [File not signed]
R0 Mup; C:\WINDOWS\system32\Drivers\Mup.sys [105472 2011-04-21] (Microsoft Corporation) [File not signed]
S3 NABTSFEC; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-13] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\WINDOWS\system32\Drivers\NDIS.sys [182656 2008-04-13] (Microsoft Corporation) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\WINDOWS\System32\DRIVERS\ndistapi.sys [10496 2011-07-08] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\WINDOWS\System32\DRIVERS\ndisuio.sys [14592 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\WINDOWS\System32\DRIVERS\ndiswan.sys [91520 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\WINDOWS\system32\Drivers\NDProxy.sys [40960 2013-11-27] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\WINDOWS\System32\DRIVERS\netbios.sys [34688 2008-04-13] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\WINDOWS\System32\DRIVERS\netbt.sys [162816 2008-04-13] (Microsoft Corporation) [File not signed]
R3 NIC1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [61824 2008-04-13] (Microsoft Corporation) [File not signed]
S3 nm; C:\WINDOWS\System32\DRIVERS\NMnt.sys [40320 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\WINDOWS\system32\Drivers\Npfs.sys [30848 2008-04-13] (Microsoft Corporation) [File not signed]
R4 Ntfs; C:\WINDOWS\system32\Drivers\Ntfs.sys [574976 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Null; C:\WINDOWS\system32\Drivers\Null.sys [2944 2004-02-11] (Microsoft Corporation) [File not signed]
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [7729568 2009-08-17] (NVIDIA Corporation) [File not signed]
S3 NwlnkFlt; C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys [12416 2004-02-11] (Microsoft Corporation) [File not signed]
S3 NwlnkFwd; C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys [32512 2004-02-11] (Microsoft Corporation) [File not signed]
R0 ohci1394; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [61696 2008-04-13] (Microsoft Corporation) [File not signed]
R3 ossrv; C:\WINDOWS\System32\drivers\ctoss2k.sys [178672 2003-11-14] (Creative Technology Ltd.) [File not signed]
R3 Parport; C:\WINDOWS\System32\DRIVERS\parport.sys [80128 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PartMgr; C:\WINDOWS\system32\Drivers\PartMgr.sys [19712 2008-04-13] (Microsoft Corporation) [File not signed]
R2 ParVdm; C:\WINDOWS\system32\Drivers\ParVdm.sys [6912 2004-02-12] (Microsoft Corporation) [File not signed]
R0 PCI; C:\WINDOWS\System32\DRIVERS\pci.sys [68096 2008-04-14] (Microsoft Corporation) [File not signed]
R0 PCIIde; C:\WINDOWS\System32\DRIVERS\pciide.sys [3328 2004-02-12] (Microsoft Corporation) [File not signed]
S4 Pcmcia; C:\WINDOWS\system32\Drivers\Pcmcia.sys [120320 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2003-09-19] (Padus, Inc.) [File not signed]
R2 PfModNT; C:\WINDOWS\System32\drivers\PfModNT.sys [15840 2003-03-05] (Creative Technology Ltd.) [File not signed]
R3 PhTVTune; C:\WINDOWS\System32\DRIVERS\PhTVTune.sys [24192 2003-12-25] (Philips Semiconductors) [File not signed]
R3 PptpMiniport; C:\WINDOWS\System32\DRIVERS\raspptp.sys [48384 2008-04-13] (Microsoft Corporation) [File not signed]
S1 Processor; C:\WINDOWS\System32\DRIVERS\processr.sys [39808 2008-04-14] (Microsoft Corporation) [File not signed]
S3 Ps2; C:\WINDOWS\System32\DRIVERS\PS2.sys [14112 2001-06-04] (Hewlett-Packard Company) [File not signed]
R3 PSched; C:\WINDOWS\System32\DRIVERS\psched.sys [69120 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Ptilink; C:\WINDOWS\System32\DRIVERS\ptilink.sys [17792 2004-02-11] (Parallel Technologies, Inc.) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20176 2004-03-03] (Sonic Solutions) [File not signed]
R1 RasAcd; C:\WINDOWS\System32\DRIVERS\rasacd.sys [8832 2004-02-11] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\WINDOWS\System32\DRIVERS\rasl2tp.sys [51328 2008-04-13] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [41472 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Raspti; C:\WINDOWS\System32\DRIVERS\raspti.sys [16512 2004-02-11] (Microsoft Corporation) [File not signed]
R3 Razerlow; C:\WINDOWS\System32\Drivers\DB3G.sys [13225 2005-04-24] (Razer (Asia-Pacific) Pte Ltd) [File not signed]
R1 Rdbss; C:\WINDOWS\System32\DRIVERS\rdbss.sys [175744 2008-04-13] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [4224 2004-02-12] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\WINDOWS\system32\Drivers\RDPWD.sys [139784 2012-07-04] (Microsoft Corporation) [File not signed]
R1 redbook; C:\WINDOWS\System32\DRIVERS\redbook.sys [58240 2008-04-14] (Microsoft Corporation) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [46976 2002-10-04] (Realtek Semiconductor Corporation       ) [File not signed]
S3 s0017bus; C:\WINDOWS\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\WINDOWS\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\WINDOWS\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\WINDOWS\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\WINDOWS\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\WINDOWS\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\WINDOWS\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
R2 Secdrv; C:\WINDOWS\System32\DRIVERS\secdrv.sys [20480 2007-11-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 seehcri; C:\WINDOWS\System32\DRIVERS\seehcri.sys [27632 2010-05-22] (Sony Ericsson Mobile Communications) [File not signed]
S3 serenum; C:\WINDOWS\System32\DRIVERS\serenum.sys [15744 2008-04-13] (Microsoft Corporation) [File not signed]
S1 Serial; C:\WINDOWS\System32\DRIVERS\serial.sys [64768 2008-04-14] (Microsoft Corporation) [File not signed]
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
S1 Sfloppy; C:\WINDOWS\system32\Drivers\Sfloppy.sys [11392 2008-04-13] (Microsoft Corporation) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed]
S3 SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [432000 2004-01-02] (Silicon Integrated Systems Corporation) [File not signed]
R0 SISAGP; C:\WINDOWS\System32\DRIVERS\SISAGPX.sys [36992 2003-07-18] (Silicon Integrated Systems Corporation) [File not signed]
R1 SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [11520 2004-01-02] (Silicon Integrated Systems Corporation) [File not signed]
S3 SLIP; C:\WINDOWS\System32\DRIVERS\SLIP.sys [11136 2008-04-13] (Microsoft Corporation) [File not signed]
S3 splitter; C:\WINDOWS\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Corporation) [File not signed]
R0 sr; C:\WINDOWS\System32\DRIVERS\sr.sys [73344 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Srv; C:\WINDOWS\System32\DRIVERS\srv.sys [357888 2011-02-17] (Microsoft Corporation) [File not signed]
S3 streamip; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [15232 2008-04-13] (Microsoft Corporation) [File not signed]
R3 swenum; C:\WINDOWS\System32\DRIVERS\swenum.sys [4352 2008-04-13] (Microsoft Corporation) [File not signed]
S3 swmidi; C:\WINDOWS\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Corporation) [File not signed]
R3 sysaudio; C:\WINDOWS\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Corporation) [File not signed]
R1 Tcpip; C:\WINDOWS\System32\DRIVERS\tcpip.sys [361600 2008-06-20] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\WINDOWS\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\WINDOWS\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Corporation) [File not signed]
R1 TermDD; C:\WINDOWS\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Corporation) [File not signed]
S4 Udfs; C:\WINDOWS\system32\Drivers\Udfs.sys [66048 2008-04-13] (Microsoft Corporation) [File not signed]
R3 Update; C:\WINDOWS\System32\DRIVERS\update.sys [384768 2008-04-13] (Microsoft Corporation) [File not signed]
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
S3 usbaudio; C:\WINDOWS\System32\drivers\usbaudio.sys [60160 2013-07-17] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [32384 2013-08-09] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\WINDOWS\System32\DRIVERS\usbehci.sys [30336 2009-03-18] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [59520 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\WINDOWS\System32\DRIVERS\usbohci.sys [17152 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\WINDOWS\System32\DRIVERS\usbprint.sys [25856 2008-04-13] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\WINDOWS\System32\DRIVERS\usbscan.sys [14976 2013-07-03] (Microsoft Corporation) [File not signed]
R3 USBSTOR; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [20608 2008-04-13] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\WINDOWS\System32\drivers\vga.sys [20992 2008-04-13] (Microsoft Corporation) [File not signed]
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.) [File not signed]
S3 viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [134144 2004-02-04] (Copyright © VIA/S3 Graphics, Inc.) [File not signed]
R0 ViaIde; C:\WINDOWS\System32\DRIVERS\viaide.sys [5376 2008-04-13] (Microsoft Corporation) [File not signed]
R0 VolSnap; C:\WINDOWS\system32\Drivers\VolSnap.sys [52864 2008-04-14] (Microsoft Corporation) [File not signed]
R3 Wanarp; C:\WINDOWS\System32\DRIVERS\wanarp.sys [34560 2008-04-13] (Microsoft Corporation) [File not signed]
R3 wdmaud; C:\WINDOWS\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Corporation) [File not signed]
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
S3 WSTCODEC; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-13] (Microsoft Corporation) [File not signed]
R0 WudfPf; C:\WINDOWS\System32\DRIVERS\WudfPf.sys [77568 2006-09-28] (Microsoft Corporation) [File not signed]
S3 WudfRd; C:\WINDOWS\System32\DRIVERS\wudfrd.sys [82944 2006-09-28] (Microsoft Corporation) [File not signed]
S3 efipsk; \??\C:\DOCUME~1\GAREN~1\LOKALA~1\Temp\efipsk.sys [X]
S3 F-Secure Standalone Minifilter; \??\C:\DOCUME~1\GAREN~1\LOKALA~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys [X]
S0 IFP700; system32\drivers\ifp700.sys [X]
S2 npkcrypt; \??\C:\Program\NEXON\EuropeMapleStory\npkcrypt.sys [X]
S3 npkcusb; \??\C:\Program\NEXON\EuropeMapleStory\npkcusb.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) [File not signed]
S2 vcs; \??\C:\Documents and Settings\Ägaren\Mina dokument\Mina mottagna filer\voice\voice\vcs.sys [X]
S3 XDva098; \??\C:\WINDOWS\system32\XDva098.sys [X]
S3 XDva136; \??\C:\WINDOWS\system32\XDva136.sys [X]
S3 XDva143; \??\C:\WINDOWS\system32\XDva143.sys [X]
S3 XDva145; \??\C:\WINDOWS\system32\XDva145.sys [X]
S3 XDva170; \??\C:\WINDOWS\system32\XDva170.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 02:23 - 2014-11-13 02:59 - 00000000 ____D () C:\AdwCleaner
2014-11-13 02:20 - 2014-11-13 02:20 - 02140160 _____ () C:\Documents and Settings\Ägaren\Skrivbord\adwcleaner_4.101.exe
2014-11-12 22:36 - 2014-11-13 16:25 - 00047206 _____ () C:\Documents and Settings\Ägaren\Skrivbord\FRST.txt
2014-11-12 22:27 - 2014-11-13 16:25 - 00000000 ____D () C:\FRST
2014-11-12 22:26 - 2014-11-12 22:35 - 01107968 _____ (Farbar) C:\Documents and Settings\Ägaren\Skrivbord\FRST.exe
2014-11-12 22:24 - 2014-11-12 22:24 - 00018701 _____ () C:\WINDOWS\setupapi.log
2014-11-12 18:58 - 2014-11-12 18:58 - 00000000 ____D () C:\WINDOWS\jumpshot.com
2014-11-12 18:58 - 2014-11-12 18:58 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\AVAST Software
2014-11-12 18:49 - 2014-11-12 18:49 - 00001697 _____ () C:\Documents and Settings\All Users\Skrivbord\Avast Free Antivirus.lnk
2014-11-12 18:48 - 2014-11-12 18:48 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-11-12 18:48 - 2014-11-12 18:48 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-11-12 18:48 - 2014-11-12 18:48 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-11-12 18:44 - 2014-11-12 18:48 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-11-12 18:44 - 2014-11-12 18:48 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-11-12 18:44 - 2014-11-12 18:48 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-11-12 18:44 - 2014-11-12 18:44 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-10-22 17:26 - 2014-10-22 17:26 - 00000000 ____D () C:\Program\ESET
2014-10-21 14:39 - 2014-10-21 14:39 - 00000060 _____ () C:\WINDOWS\setupact.log
2014-10-21 14:39 - 2014-10-21 14:39 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-10-21 14:31 - 2014-10-21 14:31 - 00000000 ____D () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Sony
2014-10-21 14:29 - 2014-10-21 14:29 - 00000000 ____D () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Samsung
2014-10-16 17:37 - 2014-10-16 17:37 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-16 17:28 - 2014-10-16 17:29 - 00000000 ____D () C:\Program\Malwarebytes Anti-Malware
2014-10-16 17:28 - 2014-05-12 06:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 16:25 - 2005-05-17 19:07 - 00000342 _____ () C:\WINDOWS\Tasks\Symantec NetDetect.job
2014-11-13 16:25 - 2004-01-01 18:24 - 00000000 ____D () C:\Documents and Settings\Ägaren\Skrivbord
2014-11-13 16:25 - 2004-01-01 18:24 - 00000000 ____D () C:\Documents and Settings\Ägaren\Lokala inställningar\Temp
2014-11-13 16:24 - 2012-09-21 11:28 - 00000354 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-11-13 16:22 - 2004-10-01 13:40 - 01807597 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-13 16:19 - 2014-03-23 13:04 - 00000224 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP - Inloggningsmeddelande gällande när tjänsten upphör.job
2014-11-13 16:19 - 2010-02-02 11:09 - 00000966 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-13 16:19 - 2009-08-17 03:03 - 00249324 _____ () C:\WINDOWS\system32\NvApps.xml
2014-11-13 16:19 - 2004-09-11 18:00 - 00000188 _____ () C:\WINDOWS\system\hpsysdrv.DAT
2014-11-13 16:19 - 2004-01-02 02:09 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-13 16:19 - 2004-01-01 19:16 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-11-13 16:19 - 2004-01-01 19:16 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-11-13 16:19 - 2004-01-01 18:21 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-13 16:12 - 2004-09-11 18:16 - 00001080 _____ () C:\WINDOWS\system32\settingsbkup.sfm
2014-11-13 16:12 - 2004-09-11 18:16 - 00001080 _____ () C:\WINDOWS\system32\settings.sfm
2014-11-13 16:12 - 2004-09-11 17:56 - 00000384 _____ () C:\WINDOWS\system32\DVCStateBkp-{00000003-00000000-00000006-00001102-00000004-20051102}.dat
2014-11-13 16:12 - 2004-09-11 17:56 - 00000384 _____ () C:\WINDOWS\system32\DVCState-{00000003-00000000-00000006-00001102-00000004-20051102}.dat
2014-11-13 16:11 - 2004-01-01 18:24 - 00032472 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-13 16:10 - 2004-09-11 17:56 - 04932268 _____ () C:\WINDOWS\{00000003-00000000-00000006-00001102-00000004-20051102}.CDF
2014-11-13 16:10 - 2004-01-01 18:24 - 00000304 ___SH () C:\Documents and Settings\Ägaren\ntuser.ini
2014-11-13 16:06 - 2011-11-24 17:01 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1131355022-546111532-1923971138-1003UA.job
2014-11-13 15:42 - 2013-02-23 20:46 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-13 15:27 - 2010-02-02 11:09 - 00000970 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-13 14:31 - 2009-08-11 16:05 - 00000412 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{0DEEA983-823A-4DFB-910E-88E2A22D1AB5}.job
2014-11-13 02:59 - 2004-01-01 15:37 - 00000000 ___RD () C:\Program
2014-11-13 02:20 - 2011-11-24 17:06 - 00000000 ____D () C:\Documents and Settings\Ägaren\Skrivbord\Chrome Nerladdat
2014-11-12 20:58 - 2013-08-17 15:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-12 20:53 - 2005-05-11 20:00 - 100445232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-12 20:06 - 2011-11-24 17:01 - 00001038 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1131355022-546111532-1923971138-1003Core.job
2014-11-12 19:42 - 2013-02-23 20:46 - 00701104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-11-12 19:42 - 2012-02-28 19:51 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-11-12 19:08 - 2010-02-25 22:14 - 00000000 ____D () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Temp
2014-11-12 18:49 - 2004-01-01 19:13 - 00000000 ____D () C:\Documents and Settings\All Users\Skrivbord
2014-11-12 18:49 - 2004-01-01 15:37 - 00000000 ___RD () C:\Documents and Settings\All Users\Start-meny\Program
2014-11-12 18:48 - 2011-01-21 18:49 - 00422760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-11-12 18:48 - 2011-01-21 18:49 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-11-12 18:48 - 2011-01-21 18:49 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-11-12 18:47 - 2011-11-22 18:01 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-11-12 18:44 - 2004-01-01 18:21 - 00002578 ____C () C:\WINDOWS\system32\CONFIG.NT
2014-11-08 20:08 - 2014-03-23 13:04 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP - Månatligt meddelande gällande när tjänsten upphör.job
2014-11-05 16:32 - 2009-10-21 15:33 - 00000448 _____ () C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
2014-10-26 19:48 - 2004-01-02 02:09 - 00448012 ____C () C:\WINDOWS\system32\perfh01D.dat
2014-10-26 19:48 - 2004-01-02 02:09 - 00085626 ____C () C:\WINDOWS\system32\perfc01D.dat
2014-10-26 19:48 - 2004-01-01 19:14 - 01067040 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-21 15:20 - 2013-11-13 17:24 - 00191248 _____ () C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\FontCache3.0.0.0.dat
2014-10-21 14:32 - 2004-01-01 15:37 - 00000000 ___RD () C:\Documents and Settings\Ägaren\Mina dokument
2014-10-21 14:29 - 2004-01-01 15:37 - 00000000 ___RD () C:\Documents and Settings\Ägaren\Start-meny\Program
2014-10-16 20:17 - 2009-11-21 18:25 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\vlc
2014-10-16 18:02 - 2012-10-25 17:37 - 00000000 ____D () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\CRE
2014-10-16 17:29 - 2013-03-01 13:45 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\Malwarebytes
2014-10-16 17:28 - 2014-01-10 13:42 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-10-16 17:19 - 2010-05-22 20:41 - 00000000 ____D () C:\Program\Sony Ericsson
2014-10-16 17:17 - 2004-09-30 21:05 - 00121344 ____C () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-15 23:20 - 2004-01-01 19:13 - 00157160 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-15 20:42 - 2004-10-16 16:36 - 00035544 ____C () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\GDIPFONTCACHEV1.DAT
2014-10-15 20:18 - 2004-01-01 15:37 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokument
2014-10-15 20:10 - 2005-01-08 22:18 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\Skype
2014-10-15 19:48 - 2012-09-21 13:27 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\Dropbox
2014-10-15 19:48 - 2010-05-22 21:08 - 00000000 ____D () C:\Documents and Settings\Ägaren\Lokala inställningar\Application Data\Sony Ericsson
2014-10-15 19:26 - 2013-11-13 16:42 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\Samsung
2014-10-15 14:25 - 2011-10-21 17:05 - 00060416 __SHC () C:\WINDOWS\Thumbs.db
2014-10-15 14:14 - 2009-11-21 19:23 - 00000000 ____D () C:\Documents and Settings\Ägaren\Application Data\dvdcss

Files to move or delete:
====================
C:\Documents and Settings\All Users\hash.dat
C:\Documents and Settings\Ägaren\jogl.dll


Some content of TEMP:
====================
C:\Documents and Settings\Ägaren\Lokala inställningar\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4poiwc.dll
C:\Documents and Settings\Ägaren\Lokala inställningar\Temp\Quarantine.exe
C:\Documents and Settings\Ägaren\Lokala inställningar\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe
[2004-01-01 15:12] - [2008-04-14 17:05] - 1034240 ____A (Microsoft Corporation) 74bb7dcd2bfdcc0e52869db3582ca781     

C:\WINDOWS\system32\winlogon.exe
[2004-01-01 15:16] - [2008-04-14 17:05] - 0507904 ____A (Microsoft Corporation) abd2d070be76a9386a0a283a332e3862     

C:\WINDOWS\system32\svchost.exe
[2004-01-01 15:14] - [2008-04-14 17:05] - 0014336 ____A (Microsoft Corporation) 6ccef19d7301d9861f90e299c798ad3f     

C:\WINDOWS\system32\services.exe
[2004-01-01 15:14] - [2009-02-09 12:27] - 0110592 ____A (Microsoft Corporation) 8870b0c4a094c1ce80cea6f85fa38ff2     

C:\WINDOWS\system32\User32.dll
[2004-01-02 02:09] - [2008-04-14 17:04] - 0578560 ____A (Microsoft Corporation) e3cf0ec59316ea8e856db1e1f442cd57     

C:\WINDOWS\system32\userinit.exe
[2004-01-01 15:16] - [2008-04-14 17:05] - 0026112 ____A (Microsoft Corporation) 317799a2e42b5ea048a8a70f482cba9f     

C:\WINDOWS\system32\rpcss.dll
[2004-01-01 20:03] - [2009-02-09 11:56] - 0401408 ____A (Microsoft Corporation) 87dadc3f6e6cd5aaeb913e19cbff922c     

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-01-01 15:16] - [2008-04-14 16:36] - 0052864 ____A (Microsoft Corporation) 57187ec04878147e1f4f2d9224b12205     


==================== End Of Log ============================

Länk till kommentar
Dela på andra webbplatser
Temp298547562

Temp298547562

Postad
  • Trådskapare
Postad

ESET Online Scanner håller fortfarande på, antar att det kommer ta 1 - 2 timmar till. Ungefär halvvägs in så har den bara hittat Win32/Bundled.Toolbar.Google.D. Jag postar ESET-loggen så fort den är klar.

(Ska jag posta allt i ett inlägg eller är det okej att posta flera inlägg på rad. Tycker det blir lättare att läsa).

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Vad bra!

Det innebär bara att CCleaner vill installera Google Toolbar eller något liknande under installationen.

 

Starta Anteckningar.

Kopiera alla rader i rutan:

S3 efipsk; \??\C:\DOCUME~1\GAREN~1\LOKALA~1\Temp\efipsk.sys [X]
S3 F-Secure Standalone Minifilter; \??\C:\DOCUME~1\GAREN~1\LOKALA~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys [X]
S2 vcs; \??\C:\Documents and Settings\Ägaren\Mina dokument\Mina mottagna filer\voice\voice\vcs.sys [X]
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab
DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} http://www.powerchal...PowerLoader.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/b...lineScanner.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
SearchScopes: HKLM - {26B18350-31A9-4B39-B5C4-5B5B388431DB} URL = http://swedish.toggl....php?rvs=google
SearchScopes: HKCU - {26B18350-31A9-4B39-B5C4-5B5B388431DB} URL = http://swedish.toggl....php?rvs=google

File: C:\Documents and Settings\All Users\hash.dat
File: C:\Documents and Settings\Ägaren\jogl.dll
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

Länk till kommentar
Dela på andra webbplatser
Temp298547562

Temp298547562

Postad
  • Trådskapare
Postad

Här är FRST-loggen Fixlog.txt:




Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-11-2014
Ran by Ägaren at 2014-11-13 19:47:27 Run:1
Running from C:\Documents and Settings\Ägaren\Skrivbord
Loaded Profile: Ägaren (Available profiles: Ägaren)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
S3 efipsk; \??\C:\DOCUME~1\GAREN~1\LOKALA~1\Temp\efipsk.sys [X]
S3 F-Secure Standalone Minifilter; \??\C:\DOCUME~1\GAREN~1\LOKALA~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys [X]
S2 vcs; \??\C:\Documents and Settings\Ägaren\Mina dokument\Mina mottagna filer\voice\voice\vcs.sys [X]
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab
DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} http://www.powerchal...PowerLoader.cab
DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} http://www.eset.eu/b...lineScanner.cab
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zon...er.cab56986.cab
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
SearchScopes: HKLM - {26B18350-31A9-4B39-B5C4-5B5B388431DB} URL = http://swedish.toggl....php?rvs=google
SearchScopes: HKCU - {26B18350-31A9-4B39-B5C4-5B5B388431DB} URL = http://swedish.toggl....php?rvs=google

File: C:\Documents and Settings\All Users\hash.dat
File: C:\Documents and Settings\Ägaren\jogl.dll
*****************

efipsk => Service deleted successfully.
F-Secure Standalone Minifilter => Service deleted successfully.
vcs => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}" => Key deleted successfully.
"HKCR\CLSID\{4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4BFD075D-C36E-4F28-BB0A-5D472795197A}" => Key deleted successfully.
"HKCR\CLSID\{4BFD075D-C36E-4F28-BB0A-5D472795197A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}" => Key deleted successfully.
"HKCR\CLSID\{56762DEC-6B0D-4AB4-A8AD-989993B5D08B}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{644E432F-49D3-41A1-8DD5-E099162EEEC5}" => Key deleted successfully.
"HKCR\CLSID\{644E432F-49D3-41A1-8DD5-E099162EEEC5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}" => Key deleted successfully.
"HKCR\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}" => Key deleted successfully.
"HKCR\CLSID\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}" => Key deleted successfully.
"HKCR\CLSID\{F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
"HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{26B18350-31A9-4B39-B5C4-5B5B388431DB}" => Key deleted successfully.
"HKCR\CLSID\{26B18350-31A9-4B39-B5C4-5B5B388431DB}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{26B18350-31A9-4B39-B5C4-5B5B388431DB}" => Key deleted successfully.
"HKCR\CLSID\{26B18350-31A9-4B39-B5C4-5B5B388431DB}" => Key not found.

========================= File: C:\Documents and Settings\All Users\hash.dat ========================

MD5: ddbe7e792cb0ec98adb07d5c6f5f6cd8     
Creation and modification date: 2006-08-01 19:29 - 2006-06-02 19:29
Size: 0000032
Attributes: --RAC
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:

====== End Of File: ======


========================= File: C:\Documents and Settings\Ägaren\jogl.dll ========================

MD5: 44c661e6fb719e329bda0a75f5dabcde     
Creation and modification date: 2005-08-25 18:06 - 2005-08-25 18:06
Size: 0397312
Attributes: ---AC
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:

====== End Of File: ======


==== End of Fixlog ====

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

På sidan http://www.virustotal.com klickar du på Choose File -knappen och klistrar in filnamnet C:\Documents and Settings\Ägaren\jogl.dll i fältet "Filnamn", klicka på Öppna och sedan på Scan it!. Om det kommer upp en fråga om filen ska analyseras om så välj det alternativet. Vänta tills resultatet är klart. Klistra in länken (webbadressen) till resultatet här.

 

Har datorn börjat må bättre?

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Såg ju bra ut det där.

 

I msconfig - Autostart finns det en del som du kan välja bort. Att låta t ex Adobe Reader starta varenda gång datorn startar både förlänger uppstartstiden och lägger beslag på värdefullt RAM-minne. Just när det gäller Adobe Reader så är det ett väldigt tungt program jämfört med andra enklare PDF-läsare som Sumatra PDF (min favorit) och Foxit Reader.

 

Nu återstår bara några avinstallationer:

 

1. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Uninstall-knappen.

 

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe

Dubbelklicka på filen för att starta programmet.

Tryck på knappen CleanUp! och FRST kommer att avinstalleras efter en omstart av datorn. Om något sådant program är kvar efter det så fråga hur du ska ta bort det. Ta bort eventuella loggar.

 

3. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/

Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Länk till kommentar
Dela på andra webbplatser
Temp298547562

Temp298547562

Postad
  • Trådskapare
Postad

Jag ska sätta igång och avinstallera allt så fort jag har tillgång till datorn. Tack så hemskt mycket för all hjälp!

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

Gå till ämneslista


×
×
  • Skapa nytt...