Just nu i M3-nätverket
Gå till innehåll
Eforum är stängt för nya inlägg och svar sedan 20 juni 2022. Klicka för att läsa vad som hände och om alternativ.

Google Chrome startar inte och mapp vid namn Findopolis?

Tune

Startad av Tune,
i Virus, skadliga program & botemedel

Rekommendera Poster

Tune

Tune

Postad
Postad

Har fått något skräp i datorn som bla. medför att Google Chrome startar men sen händer inget. Har hittat mapp med namn Findopolis som enligt googling kan innebära att något skräp kommit in.

 

log.txt:

C:\AdwCleaner\Quarantine\C\Users\SIGVARD\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe.vir a variant of MSIL/Adware.StrongVault.A application
C:\Users\All Users\COMODO\Cis\Quarantine\data\{14EFA094-636C-49CA-AB5A-2CB9ADE653D1} multiple threats
C:\Users\All Users\COMODO\Cis\Quarantine\data\{310F1C7C-B91F-4C4F-AB51-38565481CE14} Win32/BrowseFox.C potentially unwanted application
C:\Users\All Users\COMODO\Cis\Quarantine\data\{B3F314B0-C5BF-4F0C-941A-BADA63B91E3D} Win32/BrowseFox.C potentially unwanted application
C:\Users\All Users\COMODO\Cis\Quarantine\data\{B7ED8E4D-CBFF-4190-8BCC-E567985D2610} Win32/BrowseFox.C potentially unwanted application
C:\Users\All Users\COMODO\Cis\Quarantine\data\{FB0978D4-6E89-4310-B584-9BB1E78EA1F1} a variant of Win32/SProtector.I potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir Win32/Thinknice.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir Win64/Thinknice.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\HpUI.exe.vir Win32/Thinknice.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir Win32/ELEX.AV potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir Win32/Thinknice.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir Win64/Thinknice.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir Win32/ELEX.AV potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir Win32/Thinknice.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir Win32/Thinknice.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll32.dll.vir Win32/Thinknice.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll64.dll.vir Win64/Thinknice.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir a variant of Win32/ELEX.AM potentially unwanted application deleted - quarantined
C:\ProgramData\COMODO\Cis\Quarantine\data\{14EFA094-636C-49CA-AB5A-2CB9ADE653D1} multiple threats cleaned by deleting - quarantined
C:\ProgramData\COMODO\Cis\Quarantine\data\{310F1C7C-B91F-4C4F-AB51-38565481CE14} Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\ProgramData\COMODO\Cis\Quarantine\data\{B3F314B0-C5BF-4F0C-941A-BADA63B91E3D} Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\ProgramData\COMODO\Cis\Quarantine\data\{B7ED8E4D-CBFF-4190-8BCC-E567985D2610} Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\ProgramData\COMODO\Cis\Quarantine\data\{FB0978D4-6E89-4310-B584-9BB1E78EA1F1} a variant of Win32/SProtector.I potentially unwanted application deleted - quarantined
C:\Users\SIGVARD\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WTJP1B1P\Cloud_Backup_Setup[1].exe Win32/MyPCBackup.A potentially unwanted application deleted - quarantined
C:\Users\SIGVARD\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WTJP1B1P\findopolisSetup[1].exe Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\Users\SIGVARD\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WTJP1B1P\speedupmypc[1].exe Win32/SpeedUpMyPC.A potentially unwanted application deleted - quarantined
C:\Users\SIGVARD\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WTJP1B1P\swa1_23[1].exe a variant of MSIL/Adware.StrongVault.A application cleaned by deleting - quarantined
C:\Users\SIGVARD\AppData\Local\Temp\F5CEtmp\speedupmypc.exe Win32/SpeedUpMyPC.A potentially unwanted application deleted - quarantined
C:\Users\SIGVARD\AppData\Local\Temp\F61Dtmp\cloud_backup_setup.exe Win32/MyPCBackup.A potentially unwanted application deleted - quarantined
C:\Users\SIGVARD\AppData\Local\Temp\F66Ctmp\swa1_23.exe a variant of MSIL/Adware.StrongVault.A application cleaned by deleting - quarantined
C:\Users\SIGVARD\AppData\Local\Temp\F6DAtmp\findopolissetup.exe Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\Users\SIGVARD\Downloads\SoftonicDownloader_for_spotify.exe a variant of Win32/SoftonicDownloader.G potentially unwanted application deleted - quarantined
C:\Users\SIGVARD\Downloads\spotify (1).exe a variant of Win32/SoftPulse.H potentially unwanted application deleted - quarantined
C:\Users\SIGVARD\Downloads\spotify (2).exe a variant of Win32/SoftPulse.H potentially unwanted application deleted - quarantined
C:\Users\SIGVARD\Downloads\spotify (3).exe a variant of Win32/SoftPulse.H potentially unwanted application deleted - quarantined
C:\Users\SIGVARD\Downloads\spotify.exe a variant of Win32/SoftPulse.H potentially unwanted application deleted - quarantined
C:\Users\SIGVARD\Downloads\wzsus18.exe a variant of MSIL/AdvancedSystemProtector.F potentially unwanted application deleted - quarantined
 
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by SIGVARD at 2015-01-22 15:07:55
Running from C:\Users\SIGVARD\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Disabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{E17025A7-39B6-375E-8F1E-20637D19549C}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.19 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.27 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
COMODO Antivirus (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 6.3.39949.2976 - COMODO Security Solutions Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version:  - istartsurf) <==== ATTENTION
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG United Mobile Drivers (HKLM-x32\...\{5DB849D6-9392-4FB7-9ABB-87ED433152E5}) (Version: 3.8.1 - LG Electronics)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Assistent (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger-kumppani (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_STANDARD_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_STANDARD_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version:  - Microsoft)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_STANDARD_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )
PrivDog (HKLM-x32\...\PrivDog) (Version: 2.2.0.14 - privdog.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Samsung ML-1860 Series (HKLM-x32\...\Samsung ML-1860 Series) (Version:  - Samsung Electronics Co., Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKU\S-1-5-21-4194861436-2547884477-2924792335-1001\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
19-12-2014 18:13:24 Windows Update
21-12-2014 19:32:18 Windows Säkerhetskopiering
23-12-2014 16:47:31 Windows Update
28-12-2014 21:25:51 Windows Säkerhetskopiering
30-12-2014 11:02:36 Windows Update
02-01-2015 18:01:17 Windows Update
04-01-2015 21:10:49 Windows Säkerhetskopiering
06-01-2015 16:37:28 Windows Update
11-01-2015 19:30:30 Windows Säkerhetskopiering
13-01-2015 11:53:06 Windows Update
14-01-2015 11:23:19 Windows Update
18-01-2015 21:08:21 Windows Säkerhetskopiering
20-01-2015 17:37:06 Windows Update
21-01-2015 15:18:57 Revo Uninstaller's restore point - Google Chrome
21-01-2015 15:21:26 Revo Uninstaller's restore point - MyHeritage Family Tree Builder
21-01-2015 15:23:59 Revo Uninstaller's restore point - Search App by Ask
21-01-2015 15:36:32 Removed Skype™ 6.6
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1A083B53-911C-4A1B-A4AF-78646F1C2807} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2011-11-17] (ASUSTeK Computer Inc.)
Task: {2156643B-7605-4C43-8170-344341B8B04B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-27] (Google Inc.)
Task: {28202DA6-34B6-4460-9C68-6538CBD55E87} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {2B784025-C524-41CF-84C0-2C014F121471} - System32\Tasks\{32329D0C-9666-4F45-9951-A79D94B3BD05} => Chrome.exe 
Task: {377FF6E3-CE14-40DE-A4BF-B50D2BA1DC64} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {4389E5C4-D216-473F-A4B1-12627941F6F6} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-12-09] (COMODO)
Task: {4AA61F10-E46E-41BB-AB4E-C9CA79C1893F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4194861436-2547884477-2924792335-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {57EE523F-C924-476B-9A41-37064EAE46BD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {635B3798-BA05-4A19-8A74-83EDADE1D841} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-12-09] (COMODO)
Task: {82A889E0-2AE8-43EC-BDDB-E665EB82D1DC} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {A106E465-0FDE-4D05-8208-7CAD6516FE8A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-27] (Google Inc.)
Task: {BDC7E8CD-E711-4843-8FA3-2CD6CD14F37D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4194861436-2547884477-2924792335-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {CCBDB3BE-C16F-4057-A846-CC29F0D37F7F} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4194861436-2547884477-2924792335-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D9D4CDDA-B818-4E33-8158-C65283857638} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4194861436-2547884477-2924792335-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {DDB62137-3EFF-4615-B80B-E45D4A3FB091} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
Task: {DDE28B29-BF6A-4A16-979C-192CDE9FD0BF} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-12-29 23:42 - 2010-07-29 13:42 - 00027648 _____ () C:\Windows\System32\ssb6mlm.dll
2011-07-14 03:23 - 2011-07-14 03:23 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-04-15 17:39 - 2013-04-15 17:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2010-07-14 16:11 - 2010-07-14 16:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2011-11-17 11:33 - 2011-11-17 11:33 - 00209920 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Users\SIGVARD\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\SIGVARD\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\SIGVARD\Downloads\Sparbanken_i_Karlshamn_Årsbesked_och_kontrolluppgifter_15-01-09.pdf:$CmdZnID
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Family Tree Builder Update => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: Spotify => "C:\Users\SIGVARD\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\SIGVARD\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
 
========================= Accounts: ==========================
 
Administratör (S-1-5-21-4194861436-2547884477-2924792335-500 - Administrator - Disabled)
fassanadm (S-1-5-21-4194861436-2547884477-2924792335-1004 - Administrator - Enabled) => C:\Users\fassanadm
Gäst (S-1-5-21-4194861436-2547884477-2924792335-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4194861436-2547884477-2924792335-1003 - Limited - Enabled)
SIGVARD (S-1-5-21-4194861436-2547884477-2924792335-1001 - Administrator - Enabled) => C:\Users\SIGVARD
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/22/2015 02:51:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv.
Följande komponenter orsakar konflikten:
Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/22/2015 02:51:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv.
Följande komponenter orsakar konflikten:
Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/21/2015 03:36:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programmet Skype.exe, version 6.6.73.106, avslutades eftersom det slutade att samverka med Windows. Ytterligare information kan finnas i problemhistoriken på kontrollpanelen för Åtgärdscentret och lösningar.
 
Process-ID: f90
 
Starttid: 01d03582c939db68
 
Avslutningstid: 57
 
Programsökväg: C:\Program Files (x86)\Skype\Phone\Skype.exe
 
Rapport-ID:
 
Error: (01/21/2015 03:07:59 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Det går inte att komma åt filen  på grund av något av följande: 
det finns ett problem med nätverksanslutningen, med disken där filen lagras eller med de lagringsdrivrutiner
som finns installerade på den här datorn, eller så finns inte disken. 
Felet gjorde att Windows stängde programmet Ask Toolbar Notifier.
 
Program: Ask Toolbar Notifier
Fil: 
 
Felvärdet visas i avsnittet Ytterligare data.
Användaråtgärd
1. Öppna filen igen.
Den här situationen kan bero på ett tillfälligt problem som rättar till sig automatiskt nästa gång programmet körs.
2.
Om det fortfarande inte går att komma åt filen och
- Den finns i nätverket, 
bör nätverksadministratören kontrollera att det inte är fel på nätverket och att det går att kontakta servern.
- Den finns på en flyttbar disk, till exempel en diskett eller en CD-ROM-skiva, kontrollerar du att disken är ordentligt isatt i datorn.
3. Kontrollera och reparera filsystemet genom att köra CHKDSK. Du kan köra CHKDSK genom att klicka på Start och sedan på Kör. Skriv CMD och klicka på OK. På kommandoraden skriver du CHKDSK /F och trycker sedan på Retur.
4. Om problemet kvarstår kan du återställa filen från en säkerhetskopia.
5. Kontrollera om det går att öppna andra filer på samma disk. Om det inte går, kan disken vara skadad. Om det är en hårddisk kontaktar du administratören eller din datorleverantör 
för att få hjälp.
 
Ytterligare data
Felvärde: 00000000
Disktyp: 0
 
Error: (01/21/2015 03:07:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: TBNotifier.exe, version 31.12.0.0, tidsstämpel 0x546e8c4c
, felet uppstod i modulen med namn: ole32.dll, version 6.1.7601.17514, tidsstämpel 0x4ce7b96f
Undantagskod: 0xc0000096
Felförskjutning: 0x00048665
Process-ID: 0x101c
Programmets starttid: 0xTBNotifier.exe0
Sökväg till program: TBNotifier.exe1
Sökväg till modul: TBNotifier.exe2
Rapport-ID: TBNotifier.exe3
 
Error: (01/13/2015 11:42:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: TBNotifier.exe, version 31.12.0.0, tidsstämpel 0x546e8c4c
, felet uppstod i modulen med namn: unknown, version 0.0.0.0, tidsstämpel 0x00000000
Undantagskod: 0xc0000005
Felförskjutning: 0x00000000
Process-ID: 0xf88
Programmets starttid: 0xTBNotifier.exe0
Sökväg till program: TBNotifier.exe1
Sökväg till modul: TBNotifier.exe2
Rapport-ID: TBNotifier.exe3
 
Error: (01/08/2015 05:02:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: TBNotifier.exe, version 31.12.0.0, tidsstämpel 0x546e8c4c
, felet uppstod i modulen med namn: unknown, version 0.0.0.0, tidsstämpel 0x00000000
Undantagskod: 0xc0000005
Felförskjutning: 0x00000000
Process-ID: 0xff4
Programmets starttid: 0xTBNotifier.exe0
Sökväg till program: TBNotifier.exe1
Sökväg till modul: TBNotifier.exe2
Rapport-ID: TBNotifier.exe3
 
Error: (12/21/2014 10:52:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: TBNotifier.exe, version 31.12.0.0, tidsstämpel 0x546e8c4c
, felet uppstod i modulen med namn: unknown, version 0.0.0.0, tidsstämpel 0x00000000
Undantagskod: 0xc0000005
Felförskjutning: 0x00000000
Process-ID: 0xab4
Programmets starttid: 0xTBNotifier.exe0
Sökväg till program: TBNotifier.exe1
Sökväg till modul: TBNotifier.exe2
Rapport-ID: TBNotifier.exe3
 
Error: (11/20/2014 02:00:26 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Det går inte att komma åt filen  på grund av något av följande: 
det finns ett problem med nätverksanslutningen, med disken där filen lagras eller med de lagringsdrivrutiner
som finns installerade på den här datorn, eller så finns inte disken. 
Felet gjorde att Windows stängde programmet Ask Toolbar Notifier.
 
Program: Ask Toolbar Notifier
Fil: 
 
Felvärdet visas i avsnittet Ytterligare data.
Användaråtgärd
1. Öppna filen igen.
Den här situationen kan bero på ett tillfälligt problem som rättar till sig automatiskt nästa gång programmet körs.
2.
Om det fortfarande inte går att komma åt filen och
- Den finns i nätverket, 
bör nätverksadministratören kontrollera att det inte är fel på nätverket och att det går att kontakta servern.
- Den finns på en flyttbar disk, till exempel en diskett eller en CD-ROM-skiva, kontrollerar du att disken är ordentligt isatt i datorn.
3. Kontrollera och reparera filsystemet genom att köra CHKDSK. Du kan köra CHKDSK genom att klicka på Start och sedan på Kör. Skriv CMD och klicka på OK. På kommandoraden skriver du CHKDSK /F och trycker sedan på Retur.
4. Om problemet kvarstår kan du återställa filen från en säkerhetskopia.
5. Kontrollera om det går att öppna andra filer på samma disk. Om det inte går, kan disken vara skadad. Om det är en hårddisk kontaktar du administratören eller din datorleverantör 
för att få hjälp.
 
Ytterligare data
Felvärde: 00000000
Disktyp: 0
 
Error: (11/20/2014 02:00:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: TBNotifier.exe, version 31.10.3.0, tidsstämpel 0x542f0232
, felet uppstod i modulen med namn: ole32.dll, version 6.1.7601.17514, tidsstämpel 0x4ce7b96f
Undantagskod: 0xc0000096
Felförskjutning: 0x00048665
Process-ID: 0x1004
Programmets starttid: 0xTBNotifier.exe0
Sökväg till program: TBNotifier.exe1
Sökväg till modul: TBNotifier.exe2
Rapport-ID: TBNotifier.exe3
 
 
System errors:
=============
Error: (01/22/2015 02:56:58 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (01/22/2015 09:56:58 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (01/21/2015 09:08:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (01/21/2015 03:51:59 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (01/21/2015 02:59:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (01/21/2015 10:57:20 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (01/20/2015 09:31:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (01/20/2015 09:26:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (01/20/2015 09:12:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (01/20/2015 00:28:12 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: AMD E-450 APU with Radeon HD Graphics
Percentage of memory in use: 39%
Total physical RAM: 4075.71 MB
Available physical RAM: 2471.12 MB
Total Pagefile: 8149.61 MB
Available Pagefile: 6121.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:200.28 GB) (Free:138.22 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:240.48 GB) (Free:29.6 GB) NTFS
Drive g: (VERBATIM) (Removable) (Total:7.44 GB) (Free:4.54 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: AE14F3C6)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=200.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=240.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: DA60C9D5)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0B)
 
==================== End Of Log ============================

 

Länk till kommentar
Dela på andra webbplatser
mbgtmari

mbgtmari

Postad
Postad

"Felet gjorde att Windows stängde programmet Ask Toolbar Notifier."

Hm, har du frivilligt installerat PUPen Ask Toolbar? Kanske glömde du bocka ur det vid senaste Javauppdateringen.

Länk till kommentar
Dela på andra webbplatser
Tune

Tune

Postad
  • Trådskapare
Postad

 

 

Hm, har du frivilligt installerat PUPen Ask Toolbar? Kanske glömde du bocka ur det vid senaste Javauppdateringen.

Det är inte min egen dator. Det var grannen som hörde av sig angående datorproblem.

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

1. Om möjligt avinstallera:

istartsurf uninstall

Java 7 Update 71

Starta om datorn.

 

 

2. Jag behöver se filen FRST.txt också.

Länk till kommentar
Dela på andra webbplatser
Tune

Tune

Postad
  • Trådskapare
Postad

Här kommer den frst.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by SIGVARD (administrator) on SIGVARD-DATOR on 22-01-2015 15:05:49
Running from C:\Users\SIGVARD\Desktop
Loaded Profiles: SIGVARD (Available profiles: SIGVARD & fassanadm)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(AdTrustMedia) C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1297112 2014-12-09] (COMODO)
HKLM-x32\...\Run: [ASUSPRP] => "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
HKLM-x32\...\Run: [startCCC] => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PrivDogService] => C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe [662184 2014-06-17] (AdTrustMedia)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\RunOnce: [NCInstallQueue] => rundll32 netman.dll,ProcessQueue
HKU\S-1-5-21-4194861436-2547884477-2924792335-1001\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-4194861436-2547884477-2924792335-1001\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2014-12-19] (SUPERAntiSpyware)
HKU\S-1-5-21-4194861436-2547884477-2924792335-1001\...\MountPoints2: {b48e0087-e80b-11e3-929c-742f68fac105} - F:\LGAutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-4194861436-2547884477-2924792335-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://asus.se.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4194861436-2547884477-2924792335-1001 -> DefaultScope {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://se.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-4194861436-2547884477-2924792335-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4194861436-2547884477-2924792335-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-4194861436-2547884477-2924792335-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://se.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll (AdTrustMedia)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Browsing Protection Class -> {C6867EB7-8350-4856-877F-93CF8AE3DC9C} -> C:\Program Files (x86)\Telia\Telias sakerhetstjanster\NRS\iescript\baselitmus.dll No File
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll (AdTrustMedia)
Toolbar: HKLM-x32 - Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Telia\Telias sakerhetstjanster\NRS\iescript\baselitmus.dll No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4194861436-2547884477-2924792335-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\SIGVARD\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
 
Chrome: 
=======
CHR Profile: C:\Users\SIGVARD\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\SIGVARD\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Allin1Convert) - C:\Users\SIGVARD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcncagkkhfoombgbihckkccmkjemhohl [2014-11-29]
CHR Extension: (Google Wallet) - C:\Users\SIGVARD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-10]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-13] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-07-14] (Advanced Micro Devices, Inc.) [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [7618952 2014-12-09] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265304 2014-12-09] (COMODO)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20184 2014-12-09] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [792648 2014-12-09] (COMODO)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-22 15:05 - 2015-01-22 15:06 - 00015318 _____ () C:\Users\SIGVARD\Desktop\FRST.txt
2015-01-22 14:58 - 2015-01-22 14:58 - 00000000 ___RD () C:\Users\SIGVARD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-01-22 14:56 - 2015-01-22 15:05 - 00000000 ____D () C:\FRST
2015-01-22 14:51 - 2015-01-22 14:51 - 02126848 _____ (Farbar) C:\Users\SIGVARD\Desktop\FRST64.exe
2015-01-21 15:31 - 2015-01-21 15:47 - 00002257 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-21 15:31 - 2015-01-21 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-20 21:11 - 2015-01-20 21:11 - 00002998 _____ () C:\Windows\System32\Tasks\{32329D0C-9666-4F45-9951-A79D94B3BD05}
2015-01-14 10:53 - 2015-01-14 10:53 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 10:53 - 2015-01-14 10:53 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 10:53 - 2015-01-14 10:53 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 10:53 - 2015-01-14 10:53 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 10:53 - 2015-01-14 10:53 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 10:53 - 2015-01-14 10:53 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 10:53 - 2015-01-14 10:53 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 10:53 - 2015-01-14 10:53 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 10:53 - 2015-01-14 10:53 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 10:53 - 2015-01-14 10:53 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 10:53 - 2015-01-14 10:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 10:53 - 2015-01-14 10:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 10:53 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-12-27 21:45 - 2014-12-27 21:45 - 00000000 ____D () C:\SUPERDelete
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-22 15:05 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-22 15:05 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-22 15:03 - 2011-11-08 22:46 - 01552213 _____ () C:\Windows\WindowsUpdate.log
2015-01-22 14:59 - 2013-02-09 15:46 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-22 14:58 - 2014-11-27 20:18 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-22 14:58 - 2011-12-30 01:19 - 00000000 ___HD () C:\ASUS.DAT
2015-01-22 14:58 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-22 14:58 - 2009-07-14 05:51 - 00118047 _____ () C:\Windows\setupact.log
2015-01-22 14:57 - 2014-03-22 18:02 - 00251174 _____ () C:\Windows\system32\Drivers\fvstore.dat
2015-01-22 14:57 - 2013-12-19 15:12 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2015-01-22 14:57 - 2011-03-31 23:29 - 00421648 _____ () C:\Windows\PFRO.log
2015-01-22 14:23 - 2014-11-27 20:18 - 00000996 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-22 14:14 - 2014-08-24 10:30 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-22 09:53 - 2011-02-19 04:49 - 00780234 _____ () C:\Windows\system32\perfh01D.dat
2015-01-22 09:53 - 2011-02-19 04:49 - 00202722 _____ () C:\Windows\system32\perfc01D.dat
2015-01-22 09:53 - 2009-07-14 06:13 - 01796326 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 15:37 - 2013-02-02 10:56 - 00000000 ____D () C:\ProgramData\Skype
2015-01-21 15:22 - 2013-02-26 19:40 - 00000000 ____D () C:\Program Files (x86)\MyHeritage
2015-01-21 15:08 - 2013-03-17 22:31 - 00000000 ____D () C:\Users\SIGVARD\AppData\Local\CrashDumps
2015-01-20 21:06 - 2013-02-02 10:57 - 00000000 ____D () C:\Users\SIGVARD\AppData\Roaming\Skype
2015-01-14 11:34 - 2013-08-16 13:58 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-14 11:24 - 2011-12-29 23:23 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-09 16:16 - 2012-01-04 15:40 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-27 22:39 - 2014-08-24 10:29 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-27 22:39 - 2014-08-24 10:29 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-27 22:39 - 2014-08-24 10:29 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-27 22:39 - 2014-08-24 10:29 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-27 22:39 - 2014-08-24 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-27 22:39 - 2014-08-24 10:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-27 13:10 - 2009-07-14 06:08 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
 
==================== Files in the root of some directories =======
2013-02-09 16:33 - 2013-02-09 17:17 - 0007605 _____ () C:\Users\SIGVARD\AppData\Local\Resmon.ResmonCfg
2011-03-31 23:58 - 2010-07-07 00:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-11-08 23:21 - 2011-11-08 23:23 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-11-08 23:21 - 2011-11-08 23:21 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
 
Some content of TEMP:
====================
C:\Users\fassanadm\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\fassanadm\AppData\Local\Temp\msvcp110.dll
C:\Users\fassanadm\AppData\Local\Temp\msvcr110.dll
C:\Users\fassanadm\AppData\Local\Temp\pc-decrapifier.exe
C:\Users\fassanadm\AppData\Local\Temp\sqlite3.dll
C:\Users\SIGVARD\AppData\Local\Temp\APNSetup.exe
C:\Users\SIGVARD\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\SIGVARD\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\SIGVARD\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\SIGVARD\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\SIGVARD\AppData\Local\Temp\LOCKv241.exe
C:\Users\SIGVARD\AppData\Local\Temp\lowproc.exe
C:\Users\SIGVARD\AppData\Local\Temp\msvcp110.dll
C:\Users\SIGVARD\AppData\Local\Temp\msvcr110.dll
C:\Users\SIGVARD\AppData\Local\Temp\MyHeritage_Version_7_0_0_7121_Size_36936376.exe
C:\Users\SIGVARD\AppData\Local\Temp\MyHeritage_Version_7_0_0_7128_Size_37008752.exe
C:\Users\SIGVARD\AppData\Local\Temp\pc-decrapifier.exe
C:\Users\SIGVARD\AppData\Local\Temp\Quarantine.exe
C:\Users\SIGVARD\AppData\Local\Temp\SAS6_Update.exe
C:\Users\SIGVARD\AppData\Local\Temp\SkypeSetup.exe
C:\Users\SIGVARD\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\SIGVARD\AppData\Local\Temp\sqlite3.dll
C:\Users\SIGVARD\AppData\Local\Temp\stubhelper.dll
C:\Users\SIGVARD\AppData\Local\Temp\vcredist_x64.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-04 22:09
 
==================== End Of Log ============================
Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

1. Starta programmet Anteckningar.

Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
1-5-21-4194861436-2547884477-2924792335-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4194861436-2547884477-2924792335-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Browsing Protection Class -> {C6867EB7-8350-4856-877F-93CF8AE3DC9C} -> C:\Program Files (x86)\Telia\Telias sakerhetstjanster\NRS\iescript\baselitmus.dll No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Telia\Telias sakerhetstjanster\NRS\iescript\baselitmus.dll No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR DefaultSuggestURL: Profile 1 -> http://ssmsp.ask.com...q={searchTerms}
CHR Extension: (Allin1Convert) - C:\Users\SIGVARD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcncagkkhfoombgbihckkccmkjemhohl [2014-11-29]
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt  
CMD: ipconfig /release
CMD: ipconfig /renew
EmptyTemp:
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Stäng av alla program.

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Om datorn inte startas om automatiskt så gör det själv.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

 

 

2. Om det fortfarande är problem med Chrome så avinstallera det och ta bort C:\Users\SIGVARD\AppData\Local\Google\Chrome innan en omstart av datorn och ny installation.

 

 

3. Hur är det med reklam mm nu?

Länk till kommentar
Dela på andra webbplatser
Tune

Tune

Postad
  • Trådskapare
Postad

 

 

2. Om det fortfarande är problem med Chrome så avinstallera det och ta bort C:\Users\SIGVARD\AppData\Local\Google\Chrome innan en omstart av datorn och ny installation.

Fixat och Chrome fungerar bättre nu.

 

 

 

3. Hur är det med reklam mm nu?

Ok nu, återkommer om jag märker något senare. 

 

Här kommer Fixlog.txt:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2015

Ran by SIGVARD at 2015-01-23 08:32:39 Run:1
Running from C:\Users\SIGVARD\Desktop
Loaded Profiles: SIGVARD & fassanadm (Available profiles: SIGVARD & fassanadm)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CreateRestorePoint:
CloseProcesses:
1-5-21-4194861436-2547884477-2924792335-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4194861436-2547884477-2924792335-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Browsing Protection Class -> {C6867EB7-8350-4856-877F-93CF8AE3DC9C} -> C:\Program Files (x86)\Telia\Telias sakerhetstjanster\NRS\iescript\baselitmus.dll No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Telia\Telias sakerhetstjanster\NRS\iescript\baselitmus.dll No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR DefaultSuggestURL: Profile 1 -> http://ssmsp.ask.com...q={searchTerms}
CHR Extension: (Allin1Convert) - C:\Users\SIGVARD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcncagkkhfoombgbihckkccmkjemhohl [2014-11-29]
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt  
CMD: ipconfig /release
CMD: ipconfig /renew
EmptyTemp:
*****************
 
Restore point was successfully created.
Processes closed successfully.
1-5-21-4194861436-2547884477-2924792335-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-4194861436-2547884477-2924792335-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found. 
D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. 
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{265EEE8E-3228-44D3-AEA5-F7FDF5860049} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{265EEE8E-3228-44D3-AEA5-F7FDF5860049}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\livecall" => Key deleted successfully.
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => Key not found. 
"HKCR\PROTOCOLS\Handler\msnim" => Key deleted successfully.
HKCR\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => Key not found. 
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer" => Key deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2 => Key not found. 
C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2 => Key not found. 
C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
Chrome DefaultSuggestURL not detected.
C:\Users\SIGVARD\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gcncagkkhfoombgbihckkccmkjemhohl => Moved successfully.
 
=========  ipconfig /flushdns =========
 
 
IP-konfiguration f�r Windows
 
DNS-matcharens cacheminne har rensats.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset catalog =========
 
 
Winsock-katalogen har nollst�llts.
Du m�ste starta om datorn f�r att slutf�ra nollst�llningen.
 
 
========= End of CMD: =========
 
 
=========  netsh int ip reset c:\resetlog.txt =========
 
�terst�llning av Allm�n, OK!
�terst�llning av Gr�nssnitt, OK!
Slutf�r �tg�rden genom att starta om datorn.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /release =========
 
 
IP-konfiguration f�r Windows
 
Ingen �tg�rd kan utf�ras p� Tr�dl�s n�tverksanslutning 2 medan mediet �r fr�nkopplat.
Ingen �tg�rd kan utf�ras p� Bluetooth-n�tverksanslutning medan mediet �r fr�nkopplat.
Ingen �tg�rd kan utf�ras p� Tr�dl�s n�tverksanslutning medan mediet �r fr�nkopplat.
 
Tr�dl�s anslutning Tr�dl�s n�tverksanslutning 2:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
Ethernet-anslutning Bluetooth-n�tverksanslutning:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
Ethernet-anslutning Anslutning till lokalt n�tverk:
 
   Anslutningsspecifika DNS-suffix . : 
   L�nklokal IPv6-adress . . . . . . : fe80::a580:a9c0:d75a:494%12
   Standard-gateway. . . . . . . . . : 
 
Tr�dl�s anslutning Tr�dl�s n�tverksanslutning:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : KallePlanka
 
Tunnelanslutning: isatap.KallePlanka:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
Tunnelanslutning: Teredo Tunneling Pseudo-Interface:
 
   Anslutningsspecifika DNS-suffix . : 
   IPv6-adress . . . . . . . . . . . : 2001:0:9d38:90d7:439:821:3f57:ff85
   L�nklokal IPv6-adress . . . . . . : fe80::439:821:3f57:ff85%17
   Standard-gateway. . . . . . . . . : ::
 
Tunnelanslutning: Anslutning till lokalt n�tverk* 12:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
Tunnelanslutning: isatap.{B8DFF477-DDD1-4DA5-BF2E-B2260236B7FC}:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
Tunnelanslutning: isatap.{53EA528E-F6F6-4FF5-ADA5-5B3B2D015213}:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
Tunnelanslutning: isatap.{5DB4FB9A-D77E-4D65-BE1E-3BC679C16BCB}:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
========= End of CMD: =========
 
 
=========  ipconfig /renew =========
 
 
IP-konfiguration f�r Windows
 
Ingen �tg�rd kan utf�ras p� Tr�dl�s n�tverksanslutning 2 medan mediet �r fr�nkopplat.
Ingen �tg�rd kan utf�ras p� Bluetooth-n�tverksanslutning medan mediet �r fr�nkopplat.
Ingen �tg�rd kan utf�ras p� Tr�dl�s n�tverksanslutning medan mediet �r fr�nkopplat.
 
Tr�dl�s anslutning Tr�dl�s n�tverksanslutning 2:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
Ethernet-anslutning Bluetooth-n�tverksanslutning:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
Ethernet-anslutning Anslutning till lokalt n�tverk:
 
   Anslutningsspecifika DNS-suffix . : 
   L�nklokal IPv6-adress . . . . . . : fe80::a580:a9c0:d75a:494%12
   IPv4-adress . . . . . . . . . . . : 192.168.0.122
   N�tmask . . . . . . . . . . . . . : 255.255.255.0
   Standard-gateway. . . . . . . . . : 192.168.0.1
 
Tr�dl�s anslutning Tr�dl�s n�tverksanslutning:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : KallePlanka
 
Tunnelanslutning: isatap.KallePlanka:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
Tunnelanslutning: Teredo Tunneling Pseudo-Interface:
 
   Anslutningsspecifika DNS-suffix . : 
   IPv6-adress . . . . . . . . . . . : 2001:0:5ef5:79fd:8e:12de:3f57:ff85
   L�nklokal IPv6-adress . . . . . . : fe80::8e:12de:3f57:ff85%17
   Standard-gateway. . . . . . . . . : ::
 
Tunnelanslutning: Anslutning till lokalt n�tverk* 12:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
Tunnelanslutning: isatap.{53EA528E-F6F6-4FF5-ADA5-5B3B2D015213}:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
Tunnelanslutning: isatap.{5DB4FB9A-D77E-4D65-BE1E-3BC679C16BCB}:
 
   Tillst�nd . . . . . . . . . . . . : Fr�nkopplad
   Anslutningsspecifika DNS-suffix . : 
 
========= End of CMD: =========
 
EmptyTemp: => Removed 1.8 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 08:34:39 ====

 

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Det låter ju bra :) och då är det dags att avinstallera AdwCleaner och FRST.

 

1. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Uninstall-knappen.

 

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe

Dubbelklicka på filen för att starta programmet.

Tryck på knappen CleanUp! och FRST kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.

 

3. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/

Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

Gå till ämneslista


×
×
  • Skapa nytt...