Just nu i M3-nätverket
Gå till innehåll

Dregol


lizzy_lini

Rekommendera Poster

Har fått problem med dregol. Bifogar loggarna.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by Filip (administrator) on RASK on 13-07-2015 20:54:30
Running from C:\Users\Filip\Downloads
Loaded Profiles: Filip (Available Profiles: Filip)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\ModLEDKey.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe
(Spotify Ltd) C:\Users\Filip\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\Filip\AppData\Roaming\Spotify\Spotify.exe
(BitTorrent Inc.) C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe
(The Chromium Authors) C:\Users\Filip\AppData\Local\Chromium\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Filip\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDYT.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(The Chromium Authors) C:\Users\Filip\AppData\Local\Chromium\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Users\Filip\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Filip\AppData\Roaming\Spotify\Spotify.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(The Chromium Authors) C:\Users\Filip\AppData\Local\Chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Filip\AppData\Local\Chromium\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_203.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415752 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2093064 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4195848 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [bATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-05-17] (EasyBits Software AS)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-03-12] (Razer Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3730344 2015-06-30] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Run: [Google Update] => C:\Users\Filip\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-16] (Google Inc.)
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Run: [spotify Web Helper] => C:\Users\Filip\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030648 2015-07-09] (Spotify Ltd)
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7800088 2015-07-09] (SUPERAntiSpyware)
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Run: [EvolveClient] => C:\Program Files\Echobit\Evolve\EvolveClient.exe [3333504 2015-06-29] (Echobit LLC)
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28787840 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-06-07] (Electronic Arts)
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Run: [spotify] => C:\Users\Filip\AppData\Roaming\Spotify\Spotify.exe [7504952 2015-07-09] (Spotify Ltd)
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Run: [uTorrent] => C:\Users\Filip\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-06] (BitTorrent Inc.)
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Run: [GoogleChromeAutoLaunch_F683F8BD1A08EAFEA1F373385AC52822] => C:\Users\Filip\AppData\Local\Chromium\Application\chrome.exe [656896 2015-05-10] (The Chromium Authors)
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1332480 2015-04-11] (Bogdan Sharkov)
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Run: [Dropbox Update] => C:\Users\Filip\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\MountPoints2: {0a65fb4a-f9b4-11e0-b8a4-806e6f6e6963} - E:\Setup.exe
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\MountPoints2: {bfcf1e39-c796-11e4-a8f5-2c413895c303} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-2388294183-88590935-431825232-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
AppInit_DLLs-x32: C:\PROGRA~3\{0623E~1\1170~1.1\mice.dll => "C:\PROGRA~3\{0623E~1\1170~1.1\mice.dll" File not found
AppInit_DLLs-x32:  c:\progra~2\sshelp~1\sprote~1.dll => "c:\progra~2\sshelp~1\sprote~1.dll" File not found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2013-04-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-09-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Filip\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Filip\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-26] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2388294183-88590935-431825232-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2388294183-88590935-431825232-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-2388294183-88590935-431825232-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/33
HKU\S-1-5-21-2388294183-88590935-431825232-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID=226786&Mkt=sv-SE&Src=MSE&Tid=000328B0&OHP=http%3A%2F%2Fwww.dregol.com%2F%3Ff%3D1%26a%3Ddrg%5Fmlvi%5F15%5F20%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0ByD0Bzy0DtA0D0EtAyBtCtN0D0Tzu0StCtBtBzztN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyD0B0DyB0E0ByE0EtG0EyCtDyBtG0FyCtCtBtGzy0ByD0FtGtA0CzytB0DzztB0CtC0FyB0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtB0DzztBtDyCyEtGyCyDtByCtGyEtA0D0EtGzzyB0B0CtGzytD0AtAtBzzzy0CtD0D0E0D2QtN0A0LzuyE%26cr%3D537982374%26ir%3D,http%3A%2F%2Fwww.google.com&OSP=http%3A%2F%2Fwww.dregol.com%2Fresults.php%3Ff%3D4%26q%3D%7BsearchTerms%7D%26a%3Ddrg%5Fmlvi%5F15%5F20%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0EtB0ByD0Bzy0DtA0D0EtAyBtCtN0D0Tzu0StCtBtBzztN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyD0B0DyB0E0ByE0EtG0EyCtDyBtG0FyCtCtBtGzy0ByD0FtGtA0CzytB0DzztB0CtC0FyB0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtB0DzztBtDyCyEtGyCyDtByCtGyEtA0D0EtGzzyB0B0CtGzytD0AtAtBzzzy0CtD0D0E0D2QtN0A0LzuyE%26cr%3D537982374%26ir%3D
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {8624B0F3-BAD3-4037-B615-1D44EA7C769D} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {8624B0F3-BAD3-4037-B615-1D44EA7C769D} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2388294183-88590935-431825232-1000 -> DefaultScope {E040BB68-7249-4DF9-AEFB-53522DF0AE97} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-2388294183-88590935-431825232-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2388294183-88590935-431825232-1000 -> {8624B0F3-BAD3-4037-B615-1D44EA7C769D} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2388294183-88590935-431825232-1000 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = https://se.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2388294183-88590935-431825232-1000 -> {E040BB68-7249-4DF9-AEFB-53522DF0AE97} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-04] (Oracle Corporation)
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-06-09] (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-04] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07] (Oracle Corporation)
BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll [2011-06-09] (HP)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Crazy Score -> {f439aa7e-a2a0-4635-99a2-164180e848ca} -> C:\Program Files (x86)\Crazy Score\Extensions\f439aa7e-a2a0-4635-99a2-164180e848ca.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-10-18] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{DF61C49A-D06F-404D-9503-7EF47F6AE95C}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{F43805EE-02C3-4A10-94EE-7C024FE63073}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{F4573B01-6A67-4A18-BDAF-3DD4AA1E4941}: [DhcpNameServer] 195.67.199.18 195.67.199.19
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\uvh9low0.default
FF DefaultSearchEngine,S:
FF DefaultSearchUrl:
FF SearchEngineOrder.1:
FF SearchEngineOrder.1,S:
FF SelectedSearchEngine: Yahoo!
FF SelectedSearchEngine,S:
FF Homepage: https://www.google.se/
FF Keyword.URL: https://se.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=903578&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-02-11] (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @ei.VideoDownloadConverter_4z.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-05-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2388294183-88590935-431825232-1000: @nsroblox.roblox.com/launcher -> C:\Users\Filip\AppData\Local\Roblox\Versions\version-a730860d440c4e6c\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2388294183-88590935-431825232-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Filip\AppData\Local\Roblox\Versions\version-a730860d440c4e6c\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2388294183-88590935-431825232-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2388294183-88590935-431825232-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2388294183-88590935-431825232-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Filip\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-21] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\uvh9low0.default\user.js [2015-05-13]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\uvh9low0.default\searchplugins\mozilla-support.xml [2015-07-13]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml [2014-09-19]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml [2014-09-19]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml [2014-09-19]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml [2015-01-14]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml [2014-09-19]
FF Extension: shoppilation - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\uvh9low0.default\Extensions\ck_sljgvygjxhyg@vltzhvhxwqawl.org [2015-07-05]
FF Extension: Widevine Media Optimizer - C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\uvh9low0.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-07-24]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2015-07-09]
FF HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (dregol New Tab) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim [2015-07-13]
CHR Extension: (Google Wallet) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-12]
CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2388294183-88590935-431825232-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Filip\AppData\Local\Torch\Plugins\TorchPlugin.crx [Not Found]
StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-25] (SUPERAntiSpyware.com)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3518376 2015-06-30] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [314304 2015-06-30] (AVG Technologies CZ, s.r.o.)
S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2015-05-11] (Echobit LLC)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-07] (Electronic Arts)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-03] ()
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe [100752 2015-05-07] (Wondershare)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [293296 2015-06-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [226784 2015-06-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)
S3 CMUSBDAC; C:\Windows\System32\DRIVERS\CMUSBDAC.sys [386560 2013-10-15] (C-Media Inc.)
R3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-08-14] (Echobit, LLC)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2486416 2014-12-31] (MediaTek Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-10-18] ()
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
S1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
R3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [35496 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-13 20:54 - 2015-07-13 20:54 - 00033614 _____ C:\Users\Filip\Downloads\FRST.txt
2015-07-13 20:54 - 2015-07-13 20:54 - 00000000 ____D C:\FRST
2015-07-13 20:51 - 2015-07-13 20:51 - 02133504 _____ (Farbar) C:\Users\Filip\Downloads\FRST64.exe
2015-07-13 20:21 - 2015-07-13 20:21 - 00036500 _____ C:\malware antibytes.txt
2015-07-13 19:34 - 2015-07-13 20:39 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-13 19:34 - 2015-07-13 19:34 - 00001100 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-13 19:33 - 2015-07-13 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-13 19:33 - 2015-07-13 19:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-13 19:33 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-13 19:33 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-13 19:31 - 2015-07-13 19:31 - 00000024 _____ C:\Users\Filip\AppData\Roaming\appdataFr25.bin
2015-07-11 16:57 - 2015-07-11 16:57 - 00000000 ____D C:\Users\Filip\AppData\Roaming\AVG2015
2015-07-11 16:56 - 2015-07-11 16:56 - 00000967 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-07-11 16:56 - 2015-07-11 16:56 - 00000000 ____D C:\Users\Filip\AppData\Roaming\TuneUp Software
2015-07-11 16:56 - 2015-07-11 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-07-11 16:56 - 2015-07-11 16:56 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-11 16:54 - 2015-07-11 16:56 - 00000000 ____D C:\ProgramData\AVG2015
2015-07-11 16:54 - 2015-07-11 16:54 - 00000000 ___HD C:\$AVG
2015-07-11 16:52 - 2015-07-11 16:52 - 00000000 ____D C:\Program Files (x86)\AVG
2015-07-11 16:37 - 2015-07-11 16:37 - 04928968 _____ (AVG Technologies) C:\Users\Filip\Downloads\avg_free_stb_all_5961p1_177(1).exe
2015-07-11 16:20 - 2015-07-11 16:20 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-11 16:07 - 2015-07-13 20:35 - 00000000 ____D C:\ProgramData\MFAData
2015-07-11 16:07 - 2015-07-11 17:06 - 00000000 ____D C:\Users\Filip\AppData\Local\Avg2015
2015-07-11 16:07 - 2015-07-11 16:07 - 04928968 _____ (AVG Technologies) C:\Users\Filip\Downloads\avg_free_stb_all_5961p1_177.exe
2015-07-11 16:07 - 2015-07-11 16:07 - 00000000 ____D C:\Users\Filip\AppData\Local\MFAData
2015-07-08 23:57 - 2015-07-09 00:57 - 18174128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-08 01:47 - 2015-07-11 17:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-02 19:58 - 2015-07-02 20:03 - 00000000 ____D C:\Users\Filip\Desktop\direwolf20_17
2015-06-27 15:49 - 2015-06-27 15:49 - 00000000 ____D C:\Users\Filip\AppData\Local\RzStats
2015-06-26 09:49 - 2015-06-26 09:49 - 00293296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-06-25 23:47 - 2015-06-26 00:32 - 1354572050 _____ C:\Users\Filip\Desktop\The_Reckoning(1).zip
2015-06-23 19:33 - 2015-06-23 19:33 - 00001190 _____ C:\Users\Filip\Desktop\Paint.NET.lnk
2015-06-23 19:28 - 2015-06-23 19:28 - 00000000 ____D C:\Users\Filip\Desktop\Calradia Imperial Age3.1
2015-06-23 19:24 - 2015-06-23 19:24 - 00272005 _____ C:\Users\Filip\Desktop\swed banner.xcf
2015-06-23 19:24 - 2015-06-23 19:24 - 00002094 _____ C:\Users\Filip\AppData\Local\recently-used.xbel
2015-06-19 19:34 - 2015-06-19 19:36 - 00000000 ____D C:\Users\Filip\Desktop\MindCrack
2015-06-17 20:16 - 2015-07-13 20:21 - 00001014 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2388294183-88590935-431825232-1000UA.job
2015-06-17 20:16 - 2015-07-13 20:21 - 00000962 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2388294183-88590935-431825232-1000Core.job
2015-06-17 20:16 - 2015-06-17 20:16 - 00003984 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2388294183-88590935-431825232-1000UA
2015-06-17 20:16 - 2015-06-17 20:16 - 00003588 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2388294183-88590935-431825232-1000Core
2015-06-17 20:16 - 2015-06-17 20:16 - 00000000 ____D C:\Users\Filip\AppData\Local\Dropbox
2015-06-17 20:16 - 2015-06-17 20:16 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-16 15:55 - 2015-06-16 15:55 - 00259040 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-13 20:51 - 2015-04-25 14:26 - 00000000 ____D C:\Users\Filip\AppData\Roaming\uTorrent
2015-07-13 20:49 - 2012-12-26 13:05 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Skype
2015-07-13 20:42 - 2015-05-13 16:42 - 00000292 _____ C:\Windows\Tasks\Run_dregol.job
2015-07-13 20:41 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-13 20:41 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-13 20:39 - 2012-03-28 15:49 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Spotify
2015-07-13 20:36 - 2011-12-24 20:29 - 02050163 _____ C:\Windows\WindowsUpdate.log
2015-07-13 20:34 - 2013-09-18 19:41 - 00000000 ___RD C:\Users\Filip\Dropbox
2015-07-13 20:34 - 2013-09-18 19:37 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Dropbox
2015-07-13 20:31 - 2012-03-28 15:50 - 00000000 ____D C:\Users\Filip\AppData\Local\Spotify
2015-07-13 20:31 - 2011-10-18 18:54 - 00000000 ____D C:\ProgramData\PDFC
2015-07-13 20:29 - 2009-07-14 06:51 - 00372500 _____ C:\Windows\setupact.log
2015-07-13 20:28 - 2010-11-21 05:47 - 00832188 _____ C:\Windows\PFRO.log
2015-07-13 20:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-13 19:57 - 2012-11-10 13:32 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-13 19:34 - 2013-02-10 17:32 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Malwarebytes
2015-07-13 19:33 - 2013-02-10 17:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-13 19:33 - 2013-02-10 17:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-07-13 18:07 - 2011-12-24 20:37 - 00003908 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{664738AC-293D-4CDD-954C-1CFDB6083071}
2015-07-13 15:34 - 2013-12-15 00:38 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForFilip.job
2015-07-13 13:58 - 2012-01-25 17:38 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-07-13 03:55 - 2011-12-26 15:21 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2388294183-88590935-431825232-1000Core.job
2015-07-13 00:00 - 2011-10-18 19:00 - 00000000 ____D C:\ProgramData\truesuite
2015-07-12 09:41 - 2012-02-19 21:30 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-07-12 09:39 - 2012-02-19 21:28 - 00000000 ____D C:\Users\Filip\AppData\Roaming\HP Support Assistant
2015-07-12 09:39 - 2011-12-25 20:59 - 00000000 ____D C:\Users\Filip\AppData\Roaming\HpUpdate
2015-07-11 17:53 - 2015-05-13 16:41 - 00000000 ____D C:\Program Files (x86)\Super Optimizer
2015-07-11 16:07 - 2013-10-23 10:59 - 00000000 ____D C:\Users\Filip\AppData\Local\Battle.net
2015-07-11 15:38 - 2014-06-03 16:57 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-09 21:23 - 2013-02-10 18:59 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-07-09 21:23 - 2012-05-04 20:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-09 19:44 - 2013-10-23 10:59 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-07-09 18:06 - 2014-08-26 16:27 - 00000000 ____D C:\Users\Filip\AppData\Local\Adobe
2015-07-09 18:05 - 2012-11-10 13:32 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-09 18:05 - 2012-11-10 13:32 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-09 18:05 - 2011-10-18 18:50 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 09:31 - 2013-12-15 00:38 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForFilip
2015-07-05 12:08 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 00:30 - 2015-03-10 17:09 - 00000000 ____D C:\Users\Filip\AppData\Local\Windows Live
2015-07-02 19:58 - 2015-04-03 14:12 - 00000000 ____D C:\Users\Filip\AppData\Local\ftblauncher
2015-07-02 19:58 - 2015-04-03 14:11 - 06628862 _____ () C:\Users\Filip\Desktop\FTB_Launcher.exe
2015-07-02 19:58 - 2013-03-23 18:14 - 00000000 ____D C:\Users\Filip\AppData\Roaming\ftblauncher
2015-06-30 19:41 - 2013-10-23 11:01 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-06-30 12:38 - 2014-10-10 16:20 - 00000000 ____D C:\ProgramData\Origin
2015-06-24 23:30 - 2014-06-03 17:39 - 00000000 ____D C:\Users\Filip\Documents\Mount&Blade Warband Savegames
2015-06-24 22:41 - 2013-09-14 11:09 - 00000000 ____D C:\Users\Filip\AppData\Local\Paint.NET
2015-06-24 11:15 - 2014-12-30 23:52 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-23 19:25 - 2015-04-25 14:36 - 00000000 ____D C:\Users\Filip\.gimp-2.8
2015-06-23 19:24 - 2015-04-25 15:38 - 00000000 ____D C:\Users\Filip\AppData\Local\gtk-2.0
2015-06-22 17:02 - 2009-07-14 07:08 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-19 19:36 - 2015-04-04 20:57 - 00000000 ____D C:\Users\Filip\Desktop\assets
2015-06-19 19:35 - 2015-04-04 20:57 - 00000000 ____D C:\Users\Filip\Desktop\versions
2015-06-19 19:12 - 2014-11-01 18:16 - 00000000 ____D C:\Users\Filip\AppData\Roaming\Audacity
2015-06-18 08:41 - 2013-02-10 17:32 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

==================== Files in the root of some directories =======

2011-10-18 19:00 - 2011-06-10 01:44 - 0002792 _____ () C:\Program Files\HP SimplePass 2011
2015-06-02 07:34 - 2015-06-02 07:34 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-07-13 19:31 - 2015-07-13 19:31 - 0000024 _____ () C:\Users\Filip\AppData\Roaming\appdataFr25.bin
2013-02-26 15:33 - 2013-02-26 15:33 - 0703117 _____ () C:\Users\Filip\AppData\Roaming\technic-launcher.jar
2015-06-23 19:24 - 2015-06-23 19:24 - 0002094 _____ () C:\Users\Filip\AppData\Local\recently-used.xbel
2013-12-04 16:00 - 2013-12-04 16:00 - 0007605 _____ () C:\Users\Filip\AppData\Local\Resmon.ResmonCfg
2012-01-13 21:31 - 2012-01-13 21:31 - 0000003 _____ () C:\ProgramData\MusicStation.log
2012-01-13 21:24 - 2012-01-13 21:24 - 0000243 _____ () C:\ProgramData\MusicStation.xml

Some files in TEMP:
====================
C:\Users\Filip\AppData\Local\Temp\05989ba9835688c880afaaa90a04c180.dll
C:\Users\Filip\AppData\Local\Temp\27fff54a706caf16275619fa9b79269c.dll
C:\Users\Filip\AppData\Local\Temp\8378cfe9e2de447216881cb9b08de2c9.dll
C:\Users\Filip\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Filip\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiojt4p.dll
C:\Users\Filip\AppData\Local\Temp\EAD21F5.exe
C:\Users\Filip\AppData\Local\Temp\EAD2210.exe
C:\Users\Filip\AppData\Local\Temp\EAD2625.exe
C:\Users\Filip\AppData\Local\Temp\EAD297F.exe
C:\Users\Filip\AppData\Local\Temp\EAD3366.exe
C:\Users\Filip\AppData\Local\Temp\EAD3726.exe
C:\Users\Filip\AppData\Local\Temp\EAD3AAE.exe
C:\Users\Filip\AppData\Local\Temp\EAD3CE0.exe
C:\Users\Filip\AppData\Local\Temp\EAD45F4.exe
C:\Users\Filip\AppData\Local\Temp\EAD547C.exe
C:\Users\Filip\AppData\Local\Temp\EAD63E0.exe
C:\Users\Filip\AppData\Local\Temp\EAD6DEE.exe
C:\Users\Filip\AppData\Local\Temp\EAD6E2D.exe
C:\Users\Filip\AppData\Local\Temp\EAD7CEC.exe
C:\Users\Filip\AppData\Local\Temp\EAD7F0F.exe
C:\Users\Filip\AppData\Local\Temp\EAD8323.exe
C:\Users\Filip\AppData\Local\Temp\EAD83A0.exe
C:\Users\Filip\AppData\Local\Temp\EAD9491.exe
C:\Users\Filip\AppData\Local\Temp\EAD9775.exe
C:\Users\Filip\AppData\Local\Temp\EAD99BF.exe
C:\Users\Filip\AppData\Local\Temp\EAD99DE.exe
C:\Users\Filip\AppData\Local\Temp\EADAF8.exe
C:\Users\Filip\AppData\Local\Temp\EADB06A.exe
C:\Users\Filip\AppData\Local\Temp\EADB431.exe
C:\Users\Filip\AppData\Local\Temp\EADB653.exe
C:\Users\Filip\AppData\Local\Temp\EADBFD5.exe
C:\Users\Filip\AppData\Local\Temp\EADDA66.exe
C:\Users\Filip\AppData\Local\Temp\EADDC88.exe
C:\Users\Filip\AppData\Local\Temp\EADE520.exe
C:\Users\Filip\AppData\Local\Temp\EADE968.exe
C:\Users\Filip\AppData\Local\Temp\EADEB96.exe
C:\Users\Filip\AppData\Local\Temp\EADFF64.exe
C:\Users\Filip\AppData\Local\Temp\Extract.exe
C:\Users\Filip\AppData\Local\Temp\ICReinstall_Malavida_Download_Manager.exe
C:\Users\Filip\AppData\Local\Temp\ICSW1.8_1H1T1I1T2X1L1Q1T1.8.exe
C:\Users\Filip\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Filip\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Filip\AppData\Local\Temp\Nexus Mod Manager-0.53.4.exe
C:\Users\Filip\AppData\Local\Temp\Nexus Mod Manager-0.53.6.exe
C:\Users\Filip\AppData\Local\Temp\Nexus Mod Manager-0.53.7.exe
C:\Users\Filip\AppData\Local\Temp\Nexus Mod Manager-0.54.10.exe
C:\Users\Filip\AppData\Local\Temp\Nexus Mod Manager-0.54.9.exe
C:\Users\Filip\AppData\Local\Temp\Nexus Mod Manager-0.55.0.exe
C:\Users\Filip\AppData\Local\Temp\NVI2_29.DLL
C:\Users\Filip\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Filip\AppData\Local\Temp\nvStInst.exe
C:\Users\Filip\AppData\Local\Temp\SAS6_Update.exe
C:\Users\Filip\AppData\Local\Temp\setacl.exe
C:\Users\Filip\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Filip\AppData\Local\Temp\SP70418.exe
C:\Users\Filip\AppData\Local\Temp\uttB66B.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 00:35

==================== End of log ============================

Addition.txt

Länk till kommentar
Dela på andra webbplatser

1. Avinstallera:

Java 7 Update 60
Java 7 Update 71

Eftersom det är gamla Java-versioner med kända säkerhetshål.

 

Avinstallera Microsoft Security Essentials eftersom AVG är installerat.

 

 

2. Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på knappen Log file.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[R0].txt

Länk till kommentar
Dela på andra webbplatser

Här kommer loggen

 

# AdwCleaner v4.208 - Logfile created 14/07/2015 at 20:31:35
# Updated 09/07/2015 by Xplode
# Database : 2015-07-11.1 [server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Filip - RASK
# Running from : C:\Users\Filip\Downloads\adwcleaner_4.208.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Program Files (x86)\prefs.js
File Found : C:\Users\Filip\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.dregol.com_0.localstorage
File Found : C:\Users\Filip\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www1.delta-search.com_0.localstorage
File Found : C:\Users\Filip\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www1.delta-search.com_0.localstorage-journal
File Found : C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\uvh9low0.default\invalidprefs.js
File Found : C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\uvh9low0.default\user.js
Folder Found : C:\Program Files (x86)\fastusaler
Folder Found : C:\Program Files (x86)\nItrOduEal
Folder Found : C:\Program Files (x86)\offErsoefti
Folder Found : C:\Program Files (x86)\ss helper
Folder Found : C:\Program Files (x86)\Super Optimizer
Folder Found : C:\Program Files (x86)\VideoDownloadConverter_4zEI
Folder Found : C:\ProgramData\1067752904453267938
Folder Found : C:\ProgramData\Download keEper
Folder Found : C:\Users\Filip\AppData\LocalLow\VideoDownloadConverter_4zEI
Folder Found : C:\Users\Filip\AppData\Roaming\Mozilla\Firefox\Profiles\uvh9low0.default\Extensions\ck_sljgvygjxhyg@vltzhvhxwqawl.org
Folder Found : C:\Users\Filip\AppData\Roaming\OpenCandy
 
***** [ Scheduled tasks ] *****
 
Task Found : Run_Dregol
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\sshelp~1\sprote~1.dll
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4zEI
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\Avg Secure Update
Key Found : HKCU\Software\Google\Chrome\Extensions\ihokndmjeombjojnfkmapfnjeghjohim
Key Found : HKCU\Software\PRODUCTSETUP
Key Found : HKCU\Software\torch
Key Found : [x64] HKCU\Software\Avg Secure Update
Key Found : [x64] HKCU\Software\PRODUCTSETUP
Key Found : [x64] HKCU\Software\torch
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\a468d12f-e9f0-b130-cd2b-ced426b3eae3
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BDAF5CA1-4082-4F20-B44D-0238A9183DCA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FC39A9F4-77FF-4595-BDEC-8B768C481257}
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4zInstaller.Start
Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4zInstaller.Start.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ihokndmjeombjojnfkmapfnjeghjohim
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20188537-BC86-1F4B-6B72-1AA2EC4E9C93}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1A27135-69EB-8D44-7358-34727DD7B820}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_eea72b4f
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
Key Found : HKLM\SOFTWARE\SP Global
Key Found : HKLM\SOFTWARE\SProtector
Key Found : HKLM\SOFTWARE\torch
Key Found : HKLM\SOFTWARE\VideoDownloadConverter_4zEI
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\ihokndmjeombjojnfkmapfnjeghjohim
Key Found : HKU\.DEFAULT\Software\Avg Secure Update
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
 
-\\ Mozilla Firefox v39.0 (x86 sv-SE)
 
[uvh9low0.default] - Line Found : user_pref("aol_toolbar.default.homepage.check", false);
[uvh9low0.default] - Line Found : user_pref("aol_toolbar.default.search.check", false);
[uvh9low0.default] - Line Found : user_pref("extensions.BabylonToolbar.prtkDS", 0);
[uvh9low0.default] - Line Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
[uvh9low0.default] - Line Found : user_pref("extensions.OZTZBlkxAQnUaMEn.scode", "(function(){try{if(window.location.href.indexOf(\"rjs9qTk5pds6rHn4qdrHqjrHpdw\")>-1){return;}}catch(e){}try{var d=[[\"cryptogmail.com\",\"bancdebinary.c[...]
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.BUTTON_STRUCTURE", "[{\"b\":221351975,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221351976,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.browser.search.defaultenginename.prev", "Allaannonser");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.browser.search.defaultenginename.savedPrev", "true");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.browser.search.defaultenginename.tb", "Ask Web Search");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.browser.search.selectedEngine.prev", "Ask Web Search");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.browser.search.selectedEngine.savedPrev", "true");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.browser.search.selectedEngine.tb", "Ask Web Search");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.browser.startup.homepage.savedPrev", "true");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=85B6FF42-F4DC-4E7A-9C34-678CD6E42C03&n=781b15ea&p2=^BBQ^xdm184^YYA^se&si=downs[...]
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.browser.startup.page.savedPrev", 1);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.browser.startup.page.tb", 1);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.browser.version.last", "37.0");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.firstKnownVersion", "6.85.5.65004");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=85B6FF42-F4DC-4E7A-9C34-678CD6E42C03&n=781b15ea&p2=^BBQ^xdm184^YYA^se&si=downspeedtest");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.hp.enabled", false);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.hp.guardType", "HPR");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.hp.user.defined", true);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.initialized", true);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.installKeysSource", "LocalStorage");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.installType", "XPI");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.contextKey", "");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.installDate", "2015041002");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.partnerId", "^BBQ^xdm184^YYA^se");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.partnerSubId", "downspeedtest");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.pixelUrl", "hxxp://free.internetspeedtracker.com/install_pixels.jhtml?partner=^BBQ^xdm184^YYA^se&sub_id=downspeedtest&coId=467647f4334c[...]
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.success", true);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.installation.toolbarId", "85B6FF42-F4DC-4E7A-9C34-678CD6E42C03");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.isCompliantUninstallImplementation", true);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.lastActivePing", "1428693984558");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.lastKnownVersion", "6.85.5.65004");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.options.defaultSearch", true);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.options.homePageEnabled", true);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.options.keywordEnabled", false);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.options.tabEnabled", false);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.partnerPixelFired", true);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.successUrl", "hxxp://downspeedtest.com/thankyou.php");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.toolbar.ownSearch", false);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.toolbarCollapsed", true);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark._9tMembers_.weather.location", "10001");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[uvh9low0.default] - Line Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "internetspeedtracker@mindspark.com");
 
-\\ Google Chrome v
 
[C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Homepage] : hxxp://www.dregol.com/?f=1&a=drg_mlvi_15_20&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByD0Bzy0DtA0D0EtAyBtCtN0D0Tzu0StCtBtBzztN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyD0B0DyB0E0ByE0EtG0EyCtDyBtG0FyCtCtBtGzy0ByD0FtGtA0CzytB0DzztB0CtC0FyB0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtB0DzztBtDyCyEtGyCyDtByCtGyEtA0D0EtGzzyB0B0CtGzytD0AtAtBzzzy0CtD0D0E0D2QtN0A0LzuyE&cr=537982374&ir=
[C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [startup_URLs] : 140C7EDADC93CA7DAE2C566572C7C51CA4BEB34A027442B756A9F4979569A5BB"},"software_reporter":{"prompt_reason":"CD6076AE1580DE18A41E888A993626AB2A21DD39B17D616AB022BACCE9F10F70","prompt_seed":"1B4FF98CA21072B52DB5EFDB0A62680FA2D4071059BE46041445617423193E66","prompt_version":"BC689076883504ADFBDB3CA8644F4818EC37C55B453C455714E0D1588839F4D8"},"sync":{"remaining_rollback_tries":"1E5375822B10D2F06C191CAA9C9FE9C31A1C455B2FA5502FF92A62956B74E291"}},"super_mac":"E54603080B76351A4FDC4214AC5BF1B691B488EB0A9A2E1C6072B87B67411B3B"},"safebrowsing":{"incidents_sent":{"6":{"script_request_incident":"42"}}},"session":{"startup_urls":["hxxp://www.dregol.com/?f=7&a=drg_mlvi_15_20&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByD0Bzy0DtA0D0EtAyBtCtN0D0Tzu0StCtBtBzztN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyD0B0DyB0E0ByE0EtG0EyCtDyBtG0FyCtCtBtGzy0ByD0FtGtA0CzytB0DzztB0CtC0FyB0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtB0DzztBtDyCyEtGyCyDtByCtGyEtA0D0EtGzzyB0B0CtGzytD0AtAtBzzzy0CtD0D0E0D2QtN0A0LzuyE&cr=537982374&ir=
 
-\\ Chromium v44.0.2397.0
 
[C:\Users\Filip\AppData\Local\Chromium\User Data\Default\Web data] - Found [search Provider] : hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_mlvi_15_20&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByD0Bzy0DtA0D0EtAyBtCtN0D0Tzu0StCtBtBzztN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyD0B0DyB0E0ByE0EtG0EyCtDyBtG0FyCtCtBtGzy0ByD0FtGtA0CzytB0DzztB0CtC0FyB0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtB0DzztBtDyCyEtGyCyDtByCtGyEtA0D0EtGzzyB0B0CtGzytD0AtAtBzzzy0CtD0D0E0D2QtN0A0LzuyE&cr=537982374&ir=&uref=chmm
[C:\Users\Filip\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Found [Homepage] : hxxp://www.dregol.com/?f=1&a=drg_mlvi_15_20&cd=2XzuyEtN2Y1L1QzuyByE0D0EtB0ByD0Bzy0DtA0D0EtAyBtCtN0D0Tzu0StCtBtBzztN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyD0B0DyB0E0ByE0EtG0EyCtDyBtG0FyCtCtBtGzy0ByD0FtGtA0CzytB0DzztB0CtC0FyB0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EtB0DzztBtDyCyEtGyCyDtByCtGyEtA0D0EtGzzyB0B0CtGzytD0AtAtBzzzy0CtD0D0E0D2QtN0A0LzuyE&cr=537982374&ir=&uref=chmm
[C:\Users\Filip\AppData\Local\Chromium\User Data\Default\Secure Preferences] - Found [startup_URLs] : 5D766E80B36CEEA0079E4C08C721010A72D6DDB52409AFD8808CE1B4D8026624"},"software_reporter":{"prompt_reason":"5A1EEE6610B0E60FAD44D731D9768B67743F2307846BA8C85E4A6884DBA2CC78","prompt_seed":"D12521B12F27ED8D55846D6FE25154BD22242084A3546A89F2435F0D6575A92E","prompt_version":"565C7DC33789AA140A0FFC230B569B2F592F494FD1FE1EF8BAEA97F43DB5B49E"},"sync":{"remaining_rollback_tries":"330199A48C5F90321D74BF4A3B8CAD4B7FF7FA5817F414DCBE4E6C2F52FBDA56"}},"super_mac":"F45FF46EB5D57D566D0AD52CCE97D02474B7D33D1709913AD3DE94B58CCD5361"},"search_provider_overrides":[{"encoding":"UTF-8","favicon_url":"hxxp://www.dregol.com/favicon.ico
 
*************************
 
AdwCleaner[R0].txt - [14883 bytes] - [14/07/2015 20:31:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [14943 bytes] ##########
Länk till kommentar
Dela på andra webbplatser

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.

Klicka på Clean-knappen.
Tryck på OK.
Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s0].txt.

 

 

2. Starta FRST.

Bocka för Addition.txt.

Skanna med FRST och klistra in resp. bifoga de två nya loggfilerna.

 

 

3. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Välj alternativet Enable detection of potentially unwanted applications.

Klicka på Advanced Settings.
Ta bort bocken framför Remove found threats.
Bocka för:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Här kommer loggen

 

 

C:\Users\Filip\AppData\Local Microsoftarrow-10x10.png Windowsarrow-10x10.png\Temporary Internet Files\Content.IE5\0D10A9XV\Coupish_vittalia_Filewin[1].exe Win32/BrowserCompanion.B potentially unwanted applicationarrow-10x10.png

C:\Users\Filip\AppData\Local Microsoftarrow-10x10.png Windowsarrow-10x10.png\Temporary Internet Files\Content.IE5\0D10A9XV\toolbar[1].exe Win32/Toolbar.Babylon potentially unwanted applicationarrow-10x10.png

C:\Users\Filip\AppData\Local\Temp\ICSW1.8_1H1T1I1T2X1L1Q1T1.8.exe a variant of Win32/InstallCore.VD potentially unwanted applicationarrow-10x10.png

C:\Users\Filip\AppData\Local\Temp\is367047667\579B83E9_stp\icc.dll a variant of Win32/InstallCore.YX potentially unwanted applicationarrow-10x10.png

C:\Users\Filip\AppData\Roaming\uTorrent updatesarrow-10x10.png\3.4.3_40097.exe a variant of Win32/OpenCandy.C potentially unsafe application

C:\Users\Filip Downloadsarrow-10x10.png\Babylon10_setup(1).exe a variant of Win32/Toolbar.Babylon.E potentially unwanted application

C:\Users\Filip Downloadsarrow-10x10.png\Babylon10_setup.exe a variant of Win32/Toolbar.Babylon.E potentially unwanted application

C:\Users\Filip Downloadsarrow-10x10.png\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application

 

Addition_16-07-2015_19-03-55.txt

FRST_16-07-2015_19-03-55.txt

Länk till kommentar
Dela på andra webbplatser

Hur gick det med AdwCleaner?

 

 

CHR dev: Chrome dev build detected! <======= ATTENTION

Det innebär att man får testversioner av Chrome avsedda för utvecklare. Dessa testversioner har sänkt säkerhet jämfört med den vanliga Chrome-versionen. För att återgå till vanliga Chrome-versioner med höjd säkerhet måste man avinstallera Chrome, ta bort mappen C:\Users\Filip\AppData\Local\Google\Chrome och starta om datorn innan man installerar Chrome på nytt.

 

 

Nedanstående skript kommer att tömma papperskorgar och mappar för tillfälliga filer. Kontrollera att det inte finns något i dem som ska vara kvar. 

Starta programmet Anteckningar.

Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-2388294183-88590935-431825232-1000\...\MountPoints2: {0a65fb4a-f9b4-11e0-b8a4-806e6f6e6963} - E:\Setup.exe
AppInit_DLLs-x32: C:\PROGRA~3\{0623E~1\1170~1.1\mice.dll => "C:\PROGRA~3\{0623E~1\1170~1.1\mice.dll" File not found
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2388294183-88590935-431825232-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2388294183-88590935-431825232-1000 -> {8624B0F3-BAD3-4037-B615-1D44EA7C769D} URL = 
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CustomCLSID: HKU\S-1-5-21-2388294183-88590935-431825232-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2388294183-88590935-431825232-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2388294183-88590935-431825232-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2388294183-88590935-431825232-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2388294183-88590935-431825232-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2388294183-88590935-431825232-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2388294183-88590935-431825232-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2388294183-88590935-431825232-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Filip\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
EmptyTemp:
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Stäng av alla program.

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Om datorn inte startas om automatiskt så gör det själv.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Finns en del kvar i Chromium (inte riktigt samma sak som Chrome). Försvinner de om du låter AdwCleaner ta bort det den hittat?

Länk till kommentar
Dela på andra webbplatser

Hejsan

Såg det efter jag skickat loggarna. Gick inte att ta bort med adw cleaner, så jag tog bort chromiummappen. Verkar vara samma innehåll som i nya chrome. Så det kan väl inte göra ngt eller?

Länk till kommentar
Dela på andra webbplatser

Chrome och Chromium är två olika produkter, även om de är besläktade. Att ta bort Chromium-mappen påverkar inte Chrome.

 

Verkar allt bra med datorn nu?

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...