Just nu i M3-nätverket
Gå till innehåll

Hjälp att få bort CinemaP


Sosso

Rekommendera Poster

Behöver hjälp att få bort cinemaP bl.a....

Håller på att bli tokig på alla ads och popup och allt möjligt....

Var börjar jag, skulle behöva en koll på hela datorn... nån som kan hjälpa?

Dom 3 programmen på bilden kom samtidigt, och avinstallationen funkar inte...

/Sofia.

Länk till kommentar
Dela på andra webbplatser


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Sosso (administrator) on LAPTOPSOFIA on 24-07-2015 15:13:28
Running from C:\Users\Sosso\Downloads
Loaded Profiles: Sosso (Available Profiles: Sosso & Langen)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(XTab system) C:\Program Files (x86)\MiuiTab\ProtectService.exe
(Yuna Software) C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Cinema PlusV09.07) C:\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-1-6.exe
(Cinema PlusV09.07) C:\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-10.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(SearchProtect) C:\Program Files (x86)\MiuiTab\CmdShell.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\CancelAutoPlay.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Akamai Technologies, Inc.) C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Sosso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(ZTE) C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\mcserver.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\dbus-daemon.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\db_daemon.exe
(Cinema PlusV09.07) C:\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-64.exe
(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe
(XTab system) C:\Program Files (x86)\MiuiTab\HPNotify.exe
() C:\Program Files (x86)\Product Deals\updateProductDeals.exe
() C:\Program Files (x86)\Product Deals\bin\utilProductDeals.exe
() C:\Program Files (x86)\Product Deals\bin\ProductDeals.expext.exe
() C:\Program Files (x86)\Product Deals\bin\ProductDeals.BrowserAdapter.exe
() C:\Program Files (x86)\Product Deals\bin\ProductDeals.BrowserAdapter64.exe
() C:\Program Files (x86)\Product Deals\bin\ProductDeals.PurBrowse64.exe
(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Sosso\Downloads\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-07] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-19] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-30] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated)
HKLM\...\Run: [CancelAutoPlay.exe] => C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\CancelAutoPlay.exe [68096 2012-03-30] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-08-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-08-05] (Acer Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MessengerPlusForSkypeService] => C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [125952 2013-01-23] (Yuna Software)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5515496 2015-06-15] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [mbot_se_014010025] => [X]
HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Google Update] => C:\Users\Sosso\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-09-26] (Google Inc.)
HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Facebook Update] => C:\Users\Sosso\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Sony PC Companion] => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Spotify Web Helper] => C:\Users\Sosso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2015-01-26] (Spotify Ltd)
HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [HP Photosmart 6510 series (NET)] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2011-10-28]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MCtlSvc.lnk [2012-05-23]
ShortcutTarget: MCtlSvc.lnk -> C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\mcserver.exe (ZTE)
Startup: C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Övervaka bläckvarningar - HP Photosmart 6510 series (nätverk).lnk [2012-08-12]
ShortcutTarget: Övervaka bläckvarningar - HP Photosmart 6510 series (nätverk).lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-06-15] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-08-07] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-08-07] (Egis Technology Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=ds&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3310348378-2041383425-807149183-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
HKU\S-1-5-21-3310348378-2041383425-807149183-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?type=ds&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?type=ds&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3310348378-2041383425-807149183-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3310348378-2041383425-807149183-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&ts=1436424780&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3310348378-2041383425-807149183-1001 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&ts=1436424780&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3310348378-2041383425-807149183-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3310348378-2041383425-807149183-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&ts=1436424780&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3310348378-2041383425-807149183-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&ts=1436424780&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3310348378-2041383425-807149183-1001 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://www.oursurfing.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&ts=1436424780&type=default&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-06-15] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-06-24] (Thinknice Co. Limited)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-06-15] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
BHO-x32: Product Deals 1.0.0.7 -> {dd01946e-5501-4e11-b279-efdffd4c1487} -> C:\Program Files (x86)\Product Deals\ProductDealsbho.dll [2015-06-29] (Product Deals)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)
Toolbar: HKU\S-1-5-21-3310348378-2041383425-807149183-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)
DPF: HKLM-x32 {19D6A3D5-EA50-4C3B-88F0-79627C325570} http://iloapp.teamsosso.se/gallery/executable/IlosoftMultipleImageUpload.dll
DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2EB15542-5E83-44FF-872F-64395312DE35}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F1D30B37-CAC4-4C71-87B2-2EBCB93A8B31}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default
FF NewTab: hxxp://www.oursurfing.com/newtab/?type=nt&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX
FF DefaultSearchEngine: oursurfing
FF SelectedSearchEngine: oursurfing
FF Homepage: hxxp://www.google.com/
FF NetworkProxy: "no_proxies_on", "*.local"
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-02-11] (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2010-03-26] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-06-21] (RocketLife, LLP)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-09] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-09] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sosso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF user.js: detected! => C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\user.js [2015-07-23]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009-12-22] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml [2009-12-22]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009-12-22]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\oursurfing.xml [2015-07-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml [2009-12-22]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml [2009-12-22]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml [2009-12-22]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml [2009-12-22]
FF Extension: CinemaP-1.9cV09.07 - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\AVJYFVOD75109374@HCDE39471360.com [2015-07-09]
FF Extension: personaschristopherbeard - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\personas@christopher.beard [2015-07-17]
FF Extension: Quick Start - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\quick_start@gmail.com [2014-03-09]
FF Extension: QuickSearch - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\searchffv2@gmail.com [2015-07-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\searchffv2@gmail.com
FF HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
StartMenuInternet: FIREFOX.EXE - firefox.exe
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2010-01-15]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2010-01-15]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2010-01-15]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2010-01-15]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-07-17]

Chrome:
=======
CHR Profile: C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Product Deals) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaogcninhibjjfnjhhljkmdkepfnf [2015-07-23]
CHR Extension: (WOT) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2010-04-21]
CHR Extension: (YouTube) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]
CHR Extension: (Google Cast) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-04-12]
CHR Extension: (McAfee Security Scan+) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-25]
CHR Extension: (Google Search) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]
CHR Extension: (Avast Online Security) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-05]
CHR Extension: (ljmpghknnfhlgcgchochgijlgjpmhhfo) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmpghknnfhlgcgchochgijlgjpmhhfo [2015-07-17]
CHR Extension: (CinemaP-1.9cV09.07) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-07-09]
CHR Extension: (Google Wallet) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-06-15] (Avast Software s.r.o.)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-09] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-09] (globalUpdate) [File not signed] <==== ATTENTION
R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsgPlusService; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [125952 2013-01-23] (Yuna Software) [File not signed]
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2011-08-12] () [File not signed]
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [87344 2009-09-01] (Prolific Technology Inc.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Update Product Deals; C:\Program Files (x86)\Product Deals\updateProductDeals.exe [457464 2015-07-24] ()
R2 Util Product Deals; C:\Program Files (x86)\Product Deals\bin\utilProductDeals.exe [457464 2015-07-24] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF9035BDA; C:\Windows\System32\Drivers\AF9035BDA.sys [488832 2010-03-23] (AfaTech )
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-15] ()
S3 massfilter_lte; C:\Windows\system32\drivers\massfilter_lte.sys [18456 2011-12-20] (HandSet Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 zgdcat; C:\Windows\System32\DRIVERS\zgdcat.sys [130200 2011-12-20] (ZTE Incorporated)
S3 zgdcdiag; C:\Windows\System32\DRIVERS\zgdcdiag.sys [130200 2011-12-20] (ZTE Incorporated)
S3 zgdcmdm; C:\Windows\System32\DRIVERS\zgdcmdm.sys [130200 2011-12-20] (ZTE Incorporated)
S3 zgdcnet; C:\Windows\System32\DRIVERS\zgdcnet.sys [169496 2011-12-20] (ZTE Incorporated)
S3 zgdcnmea; C:\Windows\System32\DRIVERS\zgdcnmea.sys [130200 2011-12-20] (ZTE Incorporated)
R1 {33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64; C:\Windows\System32\drivers\{33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64.sys [48784 2015-07-22] (StdLib)
R1 {4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64; C:\Windows\System32\drivers\{4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64.sys [48784 2015-07-09] (StdLib)
R1 {b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64; C:\Windows\System32\drivers\{b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64.sys [48784 2015-07-19] (StdLib)
R1 {e789ddb0-d21e-4917-9218-742217563d5b}Gw64; C:\Windows\System32\drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys [48784 2015-07-13] (StdLib)
R1 {e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64; C:\Windows\System32\drivers\{e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64.sys [48784 2015-07-08] (StdLib)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-24 15:12 - 2015-07-24 15:12 - 02135552 _____ (Farbar) C:\Users\Sosso\Downloads\FRST64 (1).exe
2015-07-23 14:17 - 2015-07-22 22:55 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64.sys
2015-07-23 14:12 - 2015-07-23 14:12 - 00275336 _____ C:\Windows\Minidump\072315-105940-01.dmp
2015-07-19 21:25 - 2015-07-19 08:03 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64.sys
2015-07-14 22:18 - 2015-07-14 22:18 - 00194161 _____ C:\14-7.txt
2015-07-14 21:48 - 2015-07-14 21:48 - 18009776 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-14 20:51 - 2015-07-14 22:19 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-14 20:50 - 2015-07-14 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-14 20:50 - 2015-07-14 20:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-14 20:50 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-14 20:50 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-13 22:13 - 2015-07-13 04:06 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys
2015-07-09 21:24 - 2015-07-09 11:58 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64.sys
2015-07-09 18:22 - 2015-07-09 18:22 - 00000254 __RSH C:\ProgramData\ntuser.pol
2015-07-09 09:06 - 2015-07-09 09:06 - 00000971 _____ C:\Users\Sosso\Desktop\GUPlayer.lnk
2015-07-09 09:06 - 2015-07-09 09:06 - 00000000 ____D C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer
2015-07-09 09:06 - 2015-07-09 09:06 - 00000000 ____D C:\Program Files (x86)\predm
2015-07-09 09:06 - 2015-07-09 09:06 - 00000000 ____D C:\Program Files (x86)\GUPlayer
2015-07-09 09:05 - 2015-07-09 09:05 - 00002075 _____ C:\Users\Sosso\Desktop\Continue Mybest Offerstoday Uninstaller.lnk
2015-07-09 09:05 - 2015-07-08 21:53 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64.sys
2015-07-09 09:02 - 2015-07-24 14:29 - 00000000 ____D C:\Program Files (x86)\Product Deals
2015-07-09 09:00 - 2015-07-24 15:00 - 00002440 _____ C:\Windows\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-5_user.job
2015-07-09 08:59 - 2015-07-24 14:59 - 00003132 _____ C:\Windows\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-1-7.job
2015-07-09 08:59 - 2015-07-24 14:59 - 00003132 _____ C:\Windows\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-1-6.job
2015-07-09 08:59 - 2015-07-24 14:59 - 00002440 _____ C:\Windows\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-5.job
2015-07-09 08:59 - 2015-07-09 09:00 - 00005470 _____ C:\Windows\System32\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-5
2015-07-09 08:59 - 2015-07-09 08:59 - 00006162 _____ C:\Windows\System32\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-1-7
2015-07-09 08:59 - 2015-07-09 08:59 - 00006160 _____ C:\Windows\System32\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-1-6
2015-07-09 08:58 - 2015-07-24 15:03 - 00000974 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-07-09 08:58 - 2015-07-24 14:58 - 00004152 _____ C:\Windows\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-4.job
2015-07-09 08:58 - 2015-07-09 08:58 - 00008540 _____ C:\Windows\System32\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-6
2015-07-09 08:58 - 2015-07-09 08:58 - 00007182 _____ C:\Windows\System32\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-4
2015-07-09 08:58 - 2015-07-09 08:58 - 00003972 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-07-09 08:57 - 2015-07-24 14:58 - 00005512 _____ C:\Windows\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-6.job
2015-07-09 08:57 - 2015-07-24 14:57 - 00005512 _____ C:\Windows\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-7.job
2015-07-09 08:57 - 2015-07-24 09:02 - 00000970 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-07-09 08:57 - 2015-07-09 08:58 - 00008542 _____ C:\Windows\System32\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-7
2015-07-09 08:57 - 2015-07-09 08:58 - 00000000 ____D C:\Program Files (x86)\4b08656f-7a70-4884-822a-7ab7465c019b
2015-07-09 08:57 - 2015-07-09 08:57 - 00003718 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-07-09 08:56 - 2015-07-24 15:02 - 00004152 _____ C:\Windows\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-3.job
2015-07-09 08:56 - 2015-07-24 14:56 - 00002106 _____ C:\Windows\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-10_user.job
2015-07-09 08:56 - 2015-07-23 17:47 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-09 08:56 - 2015-07-09 09:00 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV09.07
2015-07-09 08:56 - 2015-07-09 08:57 - 00007182 _____ C:\Windows\System32\Tasks\336b6588-d689-4286-a3f1-4774b0f309f8-3
2015-07-09 08:56 - 2015-07-09 08:56 - 00000000 ____D C:\Users\Sosso\AppData\Local\globalUpdate
2015-07-09 08:56 - 2015-07-09 08:56 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-07-09 08:53 - 2015-07-09 08:53 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-07-09 08:52 - 2015-07-09 08:53 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-09 08:52 - 2015-07-09 08:52 - 00000000 _____ C:\Windows\prleth.sys
2015-07-09 08:52 - 2015-07-09 08:52 - 00000000 _____ C:\Windows\hgfs.sys
2015-07-09 08:50 - 2015-07-09 08:50 - 01513936 _____ C:\Users\Sosso\Downloads\Cars.2006.SE.Fi.PAL.DVDR+APOCALYPSE_10924_i30387306_il345.exe.zip
2015-06-25 16:48 - 2015-06-25 16:48 - 00000000 ____D C:\Users\Sosso\AppData\Local\GWX
2015-06-24 16:10 - 2015-06-24 16:10 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
2015-06-24 16:10 - 2015-06-24 16:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-24 16:10 - 2015-06-24 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-24 15:45 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-06-24 15:45 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-24 15:13 - 2014-03-10 01:01 - 00034295 _____ C:\Users\Sosso\Downloads\FRST.txt
2015-07-24 15:13 - 2014-03-10 01:01 - 00000000 ____D C:\FRST
2015-07-24 14:52 - 2012-08-12 02:27 - 00000338 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-07-24 14:46 - 2013-08-29 21:42 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-24 14:44 - 2010-02-20 18:51 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-24 14:44 - 2010-02-03 12:48 - 00001004 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA.job
2015-07-24 14:30 - 2012-02-16 18:19 - 00000976 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA.job
2015-07-24 13:28 - 2009-07-14 04:34 - 00000612 _____ C:\Windows\win.ini
2015-07-24 12:44 - 2010-02-03 12:48 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core.job
2015-07-24 10:22 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-24 10:22 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-24 03:05 - 2009-09-29 13:49 - 01480338 _____ C:\Windows\WindowsUpdate.log
2015-07-23 23:30 - 2012-02-16 18:19 - 00000954 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core.job
2015-07-23 18:10 - 2010-01-11 22:42 - 07569920 ___SH C:\Users\Sosso\Downloads\Thumbs.db
2015-07-23 14:16 - 2010-06-21 14:44 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2015-07-23 14:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-23 14:12 - 2011-07-23 21:51 - 00000000 ____D C:\Windows\Minidump
2015-07-23 14:12 - 2009-07-14 06:51 - 00279521 _____ C:\Windows\setupact.log
2015-07-23 11:57 - 2012-07-10 00:20 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-23 11:56 - 2009-09-29 14:45 - 00664068 _____ C:\Windows\system32\perfh01D.dat
2015-07-23 11:56 - 2009-09-29 14:45 - 00142836 _____ C:\Windows\system32\perfc01D.dat
2015-07-23 11:56 - 2009-07-14 07:13 - 01580554 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-18 07:09 - 2015-04-05 22:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-18 07:09 - 2015-04-05 22:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-18 07:09 - 2015-02-15 14:38 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-18 07:09 - 2014-05-17 10:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-18 07:09 - 2009-12-12 01:53 - 00000000 ____D C:\Users\Langen
2015-07-18 07:09 - 2009-12-11 01:49 - 00000000 ____D C:\Users\Sosso
2015-07-18 07:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-18 07:09 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-18 07:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-07-17 21:12 - 2010-01-15 16:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-17 20:27 - 2013-08-20 18:11 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 16:06 - 2014-02-21 00:52 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 16:04 - 2014-12-25 21:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-16 12:39 - 2010-02-20 18:51 - 00003990 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 12:39 - 2010-02-20 18:51 - 00003738 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 12:39 - 2010-02-20 18:51 - 00000990 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-16 12:39 - 2010-02-03 12:48 - 00003974 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA
2015-07-16 12:39 - 2010-02-03 12:48 - 00003578 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core
2015-07-14 21:49 - 2013-08-29 21:42 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-14 21:49 - 2013-05-03 15:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 21:49 - 2011-06-06 20:17 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\Users\Sosso\AppData\Roaming\Malwarebytes
2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-07-13 22:06 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-13 20:54 - 2009-12-11 01:50 - 00001421 _____ C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-09 18:21 - 2009-08-22 10:34 - 01291064 _____ C:\Windows\PFRO.log
2015-07-09 10:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-07-09 09:08 - 2009-12-13 13:33 - 00000000 ____D C:\Users\Sosso\AppData\Roaming\uTorrent
2015-07-09 09:03 - 2009-08-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2015-07-09 09:03 - 2009-08-22 10:43 - 00000000 ____D C:\Program Files (x86)\Acer GameZone
2015-07-09 09:03 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-09 08:58 - 2009-09-29 13:56 - 00000000 ____D C:\Program Files (x86)\Acer Arcade Deluxe
2015-07-09 08:53 - 2009-12-10 20:16 - 00000000 ____D C:\Users\Sosso\AppData\Local\Google
2015-07-06 20:05 - 2011-01-15 17:16 - 00001456 _____ C:\Users\Sosso\AppData\Local\Adobe Spara för webben 12.0 Prefs
2015-06-26 17:39 - 2011-02-09 20:03 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-26 01:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-25 05:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-24 19:00 - 2009-07-14 06:45 - 05180736 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-24 18:56 - 2009-08-22 08:06 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-24 18:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-06-24 18:51 - 2012-05-14 22:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-24 16:24 - 2014-03-14 01:23 - 01556124 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-24 16:14 - 2009-08-22 10:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-24 16:10 - 2013-01-24 19:36 - 00000000 ____D C:\ProgramData\Skype
2015-06-24 15:43 - 2012-05-14 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-24 15:42 - 2012-05-14 22:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-24 15:36 - 2015-06-12 20:32 - 00014750 _____ C:\Users\Sosso\Documents\Beställning v.25.ods

==================== Files in the root of some directories =======

2009-08-22 10:43 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2011-09-28 22:04 - 2011-10-16 23:42 - 0000132 _____ () C:\Users\Sosso\AppData\Roaming\CS5-inställningar för PNG-format i Adobe
2010-02-06 23:02 - 2011-12-15 20:42 - 0000143 _____ () C:\Users\Sosso\AppData\Roaming\default.rss
2009-12-19 18:38 - 2015-01-06 18:01 - 0002704 _____ () C:\Users\Sosso\AppData\Roaming\wklnhst.dat
2011-01-15 17:16 - 2015-07-06 20:05 - 0001456 _____ () C:\Users\Sosso\AppData\Local\Adobe Spara för webben 12.0 Prefs
2010-08-04 22:47 - 2010-08-04 22:47 - 0007602 _____ () C:\Users\Sosso\AppData\Local\Resmon.ResmonCfg
2012-08-12 01:39 - 2012-08-12 01:39 - 0000057 _____ () C:\ProgramData\Ament.ini
2009-09-29 13:56 - 2009-09-29 14:00 - 0007830 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-08-22 10:44 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2010-03-23 20:48 - 2010-03-23 21:02 - 0000453 _____ () C:\ProgramData\LmeUSB.log
2010-03-23 20:48 - 2010-03-23 21:02 - 0000456 _____ () C:\ProgramData\LSDmbTH.log

Some files in TEMP:
====================
C:\Users\Langen\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Langen\AppData\Local\Temp\Update_8eff.exe
C:\Users\Sosso\AppData\Local\Temp\3358.exe
C:\Users\Sosso\AppData\Local\Temp\9498.exe
C:\Users\Sosso\AppData\Local\Temp\Cars.2006.SE.Fi.PAL.DVDR APOCALYPSE__10924_i1552997636_il777998.exe
C:\Users\Sosso\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Sosso\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\Sosso\AppData\Local\Temp\Quarantine.exe
C:\Users\Sosso\AppData\Local\Temp\ResetDevice.exe
C:\Users\Sosso\AppData\Local\Temp\Update_3703.exe
C:\Users\Sosso\AppData\Local\Temp\uttD852.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-23 13:35

==================== End of log ============================
Länk till kommentar
Dela på andra webbplatser

hittar inte den andra fien, bara gamla datum....? gjort en sökning efter den åxå..

Länk till kommentar
Dela på andra webbplatser

Eftersom FRST-programmet ligger i mappen "Hämtade filer", ser det ut som, så finns nog Addition.txt i den mappen också. Men jag behöver inte se den just nu.

 

Klistra inte in loggar inom Kod-taggar eller något annat utan direkt i inlägget, nu blev det rätt besvärligt att läsa loggen.

 

 

Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på knappen Log file.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[R0].txt

Länk till kommentar
Dela på andra webbplatser

ok, ber om ursäkt, vet bara tt tidigare ville ni att man skulle göra typ så.. ska försöka fixa vidare nu...

Länk till kommentar
Dela på andra webbplatser

Har nu sökt en gång till på namnet addition, i hela datorn, den finns inte, det finns 2 gamla dock, från 2014.. 

# AdwCleaner v4.208 - Logfile created 25/07/2015 at 17:04:37
# Updated 09/07/2015 by Xplode
# Database : 2015-07-15.1 [server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Sosso - LAPTOPSOFIA
# Running from : C:\Users\Sosso\Desktop\adwcleaner_4.208.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : globalUpdate
Service Found : globalUpdatem
Service Found : IHProtect Service
Service Found : Util Product Deals
Service Found : Update Product Deals
Service Found : Update Product Deals
Service Found : Util Product Deals
Service Found : {33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64
Service Found : {4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64
Service Found : {b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64
Service Found : {e789ddb0-d21e-4917-9218-742217563d5b}Gw64
Service Found : {e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64
 
***** [ Files / Folders ] *****
 
File Found : C:\Program Files (x86)\Mozilla Firefox\browser\defaults\preferences\prefs.js
File Found : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox.js
File Found : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox-branding.js
File Found : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox-l10n.js
File Found : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\reporter.js
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\oursurfing.xml
File Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage
File Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal
File Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
File Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
File Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage
File Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage-journal
File Found : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\user.js
File Found : C:\Users\Sosso\Desktop\Continue Mybest Offerstoday Uninstaller.lnk
File Found : C:\Windows\System32\drivers\{33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64.sys
File Found : C:\Windows\System32\drivers\{4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64.sys
File Found : C:\Windows\System32\drivers\{b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64.sys
File Found : C:\Windows\System32\drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys
File Found : C:\Windows\System32\drivers\{e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64.sys
File Found : C:\Windows\SysWOW64\SafeAppLM.ocx
Folder Found : C:\Program Files (x86)\CinemaP-1.9cV09.07
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\GUPlayer
Folder Found : C:\Program Files (x86)\miuitab
Folder Found : C:\Program Files (x86)\predm
Folder Found : C:\Program Files (x86)\Product Deals
Folder Found : C:\Program Files (x86)\yuna software
Folder Found : C:\ProgramData\IHProtectUpDate
Folder Found : C:\Users\Sosso\AppData\Local\globalUpdate
Folder Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Folder Found : C:\Users\Sosso\AppData\Local\Temp\Product Deals
Folder Found : C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer
Folder Found : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\AVJYFVOD75109374@HCDE39471360.com
Folder Found : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\quick_start@gmail.com
Folder Found : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\searchffv2@gmail.com
Folder Found : C:\Users\Sosso\Documents\hosts
 
***** [ Scheduled tasks ] *****
 
Task Found : globalUpdateUpdateTaskMachineCore
Task Found : globalUpdateUpdateTaskMachineUA
Task Found : amiupdaterExd
Task Found : amiupdaterExi
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-1-6
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-1-7
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-10_user
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-3
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-4
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-5
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-5_user
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-6
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-7
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-1-6
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-1-7
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-10_user
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-3
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-4
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-5
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-5_user
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-6
Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-7
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Data Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\Appscion
Key Found : HKCU\Software\ArenaHD
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\CinemaP-1.9cV09.07
Key Found : HKCU\Software\CinemaP-1.9cV09.07-nv
Key Found : HKCU\Software\CinemaP-1.9cV09.07-nv-ie
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\HighDefAction
Key Found : HKCU\Software\HomeTab
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\Kromtech
Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GUPlayer
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Found : HKCU\Software\Mozilla\Extends
Key Found : HKCU\Software\MyBestOffersToday
Key Found : HKCU\Software\PacFunction
Key Found : HKCU\Software\Product Deals
Key Found : HKCU\Software\SearchProtectWS
Key Found : HKCU\Software\simplytech
Key Found : HKCU\Software\Simplytech\HomeTab
Key Found : HKCU\Software\TNT2
Key Found : HKCU\Software\TutoTag
Key Found : HKCU\Software\WajIEnhance
Key Found : HKCU\Software\WajIntEnhance
Key Found : HKCU\Software\YorkNewCin
Key Found : HKCU\Software\yuna software
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Appscion
Key Found : [x64] HKCU\Software\ArenaHD
Key Found : [x64] HKCU\Software\AskPartnerNetwork
Key Found : [x64] HKCU\Software\CinemaP-1.9cV09.07
Key Found : [x64] HKCU\Software\CinemaP-1.9cV09.07-nv
Key Found : [x64] HKCU\Software\CinemaP-1.9cV09.07-nv-ie
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\HighDefAction
Key Found : [x64] HKCU\Software\HomeTab
Key Found : [x64] HKCU\Software\InstalledBrowserExtensions
Key Found : [x64] HKCU\Software\Kromtech
Key Found : [x64] HKCU\Software\Linkey
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Found : [x64] HKCU\Software\MyBestOffersToday
Key Found : [x64] HKCU\Software\PacFunction
Key Found : [x64] HKCU\Software\Product Deals
Key Found : [x64] HKCU\Software\SearchProtectWS
Key Found : [x64] HKCU\Software\simplytech
Key Found : [x64] HKCU\Software\Simplytech\HomeTab
Key Found : [x64] HKCU\Software\TNT2
Key Found : [x64] HKCU\Software\TutoTag
Key Found : [x64] HKCU\Software\WajIEnhance
Key Found : [x64] HKCU\Software\WajIntEnhance
Key Found : [x64] HKCU\Software\YorkNewCin
Key Found : [x64] HKCU\Software\yuna software
Key Found : HKLM\SOFTWARE\2247b45d-19c3-49cf-96bf-ed8aff6a808e
Key Found : HKLM\SOFTWARE\290f1cc5-c7ea-46b7-9f1b-da1976813a1e
Key Found : HKLM\SOFTWARE\AIM Toolbar
Key Found : HKLM\SOFTWARE\ArenaHD
Key Found : HKLM\SOFTWARE\AskPartnerNetwork
Key Found : HKLM\SOFTWARE\CinemaP-1.9cV09.07
Key Found : HKLM\SOFTWARE\CinemaP-1.9cV09.07-nv
Key Found : HKLM\SOFTWARE\CinemaP-1.9cV09.07-nv-ie
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD01946E-5501-4E11-B279-EFDFFD4C1487}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{dd01946e-5501-4e11-b279-efdffd4c1487}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{69a859ac-025d-4178-bfd3-e7bf178c3a10}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Found : HKLM\SOFTWARE\HighDefAction
Key Found : HKLM\SOFTWARE\IHProtect
Key Found : HKLM\SOFTWARE\Iminent
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd01946e-5501-4e11-b279-efdffd4c1487}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD01946E-5501-4E11-B279-EFDFFD4C1487}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV09.07
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Found : HKLM\SOFTWARE\oursurfingSoftware
Key Found : HKLM\SOFTWARE\PacFunction
Key Found : HKLM\SOFTWARE\Product Deals
Key Found : HKLM\SOFTWARE\SearchProtect
Key Found : HKLM\SOFTWARE\searchult
Key Found : HKLM\SOFTWARE\SpeedBit
Key Found : HKLM\SOFTWARE\Tutorials
Key Found : HKLM\SOFTWARE\WajIntEnhance
Key Found : HKLM\SOFTWARE\YorkNewCin
Key Found : HKLM\SOFTWARE\yuna software
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService
Key Found : HKLM\System\CurrentControlSet\Services\Eventlog\Application\registry helper service
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Product Deals
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Product Deals
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Key Found : [x64] HKLM\SOFTWARE\ArenaHD
Key Found : [x64] HKLM\SOFTWARE\CinemaP-1.9cV09.07-nv
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : [x64] HKLM\SOFTWARE\HighDefAction
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Product Deals
Key Found : [x64] HKLM\SOFTWARE\YorkNewCin
Key Found : HKU\.DEFAULT\Software\BABSOLUTION
Key Found : HKU\.DEFAULT\Software\CinemaP-1.9cV09.07-nv
Key Found : HKU\.DEFAULT\Software\CinemaP-1.9cV09.07-nv-ie
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com]
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17840
 
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [search Page] - hxxp://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.oursurfing.com/web/?type=ds&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] - hxxp://www.oursurfing.com/web/?type=ds&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
 
-\\ Mozilla Firefox v3.5.7 (sv-SE)
 
[ob96lpwm.default] - Line Found : user_pref("browser.newtab.url", "hxxp://www.oursurfing.com/newtab/?type=nt&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX");
[ob96lpwm.default] - Line Found : user_pref("browser.search.defaultenginename", "oursurfing");
[ob96lpwm.default] - Line Found : user_pref("browser.search.selectedEngine", "oursurfing");
[ob96lpwm.default] - Line Found : user_pref("extensions.enabledAddons", "searchffv2%40gmail.com:0.0.4,quick_start%40gmail.com:3.1.4");
 
-\\ Google Chrome v
 
[C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=110824&tt=4812_3&babsrc=SP_ss&mntrId=a43664880000000000000617c4bca52f
[C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.awesomehp.com/web/?type=ds&ts=1394364637&from=ild&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
[C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.hemfoder.se/sok/doSearch?search_input={searchTerms}&search_input_defaulttext=S%C3%B6k+produkt&action_results=S%C3%B6k
[C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
[C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [7939 bytes] - [10/03/2014 00:54:55]
AdwCleaner[R1].txt - [7922 bytes] - [10/03/2014 19:51:50]
AdwCleaner[R2].txt - [23408 bytes] - [25/07/2015 17:01:24]
AdwCleaner[R3].txt - [23077 bytes] - [25/07/2015 17:04:37]
AdwCleaner[s0].txt - [7249 bytes] - [10/03/2014 19:53:12]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [23196 bytes] ##########
Länk till kommentar
Dela på andra webbplatser

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.

Klicka på Clean-knappen.
Tryck på OK.
Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s0].txt.

 

 

2. Starta FRST.

Bocka för Addition.txt.

Skanna och klistra in eller bifoga de två loggarna som skapas.

 

 

3. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Välj alternativet Enable detection of potentially unwanted applications.

Klicka på Advanced Settings.
Ta bort bocken framför Remove found threats.
Bocka för:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Länk till kommentar
Dela på andra webbplatser

# AdwCleaner v4.208 - Logfile created 25/07/2015 at 17:44:48

# Updated 09/07/2015 by Xplode

# Database : 2015-07-15.1 [server]

# Operating system : Windows 7 Home Premium Service Pack 1 (x64)

# Username : Sosso - LAPTOPSOFIA

# Running from : C:\Users\Sosso\Desktop\adwcleaner_4.208.exe

# Option : Cleaning

 

***** [ Services ] *****

 

[#] Service Deleted : globalUpdate

[#] Service Deleted : globalUpdatem

[#] Service Deleted : IHProtect Service

[#] Service Deleted : Util Product Deals

[#] Service Deleted : Update Product Deals

Service Deleted : {33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64

Service Deleted : {4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64

Service Deleted : {b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64

Service Deleted : {e789ddb0-d21e-4917-9218-742217563d5b}Gw64

Service Deleted : {e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\IHProtectUpDate

Folder Deleted : C:\Program Files (x86)\globalUpdate

Folder Deleted : C:\Program Files (x86)\predm

Folder Deleted : C:\Program Files (x86)\yuna software

Folder Deleted : C:\Program Files (x86)\GUPlayer

Folder Deleted : C:\Program Files (x86)\miuitab

Folder Deleted : C:\Program Files (x86)\Product Deals

Folder Deleted : C:\Program Files (x86)\CinemaP-1.9cV09.07

Folder Deleted : C:\Users\Sosso\AppData\Local\Temp\Product Deals

Folder Deleted : C:\Users\Sosso\AppData\Local\globalUpdate

Folder Deleted : C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer

[!] Folder Deleted : C:\Users\Sosso\Documents\hosts

Folder Deleted : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\quick_start@gmail.com

Folder Deleted : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\searchffv2@gmail.com

Folder Deleted : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\AVJYFVOD75109374@HCDE39471360.com

Folder Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh

File Deleted : C:\Windows\SysWOW64\SafeAppLM.ocx

File Deleted : C:\Windows\System32\drivers\{33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64.sys

File Deleted : C:\Windows\System32\drivers\{4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64.sys

File Deleted : C:\Windows\System32\drivers\{b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64.sys

File Deleted : C:\Windows\System32\drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys

File Deleted : C:\Windows\System32\drivers\{e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64.sys

File Deleted : C:\Users\Sosso\Desktop\Continue Mybest Offerstoday Uninstaller.lnk

File Deleted : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\user.js

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\oursurfing.xml

File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\defaults\preferences\prefs.js

File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox-branding.js

File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox-l10n.js

File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox.js

File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\reporter.js

File Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage

File Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage-journal

File Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage

File Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal

File Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage

File Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal

 

***** [ Scheduled tasks ] *****

 

Task Deleted : globalUpdateUpdateTaskMachineCore

Task Deleted : globalUpdateUpdateTaskMachineUA

Task Deleted : amiupdaterExd

Task Deleted : amiupdaterExi

Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-1-6

Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-1-7

Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-10_user

Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-3

Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-4

Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-5

Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-5_user

Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-6

Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-7

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc

Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm

Key Deleted : HKCU\Software\Mozilla\Extends

Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe

Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\registry helper service

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Product Deals

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Product Deals

Key Deleted : HKLM\SOFTWARE\2247b45d-19c3-49cf-96bf-ed8aff6a808e

Key Deleted : HKLM\SOFTWARE\290f1cc5-c7ea-46b7-9f1b-da1976813a1e

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD01946E-5501-4E11-B279-EFDFFD4C1487}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{69a859ac-025d-4178-bfd3-e7bf178c3a10}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD01946E-5501-4E11-B279-EFDFFD4C1487}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : HKCU\Software\APN PIP

Key Deleted : HKCU\Software\AskPartnerNetwork

Key Deleted : HKCU\Software\GlobalUpdate

Key Deleted : HKCU\Software\HomeTab

Key Deleted : HKCU\Software\InstalledBrowserExtensions

Key Deleted : HKCU\Software\MyBestOffersToday

Key Deleted : HKCU\Software\simplytech

Key Deleted : HKCU\Software\TutoTag

Key Deleted : HKCU\Software\yuna software

Key Deleted : HKCU\Software\PacFunction

Key Deleted : HKCU\Software\WajIEnhance

Key Deleted : HKCU\Software\TNT2

Key Deleted : HKCU\Software\WajIntEnhance

Key Deleted : HKCU\Software\SearchProtectWS

Key Deleted : HKCU\Software\Appscion

Key Deleted : HKCU\Software\Linkey

Key Deleted : HKCU\Software\YorkNewCin

Key Deleted : HKCU\Software\HighDefAction

Key Deleted : HKCU\Software\ArenaHD

Key Deleted : HKCU\Software\Kromtech

Key Deleted : HKCU\Software\Product Deals

Key Deleted : HKCU\Software\CinemaP-1.9cV09.07

Key Deleted : HKCU\Software\CinemaP-1.9cV09.07-nv

Key Deleted : HKCU\Software\CinemaP-1.9cV09.07-nv-ie

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider

Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\GlobalUpdate

Key Deleted : HKLM\SOFTWARE\Iminent

Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions

Key Deleted : HKLM\SOFTWARE\SearchProtect

Key Deleted : HKLM\SOFTWARE\Tutorials

Key Deleted : HKLM\SOFTWARE\yuna software

Key Deleted : HKLM\SOFTWARE\PacFunction

Key Deleted : HKLM\SOFTWARE\IHProtect

Key Deleted : HKLM\SOFTWARE\WajIntEnhance

Key Deleted : HKLM\SOFTWARE\SpeedBit

Key Deleted : HKLM\SOFTWARE\AIM Toolbar

Key Deleted : HKLM\SOFTWARE\YorkNewCin

Key Deleted : HKLM\SOFTWARE\HighDefAction

Key Deleted : HKLM\SOFTWARE\oursurfingSoftware

Key Deleted : HKLM\SOFTWARE\ArenaHD

Key Deleted : HKLM\SOFTWARE\searchult

Key Deleted : HKLM\SOFTWARE\Product Deals

Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV09.07

Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV09.07-nv

Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV09.07-nv-ie

Key Deleted : HKU\.DEFAULT\Software\BABSOLUTION

Key Deleted : HKU\.DEFAULT\Software\CinemaP-1.9cV09.07-nv

Key Deleted : HKU\.DEFAULT\Software\CinemaP-1.9cV09.07-nv-ie

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GUPlayer

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV09.07

Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin

Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction

Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD

Key Deleted : [x64] HKLM\SOFTWARE\CinemaP-1.9cV09.07-nv

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Product Deals

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe

Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

 

***** [ Web browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17840

 

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Page]

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]

 

-\\ Mozilla Firefox v3.5.7 (sv-SE)

 

[ob96lpwm.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://www.oursurfing.com/newtab/?type=nt&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX");

[ob96lpwm.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "oursurfing");

[ob96lpwm.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "oursurfing");

[ob96lpwm.default\prefs.js] - Line Deleted : user_pref("extensions.enabledAddons", "searchffv2%40gmail.com:0.0.4,quick_start%40gmail.com:3.1.4");

 

-\\ Google Chrome v

 

[C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=110824&tt=4812_3&babsrc=SP_ss&mntrId=a43664880000000000000617c4bca52f

[C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.awesomehp.com/web/?type=ds&ts=1394364637&from=ild&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}

[C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.hemfoder.se/sok/doSearch?search_input={searchTerms}&search_input_defaulttext=S%C3%B6k+produkt&action_results=S%C3%B6k

[C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}

[C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms}

 

*************************

 

AdwCleaner[R0].txt - [7939 bytes] - [10/03/2014 00:54:55]

AdwCleaner[R1].txt - [7922 bytes] - [10/03/2014 19:51:50]

AdwCleaner[R2].txt - [23408 bytes] - [25/07/2015 17:01:24]

AdwCleaner[R3].txt - [23468 bytes] - [25/07/2015 17:04:37]

AdwCleaner[R4].txt - [23528 bytes] - [25/07/2015 17:42:30]

AdwCleaner[s0].txt - [7249 bytes] - [10/03/2014 19:53:12]

AdwCleaner[s1].txt - [20214 bytes] - [25/07/2015 17:44:48]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [20274  bytes] ##########
Länk till kommentar
Dela på andra webbplatser

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015

Ran by Sosso (administrator) on LAPTOPSOFIA (25-07-2015 17:59:21)

Running from C:\Users\Sosso\Downloads

Loaded Profiles: Sosso (Available Profiles: Sosso & Langen)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Svenska (Sverige)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe

(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe

(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Windows\System32\alg.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

() C:\Windows\PLFSetI.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

() C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\CancelAutoPlay.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Akamai Technologies, Inc.) C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe

(Akamai Technologies, Inc.) C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe

(Spotify Ltd) C:\Users\Sosso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

(ZTE) C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\mcserver.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

() C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\dbus-daemon.exe

(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastUI.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

() C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\db_daemon.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-07] (Egis Technology Inc.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-19] (Synaptics Incorporated)

HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-30] ()

HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated)

HKLM\...\Run: [CancelAutoPlay.exe] => C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\CancelAutoPlay.exe [68096 2012-03-30] ()

HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)

HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)

HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-08-01] (CyberLink Corp.)

HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-08-05] (Acer Corp.)

HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [MessengerPlusForSkypeService] => "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5515496 2015-06-15] (Avast Software s.r.o.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [mbot_se_014010025] => [X]

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Google Update] => C:\Users\Sosso\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-09-26] (Google Inc.)

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Facebook Update] => C:\Users\Sosso\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [sony PC Companion] => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [spotify Web Helper] => C:\Users\Sosso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2015-01-26] (Spotify Ltd)

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [HP Photosmart 6510 series (NET)] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)

HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2011-10-28]

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MCtlSvc.lnk [2012-05-23]

ShortcutTarget: MCtlSvc.lnk -> C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\mcserver.exe (ZTE)

Startup: C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Övervaka bläckvarningar - .lnk [2012-08-12]

ShortcutTarget: Övervaka bläckvarningar - .lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Övervaka bläckvarningar - HP Photosmart 6510 series (nätverk).lnk [2015-07-25]

ShortcutTarget: Övervaka bläckvarningar - HP Photosmart 6510 series (nätverk).lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-06-15] (Avast Software s.r.o.)

ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-08-07] (Egis Technology Inc.)

ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-08-07] (Egis Technology Inc.)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 


SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 

SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-06-15] (Avast Software s.r.o.)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)

BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-06-15] (Avast Software s.r.o.)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File

Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)

Toolbar: HKU\S-1-5-21-3310348378-2041383425-807149183-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)

DPF: HKLM-x32 {19D6A3D5-EA50-4C3B-88F0-79627C325570} http://iloapp.teamsosso.se/gallery/executable/IlosoftMultipleImageUpload.dll


Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{2EB15542-5E83-44FF-872F-64395312DE35}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{F1D30B37-CAC4-4C71-87B2-2EBCB93A8B31}: [DhcpNameServer] 192.168.1.1

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

 

FireFox:

========

FF ProfilePath: C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default

FF Homepage: hxxp://www.google.com/

FF NetworkProxy: "no_proxies_on", "*.local"

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-02-11] (Finansiell ID-Teknik BID AB)

FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2010-03-26] (GARMIN Corp.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-06-21] (RocketLife, LLP)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sosso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009-12-22] (mozilla.org)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml [2009-12-22]

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009-12-22]

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml [2009-12-22]

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml [2009-12-22]

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml [2009-12-22]

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml [2009-12-22]

FF Extension: personaschristopherbeard - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\personas@christopher.beard [2015-07-17]

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]

FF HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\quick_start@gmail.com [not found]

FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\searchffv2@gmail.com [not found]

FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\AVJYFVOD75109374@HCDE39471360.com [not found]

StartMenuInternet: FIREFOX.EXE - firefox.exe

 

Chrome: 

=======

CHR Profile: C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (WOT) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2010-04-21]

CHR Extension: (YouTube) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]

CHR Extension: (Google Cast) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-04-12]

CHR Extension: (Google Search) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]

CHR Extension: (Avast Online Security) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-05]

CHR Extension: (ljmpghknnfhlgcgchochgijlgjpmhhfo) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmpghknnfhlgcgchochgijlgjpmhhfo [2015-07-17]

CHR Extension: (CinemaP-1.9cV09.07) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-07-09]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]

CHR Extension: (Gmail) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

StartMenuInternet: Google Chrome - Chrome.exe

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-06-15] (Avast Software s.r.o.)

S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)

R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2011-08-12] () [File not signed]

R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [87344 2009-09-01] (Prolific Technology Inc.)

S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

S2 MsgPlusService; "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AF9035BDA; C:\Windows\System32\Drivers\AF9035BDA.sys [488832 2010-03-23] (AfaTech                  )

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-15] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-15] (Avast Software s.r.o.)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-15] (Avast Software s.r.o.)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-15] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-15] (Avast Software s.r.o.)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-15] (Avast Software s.r.o.)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-15] ()

S3 massfilter_lte; C:\Windows\system32\drivers\massfilter_lte.sys [18456 2011-12-20] (HandSet Incorporated)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)

S3 zgdcat; C:\Windows\System32\DRIVERS\zgdcat.sys [130200 2011-12-20] (ZTE Incorporated)

S3 zgdcdiag; C:\Windows\System32\DRIVERS\zgdcdiag.sys [130200 2011-12-20] (ZTE Incorporated)

S3 zgdcmdm; C:\Windows\System32\DRIVERS\zgdcmdm.sys [130200 2011-12-20] (ZTE Incorporated)

S3 zgdcnet; C:\Windows\System32\DRIVERS\zgdcnet.sys [169496 2011-12-20] (ZTE Incorporated)

S3 zgdcnmea; C:\Windows\System32\DRIVERS\zgdcnmea.sys [130200 2011-12-20] (ZTE Incorporated)

S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]

S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-07-25 17:59 - 2015-07-25 18:02 - 00026259 _____ C:\Users\Sosso\Downloads\FRST.txt

2015-07-25 17:59 - 2015-07-25 17:59 - 00000000 ____D C:\Users\Sosso\Downloads\FRST-OlderVersion

2015-07-25 17:00 - 2015-07-25 17:00 - 02248704 _____ C:\Users\Sosso\Desktop\adwcleaner_4.208.exe

2015-07-23 14:12 - 2015-07-23 14:12 - 00275336 _____ C:\Windows\Minidump\072315-105940-01.dmp

2015-07-14 22:18 - 2015-07-14 22:18 - 00194161 _____ C:\14-7.txt

2015-07-14 21:48 - 2015-07-14 21:48 - 18009776 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2015-07-14 20:51 - 2015-07-14 22:19 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-07-14 20:50 - 2015-07-14 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-07-14 20:50 - 2015-07-14 20:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-07-14 20:50 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-07-14 20:50 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-07-09 18:22 - 2015-07-09 18:22 - 00000254 __RSH C:\ProgramData\ntuser.pol

2015-07-09 09:06 - 2015-07-09 09:06 - 00000971 _____ C:\Users\Sosso\Desktop\GUPlayer.lnk

2015-07-09 08:57 - 2015-07-09 08:58 - 00000000 ____D C:\Program Files (x86)\4b08656f-7a70-4884-822a-7ab7465c019b

2015-07-09 08:56 - 2015-07-23 17:47 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

2015-07-09 08:52 - 2015-07-09 08:52 - 00000000 _____ C:\Windows\prleth.sys

2015-07-09 08:52 - 2015-07-09 08:52 - 00000000 _____ C:\Windows\hgfs.sys

2015-07-09 08:50 - 2015-07-09 08:50 - 01513936 _____ C:\Users\Sosso\Downloads\Cars.2006.SE.Fi.PAL.DVDR+APOCALYPSE_10924_i30387306_il345.exe.zip

2015-06-25 16:48 - 2015-06-25 16:48 - 00000000 ____D C:\Users\Sosso\AppData\Local\GWX

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-07-25 17:59 - 2014-03-10 01:01 - 00000000 ____D C:\FRST

2015-07-25 17:59 - 2014-03-10 01:00 - 02146816 _____ (Farbar) C:\Users\Sosso\Downloads\FRST64.exe

2015-07-25 17:58 - 2010-01-11 22:42 - 07569920 ___SH C:\Users\Sosso\Downloads\Thumbs.db

2015-07-25 17:56 - 2009-09-29 13:49 - 01549797 _____ C:\Windows\WindowsUpdate.log

2015-07-25 17:54 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-07-25 17:54 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-07-25 17:52 - 2012-08-12 02:27 - 00000338 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job

2015-07-25 17:52 - 2012-07-10 00:20 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2015-07-25 17:49 - 2010-06-21 14:44 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics

2015-07-25 17:47 - 2009-08-22 10:34 - 01292186 _____ C:\Windows\PFRO.log

2015-07-25 17:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-07-25 17:47 - 2009-07-14 06:51 - 00279577 _____ C:\Windows\setupact.log

2015-07-25 17:46 - 2013-08-29 21:42 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-07-25 17:45 - 2014-03-09 21:55 - 00000000 ____D C:\AdwCleaner

2015-07-25 17:44 - 2010-02-20 18:51 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-07-25 17:44 - 2010-02-03 12:48 - 00001004 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA.job

2015-07-25 17:30 - 2012-02-16 18:19 - 00000976 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA.job

2015-07-25 16:58 - 2009-07-14 04:34 - 00000612 _____ C:\Windows\win.ini

2015-07-25 12:44 - 2010-02-03 12:48 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core.job

2015-07-24 23:30 - 2012-02-16 18:19 - 00000954 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core.job

2015-07-23 14:12 - 2011-07-23 21:51 - 00000000 ____D C:\Windows\Minidump

2015-07-23 11:56 - 2009-09-29 14:45 - 00664068 _____ C:\Windows\system32\perfh01D.dat

2015-07-23 11:56 - 2009-09-29 14:45 - 00142836 _____ C:\Windows\system32\perfc01D.dat

2015-07-23 11:56 - 2009-07-14 07:13 - 01580554 _____ C:\Windows\system32\PerfStringBackup.INI

2015-07-18 07:09 - 2015-04-05 22:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-07-18 07:09 - 2015-04-05 22:38 - 00000000 ___SD C:\Windows\system32\GWX

2015-07-18 07:09 - 2015-02-15 14:38 - 00000000 ____D C:\Windows\system32\appraiser

2015-07-18 07:09 - 2014-05-17 10:06 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-07-18 07:09 - 2009-12-12 01:53 - 00000000 ____D C:\Users\Langen

2015-07-18 07:09 - 2009-12-11 01:49 - 00000000 ____D C:\Users\Sosso

2015-07-18 07:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-07-18 07:09 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2015-07-18 07:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration

2015-07-17 21:12 - 2010-01-15 16:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-07-17 20:27 - 2013-08-20 18:11 - 00000000 ____D C:\Windows\system32\MRT

2015-07-16 16:06 - 2014-02-21 00:52 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2015-07-16 16:04 - 2014-12-25 21:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2015-07-16 12:39 - 2010-02-20 18:51 - 00003990 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-07-16 12:39 - 2010-02-20 18:51 - 00003738 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-07-16 12:39 - 2010-02-20 18:51 - 00000990 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-07-16 12:39 - 2010-02-03 12:48 - 00003974 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA

2015-07-16 12:39 - 2010-02-03 12:48 - 00003578 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core

2015-07-14 21:49 - 2013-08-29 21:42 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-07-14 21:49 - 2013-05-03 15:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-07-14 21:49 - 2011-06-06 20:17 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\Users\Sosso\AppData\Roaming\Malwarebytes

2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2015-07-13 22:06 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

2015-07-13 20:54 - 2009-12-11 01:50 - 00001421 _____ C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-07-09 10:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\GroupPolicy

2015-07-09 09:08 - 2009-12-13 13:33 - 00000000 ____D C:\Users\Sosso\AppData\Roaming\uTorrent

2015-07-09 09:03 - 2009-08-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone

2015-07-09 09:03 - 2009-08-22 10:43 - 00000000 ____D C:\Program Files (x86)\Acer GameZone

2015-07-09 09:03 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2015-07-09 08:58 - 2009-09-29 13:56 - 00000000 ____D C:\Program Files (x86)\Acer Arcade Deluxe

2015-07-09 08:53 - 2009-12-10 20:16 - 00000000 ____D C:\Users\Sosso\AppData\Local\Google

2015-07-06 20:05 - 2011-01-15 17:16 - 00001456 _____ C:\Users\Sosso\AppData\Local\Adobe Spara för webben 12.0 Prefs

2015-06-26 17:39 - 2011-02-09 20:03 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys

2015-06-26 01:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

2015-06-25 05:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat

 

==================== Files in the root of some directories =======

 

2009-08-22 10:43 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico

2011-09-28 22:04 - 2011-10-16 23:42 - 0000132 _____ () C:\Users\Sosso\AppData\Roaming\CS5-inställningar för PNG-format i Adobe

2010-02-06 23:02 - 2011-12-15 20:42 - 0000143 _____ () C:\Users\Sosso\AppData\Roaming\default.rss

2009-12-19 18:38 - 2015-01-06 18:01 - 0002704 _____ () C:\Users\Sosso\AppData\Roaming\wklnhst.dat

2011-01-15 17:16 - 2015-07-06 20:05 - 0001456 _____ () C:\Users\Sosso\AppData\Local\Adobe Spara för webben 12.0 Prefs

2010-08-04 22:47 - 2010-08-04 22:47 - 0007602 _____ () C:\Users\Sosso\AppData\Local\Resmon.ResmonCfg

2012-08-12 01:39 - 2012-08-12 01:39 - 0000057 _____ () C:\ProgramData\Ament.ini

2009-09-29 13:56 - 2009-09-29 14:00 - 0007830 _____ () C:\ProgramData\ArcadeDeluxe3.log

2009-08-22 10:44 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe

2010-03-23 20:48 - 2010-03-23 21:02 - 0000453 _____ () C:\ProgramData\LmeUSB.log

2010-03-23 20:48 - 2010-03-23 21:02 - 0000456 _____ () C:\ProgramData\LSDmbTH.log

 

Some files in TEMP:

====================

C:\Users\Langen\AppData\Local\Temp\FlashPlayerUpdate.exe

C:\Users\Langen\AppData\Local\Temp\Update_8eff.exe

C:\Users\Sosso\AppData\Local\Temp\3358.exe

C:\Users\Sosso\AppData\Local\Temp\9498.exe

C:\Users\Sosso\AppData\Local\Temp\Cars.2006.SE.Fi.PAL.DVDR APOCALYPSE__10924_i1552997636_il777998.exe

C:\Users\Sosso\AppData\Local\Temp\DataCard_Setup64.exe

C:\Users\Sosso\AppData\Local\Temp\MsgPlusUninstall.exe

C:\Users\Sosso\AppData\Local\Temp\Quarantine.exe

C:\Users\Sosso\AppData\Local\Temp\ResetDevice.exe

C:\Users\Sosso\AppData\Local\Temp\sqlite3.dll

C:\Users\Sosso\AppData\Local\Temp\Update_3703.exe

C:\Users\Sosso\AppData\Local\Temp\uttD852.tmp.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-07-23 13:35

 

==================== End of log ============================
Länk till kommentar
Dela på andra webbplatser

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-07-2015

Ran by Sosso at 2015-07-25 18:07:02
Running from C:\Users\Sosso\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administratör (S-1-5-21-3310348378-2041383425-807149183-500 - Administrator - Disabled)
Gäst (S-1-5-21-3310348378-2041383425-807149183-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3310348378-2041383425-807149183-1002 - Limited - Enabled)
Langen (S-1-5-21-3310348378-2041383425-807149183-1003 - Administrator - Enabled) => C:\Users\Langen
Sosso (S-1-5-21-3310348378-2041383425-807149183-1001 - Administrator - Enabled) => C:\Users\Sosso
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
"Nero SoundTrax Help (x32 Version: 4.4.32.0 - Nero AG) Hidden
µTorrent (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.6821 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.6821 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.22 - NewTech Infosystems)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3002 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.5.0715 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Color Common Settings (HKLM-x32\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (HKLM-x32\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.3 64-bit (HKLM\...\{CFFF260C-F510-45BB-8F8E-1D4AC1232786}) (Version: 3.3.1 - Adobe)
Adobe Reader XI (11.0.12) - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ATI AVIVO64 Codecs (Version: 10.7.0.40702 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{D10D9994-4337-8067-F5D7-9F8FEC1E4A00}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden
BankID säkerhetsprogram (HKLM-x32\...\{2D6973ED-BBF2-434E-993C-37E05087B8C8}) (Version: 5.1.3.2 - Finansiell ID-Teknik BID AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
ccc-core-static (x32 Version: 2009.0702.1239.20840 - ATI) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
DC++ 0.802 (HKLM-x32\...\DC++) (Version: 0.802 - Jacek Sieka)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
EasyWeather (HKLM-x32\...\{CE1B03BC-3C99-4580-A2AC-A41DB9B83378}) (Version:  - 1.0)
Elevated Installer (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Everio MediaBrowser 3 (HKLM-x32\...\{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}) (Version: 3.00.233 - PIXELA)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware)
Garmin Communicator Plugin (HKLM-x32\...\{C7DD94A8-F775-426C-B56C-8E555A59F9E2}) (Version: 2.9.2 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Friluftskartan Pro v2 - Norra Norrland (HKLM-x32\...\{1C19DF6D-1F26-4F03-9696-471AAAF08906}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM-x32\...\{58FA5D40-E35A-47ED-8AFA-68CCC758559E}) (Version: 6.15.11 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{328019A7-0012-401D-96A2-4CDDD02675A8}) (Version: 2.5.4.0 - Garmin Ltd or its subsidiaries)
Garmin Trip and Waypoint Manager v5 (HKLM-x32\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin VIRB Edit (HKLM-x32\...\{7FE515DE-36C8-4948-9786-496CE891BBFB}) (Version: 2.9.1 - Garmin Ltd or its subsidiaries)
GmapTool 0.5.7a (HKLM-x32\...\{1873789F-59D5-4002-8A2F-60A827B78F98}_is1) (Version:  - AP)
Google Chrome (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Google Chrome) (Version: 44.0.2403.89 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 10.0.13228.1563 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.11352 - HP Photo Creations)
HP Photosmart 6510 series Grundläggande enhetsprogramvara (HKLM\...\{238E725E-9119-4D07-A622-ADC787FC0459}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart 6510 series Hjälp (HKLM-x32\...\{A2F95F8C-CDA9-4B08-BAD1-CA9656E4EC14}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 6510 series Produktförbättringsstudie (HKLM\...\{BCE3A08B-CF08-4129-B63A-CFD327DC9A7C}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.013 - HTC Corporation)
HTC Sync (HKLM-x32\...\{D5B18B60-4FC3-42AD-A629-9CA10ACC06CD}) (Version: 3.0.5579 - HTC Corporation)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.1.0 - LIGHTNING UK!)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
JDownloader Download Accelerator Packages (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\JDownloader Download Accelerator Packages) (Version:  - ) <==== ATTENTION
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kartex (HKLM-x32\...\{896D3C79-8E3A-40DC-87F2-2AAC9F9146EF}) (Version: 5.41.5 - Lantmäteriet)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Menu Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Plus! for Skype (HKLM-x32\...\Messenger Plus! for Skype) (Version: 1.5.0.122 - Yuna Software)
Microsoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-041D-0000-0000000FF1CE}_OMUI.sv-se_{6DB23E19-BC1C-4C62-8158-391F65D84457}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_OMUI.sv-se_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Swedish/svenska (HKLM-x32\...\OMUI.sv-se) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_OMUI.sv-se_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version:  - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (Swedish) (HKLM-x32\...\{95120000-00AF-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_OMUI.sv-se_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version:  - Microsoft)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{2C1B58D5-6549-472C-86B7-17BE57186628}) (Version: 9.7.0621 - Microsoft Corporation)
Mobile Broadband (HKLM-x32\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version:          - ZTE CORPORATION)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.02.07 - Huawei Technologies Co.,Ltd)
Movie Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden
Mozilla Firefox (3.5.7) (HKLM-x32\...\Mozilla Firefox (3.5.7)) (Version: 3.5.7 (sv-SE) - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Nero 9 (HKLM-x32\...\{39135c20-3583-4d13-bf34-3277fecb56d3}) (Version:  - Nero AG)
Nero BackItUp (HKLM-x32\...\{0420F95C-11FF-4E02-B967-6CC22B188F9F}) (Version: 5.2.6000 - Nero AG)
Nero BackItUp and Burn (HKLM-x32\...\{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}) (Version: 1.2.0009 - Nero AG)
Nero BurnRights (HKLM-x32\...\{397516AE-7DFE-4F90-84E0-BD616D559434}) (Version: 3.6.17000 - Nero AG)
Nero Express (HKLM-x32\...\{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}) (Version: 9.6.11000 - Nero AG)
Nero RescueAgent (HKLM-x32\...\{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}) (Version: 2.6.13000 - Nero AG)
Norrlands Skoterledskarta Autorouting v3.0.2.1 (HKLM-x32\...\{40554019-49FF-4A33-A401-8AE7C01D3606}_is1) (Version:  - )
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6619 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden
OpenOffice.org 3.4 (HKLM-x32\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sony PC Companion 2.10.053 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.053 - Sony)
SoundTrax (x32 Version: 4.4.32.0 - Nero AG) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.5.2 - )
Spotify (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version:  - Oberon Media)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
VantagePoint (HKLM-x32\...\InstallShield_{1D21ED4F-3C5E-45C3-9795-8C8CB2AB31DC}) (Version: 2.32.0000 - Magellan Navigation, Inc.)
VantagePoint (x32 Version: 2.32.0000 - Magellan Navigation, Inc.) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{08A247F5-E34F-4D17-8731-0906DF56947E}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-drivrutinspaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-drivrutinspaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
ZTE LTE Device USB Driver (HKLM\...\{00C1EF09-B5B7-4082-B1F4-C35CE7A7FCA9}) (Version:  - ZTE Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{43090D0D-E309-4D12-B3E8-0165D520BA4C}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.25.3\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
Länk till kommentar
Dela på andra webbplatser

Internet Explorer säger att det inte går att köra tillägget, och Chrome vill att jag ska ladda ner nåt..

Länk till kommentar
Dela på andra webbplatser

Internet Explorer säger att det inte går att köra tillägget, och Chrome vill att jag ska ladda ner nåt..

Ja, använder man Chrome behöver man ladda ner något.

Länk till kommentar
Dela på andra webbplatser

Fick en uppdatering av avast.. som ville starta om datorn, den ville inte starta igen, suck... återställning pågår.

 

Detta hände förra veckan åxå efter en win update... ska försöka göra onlinescan så fort d e klart... återkommer asap.

Länk till kommentar
Dela på andra webbplatser

Oj, insåg precis att jag missade dom avancerade inställningarna, 68% genomsökt nu.. kan jag avbryta och börja om eller ska jag fortsätta? :)

Länk till kommentar
Dela på andra webbplatser

Vid det här laget antar jag att genomsökningen är klar så klistra in loggen från den.

Länk till kommentar
Dela på andra webbplatser

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\2247b45d-19c3-49cf-96bf-ed8aff6a808e.crx.vir JS/Toolbar.Crossrider.E potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\2247b45d-19c3-49cf-96bf-ed8aff6a808e.dll.vir a variant of Win32/Toolbar.CrossRider.CG potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\290f1cc5-c7ea-46b7-9f1b-da1976813a1e.dll.vir a variant of Win64/Toolbar.Crossrider.P potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-1-6.exe.vir a variant of Win32/Toolbar.CrossRider.CD potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-1-7.exe.vir a variant of Win32/Toolbar.CrossRider.CD potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-10.exe.vir a variant of Win32/Toolbar.CrossRider.CO potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-3.exe.vir a variant of Win32/Toolbar.CrossRider.CH potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-4.exe.vir a variant of Win32/Toolbar.CrossRider.CH potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-5.exe.vir a variant of Win32/Toolbar.CrossRider.CC potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-6.exe.vir a variant of Win32/Toolbar.CrossRider.CD potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-64.exe.vir a variant of Win64/Toolbar.Crossrider.N potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-7.exe.vir a variant of Win32/Toolbar.CrossRider.CD potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8.xpi.vir JS/Toolbar.Crossrider.B potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\Uninstall.exe.vir a variant of Win32/Toolbar.CrossRider.CU potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\UninstallBrw.exe.vir a variant of Win32/Toolbar.CrossRider.CO potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\utils.exe.vir a variant of Win32/Toolbar.CrossRider.CM potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\globalupdate.exe.vir Win32/AlteredSoftware.F potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdate.exe.vir Win32/AlteredSoftware.F potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe.vir Win32/AlteredSoftware.H potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe.vir Win32/AlteredSoftware.F potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe.vir Win32/AlteredSoftware.H potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll.vir a variant of Win32/AlteredSoftware.E potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir a variant of Win32/AlteredSoftware.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir a variant of Win32/AlteredSoftware.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe.vir a variant of Win32/TrojanDropper.Addrop.J trojan cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchCH.dll.vir Win32/ELEX.BM potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchFF.dll.vir Win32/ELEX.BM potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowserAction.dll.vir a variant of Win32/ELEX.DH potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\CmdShell.exe.vir a variant of Win32/ELEX.CY potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ffsearch_toolbar!1.0.0.1031.xpi.vir Win32/Toolbar.TNT2.I potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\HPNotify.exe.vir a variant of Win32/ELEX.DK potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\IeWatchDog.dll.vir Win32/ELEX.BM potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ProtectService.exe.vir a variant of Win32/ELEX.EE potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\SupTab.dll.vir a variant of Win32/Thinknice.B potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\aaaaaogcninhibjjfnjhhljkmdkepfnf.crx.vir Win32/BrowseFox.Q potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\ProductDealsbho.dll.vir a variant of Win32/BrowseFox.AE potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\ProductDealsUninstall.exe.vir a variant of Win32/BrowseFox.AY potentially unwanted application deleted - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\updateProductDeals.exe.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\33ec.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\33ec41eac564.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\33ec64.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\4765b08d0fb448cabf21.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\4765b08d0fb448cabf2102642a05e93d.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\4765b08d0fb448cabf2102642a05e93d64.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\4765b08d0fb448cabf2164.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\b9ef2fca9fe64589b97a.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\b9ef2fca9fe64589b97a64.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\b9ef2fca9fe64589b97a90379e9f2f5e.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\b9ef2fca9fe64589b97a90379e9f2f5e64.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e789ddb0d21e49179218.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e789ddb0d21e4917921864.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e789ddb0d21e49179218742217563d5b.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e789ddb0d21e49179218742217563d5b64.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e8bbec8c4837488cbb91.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e8bbec8c4837488cbb912413047df2f2.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e8bbec8c4837488cbb912413047df2f264.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e8bbec8c4837488cbb9164.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\ProductDeals.BrowserAdapter.exe.vir a variant of Win32/BrowseFox.AX potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\ProductDeals.BrowserAdapter64.exe.vir a variant of Win64/BrowseFox.CP potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\ProductDeals.expext.exe.vir a variant of Win32/BrowseFox.BY potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\ProductDeals.PurBrowse64.exe.vir a variant of Win64/BrowseFox.A potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\tmp3D25.tmp.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\tmp7A8.tmp.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\tmpB23F.tmp.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\utilProductDeals.exe.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\plugins\ProductDeals.BrowserAdapter.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\plugins\ProductDeals.CompatibilityChecker.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\plugins\ProductDeals.ExpExt.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\plugins\ProductDeals.FFUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\plugins\ProductDeals.GCUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\plugins\ProductDeals.PurBrowseG.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\AVJYFVOD75109374@HCDE39471360.com\chrome\content\core\7eebb9ac322c6e2242ae07d3c08e9319.js.vir JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\AVJYFVOD75109374@HCDE39471360.com\extensionData\plugins\91.js.vir JS/Toolbar.Crossrider.B potentially unwanted application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting - quarantined

C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting - quarantined

C:\FRST\Quarantine\C\Program Files (x86)\PacFunction\updatePacFunction.exe a variant of Win32/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\FRST\Quarantine\C\Program Files (x86)\PacFunction\bin\utilPacFunction.exe a variant of Win32/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined

C:\FRST\Quarantine\C\Program Files (x86)\PacFunction\bin\plugins\PacFunction.BrowserFilter.dll a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined

C:\Program Files (x86)\4b08656f-7a70-4884-822a-7ab7465c019b\c5957811-1706-484c-94a7-68cb3d162e98.dll a variant of Win32/Toolbar.CrossRider.CG potentially unwanted application cleaned by deleting - quarantined

C:\Program Files (x86)\4b08656f-7a70-4884-822a-7ab7465c019b\e9c8712a-6eb3-4978-8720-1befff8d5a49.dll a variant of Win64/Toolbar.Crossrider.P potentially unwanted application cleaned by deleting - quarantined

C:\Program Files (x86)\Acer Arcade Deluxe\4a2bfd6b-8390-44ba-be12-5c3938977906.dll a variant of Win32/Toolbar.CrossRider.CG potentially unwanted application cleaned by deleting - quarantined

C:\Program Files (x86)\Acer Arcade Deluxe\4b08656f-7a70-4884-822a-7ab7465c019b.dll a variant of Win64/Toolbar.Crossrider.P potentially unwanted application cleaned by deleting - quarantined

C:\Users\Langen\AppData\Local\Temp\Update_8eff.exe a variant of Win32/Adware.CiDHelp application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\19.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\49a02e693d58c295bbde06b319488c40.js JS/Toolbar.Crossrider.E potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\0db43ac1e0278e93cff77e76be8b36ea.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\5bf4428d644f778fc93af7248f2d1994.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\fd1b592958991e60d7cba06930f22b07.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\142af5b08077226ed5da9f711d91255f.js JS/Toolbar.Crossrider.H potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\1452060f69f9a37569d24d810ba4b042.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\3cc0eb8c4e6c2d5c79f18d53aef24cfa.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\77713b276376b9ad10a5b09236218523.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\90c27ce3a17ada528d7d08aaa63241ea.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\bebd23a8ae65ace72edd6c16c852d52e.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\fb5ddc6dc72a4e4c466e1013d8b7626e.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50GJS7CW\Reimage[1].exe a variant of Win32/OutBrowse.CB potentially unwanted application deleted - quarantined

C:\Users\Sosso\AppData\Local\Temp\3358.exe a variant of Win32/Toolbar.CrossRider.CO potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Temp\9498.exe a variant of Win32/Toolbar.CrossRider.CO potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Temp\Cars.2006.SE.Fi.PAL.DVDR APOCALYPSE__10924_i1552997636_il777998.exe a variant of Win32/Amonetize.FU potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Temp\Update_3703.exe a variant of Win32/MessengerPlus.A potentially unwanted application deleted - quarantined

C:\Users\Sosso\AppData\Local\Temp\comh.392643\globalupdate.exe Win32/AlteredSoftware.F potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Temp\comh.392643\globalupdateBroker.exe Win32/AlteredSoftware.H potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Temp\comh.392643\globalupdateCrashHandler.exe Win32/AlteredSoftware.F potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Temp\comh.392643\globalupdateOnDemand.exe Win32/AlteredSoftware.H potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Temp\comh.392643\npglobalupdateUpdate4.dll a variant of Win32/AlteredSoftware.E potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Temp\comh.392643\psmachine.dll a variant of Win32/AlteredSoftware.G potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Temp\comh.392643\psuser.dll a variant of Win32/AlteredSoftware.G potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Temp\is-D7I4D.tmp\gentlemjmp_ieu.exe multiple threats cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Temp\is-ILNC5.tmp\399.exe a variant of Win32/Adware.EoRezo.AZ application cleaned by deleting - quarantined

C:\Users\Sosso\AppData\Local\Temp\Rar$EX00.392\Cars.2006.SE.Fi.PAL.DVDR APOCALYPSE_10924_i30387306_il345.exe a variant of Win32/Amonetize.DW potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\Downloads\Cars.2006.SE.Fi.PAL.DVDR+APOCALYPSE_10924_i30387306_il345.exe.zip a variant of Win32/Amonetize.DW potentially unwanted application deleted - quarantined

C:\Users\Sosso\Downloads\NIKON D5000 user guide provided through pdfretriever.com.exe a variant of Win32/GetNow.J potentially unwanted application cleaned by deleting - quarantined

C:\Users\Sosso\Downloads\TorchSetup.exe a variant of Win32/Toolbar.SearchSuite.W potentially unwanted application deleted - quarantined

C:\Users\Sosso\Downloads\uTorrent.exe a variant of Win32/Bunndle potentially unsafe application cleaned by deleting - quarantined
Länk till kommentar
Dela på andra webbplatser

1. Du måste se till att avinstallera FRST och AdwCleaner när en rensning är klar för annars försvinner inte deras karantänmappar med allt de någonsin har tagit bort.

 

2. Eftersom du lät Esets skanner ta bort allt den hittade behöver jag se nya loggar från FRST för att veta vad som numera återstår att åtgärda.

Länk till kommentar
Dela på andra webbplatser

Ok, fixar imorgon... men en fråga först,

 

Ska jag avinstallera och installera på nytt eller bara köra en omgång till?

 

Jag stoppade ju eset scanningen och gjorde precis som jag skulle göra enligt din instruktion.. var ju lite snabb på att starta allt....

Länk till kommentar
Dela på andra webbplatser

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015

Ran by Sosso (administrator) on LAPTOPSOFIA (26-07-2015 11:18:04)

Running from C:\Users\Sosso\Downloads

Loaded Profiles: Sosso (Available Profiles: Sosso & Langen)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Svenska (Sverige)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe

(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe

(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Windows\System32\alg.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

() C:\Windows\PLFSetI.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

() C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\CancelAutoPlay.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Akamai Technologies, Inc.) C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe

(Akamai Technologies, Inc.) C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe

(Spotify Ltd) C:\Users\Sosso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe

(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

(ZTE) C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\mcserver.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe

(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe

(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastUI.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

() C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\dbus-daemon.exe

() C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\db_daemon.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-07] (Egis Technology Inc.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-19] (Synaptics Incorporated)

HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-30] ()

HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated)

HKLM\...\Run: [CancelAutoPlay.exe] => C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\CancelAutoPlay.exe [68096 2012-03-30] ()

HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)

HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)

HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-08-01] (CyberLink Corp.)

HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-08-05] (Acer Corp.)

HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [MessengerPlusForSkypeService] => "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5515496 2015-06-15] (Avast Software s.r.o.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [mbot_se_014010025] => [X]

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Google Update] => C:\Users\Sosso\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-09-26] (Google Inc.)

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Facebook Update] => C:\Users\Sosso\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [sony PC Companion] => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [spotify Web Helper] => C:\Users\Sosso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2015-01-26] (Spotify Ltd)

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [HP Photosmart 6510 series (NET)] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)

HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)

HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2011-10-28]

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MCtlSvc.lnk [2012-05-23]

ShortcutTarget: MCtlSvc.lnk -> C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\mcserver.exe (ZTE)

Startup: C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Övervaka bläckvarningar - .lnk [2012-08-12]

ShortcutTarget: Övervaka bläckvarningar - .lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

Startup: C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Övervaka bläckvarningar - HP Photosmart 6510 series (nätverk).lnk [2015-07-25]

ShortcutTarget: Övervaka bläckvarningar - HP Photosmart 6510 series (nätverk).lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-06-15] (Avast Software s.r.o.)

ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-08-07] (Egis Technology Inc.)

ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-08-07] (Egis Technology Inc.)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 


SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 

SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-06-15] (Avast Software s.r.o.)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)

BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} ->  No File

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-06-15] (Avast Software s.r.o.)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File

Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.)

Toolbar: HKU\S-1-5-21-3310348378-2041383425-807149183-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.)

DPF: HKLM-x32 {19D6A3D5-EA50-4C3B-88F0-79627C325570} http://iloapp.teamsosso.se/gallery/executable/IlosoftMultipleImageUpload.dll


Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{2EB15542-5E83-44FF-872F-64395312DE35}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{F1D30B37-CAC4-4C71-87B2-2EBCB93A8B31}: [DhcpNameServer] 192.168.1.1

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

 

FireFox:

========

FF ProfilePath: C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default

FF Homepage: hxxp://www.google.com/

FF NetworkProxy: "no_proxies_on", "*.local"

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-02-11] (Finansiell ID-Teknik BID AB)

FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2010-03-26] (GARMIN Corp.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-06-21] (RocketLife, LLP)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sosso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009-12-22] (mozilla.org)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml [2009-12-22]

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009-12-22]

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml [2009-12-22]

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml [2009-12-22]

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml [2009-12-22]

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml [2009-12-22]

FF Extension: personaschristopherbeard - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\personas@christopher.beard [2015-07-17]

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20]

FF HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\quick_start@gmail.com [not found]

FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\searchffv2@gmail.com [not found]

FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\AVJYFVOD75109374@HCDE39471360.com [not found]

StartMenuInternet: FIREFOX.EXE - firefox.exe

 

Chrome: 

=======

CHR Profile: C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (WOT) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2010-04-21]

CHR Extension: (YouTube) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18]

CHR Extension: (Google Cast) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-04-12]

CHR Extension: (Google Search) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18]

CHR Extension: (Avast Online Security) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-05]

CHR Extension: (ljmpghknnfhlgcgchochgijlgjpmhhfo) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmpghknnfhlgcgchochgijlgjpmhhfo [2015-07-17]

CHR Extension: (CinemaP-1.9cV09.07) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-07-09]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]

CHR Extension: (Gmail) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

StartMenuInternet: Google Chrome - Chrome.exe

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-06-15] (Avast Software s.r.o.)

R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)

R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2011-08-12] () [File not signed]

R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [87344 2009-09-01] (Prolific Technology Inc.)

S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed]

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

S2 MsgPlusService; "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AF9035BDA; C:\Windows\System32\Drivers\AF9035BDA.sys [488832 2010-03-23] (AfaTech                  )

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-15] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-15] (Avast Software s.r.o.)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-15] (Avast Software s.r.o.)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-15] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-15] (Avast Software s.r.o.)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-15] (Avast Software s.r.o.)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-15] ()

S3 massfilter_lte; C:\Windows\system32\drivers\massfilter_lte.sys [18456 2011-12-20] (HandSet Incorporated)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)

S3 zgdcat; C:\Windows\System32\DRIVERS\zgdcat.sys [130200 2011-12-20] (ZTE Incorporated)

S3 zgdcdiag; C:\Windows\System32\DRIVERS\zgdcdiag.sys [130200 2011-12-20] (ZTE Incorporated)

S3 zgdcmdm; C:\Windows\System32\DRIVERS\zgdcmdm.sys [130200 2011-12-20] (ZTE Incorporated)

S3 zgdcnet; C:\Windows\System32\DRIVERS\zgdcnet.sys [169496 2011-12-20] (ZTE Incorporated)

S3 zgdcnmea; C:\Windows\System32\DRIVERS\zgdcnmea.sys [130200 2011-12-20] (ZTE Incorporated)

S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]

S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-07-26 00:22 - 2015-07-26 00:22 - 00046328 _____ C:\Users\Sosso\Downloads\eset scan.txt

2015-07-25 19:24 - 2015-07-25 19:25 - 02870984 _____ (ESET) C:\Users\Sosso\Desktop\esetsmartinstaller_enu (1).exe

2015-07-25 18:54 - 2015-07-25 18:55 - 02870984 _____ (ESET) C:\Users\Sosso\Desktop\esetsmartinstaller_enu.exe

2015-07-25 18:50 - 2015-07-25 18:50 - 00000000 ___HD C:\Windows\AxInstSV

2015-07-25 17:59 - 2015-07-26 11:19 - 00025796 _____ C:\Users\Sosso\Downloads\FRST.txt

2015-07-25 17:59 - 2015-07-26 11:11 - 00000000 ____D C:\Users\Sosso\Downloads\FRST-OlderVersion

2015-07-23 14:12 - 2015-07-23 14:12 - 00275336 _____ C:\Windows\Minidump\072315-105940-01.dmp

2015-07-14 22:18 - 2015-07-14 22:18 - 00194161 _____ C:\14-7.txt

2015-07-14 21:48 - 2015-07-14 21:48 - 18009776 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2015-07-14 20:51 - 2015-07-14 22:19 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-07-14 20:50 - 2015-07-14 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-07-14 20:50 - 2015-07-14 20:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-07-14 20:50 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-07-14 20:50 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-07-09 18:22 - 2015-07-09 18:22 - 00000254 __RSH C:\ProgramData\ntuser.pol

2015-07-09 09:06 - 2015-07-09 09:06 - 00000971 _____ C:\Users\Sosso\Desktop\GUPlayer.lnk

2015-07-09 08:57 - 2015-07-25 22:54 - 00000000 ____D C:\Program Files (x86)\4b08656f-7a70-4884-822a-7ab7465c019b

2015-07-09 08:56 - 2015-07-23 17:47 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

2015-07-09 08:52 - 2015-07-09 08:52 - 00000000 _____ C:\Windows\prleth.sys

2015-07-09 08:52 - 2015-07-09 08:52 - 00000000 _____ C:\Windows\hgfs.sys

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-07-26 11:18 - 2014-03-10 01:01 - 00000000 ____D C:\FRST

2015-07-26 11:17 - 2014-03-09 21:43 - 00001796 _____ C:\sc-cleaner.txt

2015-07-26 11:17 - 2010-01-11 22:42 - 07691776 ___SH C:\Users\Sosso\Downloads\Thumbs.db

2015-07-26 10:52 - 2012-08-12 02:27 - 00000338 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job

2015-07-26 10:46 - 2013-08-29 21:42 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-07-26 10:44 - 2010-02-20 18:51 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-07-26 10:44 - 2010-02-03 12:48 - 00001004 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA.job

2015-07-26 10:32 - 2009-09-29 13:49 - 01636632 _____ C:\Windows\WindowsUpdate.log

2015-07-26 08:36 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-07-26 08:36 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-07-26 08:30 - 2012-02-16 18:19 - 00000976 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA.job

2015-07-26 04:40 - 2009-12-12 01:53 - 00000000 ____D C:\Users\Langen

2015-07-26 04:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration

2015-07-25 23:30 - 2012-02-16 18:19 - 00000954 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core.job

2015-07-25 22:54 - 2009-09-29 13:56 - 00000000 ____D C:\Program Files (x86)\Acer Arcade Deluxe

2015-07-25 18:45 - 2010-06-21 14:44 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics

2015-07-25 18:45 - 2009-12-11 01:49 - 00000000 ____D C:\Users\Sosso

2015-07-25 18:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-07-25 18:44 - 2009-07-14 06:51 - 00279633 _____ C:\Windows\setupact.log

2015-07-25 18:14 - 2014-09-05 20:40 - 00000000 __SHD C:\Users\Sosso\AppData\Local\EmieUserList

2015-07-25 18:14 - 2014-09-05 20:40 - 00000000 __SHD C:\Users\Sosso\AppData\Local\EmieSiteList

2015-07-25 18:14 - 2009-12-10 20:16 - 00000000 ____D C:\Users\Sosso\AppData\Local\Google

2015-07-25 18:09 - 2014-03-10 01:02 - 00053708 _____ C:\Users\Sosso\Downloads\Addition.txt

2015-07-25 17:59 - 2014-03-10 01:00 - 02146816 _____ (Farbar) C:\Users\Sosso\Downloads\FRST64.exe

2015-07-25 17:52 - 2012-07-10 00:20 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2015-07-25 17:47 - 2009-08-22 10:34 - 01292186 _____ C:\Windows\PFRO.log

2015-07-25 16:58 - 2009-07-14 04:34 - 00000612 _____ C:\Windows\win.ini

2015-07-25 12:44 - 2010-02-03 12:48 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core.job

2015-07-23 14:12 - 2011-07-23 21:51 - 00000000 ____D C:\Windows\Minidump

2015-07-23 11:56 - 2009-09-29 14:45 - 00664068 _____ C:\Windows\system32\perfh01D.dat

2015-07-23 11:56 - 2009-09-29 14:45 - 00142836 _____ C:\Windows\system32\perfc01D.dat

2015-07-23 11:56 - 2009-07-14 07:13 - 01580554 _____ C:\Windows\system32\PerfStringBackup.INI

2015-07-18 07:09 - 2015-04-05 22:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-07-18 07:09 - 2015-04-05 22:38 - 00000000 ___SD C:\Windows\system32\GWX

2015-07-18 07:09 - 2015-02-15 14:38 - 00000000 ____D C:\Windows\system32\appraiser

2015-07-18 07:09 - 2014-05-17 10:06 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-07-18 07:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-07-18 07:09 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2015-07-17 21:12 - 2010-01-15 16:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-07-17 20:27 - 2013-08-20 18:11 - 00000000 ____D C:\Windows\system32\MRT

2015-07-16 16:06 - 2014-02-21 00:52 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2015-07-16 16:04 - 2014-12-25 21:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2015-07-16 12:39 - 2010-02-20 18:51 - 00003990 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-07-16 12:39 - 2010-02-20 18:51 - 00003738 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-07-16 12:39 - 2010-02-20 18:51 - 00000990 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-07-16 12:39 - 2010-02-03 12:48 - 00003974 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA

2015-07-16 12:39 - 2010-02-03 12:48 - 00003578 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core

2015-07-14 21:49 - 2013-08-29 21:42 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-07-14 21:49 - 2013-05-03 15:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-07-14 21:49 - 2011-06-06 20:17 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\Users\Sosso\AppData\Roaming\Malwarebytes

2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware

2015-07-13 22:06 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

2015-07-13 20:54 - 2009-12-11 01:50 - 00001421 _____ C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-07-09 10:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\GroupPolicy

2015-07-09 09:08 - 2009-12-13 13:33 - 00000000 ____D C:\Users\Sosso\AppData\Roaming\uTorrent

2015-07-09 09:03 - 2009-08-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone

2015-07-09 09:03 - 2009-08-22 10:43 - 00000000 ____D C:\Program Files (x86)\Acer GameZone

2015-07-09 09:03 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2015-07-06 20:05 - 2011-01-15 17:16 - 00001456 _____ C:\Users\Sosso\AppData\Local\Adobe Spara för webben 12.0 Prefs

2015-06-26 17:39 - 2011-02-09 20:03 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys

2015-06-26 01:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache

 

==================== Files in the root of some directories =======

 

2009-08-22 10:43 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico

2011-09-28 22:04 - 2011-10-16 23:42 - 0000132 _____ () C:\Users\Sosso\AppData\Roaming\CS5-inställningar för PNG-format i Adobe

2010-02-06 23:02 - 2011-12-15 20:42 - 0000143 _____ () C:\Users\Sosso\AppData\Roaming\default.rss

2009-12-19 18:38 - 2015-01-06 18:01 - 0002704 _____ () C:\Users\Sosso\AppData\Roaming\wklnhst.dat

2011-01-15 17:16 - 2015-07-06 20:05 - 0001456 _____ () C:\Users\Sosso\AppData\Local\Adobe Spara för webben 12.0 Prefs

2010-08-04 22:47 - 2010-08-04 22:47 - 0007602 _____ () C:\Users\Sosso\AppData\Local\Resmon.ResmonCfg

2012-08-12 01:39 - 2012-08-12 01:39 - 0000057 _____ () C:\ProgramData\Ament.ini

2009-09-29 13:56 - 2009-09-29 14:00 - 0007830 _____ () C:\ProgramData\ArcadeDeluxe3.log

2009-08-22 10:44 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe

2010-03-23 20:48 - 2010-03-23 21:02 - 0000453 _____ () C:\ProgramData\LmeUSB.log

2010-03-23 20:48 - 2010-03-23 21:02 - 0000456 _____ () C:\ProgramData\LSDmbTH.log

 

Some files in TEMP:

====================

C:\Users\Langen\AppData\Local\Temp\FlashPlayerUpdate.exe

C:\Users\Sosso\AppData\Local\Temp\DataCard_Setup64.exe

C:\Users\Sosso\AppData\Local\Temp\MsgPlusUninstall.exe

C:\Users\Sosso\AppData\Local\Temp\ResetDevice.exe

C:\Users\Sosso\AppData\Local\Temp\uttD852.tmp.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-07-23 13:35

 

==================== End of log ============================

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...