Otroligt seg dator win 7

[The OldBoy]

Hejsan!

 

Har min mammas dator som har blivit så seg, hänger sig mitt i surfande för att 20-40sek senare fortsätta!

Start av nya program kan ta flera minuter och att stänga av datorn tar flera minuter.

 

Win uppdate funkar inte har haft på datorn över ett dygn utan att den hittar någonting.

 

Har kört FRST så jag vore glad om någon kunde kolla om det finns några konstigheter i loggen.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by Barbro (administrator) on BARBRO-HP (12-05-2016 21:42:12)
Running from C:\Users\Barbro\Desktop
Loaded Profiles: Barbro (Available Profiles: Barbro)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-17] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-362326277-3939839522-939615748-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-362326277-3939839522-939615748-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-18\...\Run: [bredbandsbolaget Servicecenter] => C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe [443752 2010-01-20] (Bredbandsbolaget)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-14] (EasyBits Software Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BankID säkerhetsprogram.lnk [2011-09-21]
ShortcutTarget: BankID säkerhetsprogram.lnk -> C:\Program Files (x86)\Personal\bin\Personal.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C3F4FC6D-159A-405F-B242-19C2D990D8E9}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-362326277-3939839522-939615748-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQCON/10
SearchScopes: HKLM -> {6A121CF6-9CF1-4CF9-A05D-B0DCF16944EC} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {A5083538-D0DD-4E6F-829B-A627ECC5EA35} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM -> {AFF34859-ACAC-4AAF-BEB0-B74C9ACA2E7D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {6A121CF6-9CF1-4CF9-A05D-B0DCF16944EC} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {A5083538-D0DD-4E6F-829B-A627ECC5EA35} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM-x32 -> {AFF34859-ACAC-4AAF-BEB0-B74C9ACA2E7D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-362326277-3939839522-939615748-1000 -> {6A121CF6-9CF1-4CF9-A05D-B0DCF16944EC} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-362326277-3939839522-939615748-1000 -> {A5083538-D0DD-4E6F-829B-A627ECC5EA35} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKU\S-1-5-21-362326277-3939839522-939615748-1000 -> {AFF34859-ACAC-4AAF-BEB0-B74C9ACA2E7D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-23] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Bredbandsbolaget Servicecenter Plugin -> {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} -> C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll [2010-01-20] (Bredbandsbolaget)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-23] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-362326277-3939839522-939615748-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

FireFox:
========
FF ProfilePath: C:\Users\Barbro\AppData\Roaming\Mozilla\Firefox\Profiles\cau1lokj.default-1414015575459
FF SelectedSearchEngine: DuckDuckGo
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.5.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-362326277-3939839522-939615748-1000: @nsroblox.roblox.com/launcher -> C:\Users\Barbro\AppData\Local\Roblox\Versions\version-d2fd1d56447746e9\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-362326277-3939839522-939615748-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Barbro\AppData\Local\Roblox\Versions\version-d2fd1d56447746e9\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S4 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-30] ()
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S4 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-04-20] (Realtek Semiconductor Corp.) [File not signed]
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-12 21:42 - 2016-05-12 21:43 - 00011280 _____ C:\Users\Barbro\Desktop\FRST.txt
2016-05-12 21:28 - 2016-05-12 21:41 - 00000000 ____D C:\FRST
2016-05-12 21:23 - 2016-05-12 21:23 - 02381312 _____ (Farbar) C:\Users\Barbro\Desktop\FRST64.exe
2016-05-11 10:18 - 2016-05-11 10:18 - 39641424 _____ C:\Users\Barbro\Downloads\bankid_installation(34).exe
2016-05-11 10:17 - 2016-05-11 10:18 - 39641424 _____ C:\Users\Barbro\Downloads\bankid_installation(33).exe
2016-05-11 10:00 - 2016-05-11 10:03 - 39641424 _____ C:\Users\Barbro\Downloads\bankid_installation(32).exe
2016-05-11 09:56 - 2016-05-11 09:57 - 39641424 _____ C:\Users\Barbro\Downloads\bankid_installation(31).exe
2016-05-11 09:56 - 2016-05-11 09:56 - 39641424 _____ C:\Users\Barbro\Downloads\bankid_installation(30).exe
2016-05-11 09:51 - 2016-05-11 09:52 - 39641424 _____ C:\Users\Barbro\Downloads\bankid_installation(29).exe
2016-05-01 15:52 - 2016-05-01 15:52 - 35944016 _____ C:\Users\Barbro\Downloads\bankid_installation(28).exe
2016-04-18 10:24 - 2016-04-18 10:24 - 35944016 _____ C:\Users\Barbro\Downloads\bankid_installation(27).exe
2016-04-17 21:49 - 2016-04-17 21:51 - 35944016 _____ C:\Users\Barbro\Downloads\bankid_installation(26).exe
2016-04-17 21:47 - 2016-04-17 21:48 - 35944016 _____ C:\Users\Barbro\Downloads\bankid_installation(25).exe
2016-04-17 21:41 - 2016-04-17 21:42 - 35944016 _____ C:\Users\Barbro\Downloads\bankid_installation(24).exe
2016-04-15 15:30 - 2016-05-11 10:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-15 15:29 - 2016-04-15 15:29 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-15 15:29 - 2016-04-15 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-15 15:29 - 2016-04-15 15:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-15 15:29 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-15 15:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-15 15:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-15 15:23 - 2016-04-15 15:25 - 22851472 _____ (Malwarebytes ) C:\Users\Barbro\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-12 22:21 - 2016-04-13 09:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-12 21:27 - 2009-07-14 06:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-12 21:27 - 2009-07-14 06:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-12 21:26 - 2014-10-24 01:19 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-12 11:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-11 15:35 - 2013-01-29 20:20 - 00000000 ____D C:\Windows\pss
2016-04-26 15:54 - 2010-07-14 14:42 - 00668266 _____ C:\Windows\system32\perfh01D.dat
2016-04-26 15:54 - 2010-07-14 14:42 - 00145158 _____ C:\Windows\system32\perfc01D.dat
2016-04-26 15:54 - 2009-07-14 07:13 - 01594346 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-26 15:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-22 09:57 - 2011-05-25 17:35 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-21 23:12 - 2013-12-24 01:32 - 00000000 ____D C:\Users\Barbro\AppData\Local\CrashDumps
2016-04-13 21:32 - 2013-08-23 11:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2010-12-20 10:59 - 2010-12-20 10:59 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-07-14 16:09 - 2010-07-14 16:09 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-12-20 10:59 - 2010-12-20 10:59 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-07-14 16:03 - 2010-07-14 16:04 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-12-20 10:58 - 2010-12-20 10:58 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2010-12-20 10:59 - 2010-12-20 10:59 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-07-14 16:02 - 2010-07-14 16:03 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-07-14 16:04 - 2010-07-14 16:09 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2010-12-20 11:00 - 2010-12-20 11:00 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-23 13:11

==================== End of FRST.txt ============================

 

Mvh

Robert

Addition.txt

[i3o6]

Blås skiten! Leta mjukvarufel är överskattat!
Troligtvis blir det liiite bättre i nån vecka.

 

Gissar på billig laptop?

Har inte fått verifierat men tror stenhårt på att det är hårddiskarna som dör på dom! så blir prima om du stoppar in 3-500kr SSD i maskin.

[Cecilia]

Jag ser inte till något skadligt i FRST.txt och jag tror också mer på problem med en hårddisk, eller kanske överhettning, än att det skulle vara ett skadligt program.

 

Avinstallera alla Java-program för de verkar vara gamla med kända säkerhetshål.