Just nu i M3-nätverket
Gå till innehåll

sheridanz

Medlem
  • Antal inlägg

    20
  • Gick med

  • Senaste besök

  1. Hej Jag har skaffat min första Macbook pro och jag har noll erfarenhet. Hoppas dessutom att jag la in detta ämne på rätt ställe. Jo jag har haft min dator nu i 2 veckor och fungerar helt felfritt, tills idag då det började strula. Jag fick en avisering i mobilen att någon försökt logga in på mitt Googlekonto på en Ipad och inte där jag bor. Google rådde mej att ändra lösenord och gjorde så. Fungerar helt okej i mobilen men får nu upp i datorn att Lösenord krävs för Internetkonton ,och då gäller det FB och Gmail Google. Det går inte....jag har bytt lösen tre gånger nu men det godtar inte något utan meddelande om Osäker Anslutning kommer hela tiden upp. Är det någon som vet vad som har hänt, hur jag kommer vidare. Lägger in bilder av vad som kommer upp. Tillägg: Jag använde Star VPN och misstänker att den ändrat något.
  2. Då gör jag så. Tror det är okej allting nu. Jag återkommer om det blir något Stort tack åter igen <3
  3. Sådär, nu har jag avinstallerat Avast SafePrice. Hade inte en aning att en så dum grej följer virusprog. Tack Thirteen Nu funkade det att göra Systemåterställning och nu fungerar även Aktivitetsfältet men...om jag nu avinstallerar Frst tex riskerar jag få samma problem igen med aktivitetsfältet?
  4. Jag tänkte på det. Jag ser punkterna där skräpet kom in i datorn men om jag väljer en innan detta kan jag få tillbaka skiten då? För det blev ju en återställningspunkt nu då allt blev bra men den kan jag ju inte välja för det är ju där vi är nu.........tänker jag Nu kom det upp en ruta där det står att Avast SafePrice har lagts till. Ett annat program i datorn har lagt till ett tillägg som kan ändr hur Chrome fungerar......står det. Så kan jag välja att aktivera eller ta bort från chrome. Vad är detta som händer? Har jag aldrig varit med om i min dator. Så var det ju innan vi började rensa datorn ju..... jag kan inte ta printScreen längre heller Läste att man kan lägga till ett nytt inlogg/konto och komma runt problemet med akriveringsfältet men det går inte heller. Händer inget då jag trycker på lägg till konto. Alltså något är riktigt fel nu......
  5. Det blev då jag tagit bort programmen som jag installerade . Precis på slutet Har startat om men ingen bättring men fortsätter väl några gånger till
  6. Eh glöm bort detta med win 8 , tror jag fått något fel i skallen oxå men felet kvarstår alltså att det inte går att klicka på annat än Chrome ikonen. Högerklicka fungerar men inte att sedan välja sök tex
  7. Då är allt borta. Det ända som jag upplever nu när jag startade om datorn är att det inte händer något då jag vill öppna saker i Aktivitetsfältet. Klickar jag på flaggan så öppnas den inte men det går att högerklicka. Samma med allt annat förutom Chrome Är det vanligt fel i win 8. Jag kommer inte riktigt överens med den,själv har jag 10 å där har jag aldrig problem. Förövrigt så vill jag tacka dej för som vanligt skickligt lotsande i en för mej många gånger okänd värld. Du är ett Guldkorn. Stort Tack
  8. Jag tycker den känns okej nu.....Inga konstiga meddelanden som dyker upp och virusprogrammet är tyst och fint;) Har använt datorn ett tag nu och det känns helt okej. Det som ställde till problem är nog borta
  9. Hittar ingen loggfil inne på C:\Kristina för det finns ingen AppData\local\ESET Här kommer FRST loggfil du bad om Fix result of Farbar Recovery Scan Tool (x64) Version: 20-09-2016 Ran by Kristina (22-09-2016 10:25:30) Run:1 Running from C:\Users\Kristina\Desktop Loaded Profiles: Kristina (Available Profiles: Kristina) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: CloseProcesses: S1 ghxgxala; \??\C:\WINDOWS\system32\drivers\ghxgxala.sys [X] Folder: C:\Users\Kristina\AppData\Local\{B3DE8582-9776-E93A-FAEE-CCD2DE86304A} Folder: C:\Users\Kristina\AppData\Roaming\{59FD6F46-7CAF-0230-1799-25E2CB4BD8DC} File: C:\WINDOWS\bdc67a9ae43eebef961d4d26dc72a52e.exe Reboot: ***************** Restore point was successfully created. Processes closed successfully. ghxgxala => service removed successfully ========================= Folder: C:\Users\Kristina\AppData\Local\{B3DE8582-9776-E93A-FAEE-CCD2DE86304A} ======================== 2016-09-11 08:54 - 2016-09-11 08:54 - 0195776 _____ () C:\Users\Kristina\AppData\Local\{B3DE8582-9776-E93A-FAEE-CCD2DE86304A}\deti 2016-09-11 08:54 - 2016-09-11 08:54 - 0000075 _____ () C:\Users\Kristina\AppData\Local\{B3DE8582-9776-E93A-FAEE-CCD2DE86304A}\info.dat 2016-09-11 08:54 - 2016-09-11 08:54 - 0008032 _____ () C:\Users\Kristina\AppData\Local\{B3DE8582-9776-E93A-FAEE-CCD2DE86304A}\install.log 2016-09-11 08:54 - 2016-09-11 08:54 - 0681097 _____ (SQLite Development Team) C:\Users\Kristina\AppData\Local\{B3DE8582-9776-E93A-FAEE-CCD2DE86304A}\Sqlite3.dll 2016-09-11 08:54 - 2016-09-11 08:54 - 0001774 _____ () C:\Users\Kristina\AppData\Local\{B3DE8582-9776-E93A-FAEE-CCD2DE86304A}\uninst.dat ====== End of Folder: ====== ========================= Folder: C:\Users\Kristina\AppData\Roaming\{59FD6F46-7CAF-0230-1799-25E2CB4BD8DC} ======================== 2013-04-21 00:50 - 2013-04-21 00:50 - 0000073 _____ () C:\Users\Kristina\AppData\Roaming\{59FD6F46-7CAF-0230-1799-25E2CB4BD8DC}\config.dat 2016-09-11 08:53 - 2016-09-20 18:54 - 0000794 _____ () C:\Users\Kristina\AppData\Roaming\{59FD6F46-7CAF-0230-1799-25E2CB4BD8DC}\info.dat 2013-05-06 01:44 - 2013-05-06 01:44 - 0000025 _____ () C:\Users\Kristina\AppData\Roaming\{59FD6F46-7CAF-0230-1799-25E2CB4BD8DC}\STTL.DAT 2013-04-10 13:06 - 2013-04-10 13:06 - 0000004 _____ () C:\Users\Kristina\AppData\Roaming\{59FD6F46-7CAF-0230-1799-25E2CB4BD8DC}\TTL.DAT ====== End of Folder: ====== ========================= File: C:\WINDOWS\bdc67a9ae43eebef961d4d26dc72a52e.exe ======================== "C:\WINDOWS\bdc67a9ae43eebef961d4d26dc72a52e.exe" => not found. ====== End of File: ====== The system needed a reboot. ==== End of Fixlog 10:26:14 ====
  10. Här är logfilerna. Jag går och lägger mej men återkommer imorgon. Stort tack för din ovärderliga hjälp Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-09-2016 Ran by Kristina (administrator) on HEMMA (21-09-2016 23:51:32) Running from C:\Users\Kristina\Downloads\FRST-OlderVersion Loaded Profiles: Kristina (Available Profiles: Kristina) Platform: Windows 10 Home Version 1511 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: "C:\Users\Kristina\AppData\Local\Chromium\Application\chrome.exe" -- "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-08-16] (Realtek semiconductor) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2015-10-05] (Synaptics Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-21] (AVAST Software) HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-21] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ce834fcf-2140-4a52-bfc6-2a1e800e0e0e}: [DhcpNameServer] 192.168.1.1 ManualProxies: Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131188616072905365&GUID=D2809E83-13A4-4605-9C95-BA46E070299F HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131188616072942096&GUID=D2809E83-13A4-4605-9C95-BA46E070299F HKU\S-1-5-21-530700673-802275041-1869102837-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE13&ocid=UE13DHP SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-530700673-802275041-1869102837-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-20] (Google Inc.) FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-21] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-21] FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF Chrome: ======= CHR HomePage: Default -> hxxps://www.superstart.se/ CHR Profile: C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default [2016-09-21] CHR Extension: (Google Presentationer) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-20] CHR Extension: (Google Dokument) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-20] CHR Extension: (Google Drive) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-20] CHR Extension: (YouTube) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-20] CHR Extension: (Google Kalkylark) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-20] CHR Extension: (Google Dokument Offline) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-21] CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-20] CHR Extension: (Gmail) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-20] CHR Extension: (Chrome Media Router) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-21] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-21] (AVAST Software) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328616 2015-10-05] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-10-05] (Synaptics Incorporated) S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-21] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-21] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-21] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-21] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-21] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-21] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-09-21] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-21] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-21] (AVAST Software) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-21] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-08-16] (Realtek ) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2016-01-21] (Realtek Semiconductor Corporation) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-08-16] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-08-16] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-12-24] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-10-05] (Synaptics Incorporated) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S1 ghxgxala; \??\C:\WINDOWS\system32\drivers\ghxgxala.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-21 23:26 - 2016-09-21 23:26 - 00004002 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474493189 2016-09-21 23:26 - 2016-09-21 23:26 - 00001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2016-09-21 23:26 - 2016-09-21 23:25 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2016-09-21 23:24 - 2016-09-21 23:24 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\AVAST Software 2016-09-21 23:23 - 2016-09-21 23:23 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2016-09-21 23:23 - 2016-09-21 23:23 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2016-09-21 23:23 - 2016-09-21 23:23 - 00001950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2016-09-21 23:23 - 2016-09-21 23:23 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2016-09-21 23:23 - 2016-09-21 23:22 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2016-09-21 23:23 - 2016-09-21 23:22 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2016-09-21 23:23 - 2016-09-21 23:22 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2016-09-21 23:23 - 2016-09-21 23:22 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2016-09-21 23:23 - 2016-09-21 23:22 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2016-09-21 23:23 - 2016-09-21 23:22 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2016-09-21 23:23 - 2016-09-21 23:22 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2016-09-21 23:22 - 2016-09-21 23:22 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2016-09-21 23:22 - 2016-09-21 23:22 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2016-09-21 23:21 - 2016-09-21 23:25 - 00000000 ____D C:\Program Files\AVAST Software 2016-09-21 20:34 - 2016-09-21 20:34 - 00000000 ___HD C:\OneDriveTemp 2016-09-21 16:01 - 2016-09-21 16:01 - 00000000 ____D C:\Users\Kristina\AppData\Local\ESET 2016-09-21 15:59 - 2016-09-21 16:01 - 06761600 _____ (ESET spol. s r.o.) C:\Users\Kristina\Downloads\esetonlinescanner_enu.exe 2016-09-21 10:34 - 2016-09-21 23:49 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-09-21 10:33 - 2016-09-21 10:33 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-09-21 10:33 - 2016-09-21 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-09-21 10:33 - 2016-09-21 10:33 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-09-21 10:33 - 2016-09-21 10:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-09-21 10:33 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-09-21 10:33 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-09-21 10:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-09-21 10:32 - 2016-09-21 10:33 - 22851472 _____ (Malwarebytes ) C:\Users\Kristina\Downloads\mbam-setup-2.2.1.1043.exe 2016-09-21 09:52 - 2016-09-21 23:47 - 00000000 ____D C:\AdwCleaner 2016-09-21 08:35 - 2016-09-21 09:52 - 03861056 _____ C:\Users\Kristina\Desktop\adwcleaner_6.020.exe 2016-09-20 19:35 - 2016-09-20 19:36 - 00022087 _____ C:\Users\Kristina\Downloads\Addition.txt 2016-09-20 19:33 - 2016-09-20 19:36 - 00023332 _____ C:\Users\Kristina\Downloads\FRST.txt 2016-09-20 19:32 - 2016-09-21 23:51 - 00000000 ____D C:\Users\Kristina\Downloads\FRST-OlderVersion 2016-09-20 19:32 - 2016-09-21 23:51 - 00000000 ____D C:\FRST 2016-09-20 19:27 - 2016-09-20 19:32 - 02402816 _____ (Farbar) C:\Users\Kristina\Downloads\FRST64.exe 2016-09-20 19:12 - 2016-09-20 19:12 - 00000000 ____D C:\Users\Kristina\AppData\Local\CEF 2016-09-20 18:58 - 2016-09-20 19:01 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-09-20 18:58 - 2016-09-20 19:01 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-09-20 18:57 - 2016-09-21 23:13 - 00001014 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-09-20 18:57 - 2016-09-20 19:08 - 00004072 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-09-20 18:57 - 2016-09-20 19:08 - 00003840 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-09-20 18:57 - 2016-09-20 19:08 - 00001010 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-09-20 18:57 - 2016-09-20 18:57 - 00000000 ____D C:\Program Files (x86)\Google 2016-09-20 18:54 - 2016-09-20 18:54 - 00000102 _____ C:\Users\Kristina\AppData\Roaming\WB.CFG 2016-09-20 18:52 - 2016-09-21 23:25 - 00000000 ____D C:\ProgramData\AVAST Software 2016-09-20 18:52 - 2016-09-20 18:52 - 06334848 _____ (AVAST Software) C:\Users\Kristina\Downloads\avast_free_antivirus_setup_online.exe 2016-09-20 18:49 - 2016-09-21 21:50 - 00004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{40277EE3-BB8B-465F-B093-C31454961555} 2016-09-20 18:30 - 2016-09-20 18:30 - 00003240 _____ C:\WINDOWS\System32\Tasks\{0FC3EE4B-CCE1-4DAF-A40F-CAD35D34374C} 2016-09-20 18:19 - 2016-09-20 18:19 - 00003334 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task 2016-09-20 18:17 - 2016-09-20 18:17 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\Skype 2016-09-11 11:10 - 2016-09-21 08:36 - 00000000 ____D C:\Users\Kristina\AppData\Local\Google 2016-09-11 11:00 - 2016-09-21 23:25 - 00000868 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-09-11 11:00 - 2016-09-20 18:38 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-09-11 11:00 - 2016-09-20 18:25 - 00004006 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-09-11 11:00 - 2016-09-11 11:32 - 00003854 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-09-11 09:20 - 2016-09-11 11:32 - 00000000 ____D C:\Users\Kristina\AppData\Local\Adobe 2016-09-11 08:55 - 2016-09-11 08:55 - 00002360 _____ C:\Users\Kristina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk 2016-09-11 08:54 - 2016-09-11 08:58 - 00000000 ____D C:\Users\Kristina\AppData\Local\Chromium 2016-09-11 08:54 - 2016-09-11 08:56 - 00000000 ____D C:\Users\Kristina\AppData\Local\{B3DE8582-9776-E93A-FAEE-CCD2DE86304A} 2016-09-11 08:53 - 2016-09-20 19:18 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\{59FD6F46-7CAF-0230-1799-25E2CB4BD8DC} 2016-09-11 08:53 - 2016-09-20 18:53 - 00000000 ____D C:\ProgramData\{30E2F581-BAA0-7F47-3C66-E105A6246ACB} 2016-09-11 08:53 - 2016-09-11 08:53 - 74530506 _____ C:\Users\Kristina\Downloads\ChromeSetup [1].exe 2016-09-11 08:53 - 2016-09-11 08:53 - 00000254 __RSH C:\ProgramData\ntuser.pol 2016-08-29 11:24 - 2016-08-29 11:24 - 00032768 _____ C:\Users\Kristina\Downloads\123.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-21 23:50 - 2015-03-24 13:50 - 00000000 __RDO C:\Users\Kristina\OneDrive 2016-09-21 23:49 - 2015-03-24 13:41 - 00000000 __SHD C:\Users\Kristina\IntelGraphicsProfiles 2016-09-21 23:48 - 2016-01-21 21:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-09-21 23:47 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-09-21 23:23 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-09-21 22:41 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-09-21 22:41 - 2015-10-15 11:33 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-09-21 22:38 - 2015-10-15 11:33 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-09-21 20:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-09-21 15:50 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-09-21 10:52 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Resources 2016-09-21 09:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-09-20 18:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-09-20 18:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-09-20 18:22 - 2015-10-30 20:12 - 00747608 _____ C:\WINDOWS\system32\perfh01D.dat 2016-09-20 18:22 - 2015-10-30 20:12 - 00151176 _____ C:\WINDOWS\system32\perfc01D.dat 2016-09-20 18:22 - 2015-10-05 20:17 - 01768152 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-09-20 18:19 - 2015-10-05 20:24 - 00002383 _____ C:\Users\Kristina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-09-20 18:07 - 2015-10-05 19:08 - 00000000 ___HD C:\$SysReset 2016-09-11 10:45 - 2016-01-21 20:55 - 00000000 ____D C:\Users\Kristina 2016-09-11 10:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration 2016-09-11 10:33 - 2015-10-05 20:14 - 00000000 ____D C:\Users\Kristina\AppData\Local\Packages 2016-09-11 08:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-09-11 08:53 - 2015-10-05 20:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-09-07 03:00 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-09-07 03:00 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-08-29 11:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache ==================== Files in the root of some directories ======= 2016-09-20 18:54 - 2016-09-20 18:54 - 0000102 _____ () C:\Users\Kristina\AppData\Roaming\WB.CFG 2016-01-21 20:51 - 2016-01-21 20:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Kristina\AppData\Local\Temp\libeay32.dll C:\Users\Kristina\AppData\Local\Temp\msvcr120.dll C:\Users\Kristina\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-09-21 09:09 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2016 Ran by Kristina (21-09-2016 23:53:37) Running from C:\Users\Kristina\Downloads\FRST-OlderVersion Windows 10 Home Version 1511 (X64) (2016-01-21 19:11:56) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administratör (S-1-5-21-530700673-802275041-1869102837-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-530700673-802275041-1869102837-503 - Limited - Disabled) Gäst (S-1-5-21-530700673-802275041-1869102837-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-530700673-802275041-1869102837-1003 - Limited - Enabled) Kristina (S-1-5-21-530700673-802275041-1869102837-1001 - Administrator - Enabled) => C:\Users\Kristina ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software) BankID säkerhetsprogram (HKLM-x32\...\{77B5BCDC-5496-48DA-8B16-5EE2AF08CA31}) (Version: 7.2.1.1 - Finansiell ID-Teknik BID AB) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) SafeZone Stable 1.51.2220.53 (x32 Version: 1.51.2220.53 - Avast Software) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.0 - Synaptics Incorporated) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-530700673-802275041-1869102837-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-530700673-802275041-1869102837-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0BE41FE7-26F0-4245-A078-8662144615E1} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-09-20] (Microsoft Corporation) Task: {1900A2ED-DED5-4AA6-99DC-959CA83394E9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-21] (AVAST Software) Task: {245D897D-BAD3-4BA2-BDFA-30DA88CAE8E9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-09-21] (Microsoft Corporation) Task: {3AB389C3-AEF7-403F-825A-2066343A41F1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe [2016-09-20] (Adobe Systems Incorporated) Task: {412186F1-9E53-4CBE-B098-AE709C401F61} - System32\Tasks\{0FC3EE4B-CCE1-4DAF-A40F-CAD35D34374C} => pcalua.exe -a C:\WINDOWS\bdc67a9ae43eebef961d4d26dc72a52e.exe Task: {4AC45687-F692-40B7-8DA5-B6E17F6C469B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-20] (Adobe Systems Incorporated) Task: {A020A3BA-1909-4F5E-ADB5-3CAD31643999} - System32\Tasks\SafeZone scheduled Autoupdate 1474493189 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software) Task: {A70084BB-CD53-4589-B257-F9707B678774} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20] (Google Inc.) Task: {EB8B2CAD-F637-4126-A971-A7F7B0ADD8F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-20] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-07-15 17:33 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-07-15 17:33 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-09-20 18:17 - 2016-09-20 18:17 - 01864384 _____ () C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll 2016-04-20 13:08 - 2016-04-20 13:09 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-01-21 20:36 - 2016-01-21 20:36 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-15 17:35 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-07-15 17:33 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-07-15 17:33 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-07-15 17:33 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-07-15 17:33 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-09-21 23:22 - 2016-09-21 23:22 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-09-21 23:26 - 2016-09-21 23:26 - 03114776 _____ () C:\Program Files\AVAST Software\Avast\defs\16092104\algo.dll 2016-09-21 23:22 - 2016-09-21 23:22 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-04-20 13:08 - 2016-04-20 13:09 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-20 13:08 - 2016-04-20 13:09 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-09-20 18:17 - 2016-09-20 18:17 - 01383616 _____ () C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll 2016-09-20 18:17 - 2016-09-20 18:17 - 00118976 _____ () C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll 2016-09-21 23:22 - 2016-09-21 23:22 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-05 20:36 - 2016-09-20 18:48 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-530700673-802275041-1869102837-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kristina\Desktop\4k-lake-wallpaper-34.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: PNRPAutoReg => 3 ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{7D9CF79F-2D77-40EF-BC58-14415C83C78C}] => (Allow) C:\Users\Kristina\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{3C39B460-2B5C-490E-93F0-13187636310A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 29-08-2016 11:15:22 Schemalagd kontrollpunkt 06-09-2016 16:00:33 Schemalagd kontrollpunkt 11-09-2016 08:56:35 Uniblue PC Mechanic installation 11-09-2016 09:01:15 WinZip Registry Optimizer Restore Point (09/11/16) 11-09-2016 10:29:06 Återställningsåtgärd 20-09-2016 18:04:26 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/21/2016 11:24:26 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll. Den beroende sammansättningen Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" kunde inte hittas. Använd sxstrace.exe om du vill diagnostisera ytterligare. Error: (09/21/2016 07:29:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Felet uppstod i programmet med namn: esetonlinescanner_enu.exe, version 2.0.12.0, tidsstämpel 0x57ac3e59 , felet uppstod i modulen med namn: esetonlinescanner_enu.exe, version 2.0.12.0, tidsstämpel 0x57ac3e59 Undantagskod: 0xc0000005 Felförskjutning: 0x000361d1 Process-ID: 0x13dc Programmets starttid: 0x01d21426c478658d Sökväg till program: C:\Users\Kristina\Downloads\esetonlinescanner_enu.exe Sökväg till modul: C:\Users\Kristina\Downloads\esetonlinescanner_enu.exe Rapport-ID: df2e35ff-8925-4787-aaa5-d89023f251fa Fullständigt namn på felaktigt paket: Program-ID relativt till felaktigt paket: Error: (09/21/2016 05:56:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Felet uppstod i programmet med namn: esetonlinescanner_enu.exe, version 2.0.12.0, tidsstämpel 0x57ac3e59 , felet uppstod i modulen med namn: esetonlinescanner_enu.exe, version 2.0.12.0, tidsstämpel 0x57ac3e59 Undantagskod: 0xc0000005 Felförskjutning: 0x001a3524 Process-ID: 0xee8 Programmets starttid: 0x01d2141989677603 Sökväg till program: C:\Users\Kristina\Downloads\esetonlinescanner_enu.exe Sökväg till modul: C:\Users\Kristina\Downloads\esetonlinescanner_enu.exe Rapport-ID: bb473be3-71e4-4306-8cdc-5aa9b83dd826 Fullständigt namn på felaktigt paket: Program-ID relativt till felaktigt paket: Error: (09/21/2016 05:03:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Felet uppstod i programmet med namn: esetonlinescanner_enu.exe, version 2.0.12.0, tidsstämpel 0x57ac3e59 , felet uppstod i modulen med namn: esetonlinescanner_enu.exe, version 2.0.12.0, tidsstämpel 0x57ac3e59 Undantagskod: 0xc0000005 Felförskjutning: 0x001a3524 Process-ID: 0x12a4 Programmets starttid: 0x01d21410a273e920 Sökväg till program: C:\Users\Kristina\Downloads\esetonlinescanner_enu.exe Sökväg till modul: C:\Users\Kristina\Downloads\esetonlinescanner_enu.exe Rapport-ID: beaaf7f3-a388-43e3-a779-891e59fc010b Fullständigt namn på felaktigt paket: Program-ID relativt till felaktigt paket: Error: (09/21/2016 08:06:51 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEMMA) Description: Aktiveringen av appen Microsoft.Windows.Photos_8wekyb3d8bbwe!App misslyckades med felet: -2144927141 Mer information finns i loggen Microsoft-Windows-TWinUI/Operational. Error: (09/20/2016 08:29:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEMMA) Description: Aktiveringen av appen Microsoft.Windows.Photos_8wekyb3d8bbwe!App misslyckades med felet: -2144927141 Mer information finns i loggen Microsoft-Windows-TWinUI/Operational. Error: (09/20/2016 07:31:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HEMMA) Description: Aktiveringen av appen Microsoft.WindowsMaps_8wekyb3d8bbwe!App misslyckades med felet: -2144927148 Mer information finns i loggen Microsoft-Windows-TWinUI/Operational. Error: (09/20/2016 06:55:58 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Program Files\AVAST Software\Avast\setup\iplugins\IStats.dll. Den beroende sammansättningen Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" kunde inte hittas. Använd sxstrace.exe om du vill diagnostisera ytterligare. Error: (09/20/2016 06:04:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Åtkomst nekad. . Error: (09/11/2016 10:49:53 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: Öppningsproceduren BITS i DLL-filen C:\Windows\System32\bitsperf.dll kunde inte utföras. Prestandadata för den här tjänsten kommer inte att vara tillgängliga. Felkoden anges av datasektionens första fyra byte (DWORD). System errors: ============= Error: (09/21/2016 11:48:05 PM) (Source: ACPI) (EventID: 13) (User: ) Description: : Den inbäddade styrenheten (EC) svarade inte inom den tidsgräns som angetts. Detta kan bero på att det finns fel i styrenhetens maskinvara eller i den inbyggda programvaran, eller att BIOS använder styrenheten felaktigt. Du bör be datortillverkaren om en BIOS-uppgradering. I vissa fall kan det här felet orsaka att datorn inte fungerar som den ska. Error: (09/21/2016 11:47:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten User Data Storage_54c95 skulle ansluta. Error: (09/21/2016 11:47:37 PM) (Source: DCOM) (EventID: 10010) (User: HEMMA) Description: Servern {F9717507-6651-4EDB-BFF7-AE615179BCCF} registrerades inte med DCOM inom erforderlig timeout. Error: (09/21/2016 11:47:37 PM) (Source: DCOM) (EventID: 10010) (User: HEMMA) Description: Servern {F9717507-6651-4EDB-BFF7-AE615179BCCF} registrerades inte med DCOM inom erforderlig timeout. Error: (09/21/2016 11:47:37 PM) (Source: DCOM) (EventID: 10010) (User: HEMMA) Description: Servern {F9717507-6651-4EDB-BFF7-AE615179BCCF} registrerades inte med DCOM inom erforderlig timeout. Error: (09/21/2016 11:47:37 PM) (Source: DCOM) (EventID: 10010) (User: HEMMA) Description: Servern {F9717507-6651-4EDB-BFF7-AE615179BCCF} registrerades inte med DCOM inom erforderlig timeout. Error: (09/21/2016 11:47:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten User Data Access_54c95 avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 10000 millisekunder: Starta om tjänsten. Error: (09/21/2016 11:47:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten User Data Storage_54c95 avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 10000 millisekunder: Starta om tjänsten. Error: (09/21/2016 11:47:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Contact Data_54c95 avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 10000 millisekunder: Starta om tjänsten. Error: (09/21/2016 11:47:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Synkroniseringsvärd_54c95 avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 10000 millisekunder: Starta om tjänsten. CodeIntegrity: =================================== Date: 2016-09-21 10:59:39.639 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-09-20 18:07:21.281 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-17 03:36:55.146 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-16 14:53:56.177 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-07-17 03:38:45.349 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-07-15 18:19:09.973 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-25 16:02:12.574 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-18 03:35:32.863 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-18 03:33:53.327 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-17 22:07:19.119 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel® Celeron® CPU N2840 @ 2.16GHz Percentage of memory in use: 52% Total physical RAM: 3979.21 MB Available physical RAM: 1898.96 MB Total Virtual: 4683.21 MB Available Virtual: 2688.42 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:890.34 GB) (Free:848.94 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.12 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 4DC2C9A2) Partition: GPT. ==================== End of Addition.txt ============================
  11. Neej......trodde den skulle bli helt klar nu men det stoppades ändå fast virusprog är avinstallerat. Det går inte, kan det vara Win defender?
×
×
  • Skapa nytt...