Just nu i M3-nätverket
Gå till innehåll

bmhson

Medlem
  • Antal inlägg

    2 297
  • Gick med

  • Senaste besök

  1. Tack för all hjälp. OM det var något med mina gamla kablar, så kanske jag klarar mig. Annars får jag baxa ut den till bilen och köra iväg med den. Dom fixar det säkert. Det är jag som har så dålig rygg.. När jag försökte avinstallera gick det bra med AvdCleaner, men det verkar inte gå att få bort ESET och jag hittar en folder som heter FRST-OlderVersion och som innehåller FRST-64.exe Jag har försökt med OTC 2 gånger, med omstart emellan, men.. dom finns kvar. Dom ligger ju i C/Användare o s v. Kan jag inte bara ta bort .exefilerna där? Dom här programmen finns ju inte bland program i kontrollpanelen. Britt-Marie
  2. Tack för svaren Men datorn är ju NY, så då kan det väl inte vara överhettning? Den stängde ju oftast av sig när jag inte gjorde något alls? Och överhettning går väl över på några timmar? Det andra du föreslog innebär väl att jag blir tvungen att kånka iväg med datorn till säljaren. Jag tror mer på att det är något sånt. När den hade varit avstängd och rent fysiskt frånkopplad i flera dar så har den ju startat sen. Jag hoppas det inte händer igen, men jag hade tydligen ingen nytta av "din" logg. Det är ju bra att veta. Tack för all hjälp Britt-Marie
  3. Hej Jag fick stopp i8 avloppet i badrummet i går, så jag fick annat att tänka på, men här kommer loggen med kommentrer, bifogat som en Wordfil. Logg med kommentarer.docx
  4. Jag går igenom attach.txt under helgen och markerar vad jag tänkte på. Datorn är byggd av, vad jag valde att kalla, "PC-affären". Dom byggde även min gamla XP-dator, som jag höll liv i under10 år. Jag har redan fått problem med att det inte går att uppdatera "något" - måste kolla vad det hette. Det var inte en s k viktig uppdatering, men ändå.. Jag återkommer om det efter helgen. Här kommer fixlog.txt Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2014 Ran by Britt-Marie at 2014-05-02 16:33:32 Run:2 Running from C:\Users\Britt-Marie\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Extension: ddownlloadItkeepi - C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\Extensions\nipckqe7@cpkb-uf.com [2014-04-18] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION Snap.Do (HKLM-x32\...\{923521CE-BCFD-4EDC-B755-798350C984DF}) (Version: 11.62.1.16545 - ReSoft Ltd.) <==== ATTENTION WOwCouaPOn (HKLM-x32\...\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}) (Version: - WowCeouupone) <==== ATTENTION MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Britt-Marie\AppData\Local\Smartbar\Application\SnapDo.exe startup MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe ***************** HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully. C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\Extensions\nipckqe7@cpkb-uf.com not found. HKLM\SOFTWARE\Policies\Google => Key deleted successfully. "C:\Users\Britt-Marie\AppData\Local\Smartbar\Application\SnapDo.exe startup" => File/Directory not found. ==== End of Fixlog ====
  5. Hej igen Jag skickade fixfilen, men den ser inte ut att ha kommit fram? Jag hade båda filerna i FRST på samma ställe - det sa programmet till om:) Kan du instruera mig hur jag får bort Chromefilerna, eller ska jag installera Chrome igen och sen försöka få bort tilläggen från den sidan du länkade till? Innan jag avinstallerar från Kontrollpanelen, för jag vill inte ha den. Det ser fint ut nu, i både IE och FF. Inga understrukna ord eller andra konstigheter. Tack så mycket för hjälpen. Jag ska leta reda på var/hur jag kan ge dig kred för det. Ni har ändrat på mycket i E-forum sen jag var aktiv mer.. En fråga till förresten: Av den senaste Attach.txt ser t o m jag, som inte begriper särsklit mycket, att det finns konflikter som antagligen bör göras något åt. Är det OK att jag skickar loggarna till min PC-affär? Ha en riktigt skön helg Britt-Marie
  6. Lite svar först:Jag har inte Chrome. Så fort jag märkte att det hade följt med något annat program avinstallerade jag det via Kontrollpanelen. Jag valde från början att inte Köra några program direkt utan alltid spara först. Därför har jag inget val som gäller skrivbordet. När jag har följt dina anvisningar har jag startat från Hämtade filer och så snart som möjligt stängt Utforskaren. Jag kan skapa en genväg till skrivbordet om det gör någon skillnad för din del?? Först använde jag Adblock Plus och var nöjd med det, men SHB:s säkerhetsprogram gillade inte det så jag kom inte in på deras säkra sidor. Därför inaktiverade jag det och provade de andra 2. Men med det här AdWare/Malware skräpet som jag har fått så vet jag inte hur dom fungerar - om dom fungerar. Det är därför det ser ut som det gör. Min tanke var att i värsta fall återgå till Adblock Plus och inaktivera det när jag gör bankärenden. Har du några bra råd? Flashblock är väl inte samma sort som Adblock? Downloaditkeep.. har jag tagit bort. Som jag skrev från början är det en ny dator och jag har inte fått till allt som jag vill ha det ännu. Den förra var en XP-dator, så det är mycket som är olika. Jag ska inaktivera några av tilläggen, men då försvinner allt det som jag har skrivit här - omstart av FF krävs. skickar det här och sen kör jag FRST igen och bifogar i ett nytt svar. Britt-Marie
  7. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014 Ran by Britt-Marie (administrator) on HEMMINGSON-PC on 02-05-2014 10:52:22 Running from C:\Users\Britt-Marie\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: Swedish Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Foxit Corporation) C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe () C:\Windows\SysWOW64\PSIService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.) HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation) HKLM-x32\...\Run: [super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-09-09] (MSI) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-430143361-1057317637-3927270625-1000\...\MountPoints2: {cb2fe8ed-b296-11e3-bc42-448a5b5cb6a2} - H:\LaunchU3.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAA20EE499A3FCF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: Inloggningshjälp för Microsoft-konto - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB) FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml FF Extension: ddownlloadItkeepi - C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\Extensions\nipckqe7@cpkb-uf.com [2014-04-18] FF Extension: Simple Adblock - C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\Extensions\simpleadblock@wips.com.xpi [2014-04-08] FF Extension: Flash Block - C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\Extensions\{95ab36d4-fb6f-47b0-8b8d-e5f3bd547953}.xpi [2014-04-08] FF Extension: Ads no more - C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a2}.xpi [2014-04-08] FF Extension: Adblock Plus - C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-26] Chrome: ======= CHR HomePage: hxxp://www.google.com CHR StartupUrls: "hxxp://www.google.com" CHR Extension: (Google Dokument) - C:\Users\Britt-Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26] CHR Extension: (Google Drive) - C:\Users\Britt-Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26] CHR Extension: (YouTube) - C:\Users\Britt-Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26] CHR Extension: (ddownlloadItkeepi) - C:\Users\Britt-Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cblcdloleiipeadapklblkhhkdmficmi [2014-04-18] CHR Extension: (S\xC3\xB6k p\xC3\xA5 Google) - C:\Users\Britt-Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26] CHR Extension: (Google Wallet) - C:\Users\Britt-Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26] CHR Extension: (Gmail) - C:\Users\Britt-Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2211000 2014-03-30] (Microsoft Corporation) R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation) S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] () S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI) R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] () ==================== Drivers (Whitelisted) ==================== R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] () R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] () R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI) S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-28] (Todos Data System AB) S4 IObitUnlocker; \??\C:\Program Files (x86)\Outlook Express\IO\IObitUnlocker.sys [X] S3 MSICDSetup; \??\D:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-02 10:52 - 2014-05-02 10:52 - 00014284 _____ () C:\Users\Britt-Marie\Downloads\FRST.txt 2014-05-02 10:51 - 2014-05-02 10:51 - 00000000 ____D () C:\Users\Britt-Marie\Downloads\FRST-OlderVersion 2014-05-01 21:11 - 2014-05-01 21:11 - 00000000 __SHD () C:\Users\Britt-Marie\AppData\Local\EmieUserList 2014-05-01 21:11 - 2014-05-01 21:11 - 00000000 __SHD () C:\Users\Britt-Marie\AppData\Local\EmieSiteList 2014-05-01 20:37 - 2014-05-02 10:52 - 00000000 ____D () C:\FRST 2014-05-01 20:36 - 2014-05-02 10:51 - 02062336 _____ (Farbar) C:\Users\Britt-Marie\Downloads\FRST64.exe 2014-05-01 18:32 - 2014-05-01 18:32 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-01 18:31 - 2014-05-01 18:31 - 02347384 _____ (ESET) C:\Users\Britt-Marie\Downloads\esetsmartinstaller_enu.exe 2014-05-01 11:52 - 2014-05-01 20:34 - 00000000 ____D () C:\AdwCleaner 2014-05-01 11:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-01 11:47 - 2014-05-01 11:47 - 01310621 _____ () C:\Users\Britt-Marie\Downloads\adwcleaner.exe 2014-05-01 11:14 - 2014-05-01 11:14 - 00688992 ____R (Swearware) C:\Users\Britt-Marie\Downloads\dds.scr 2014-04-29 11:16 - 2014-04-29 11:16 - 00000000 ___HD () C:\ProgramData\CanonIJScan 2014-04-28 17:59 - 2014-04-28 17:59 - 03318275 _____ () C:\Users\Britt-Marie\Downloads\taggonnie.rar 2014-04-27 17:02 - 2014-04-27 17:02 - 00002050 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk 2014-04-27 17:02 - 2014-04-27 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2014-04-27 17:02 - 2014-04-27 17:02 - 00000000 ____D () C:\Program Files (x86)\FOXIT SOFTWARE 2014-04-23 13:19 - 2014-05-01 18:19 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-04-23 13:19 - 2014-05-01 18:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-04-23 13:19 - 2014-05-01 10:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-04-23 13:15 - 2014-04-23 13:15 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-23 13:15 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-23 13:15 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-23 03:00 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-23 03:00 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-23 03:00 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-23 03:00 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-23 03:00 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-23 03:00 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-23 03:00 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-23 03:00 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-23 03:00 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-23 03:00 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-23 03:00 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-23 03:00 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-23 03:00 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-23 03:00 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-23 03:00 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-23 03:00 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-23 03:00 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-23 03:00 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-23 03:00 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-23 03:00 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-23 03:00 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-23 03:00 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-23 03:00 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-23 03:00 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-23 03:00 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-23 03:00 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-23 03:00 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-23 03:00 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-23 03:00 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-23 03:00 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-23 03:00 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-23 03:00 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-23 03:00 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-23 03:00 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-23 03:00 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-23 03:00 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-23 03:00 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-23 03:00 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-23 03:00 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-23 03:00 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-23 03:00 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-23 03:00 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-23 03:00 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-23 03:00 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-23 03:00 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-23 03:00 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-23 03:00 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-23 03:00 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-22 18:41 - 2014-05-01 21:31 - 00005066 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Hemmingson-PC-Britt-Marie Hemmingson-PC 2014-04-19 13:30 - 2014-04-19 13:30 - 84916596 _____ () C:\Users\Britt-Marie\Downloads\Windows 7 Teach Yourself Visually.rar 2014-04-18 12:41 - 2014-04-18 12:41 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Local\Packages 2014-04-16 15:29 - 2014-04-16 15:29 - 00626687 _____ () C:\Users\Britt-Marie\Downloads\Vase_margot_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:29 - 00616631 _____ () C:\Users\Britt-Marie\Downloads\Champain_design_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 01063861 _____ () C:\Users\Britt-Marie\Downloads\Jarre_raisins_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 01036444 _____ () C:\Users\Britt-Marie\Downloads\Perfume_bottle_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00824604 _____ () C:\Users\Britt-Marie\Downloads\Jarres_bourgeons_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00554983 _____ () C:\Users\Britt-Marie\Downloads\Jonquilles©Cesenov_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00405164 _____ () C:\Users\Britt-Marie\Downloads\Ikebana_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00398361 _____ () C:\Users\Britt-Marie\Downloads\Strange_tea_set_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00320740 _____ () C:\Users\Britt-Marie\Downloads\Vase_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00220734 _____ () C:\Users\Britt-Marie\Downloads\Arums_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00153121 _____ () C:\Users\Britt-Marie\Downloads\Design_CibiBijoux.rar 2014-04-10 14:45 - 2014-04-10 14:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BankID säkerhetsprogram 2014-04-10 14:45 - 2014-04-10 14:45 - 00000000 ____D () C:\Program Files (x86)\BankID 2014-04-10 14:44 - 2014-04-10 14:44 - 09091464 _____ () C:\Users\Britt-Marie\Downloads\BankID_installation_5_1_3.exe 2014-04-10 13:41 - 2014-04-26 13:14 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Roaming\BankID 2014-04-10 13:39 - 2014-04-10 13:39 - 08795208 _____ () C:\Users\Britt-Marie\Downloads\BankID_installation_5_1_4.exe 2014-04-10 10:02 - 2014-04-10 10:02 - 00000000 ____D () C:\Windows\MSSecurityNS 2014-04-10 10:02 - 2014-04-10 10:02 - 00000000 ____D () C:\Windows\MSSecurityNi 2014-04-10 10:02 - 2014-04-10 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Color Efex Pro 3.0 Complete 2014-04-09 10:01 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 10:01 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-09 10:01 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-09 10:01 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-09 10:01 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-09 10:01 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-09 10:01 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-09 10:01 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-09 10:01 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-09 10:01 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-09 10:01 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-09 10:01 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 10:01 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 10:01 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 10:01 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 10:01 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-09 10:01 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-06 15:57 - 2014-04-30 14:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-04-06 15:57 - 2014-04-06 15:57 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2014-04-06 15:57 - 2014-04-06 15:57 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-04-06 15:02 - 2014-04-06 15:03 - 00001626 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5 Textures Manual.lnk 2014-04-06 15:00 - 2014-04-06 15:01 - 00001602 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5 Nature Manual.lnk 2014-04-06 14:58 - 2014-04-06 14:58 - 00001682 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5 Impact Manual.lnk 2014-04-06 14:56 - 2014-04-06 14:56 - 00001415 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5.0 Textures Manual.lnk 2014-04-06 14:47 - 2014-04-06 14:47 - 00000000 ____D () C:\Program Files (x86)\Alien Skin 2014-04-06 14:23 - 2014-04-06 14:24 - 00001365 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xenofex 2 Manual.lnk 2014-04-06 13:35 - 2014-04-06 13:35 - 04470221 _____ () C:\Users\Britt-Marie\Downloads\FlamingPearFlexify.zip 2014-04-06 13:35 - 2014-04-06 13:35 - 02403900 _____ () C:\Users\Britt-Marie\Downloads\FlamingPearFlood.zip 2014-04-06 13:35 - 2014-04-06 13:35 - 00080450 _____ () C:\Users\Britt-Marie\Downloads\FlamingPearOrnament-100.zip 2014-04-06 12:24 - 2014-04-06 12:24 - 00912930 _____ () C:\Users\Britt-Marie\Downloads\bettybronze.pspimage 2014-04-06 10:21 - 2014-04-06 10:21 - 00001322 _____ () C:\Users\Britt-Marie\Desktop\FontViewer.exe - genväg.lnk 2014-04-06 10:18 - 2014-04-06 10:18 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Roaming\AMPSoft 2014-04-06 10:17 - 2008-11-15 13:23 - 01009664 _____ (Alberto Martínez Pérez) C:\Users\Britt-Marie\FontViewer.exe 2014-04-06 10:08 - 2014-04-06 10:08 - 00001167 _____ () C:\Users\Britt-Marie\Desktop\RadioSure.lnk 2014-04-06 10:08 - 2014-04-06 10:08 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RadioSure 2014-04-06 10:08 - 2014-04-06 10:08 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Local\RadioSure 2014-04-05 21:44 - 2014-04-05 21:44 - 10689696 _____ (Irfan Skiljan) C:\Users\Britt-Marie\Downloads\irfanview_plugins_437_setup.exe 2014-04-05 21:44 - 2014-04-05 21:44 - 01883792 _____ (Irfan Skiljan) C:\Users\Britt-Marie\Downloads\iview437_setup.exe 2014-04-05 21:28 - 2014-04-11 19:56 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Roaming\Alien Skin 2014-04-05 14:16 - 2014-04-05 14:23 - 00000000 ____D () C:\Program Files (x86)\Eye Candy 4000 2014-04-05 14:16 - 2014-04-05 14:16 - 00000848 _____ () C:\Program Files (x86)\INSTALL.LOG 2014-04-05 14:16 - 2001-04-10 14:30 - 00001949 _____ () C:\Program Files (x86)\Alien Skinformation.html 2014-04-05 14:16 - 2001-04-02 16:31 - 00550602 _____ () C:\Program Files (x86)\EyeCand3.8bf 2014-04-05 14:16 - 2001-04-02 16:22 - 00409600 _____ () C:\Program Files (x86)\EC3-ENG.8BF 2014-04-05 14:16 - 1999-09-21 14:19 - 00373248 _____ () C:\Windows\EyeCand3.INI 2014-04-05 14:16 - 1999-06-25 10:56 - 00127184 _____ () C:\Program Files (x86)\UNWISE.EXE 2014-04-05 14:08 - 2014-04-05 14:08 - 19020970 _____ () C:\Users\Britt-Marie\Downloads\Eye Candy 3.01.zip 2014-04-05 12:44 - 2014-04-05 12:44 - 00000000 ____D () C:\Program Files (x86)\SuperBladePro 2014-04-05 12:20 - 2014-04-05 12:20 - 09377847 _____ () C:\Users\Britt-Marie\Downloads\flamingpearfreebies.zip 2014-04-05 12:20 - 2014-04-05 12:20 - 08687353 _____ () C:\Users\Britt-Marie\Downloads\flaming_pear_superbladepro_1.70.zip 2014-04-05 12:20 - 2014-04-05 12:20 - 02708840 _____ () C:\Users\Britt-Marie\Downloads\flexify_2.zip 2014-04-05 12:20 - 2014-04-05 12:20 - 00784698 _____ () C:\Users\Britt-Marie\Downloads\flood_1.30.zip 2014-04-04 16:40 - 2014-04-04 16:40 - 00000000 ____D () C:\ProgramData\Lucis 2014-04-03 14:48 - 2014-04-29 11:16 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Roaming\Canon 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu 2014-04-03 14:40 - 2014-05-01 22:22 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-04-03 14:29 - 2014-04-03 14:29 - 00002021 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2400 series användarregistrering 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\CanonIJWSpt 2014-04-03 14:29 - 2013-02-04 15:10 - 00321536 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_BWL.dll 2014-04-03 14:29 - 2012-11-09 10:41 - 00088064 _____ () C:\Windows\SysWOW64\CNC176CD.TBL 2014-04-03 14:29 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll 2014-04-03 14:27 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-04-03 14:26 - 2014-04-03 14:26 - 00002358 _____ () C:\Users\Public\Desktop\Canon MG2400 series On-screen Handbok.lnk 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ___HD () C:\Program Files\CanonBJ 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2400 series Manual 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\Program Files\Canon 2014-04-03 14:24 - 2014-04-03 14:29 - 00000000 ____D () C:\Program Files (x86)\Canon 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-04-03 14:24 - 2013-03-24 05:00 - 00391168 _____ (CANON INC.) C:\Windows\system32\CNMLMBW.DLL 2014-04-03 14:24 - 2013-02-04 15:12 - 00367104 _____ (CANON INC.) C:\Windows\system32\CNC_BWL.dll 2014-04-03 14:24 - 2012-11-09 10:41 - 00088064 _____ () C:\Windows\system32\CNC176CD.TBL 2014-04-03 14:24 - 2012-11-08 13:04 - 00282624 _____ (CANON INC.) C:\Windows\system32\CNC_BWC.dll 2014-04-03 14:24 - 2012-11-08 13:03 - 00106496 _____ (CANON INC.) C:\Windows\system32\CNC_BWI.dll 2014-04-03 14:24 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll ==================== One Month Modified Files and Folders ======= 2014-05-02 10:52 - 2014-05-02 10:52 - 00014284 _____ () C:\Users\Britt-Marie\Downloads\FRST.txt 2014-05-02 10:52 - 2014-05-01 20:37 - 00000000 ____D () C:\FRST 2014-05-02 10:51 - 2014-05-02 10:51 - 00000000 ____D () C:\Users\Britt-Marie\Downloads\FRST-OlderVersion 2014-05-02 10:51 - 2014-05-01 20:36 - 02062336 _____ (Farbar) C:\Users\Britt-Marie\Downloads\FRST64.exe 2014-05-02 10:42 - 2014-03-26 20:37 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-01 22:22 - 2014-04-03 14:40 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-05-01 21:31 - 2014-04-22 18:41 - 00005066 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Hemmingson-PC-Britt-Marie Hemmingson-PC 2014-05-01 21:27 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-01 21:27 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-01 21:25 - 2011-04-12 16:28 - 00663802 _____ () C:\Windows\system32\perfh01D.dat 2014-05-01 21:25 - 2011-04-12 16:28 - 00142602 _____ () C:\Windows\system32\perfc01D.dat 2014-05-01 21:25 - 2009-07-14 07:13 - 01580482 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-01 21:24 - 2014-03-14 16:21 - 01069908 _____ () C:\Windows\WindowsUpdate.log 2014-05-01 21:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-01 21:20 - 2009-07-14 06:51 - 00064250 _____ () C:\Windows\setupact.log 2014-05-01 21:11 - 2014-05-01 21:11 - 00000000 __SHD () C:\Users\Britt-Marie\AppData\Local\EmieUserList 2014-05-01 21:11 - 2014-05-01 21:11 - 00000000 __SHD () C:\Users\Britt-Marie\AppData\Local\EmieSiteList 2014-05-01 20:34 - 2014-05-01 11:52 - 00000000 ____D () C:\AdwCleaner 2014-05-01 18:32 - 2014-05-01 18:32 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-01 18:31 - 2014-05-01 18:31 - 02347384 _____ (ESET) C:\Users\Britt-Marie\Downloads\esetsmartinstaller_enu.exe 2014-05-01 18:19 - 2014-04-23 13:19 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-05-01 18:19 - 2014-04-23 13:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-05-01 18:19 - 2014-03-17 13:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-01 18:19 - 2010-11-21 05:47 - 00203204 _____ () C:\Windows\PFRO.log 2014-05-01 12:36 - 2014-03-18 17:00 - 00000000 ____D () C:\Users\Britt-Marie\Documents\My PSP Files 2014-05-01 11:47 - 2014-05-01 11:47 - 01310621 _____ () C:\Users\Britt-Marie\Downloads\adwcleaner.exe 2014-05-01 11:14 - 2014-05-01 11:14 - 00688992 ____R (Swearware) C:\Users\Britt-Marie\Downloads\dds.scr 2014-05-01 10:51 - 2014-04-23 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-05-01 10:36 - 2014-03-26 16:48 - 00007692 _____ () C:\Users\Britt-Marie\AppData\Roaming\mainhst.zgh 2014-04-30 14:06 - 2014-04-06 15:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-04-30 13:22 - 2014-03-17 13:11 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Local\Thunderbird 2014-04-29 16:44 - 2014-03-26 20:37 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-29 16:44 - 2014-03-17 16:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-29 16:44 - 2014-03-17 16:19 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-29 11:16 - 2014-04-29 11:16 - 00000000 ___HD () C:\ProgramData\CanonIJScan 2014-04-29 11:16 - 2014-04-03 14:48 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Roaming\Canon 2014-04-28 17:59 - 2014-04-28 17:59 - 03318275 _____ () C:\Users\Britt-Marie\Downloads\taggonnie.rar 2014-04-28 10:37 - 2014-03-17 09:58 - 00079536 _____ () C:\Users\Britt-Marie\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-28 10:37 - 2009-07-14 06:45 - 00348648 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-27 17:02 - 2014-04-27 17:02 - 00002050 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk 2014-04-27 17:02 - 2014-04-27 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2014-04-27 17:02 - 2014-04-27 17:02 - 00000000 ____D () C:\Program Files (x86)\FOXIT SOFTWARE 2014-04-27 17:02 - 2014-03-26 16:32 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Roaming\Foxit Software 2014-04-26 13:14 - 2014-04-10 13:41 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Roaming\BankID 2014-04-23 13:15 - 2014-04-23 13:15 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-04-23 03:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-23 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-19 13:30 - 2014-04-19 13:30 - 84916596 _____ () C:\Users\Britt-Marie\Downloads\Windows 7 Teach Yourself Visually.rar 2014-04-19 11:54 - 2014-03-18 18:25 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Local\CrashDumps 2014-04-18 20:28 - 2014-03-14 16:21 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Local\VirtualStore 2014-04-18 12:41 - 2014-04-18 12:41 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Local\Packages 2014-04-17 13:31 - 2014-03-29 12:55 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Local\Corel 2014-04-17 13:28 - 2014-03-29 12:55 - 00000952 ___SH () C:\Windows\SysWOW64\KGyGaAvL.sys 2014-04-16 15:29 - 2014-04-16 15:29 - 00626687 _____ () C:\Users\Britt-Marie\Downloads\Vase_margot_CibiBijoux.rar 2014-04-16 15:29 - 2014-04-16 15:28 - 00616631 _____ () C:\Users\Britt-Marie\Downloads\Champain_design_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 01063861 _____ () C:\Users\Britt-Marie\Downloads\Jarre_raisins_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 01036444 _____ () C:\Users\Britt-Marie\Downloads\Perfume_bottle_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00824604 _____ () C:\Users\Britt-Marie\Downloads\Jarres_bourgeons_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00554983 _____ () C:\Users\Britt-Marie\Downloads\Jonquilles©Cesenov_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00405164 _____ () C:\Users\Britt-Marie\Downloads\Ikebana_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00398361 _____ () C:\Users\Britt-Marie\Downloads\Strange_tea_set_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00320740 _____ () C:\Users\Britt-Marie\Downloads\Vase_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00220734 _____ () C:\Users\Britt-Marie\Downloads\Arums_CibiBijoux.rar 2014-04-16 15:28 - 2014-04-16 15:28 - 00153121 _____ () C:\Users\Britt-Marie\Downloads\Design_CibiBijoux.rar 2014-04-14 04:24 - 2014-04-23 13:15 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-14 04:19 - 2014-04-23 13:15 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-11 19:56 - 2014-04-05 21:28 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Roaming\Alien Skin 2014-04-10 14:45 - 2014-04-10 14:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BankID säkerhetsprogram 2014-04-10 14:45 - 2014-04-10 14:45 - 00000000 ____D () C:\Program Files (x86)\BankID 2014-04-10 14:44 - 2014-04-10 14:44 - 09091464 _____ () C:\Users\Britt-Marie\Downloads\BankID_installation_5_1_3.exe 2014-04-10 14:10 - 2014-03-17 13:53 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-04-10 13:48 - 2014-03-17 16:15 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Local\Adobe 2014-04-10 13:41 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-10 13:39 - 2014-04-10 13:39 - 08795208 _____ () C:\Users\Britt-Marie\Downloads\BankID_installation_5_1_4.exe 2014-04-10 10:02 - 2014-04-10 10:02 - 00000000 ____D () C:\Windows\MSSecurityNS 2014-04-10 10:02 - 2014-04-10 10:02 - 00000000 ____D () C:\Windows\MSSecurityNi 2014-04-10 10:02 - 2014-04-10 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Color Efex Pro 3.0 Complete 2014-04-10 03:00 - 2014-03-14 17:42 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-10 03:00 - 2014-03-14 17:42 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-08 10:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-06 15:57 - 2014-04-06 15:57 - 00002098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2014-04-06 15:57 - 2014-04-06 15:57 - 00002086 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2014-04-06 15:03 - 2014-04-06 15:02 - 00001626 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5 Textures Manual.lnk 2014-04-06 15:01 - 2014-04-06 15:00 - 00001602 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5 Nature Manual.lnk 2014-04-06 14:58 - 2014-04-06 14:58 - 00001682 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5 Impact Manual.lnk 2014-04-06 14:56 - 2014-04-06 14:56 - 00001415 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5.0 Textures Manual.lnk 2014-04-06 14:47 - 2014-04-06 14:47 - 00000000 ____D () C:\Program Files (x86)\Alien Skin 2014-04-06 14:47 - 2014-03-18 16:59 - 00000000 ____D () C:\Program Files (x86)\Jasc Software Inc 2014-04-06 14:24 - 2014-04-06 14:23 - 00001365 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xenofex 2 Manual.lnk 2014-04-06 13:35 - 2014-04-06 13:35 - 04470221 _____ () C:\Users\Britt-Marie\Downloads\FlamingPearFlexify.zip 2014-04-06 13:35 - 2014-04-06 13:35 - 02403900 _____ () C:\Users\Britt-Marie\Downloads\FlamingPearFlood.zip 2014-04-06 13:35 - 2014-04-06 13:35 - 00080450 _____ () C:\Users\Britt-Marie\Downloads\FlamingPearOrnament-100.zip 2014-04-06 12:24 - 2014-04-06 12:24 - 00912930 _____ () C:\Users\Britt-Marie\Downloads\bettybronze.pspimage 2014-04-06 10:21 - 2014-04-06 10:21 - 00001322 _____ () C:\Users\Britt-Marie\Desktop\FontViewer.exe - genväg.lnk 2014-04-06 10:20 - 2014-03-14 16:21 - 00000000 ____D () C:\Users\Britt-Marie 2014-04-06 10:18 - 2014-04-06 10:18 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Roaming\AMPSoft 2014-04-06 10:08 - 2014-04-06 10:08 - 00001167 _____ () C:\Users\Britt-Marie\Desktop\RadioSure.lnk 2014-04-06 10:08 - 2014-04-06 10:08 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RadioSure 2014-04-06 10:08 - 2014-04-06 10:08 - 00000000 ____D () C:\Users\Britt-Marie\AppData\Local\RadioSure 2014-04-05 21:44 - 2014-04-05 21:44 - 10689696 _____ (Irfan Skiljan) C:\Users\Britt-Marie\Downloads\irfanview_plugins_437_setup.exe 2014-04-05 21:44 - 2014-04-05 21:44 - 01883792 _____ (Irfan Skiljan) C:\Users\Britt-Marie\Downloads\iview437_setup.exe 2014-04-05 14:23 - 2014-04-05 14:16 - 00000000 ____D () C:\Program Files (x86)\Eye Candy 4000 2014-04-05 14:16 - 2014-04-05 14:16 - 00000848 _____ () C:\Program Files (x86)\INSTALL.LOG 2014-04-05 14:08 - 2014-04-05 14:08 - 19020970 _____ () C:\Users\Britt-Marie\Downloads\Eye Candy 3.01.zip 2014-04-05 12:44 - 2014-04-05 12:44 - 00000000 ____D () C:\Program Files (x86)\SuperBladePro 2014-04-05 12:20 - 2014-04-05 12:20 - 09377847 _____ () C:\Users\Britt-Marie\Downloads\flamingpearfreebies.zip 2014-04-05 12:20 - 2014-04-05 12:20 - 08687353 _____ () C:\Users\Britt-Marie\Downloads\flaming_pear_superbladepro_1.70.zip 2014-04-05 12:20 - 2014-04-05 12:20 - 02708840 _____ () C:\Users\Britt-Marie\Downloads\flexify_2.zip 2014-04-05 12:20 - 2014-04-05 12:20 - 00784698 _____ () C:\Users\Britt-Marie\Downloads\flood_1.30.zip 2014-04-04 16:40 - 2014-04-04 16:40 - 00000000 ____D () C:\ProgramData\Lucis 2014-04-03 14:48 - 2014-04-03 14:48 - 00000000 ___HD () C:\ProgramData\CanonIJQuickMenu 2014-04-03 14:29 - 2014-04-03 14:29 - 00002021 _____ () C:\Users\Public\Desktop\Canon Quick Menu.lnk 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2400 series användarregistrering 2014-04-03 14:29 - 2014-04-03 14:29 - 00000000 ____D () C:\ProgramData\CanonIJWSpt 2014-04-03 14:29 - 2014-04-03 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-04-03 14:29 - 2014-04-03 14:24 - 00000000 ____D () C:\Program Files (x86)\Canon 2014-04-03 14:29 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media 2014-04-03 14:26 - 2014-04-03 14:26 - 00002358 _____ () C:\Users\Public\Desktop\Canon MG2400 series On-screen Handbok.lnk 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ___HD () C:\Program Files\CanonBJ 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2400 series Manual 2014-04-03 14:26 - 2014-04-03 14:26 - 00000000 ____D () C:\Program Files\Canon 2014-04-03 14:24 - 2014-04-03 14:24 - 00000000 ___HD () C:\ProgramData\CanonBJ Files to move or delete: ==================== C:\Users\Britt-Marie\FontViewer.exe Some content of TEMP: ==================== C:\Users\Britt-Marie\AppData\Local\Temp\Checkupdate.exe C:\Users\Britt-Marie\AppData\Local\Temp\devcon64.exe C:\Users\Britt-Marie\AppData\Local\Temp\Foxit Reader Updater.exe C:\Users\Britt-Marie\AppData\Local\Temp\Foxit Updater.exe C:\Users\Britt-Marie\AppData\Local\Temp\gcapi_dll.dll C:\Users\Britt-Marie\AppData\Local\Temp\gtapi_signed.dll C:\Users\Britt-Marie\AppData\Local\Temp\INST01.dll C:\Users\Britt-Marie\AppData\Local\Temp\INST011.dll C:\Users\Britt-Marie\AppData\Local\Temp\MSETUP4.EXE C:\Users\Britt-Marie\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-29 15:50 ==================== End Of Log ============================ Tyvärr hittar jag ingenstans att bifoga den andra loggen, så jag infogar den här istället. Mina ögon är inte så bra och efter att ha läst och letat efter dom filer du ville att jag skulle ta bort är dom ännu mer ansträngda.. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2014 Ran by Britt-Marie at 2014-05-02 10:52:41 Running from C:\Users\Britt-Marie\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Reader XI - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated) Alien Skin Eye Candy 5 Impact (HKLM-x32\...\EyeCandy5Impact) (Version: - ) Alien Skin Eye Candy 5 Nature (HKLM-x32\...\EyeCandy5Nature) (Version: - ) Alien Skin Eye Candy 5 Textures (HKLM-x32\...\EyeCandy5Textures) (Version: - ) Alien Skin Image Doctor 2 (HKLM-x32\...\Image Doctor 2) (Version: - ) Alien Skin Snap Art (HKLM-x32\...\Snap Art) (Version: - ) Alien Skin Xenofex 2.0 (HKLM-x32\...\Xenofex2) (Version: - ) BankID säkerhetsprogram (HKLM-x32\...\{2D6973ED-BBF2-434E-993C-37E05087B8C8}) (Version: 5.1.3.2 - Finansiell ID-Teknik BID AB) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.) Canon MG2400 series användarregistrering (HKLM-x32\...\Canon MG2400 series användarregistrering) (Version: - ‭Canon Inc.) Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.00 - Canon Inc.) Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.) Color Efex Pro 3.0 Complete (HKLM-x32\...\Color Efex Pro 3.0 Complete) (Version: 3.1.0.0 - Nik Software, Inc.) Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.010.0000 - Corel Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Eye Candy 3 (HKLM-x32\...\Eye Candy 3) (Version: - ) Eye Candy 4000 (HKLM-x32\...\Eye Candy 4000) (Version: - ) Filters Unlimited 2.0.3 (HKLM-x32\...\Filters Unlimited_is1) (Version: - ) FM Patcher 1.01 (HKLM-x32\...\FM Patcher_is1) (Version: - AFH Systems & The Plugin Site) Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation) Handelsbanken kortläsare (HKLM-x32\...\{D4C30AE2-EAFE-4E28-A3BA-7CF7485E23C4}) (Version: 1.00.0000 - Todos Data System AB) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation) Intel® Smart Connect Technology (HKLM\...\{462B48F4-B82B-4644-87D0-38648221F50F}) (Version: 4.2.40.2418 - Intel Corporation) Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden Jasc Animation Shop 3 (HKLM-x32\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc) Jasc Paint Shop Pro 9 (HKLM-x32\...\{F843C6A3-224D-4615-94F8-3C461BD9AEA0}) (Version: 9.00.0000 - Jasc Software Inc) Jasc Paint Shop Pro 9 20040928_12 Plugin Update Patch (HKLM-x32\...\Jasc Paint Shop Pro 9.00 Update Patch) (Version: - ) Jasc Paint Shop Pro 9.01 Patch (HKLM-x32\...\Jasc Paint Shop Pro 9.01 Patch) (Version: - ) Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden LucisArt 3.0.5 ED/SE (64-bit) (HKLM\...\{2FD27DF3-3BEF-48A1-8A87-378DA085E472}) (Version: 3.0.5.0 - Image Content Technology) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (SVE) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2013 - sv-se (HKLM\...\HomeStudentRetail - sv-se) (Version: 15.0.4605.1003 - Microsoft Corporation) Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation) Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 28.0 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 sv-SE)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) Mozilla Thunderbird 24.5.0 (x86 sv-SE) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 sv-SE)) (Version: 24.5.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4605.1003 - Microsoft Corporation) Hidden RadioSure (HKCU\...\RadioSure) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.) Snap.Do (HKLM-x32\...\{923521CE-BCFD-4EDC-B755-798350C984DF}) (Version: 11.62.1.16545 - ReSoft Ltd.) <==== ATTENTION Splat! 1.0 (HKLM-x32\...\Splat) (Version: - ) Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.020 - MSI) TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI) Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Virtual Painter 5 (for PSP) (HKLM-x32\...\Virtual Painter 5 (for PSP)) (Version: - ) WOwCouaPOn (HKLM-x32\...\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}) (Version: - WowCeouupone) <==== ATTENTION ZipGenius 6.3 (HKLM-x32\...\{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1) (Version: 6.3 - Wininizio.it Software) ==================== Restore Points ========================= 10-04-2014 01:00:10 Windows Update 10-04-2014 11:39:58 Installerad BankID säkerhetsprogram. 10-04-2014 12:37:06 Borttagen BankID säkerhetsprogram. 10-04-2014 12:45:02 Installerad BankID säkerhetsprogram. 13-04-2014 12:27:23 Windows Update 17-04-2014 09:33:25 Windows Update 22-04-2014 16:32:19 Windows Update 23-04-2014 01:00:10 Windows Update 23-04-2014 11:15:23 Windows Update 23-04-2014 11:18:44 Windows Update 23-04-2014 11:23:00 Windows Update 26-04-2014 23:26:11 Windows Update 30-04-2014 08:47:44 Windows Update 01-05-2014 08:50:56 Windows Update 01-05-2014 08:57:39 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {55F33B7C-CFF4-47F5-AD82-BC5C8DDF99FC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated) Task: {8FECCB61-1DFD-4281-82BC-EBB450ACBD25} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation) Task: {FB99F62C-9C22-404F-A544-4B63C483482A} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Hemmingson-PC-Britt-Marie Hemmingson-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-04-10] (Microsoft Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2014-03-17 13:53 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-03-17 13:53 - 2014-03-25 13:21 - 00629928 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll 2013-08-01 18:31 - 2013-08-01 18:31 - 00198120 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe 2013-08-01 18:31 - 2013-08-01 18:31 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll 2013-08-01 18:31 - 2013-08-01 18:31 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll 2014-03-14 18:57 - 2012-01-20 15:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll 2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 _____ () C:\Windows\SysWOW64\PSIService.exe 2014-03-14 16:32 - 2013-07-30 21:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-03-14 16:36 - 2013-09-16 21:20 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll 2014-04-10 14:09 - 2014-04-10 14:09 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll 2014-04-06 15:57 - 2014-04-30 14:06 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2014-04-06 15:57 - 2014-04-30 14:06 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2014-04-06 15:57 - 2014-04-30 14:06 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll 2014-03-29 14:47 - 2014-03-29 14:47 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-04-29 16:44 - 2014-04-29 16:44 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: IJPLMSVC => 2 MSCONFIG\Services: LPTSystemUpdater => 2 MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Britt-Marie\AppData\Local\Smartbar\Application\SnapDo.exe startup MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon MSCONFIG\startupreg: Corel File Shell Monitor => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel PhotoDownloader.exe" -startup MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/01/2014 09:22:47 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/01/2014 06:32:02 PM) (Source: SideBySide) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (05/01/2014 06:31:53 PM) (Source: SideBySide) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (05/01/2014 06:31:53 PM) (Source: SideBySide) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (05/01/2014 06:31:50 PM) (Source: SideBySide) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (05/01/2014 06:21:21 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/28/2014 10:39:08 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/26/2014 00:52:52 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/23/2014 01:11:04 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/23/2014 03:18:14 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (05/01/2014 10:57:57 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT instans) Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x80070103: Intel Corporation - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - Intel® HD Graphics. Error: (04/27/2014 05:02:27 PM) (Source: Service Control Manager) (User: ) Description: Tjänsten Foxit Cloud Safe Update Service är markerad som en interaktiv tjänst. Systemet är dock konfigurerat för att inte tillåta interaktiva tjänster. Tjänsten kommer kanske inte att fungera korrekt. Error: (04/26/2014 01:23:27 PM) (Source: SCardSvr) (User: ) Description: Enheten har tagits bort.Handelsbanken card reader 0GET_STATEXX XX XX XX Error: (04/26/2014 01:01:01 PM) (Source: Microsoft Antimalware) (User: ) Description: %NT instans60 stötte på ett fel när signaturer skulle uppdateras. Ny signaturversion: Föregående signaturversion: 1.173.419.0 Uppdateringskälla: %NT instans59 Uppdateringsfas: 4.5.0216.00 Källsökväg: 4.5.0216.01 Signaturtyp: %NT instans602 Uppdateringstyp: %NT instans604 Användare: NT instans\SYSTEM Aktuell motorversion: %NT instans605 Föregående motorversion: %NT instans606 Felkod: %NT instans607 Felbeskrivning: %NT instans608 Error: (04/23/2014 01:23:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT instans) Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x80070103: Intel Corporation - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - Intel® HD Graphics. Error: (04/23/2014 01:19:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT instans) Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x80070103: Intel Corporation - Graphics Adapter WDDM1.1, Graphics Adapter WDDM1.2, Graphics Adapter WDDM1.3 - Intel® HD Graphics. Error: (04/23/2014 09:08:21 AM) (Source: EventLog) (User: ) Description: Den senaste avstängningen av datorn vid 09:06:31 den ‎2014-‎04-‎23 skedde oväntat. Error: (04/20/2014 03:03:07 PM) (Source: EventLog) (User: ) Description: Den senaste avstängningen av datorn vid 15:02:00 den ‎2014-‎04-‎20 skedde oväntat. Error: (04/20/2014 10:41:02 AM) (Source: EventLog) (User: ) Description: Den senaste avstängningen av datorn vid 16:05:05 den ‎2014-‎04-‎19 skedde oväntat. Error: (04/19/2014 11:49:19 AM) (Source: Disk) (User: ) Description: Drivrutinen hittade ett styrenhetsfel på \Device\Harddisk2\DR2. Microsoft Office Sessions: ========================= Error: (05/01/2014 09:22:47 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/01/2014 06:32:02 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Britt-Marie\Downloads\esetsmartinstaller_enu.exe Error: (05/01/2014 06:31:53 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Britt-Marie\Downloads\esetsmartinstaller_enu.exe Error: (05/01/2014 06:31:53 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Britt-Marie\Downloads\esetsmartinstaller_enu.exe Error: (05/01/2014 06:31:50 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Britt-Marie\Downloads\esetsmartinstaller_enu.exe Error: (05/01/2014 06:21:21 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/28/2014 10:39:08 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/26/2014 00:52:52 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/23/2014 01:11:04 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/23/2014 03:18:14 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Percentage of memory in use: 22% Total physical RAM: 8072.42 MB Available physical RAM: 6258.75 MB Total Pagefile: 16143.02 MB Available Pagefile: 14346.57 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:223.47 GB) (Free:163.04 GB) NTFS Drive e: (Spardisk) (Fixed) (Total:465.76 GB) (Free:349.34 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E86A2F52) Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 224 GB) (Disk ID: DBEF84F6) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  8. Här är Adw cleaner # AdwCleaner v3.205 - Report created 01/05/2014 at 18:18:27 # Updated 28/04/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Britt-Marie - HEMMINGSON-PC # Running from : C:\Users\Britt-Marie\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** Service Deleted : 70e6ca8c ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files (x86)\Optimizer Pro Folder Deleted : C:\Program Files (x86)\PriceMeterLiveUpdate Folder Deleted : C:\Users\Britt-Marie\AppData\Local\LPT Folder Deleted : C:\Users\Britt-Marie\AppData\Local\PriceMeter Folder Deleted : C:\Users\Britt-Marie\AppData\Local\PriceMeterLiveUpdate Folder Deleted : C:\Users\Britt-Marie\AppData\Local\Smartbar Folder Deleted : C:\Users\BRITT-~1\AppData\Local\Temp\Smartbar Folder Deleted : C:\Users\Britt-Marie\AppData\LocalLow\Smartbar Folder Deleted : C:\Users\Britt-Marie\AppData\Roaming\OpenCandy Folder Deleted : C:\Users\Britt-Marie\AppData\Roaming\Optimizer Pro Folder Deleted : C:\Users\Britt-Marie\AppData\Roaming\PriceMeterUpdater Folder Deleted : C:\Users\Britt-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter Folder Deleted : C:\Users\Britt-Marie\Documents\Optimizer Pro File Deleted : C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\searchplugins\Web Search.xml ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [browser Infrastructure Helper] Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\WowCeouupone.WowCeouupone Key Deleted : HKLM\SOFTWARE\Classes\WowCeouupone.WowCeouupone.4.7 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{24F36CEE-A768-0878-52EF-B3A31897409D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24F36CEE-A768-0878-52EF-B3A31897409D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{24F36CEE-A768-0878-52EF-B3A31897409D} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{24F36CEE-A768-0878-52EF-B3A31897409D} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24F36CEE-A768-0878-52EF-B3A31897409D} Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\Optimizer Pro Key Deleted : HKCU\Software\SecuredDownload Key Deleted : HKCU\Software\SmartBar Key Deleted : HKCU\Software\smartbarbackup Key Deleted : HKCU\Software\smartbarlog Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17041 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Page] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Bar] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [searchAssistant] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] -\\ Mozilla Firefox v28.0 (sv-SE) [ File : C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\prefs.js ] Line Deleted : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMLwlKFfQ[...] Line Deleted : user_pref("extensions.helperbar.BackPageActive", true); Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false); Line Deleted : user_pref("extensions.helperbar.LastHiddenTime", 23272404); Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", true); Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false); Line Deleted : user_pref("extensions.helperbar.Visibility", false); Line Deleted : user_pref("extensions.helperbar.backPageCapacity", 3); Line Deleted : user_pref("extensions.helperbar.backPageCounter", 1); Line Deleted : user_pref("extensions.helperbar.backPageDay", 30); Line Deleted : user_pref("extensions.helperbar.backPageLastEvent", "1396178861932"); Line Deleted : user_pref("extensions.helperbar.backPageMinInterval", 15); Line Deleted : user_pref("extensions.helperbar.barcodeid", "127028"); Line Deleted : user_pref("extensions.helperbar.countryiso", "se"); Line Deleted : user_pref("extensions.helperbar.downloadprovider", "snapdoocybch"); Line Deleted : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\"],\\\"hxxpInjection\\\":\\\"hxxp:\\\\\\/\\\\\\/i.linkuryjs.info\\\\\\/kury\\\\\\[...] Line Deleted : user_pref("extensions.helperbar.fromautoupdate", "true"); Line Deleted : user_pref("extensions.helperbar.installationid", "0b384d67-ee39-70b3-bcc6-b98c1362fb18"); Line Deleted : user_pref("extensions.helperbar.installdate", "26/03/2014"); Line Deleted : user_pref("extensions.helperbar.keepAliveLastevent", "1395844200"); Line Deleted : user_pref("extensions.helperbar.lastExternalJsUpdate", "1396945110370"); Line Deleted : user_pref("extensions.helperbar.publisher", "snapdoocyb"); Line Deleted : user_pref("extensions.msS.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam\")>-1||url.indexOf(\"alertf[...] Line Deleted : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMhnYjiLyL4OYzAB[...] -\\ Google Chrome v [ File : C:\Users\Britt-Marie\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [12075 octets] - [01/05/2014 11:52:25] AdwCleaner[R1].txt - [12136 octets] - [01/05/2014 18:17:51] AdwCleaner[s0].txt - [10095 octets] - [01/05/2014 18:18:27] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10156 octets] ########## Och här är DDS.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.17041 Run by Britt-Marie at 18:24:09 on 2014-05-01 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.8072.6222 [GMT 2:00] . AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe C:\Windows\SysWOW64\PSIService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\system32\sppsvc.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com uSearch Page = hxxp://www.google.com uSearchAssistant = hxxp://www.google.com mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll BHO: Inloggningshjälp för Microsoft-konto: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ISCTSY~1.LNK - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{EDDCB767-DBCC-4ED1-A2C1-82BE2513B624} : DHCPNameServer = 192.168.1.1 Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL SSODL: WebCheck - <orphaned> x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL x64-TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe" x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe" x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe" x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\ FF - prefs.js: browser.startup.homepage - about:home FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\BankID\npBispBrowser.dll FF - plugin: C:\Program Files (x86)\BankID\npBispBrowser_x64.dll FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll FF - plugin: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll . ============= SERVICES / DRIVERS =============== . R0 iusb3hcs;Switchdrivrutin för Intel® USB 3.0 Värdstyrenhet;C:\Windows\System32\drivers\iusb3hcs.sys [2014-3-14 20464] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512] R2 ClickToRunSvc;Microsoft Office-tjänsten Klicka-och-Kör;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-3-17 2211000] R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-4-27 239680] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520] R2 ISCTAgent;Intel® Smart Connect Technology Agent;C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2013-8-1 198120] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2014-3-14 169432] R2 MSI_SuperCharger;MSI_SuperCharger;C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2014-3-14 161776] R2 MSI_Trigger_Service;MSI_Trigger_Service;C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2014-3-14 30240] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 133928] R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2014-3-14 160256] R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2013-8-1 21408] R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2013-8-1 21920] R3 INETMON;INETMON;C:\Windows\System32\drivers\INETMON.sys [2014-3-14 29088] R3 IntcDAud;Intel® bildskärmsljud;C:\Windows\System32\drivers\IntcDAud.sys [2014-3-14 449528] R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-8-1 46568] R3 iusb3hub;Drivrutin för Intel® USB 3.0 Nav;C:\Windows\System32\drivers\iusb3hub.sys [2014-3-14 358896] R3 iusb3xhc;Drivrutin för Intel® USB 3.0 Utbyggbar värdstyrenhet;C:\Windows\System32\drivers\iusb3xhc.sys [2014-3-14 792560] R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2014-3-24 32344] R3 NisSrv;Microsoft Nätverkskontroll;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872] R3 NTIOLib_1_0_3;NTIOLib_1_0_3;C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2014-3-14 13368] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-3-14 849992] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-23 111616] S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-3-14 19456] S3 Tdsshbecr;Handelsbanken card reader;C:\Windows\System32\drivers\shbecr.sys [2014-3-26 50176] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-14 56832] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-3-14 30208] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-17 1255736] . =============== File Associations =============== . FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . 2014-05-01 09:52:33 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll 2014-05-01 09:52:21 -------- d-----w- C:\AdwCleaner 2014-05-01 08:47:43 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9C867FE9-54FC-4037-A6E2-0E2849702998}\mpengine.dll 2014-04-30 08:47:50 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2014-04-29 09:16:12 -------- d--h--w- C:\ProgramData\CanonIJScan 2014-04-27 15:02:20 -------- d-----w- C:\Program Files (x86)\FOXIT SOFTWARE 2014-04-23 11:15:28 -------- d-s---w- C:\Windows\System32\CompatTel 2014-04-23 11:15:22 465408 ----a-w- C:\Windows\System32\aepdu.dll 2014-04-23 11:15:22 424448 ----a-w- C:\Windows\System32\aeinv.dll 2014-04-20 08:51:40 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F99F113C-2B64-4831-BCCC-A0B31247090B}\gapaengine.dll 2014-04-18 10:41:37 -------- d-----w- C:\ProgramData\23b057d7780d4f1a 2014-04-18 10:41:31 -------- d-----w- C:\Users\Britt-Marie\AppData\Local\Packages 2014-04-18 10:41:25 -------- d-----w- C:\ProgramData\WOwCouaPOn 2014-04-10 12:45:10 -------- d-----w- C:\Program Files (x86)\BankID 2014-04-10 11:41:14 -------- d-----w- C:\Users\Britt-Marie\AppData\Roaming\BankID 2014-04-10 08:02:35 -------- d-----w- C:\Windows\MSSecurityNS 2014-04-10 08:02:35 -------- d-----w- C:\Windows\MSSecurityNi 2014-04-06 12:47:18 -------- d-----w- C:\Program Files (x86)\Alien Skin 2014-04-06 08:18:17 -------- d-----w- C:\Users\Britt-Marie\AppData\Roaming\AMPSoft 2014-04-06 08:17:56 1009664 ----a-w- C:\Users\Britt-Marie\FontViewer.exe 2014-04-06 08:08:03 -------- d-----w- C:\Users\Britt-Marie\AppData\Local\RadioSure 2014-04-05 12:16:39 550602 ----a-w- C:\Program Files (x86)\EyeCand3.8bf 2014-04-05 12:16:39 409600 ----a-w- C:\Program Files (x86)\EC3-ENG.8BF 2014-04-05 12:16:39 127184 ----a-w- C:\Program Files (x86)\UNWISE.EXE 2014-04-05 12:16:39 -------- d-----w- C:\Program Files (x86)\Eye Candy 4000 2014-04-05 10:44:50 -------- d-----w- C:\Program Files (x86)\SuperBladePro 2014-04-04 14:40:43 -------- d-----w- C:\ProgramData\Lucis 2014-04-03 12:48:14 -------- d--h--w- C:\ProgramData\CanonIJQuickMenu 2014-04-03 12:40:21 -------- d-----w- C:\ProgramData\CanonIJPLM 2014-04-03 12:29:33 321536 ----a-w- C:\Windows\SysWow64\CNC_BWL.dll 2014-04-03 12:29:33 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll 2014-04-03 12:29:04 -------- d-----w- C:\ProgramData\CanonIJWSpt 2014-04-03 12:26:58 -------- d-----w- C:\Program Files\Canon 2014-04-03 12:24:53 -------- d-----w- C:\Program Files (x86)\Canon 2014-04-03 12:24:30 30208 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDBW.DLL 2014-04-03 12:24:30 101888 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPBW.DLL 2014-04-03 12:24:19 391168 ----a-w- C:\Windows\System32\CNMLMBW.DLL 2014-04-03 12:24:10 367104 ----a-w- C:\Windows\System32\CNC_BWL.dll 2014-04-03 12:24:10 282624 ----a-w- C:\Windows\System32\CNC_BWC.dll 2014-04-03 12:24:10 17920 ----a-w- C:\Windows\System32\CNHMCA6.dll 2014-04-03 12:24:10 106496 ----a-w- C:\Windows\System32\CNC_BWI.dll . ==================== Find3M ==================== . 2014-04-29 14:44:37 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-04-29 14:44:37 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2014-04-17 11:28:30 952 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys 2014-03-17 08:41:00 86016 ----a-w- C:\Windows\SysWow64\psbase.DLL 2014-03-17 08:41:00 49152 ----a-w- C:\Windows\System32\pstorec.DLL 2014-03-17 08:41:00 45056 ----a-w- C:\Windows\SysWow64\pstorec.DLL 2014-03-17 08:41:00 36864 ----a-w- C:\Windows\System32\pstorsvc.DLL 2014-03-17 08:41:00 25088 ----a-w- C:\Windows\SysWow64\pstorsvc.DLL 2014-03-17 08:41:00 126976 ----a-w- C:\Windows\System32\psbase.DLL 2014-03-11 08:52:30 133928 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2014-03-06 09:32:16 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll 2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll 2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-03-06 08:32:07 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll 2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll 2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll 2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll 2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll 2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll 2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll 2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll 2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll 2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll 2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2014-03-04 09:17:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe 2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys 2014-02-04 02:35:56 190912 ----a-w- C:\Windows\System32\drivers\storport.sys 2014-02-04 02:35:49 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2014-02-04 02:35:35 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2014-02-04 02:32:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2014-02-04 02:32:12 624128 ----a-w- C:\Windows\System32\qedit.dll 2014-02-04 02:28:36 2048 ----a-w- C:\Windows\System32\iologmsg.dll 2014-02-04 02:04:22 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2014-02-04 02:04:11 509440 ----a-w- C:\Windows\SysWow64\qedit.dll 2014-02-04 02:00:39 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll . ============= FINISH: 18:24:19,36 =============== Och här kommer den sista C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir a variant of Win32/SpeedingUpMyPC application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash.dll.vir a variant of Win32/SProtector.E potentially unwanted application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll.vir a variant of Win32/SProtector.F potentially unwanted application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll.vir a variant of Win64/SProtector.A potentially unwanted application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProLauncher.exe.vir a variant of Win32/AdWare.SpeedingUpMyPC.D application C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir a variant of Win32/Adware.SpeedingUpMyPC.C application C:\AdwCleaner\Quarantine\C\Users\Britt-Marie\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir a variant of MSIL/Toolbar.Linkury.D potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Britt-Marie\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir Win32/Toolbar.Linkury.D potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Britt-Marie\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Britt-Marie\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Britt-Marie\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Britt-Marie\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Britt-Marie\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Britt-Marie\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\Britt-Marie\AppData\Roaming\OpenCandy\18DB7C20B86D4947936796D19AA1F5A8\Installer.exe.vir a variant of Win32/Toolbar.Linkury.E potentially unwanted application C:\ProgramData\WOwCouaPOn\0cq0ujXJ7H.dll a variant of Win32/AdWare.MultiPlug.N application C:\ProgramData\WOwCouaPOn\0cq0ujXJ7H.exe a variant of Win32/AdWare.MultiPlug.K.gen application C:\ProgramData\WOwCouaPOn\0cq0ujXJ7H.x64.dll a variant of Win64/Adware.MultiPlug.A application C:\Users\All Users\WOwCouaPOn\0cq0ujXJ7H.dll a variant of Win32/AdWare.MultiPlug.N application C:\Users\All Users\WOwCouaPOn\0cq0ujXJ7H.exe a variant of Win32/AdWare.MultiPlug.K.gen application C:\Users\All Users\WOwCouaPOn\0cq0ujXJ7H.x64.dll a variant of Win64/Adware.MultiPlug.A application C:\Windows\Installer\540c73c.msi Win32/Toolbar.Linkury.D potentially unwanted application E:\Gamla New Disk 3\1TILL nya datorn PSP 9\FlamingPear.zip Win32/Keygen.FQ potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\AlienSkin_EyeCandy6.0.0.rar a variant of Win32/Keygen.CX potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\ASEC6.rar a variant of Win32/Keygen.CX potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\MS Office2010 Enterprise-ISO.rar a variant of MSIL/HackKMS.A potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\Plugins_Adobe\PS.Plugin.Collect.04.2011\AlienSkin\BlowUp 2.0.4\Keygen\keygen.exe a variant of Win32/Keygen.CX potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\Plugins_Adobe\PS.Plugin.Collect.04.2011\AlienSkin\Bokeh 1.0.3\Keygen\keygen.exe a variant of Win32/Keygen.CX potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\Plugins_Adobe\PS.Plugin.Collect.04.2011\AlienSkin\EyeCandy 6.0.0?\Keygen\keygen.exe a variant of Win32/Keygen.CX potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\Plugins_Adobe\PS.Plugin.Collect.04.2011\AlienSkin\SnapArt 2.0.1\Keygen\keygen.exe a variant of Win32/Keygen.CX potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\Plugins_Adobe\PS.Plugin.Collect.04.2011\Topaz\cr-zwr01.zip a variant of Win32/Keygen.CX potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\Plugins_Adobe\PS.Plugin.Collect.04.2011\Topaz\Topaz.Clean.v3.0.1.Incl.Keymaker-CORE.zip a variant of Win32/Keygen.CX potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\Plugins_Adobe\PS.Plugin.Collect.04.2011\Topaz\Topaz.DeNoise.v4.1.0.Incl.Keymaker-CORE.rar a variant of Win32/Keygen.CX potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\Plugins_Adobe\PS.Plugin.Collect.04.2011\Topaz\Topaz.DeNoise.v5.0.0.Incl.Keymaker-CORE.rar a variant of Win32/Keygen.CX potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\Plugins_Adobe\PS.Plugin.Collect.04.2011\Topaz\Topaz.DeNoise.v5.0.0.Incl.Keymaker-CORE\cr-1mh01.zip a variant of Win32/Keygen.CX potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\PSP Plugins Disc 2\Plugins Disc 2.iso a variant of Win32/Keygen.BH potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\PSP Plugins Disc 3\Plugins 3.iso a variant of Generik.EIAHMZE trojan E:\Gamla New Disk 3\Nytt till PSP\PSP Plugins Disc 4\PSP D4.iso probably a variant of Win32/Keygen.BH potentially unsafe application E:\Gamla New Disk 3\Nytt till PSP\PSPXV\equiscinco.rar a variant of Win32/Keygen.AU potentially unsafe application
  9. # AdwCleaner v3.205 - Report created 01/05/2014 at 11:52:25 # Updated 28/04/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Britt-Marie - HEMMINGSON-PC # Running from : C:\Users\Britt-Marie\Downloads\adwcleaner.exe # Option : Scan ***** [ Services ] ***** Service Found : 70e6ca8c ***** [ Files / Folders ] ***** File Found : C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\searchplugins\Web Search.xml Folder Found : C:\Program Files (x86)\Optimizer Pro Folder Found : C:\Program Files (x86)\PriceMeterLiveUpdate Folder Found : C:\Users\BRITT-~1\AppData\Local\Temp\Smartbar Folder Found : C:\Users\BRITT-~1\AppData\Local\Temp\Smartbar Folder Found : C:\Users\Britt-Marie\AppData\Local\LPT Folder Found : C:\Users\Britt-Marie\AppData\Local\PriceMeter Folder Found : C:\Users\Britt-Marie\AppData\Local\PriceMeterLiveUpdate Folder Found : C:\Users\Britt-Marie\AppData\Local\Smartbar Folder Found : C:\Users\Britt-Marie\AppData\LocalLow\Smartbar Folder Found : C:\Users\Britt-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter Folder Found : C:\Users\Britt-Marie\AppData\Roaming\OpenCandy Folder Found : C:\Users\Britt-Marie\AppData\Roaming\Optimizer Pro Folder Found : C:\Users\Britt-Marie\AppData\Roaming\PriceMeterUpdater Folder Found : C:\Users\Britt-Marie\Documents\Optimizer Pro ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Found : HKCU\Software\InstallCore Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Found : HKCU\Software\Optimizer Pro Key Found : HKCU\Software\SecuredDownload Key Found : HKCU\Software\SmartBar Key Found : HKCU\Software\smartbarbackup Key Found : HKCU\Software\smartbarlog Key Found : [x64] HKCU\Software\InstallCore Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Key Found : [x64] HKCU\Software\Optimizer Pro Key Found : [x64] HKCU\Software\SecuredDownload Key Found : [x64] HKCU\Software\SmartBar Key Found : [x64] HKCU\Software\smartbarbackup Key Found : [x64] HKCU\Software\smartbarlog Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Found : HKLM\SOFTWARE\Classes\CLSID\{24F36CEE-A768-0878-52EF-B3A31897409D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bho Key Found : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F} Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Found : HKLM\SOFTWARE\Classes\WowCeouupone.WowCeouupone Key Found : HKLM\SOFTWARE\Classes\WowCeouupone.WowCeouupone.4.7 Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24F36CEE-A768-0878-52EF-B3A31897409D} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{24F36CEE-A768-0878-52EF-B3A31897409D} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{24F36CEE-A768-0878-52EF-B3A31897409D} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{24F36CEE-A768-0878-52EF-B3A31897409D} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [browser Infrastructure Helper] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17041 Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [search Page] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMhnYjiLyL4OYzABvxkvrrVsAPwdFDrf7BbpzwPRpQMUXIuR9EiB3F8jrTpIJS3y&q={searchTerms} Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMTFudt1kpyR90T58NXWO-1VCBavqEuBgeAlZMbGIdntBe4D6lCHNbiGDwbBLTIV Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [search Bar] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMhnYjiLyL4OYzABvxkvrrVsAPwdFDrf7BbpzwPRpQMUXIuR9EiB3F8jrTpIJS3y&q={searchTerms} Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMhnYjiLyL4OYzABvxkvrrVsAPwdFDrf7BbpzwPRpQMUXIuR9EiB3F8jrTpIJS3y&q={searchTerms} Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [searchAssistant] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMhnYjiLyL4OYzABvxkvrrVsAPwdFDrf7BbpzwPRpQMUXIuR9EiB3F8jrTpIJS3y&q={searchTerms} Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMhnYjiLyL4OYzABvxkvrrVsAPwdFDrf7BbpzwPRpQMUXIuR9EiB3F8jrTpIJS3y&q={searchTerms} Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMhnYjiLyL4OYzABvxkvrrVsAPwdFDrf7BbpzwPRpQMUXIuR9EiB3F8jrTpIJS3y&q={searchTerms} -\\ Mozilla Firefox v28.0 (sv-SE) [ File : C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\prefs.js ] Line Found : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMLwlKFfQ[...] Line Found : user_pref("extensions.helperbar.BackPageActive", true); Line Found : user_pref("extensions.helperbar.DockingPositionDown", false); Line Found : user_pref("extensions.helperbar.LastHiddenTime", 23272404); Line Found : user_pref("extensions.helperbar.SmartbarDisabled", true); Line Found : user_pref("extensions.helperbar.SmartbarStateMinimaized", false); Line Found : user_pref("extensions.helperbar.Visibility", false); Line Found : user_pref("extensions.helperbar.backPageCapacity", 3); Line Found : user_pref("extensions.helperbar.backPageCounter", 1); Line Found : user_pref("extensions.helperbar.backPageDay", 30); Line Found : user_pref("extensions.helperbar.backPageLastEvent", "1396178861932"); Line Found : user_pref("extensions.helperbar.backPageMinInterval", 15); Line Found : user_pref("extensions.helperbar.barcodeid", "127028"); Line Found : user_pref("extensions.helperbar.countryiso", "se"); Line Found : user_pref("extensions.helperbar.downloadprovider", "snapdoocybch"); Line Found : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\"],\\\"hxxpInjection\\\":\\\"hxxp:\\\\\\/\\\\\\/i.linkuryjs.info\\\\\\/kury\\\\\\[...] Line Found : user_pref("extensions.helperbar.fromautoupdate", "true"); Line Found : user_pref("extensions.helperbar.installationid", "0b384d67-ee39-70b3-bcc6-b98c1362fb18"); Line Found : user_pref("extensions.helperbar.installdate", "26/03/2014"); Line Found : user_pref("extensions.helperbar.keepAliveLastevent", "1395844200"); Line Found : user_pref("extensions.helperbar.lastExternalJsUpdate", "1396945110370"); Line Found : user_pref("extensions.helperbar.publisher", "snapdoocyb"); Line Found : user_pref("extensions.msS.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam\")>-1||url.indexOf(\"alertf[...] Line Found : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMhnYjiLyL4OYzAB[...] -\\ Google Chrome v [ File : C:\Users\Britt-Marie\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [11845 octets] - [01/05/2014 11:52:25] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11906 octets] ##########
  10. Hej Jag läste lite och tror att det är bäst att jag skapar en egen tråd. Jag använder Firefox i en ny dator med Windows 7 (64bit). Jag har börjat med att använda DDS och infogar DDS.txt samt bifogar Attach.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.17041 Run by Britt-Marie at 11:15:12 on 2014-05-01 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.8072.5279 [GMT 2:00] . AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Users\Britt-Marie\AppData\Local\Smartbar\Application\SnapDo.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe C:\Windows\SysWOW64\PSIService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXE C:\Windows\splwow64.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Jasc Software Inc\Paint Shop Pro 9\Paint Shop Pro 9.exe C:\Users\Britt-Marie\AppData\Local\Smartbar\Application\Lrcnta.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMTFudt1kpyR90T58NXWO-1VCBavqEuBgeAlZMbGIdntBe4D6lCHNbiGDwbBLTIV uSearch Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMhnYjiLyL4OYzABvxkvrrVsAPwdFDrf7BbpzwPRpQMUXIuR9EiB3F8jrTpIJS3y&q={searchTerms} uSearch Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMhnYjiLyL4OYzABvxkvrrVsAPwdFDrf7BbpzwPRpQMUXIuR9EiB3F8jrTpIJS3y&q={searchTerms} uSearchAssistant = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMhnYjiLyL4OYzABvxkvrrVsAPwdFDrf7BbpzwPRpQMUXIuR9EiB3F8jrTpIJS3y&q={searchTerms} mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: WOwCouaPOn: {24F36CEE-A768-0878-52EF-B3A31897409D} - C:\ProgramData\WOwCouaPOn\0cq0ujXJ7H.dll BHO: SmartbarInternetExplorerBHOEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll BHO: Inloggningshjälp för Microsoft-konto: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll TB: Snap.Do: {ae07101b-46d4-4a98-af68-0333ea26e113} - TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll uRun: [browser Infrastructure Helper] C:\Users\Britt-Marie\AppData\Local\Smartbar\Application\SnapDo.exe startup mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ISCTSY~1.LNK - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{EDDCB767-DBCC-4ED1-A2C1-82BE2513B624} : DHCPNameServer = 192.168.1.1 Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL AppInit_DLLs= c:\progra~2\optimi~1\optpro~1.dll SSODL: WebCheck - <orphaned> x64-BHO: WOwCouaPOn: {24F36CEE-A768-0878-52EF-B3A31897409D} - C:\ProgramData\WOwCouaPOn\0cq0ujXJ7H.x64.dll x64-BHO: SmartbarInternetExplorerBHOEngine: {31ad400d-1b06-4e33-a59a-90c2c140cba0} - x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL x64-TB: Snap.Do: {ae07101b-46d4-4a98-af68-0333ea26e113} - x64-TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll x64-Run: [igfxTray] "C:\Windows\System32\igfxtray.exe" x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe" x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe" x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Britt-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\7on4o97t.default\ FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQmbGaMQ_HWQD7DwRMHANEg_YdyaGtWfTbvRMwx59uvVwdx8uYin-2jKhNBdXS1rvsBHLhtYaLNAZ_MOMhnYjiLyL4OYzABvxkvrrVsAPwdFDrf7BbpzwPRpQMUXIuR9EiB3F8jrTpIJS3y&q= FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\BankID\npBispBrowser.dll FF - plugin: C:\Program Files (x86)\BankID\npBispBrowser_x64.dll FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll FF - plugin: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll . ============= SERVICES / DRIVERS =============== . R0 iusb3hcs;Switchdrivrutin för Intel® USB 3.0 Värdstyrenhet;C:\Windows\System32\drivers\iusb3hcs.sys [2014-3-14 20464] R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512] R2 70e6ca8c;Optimizer Pro Crash Monitor;C:\Windows\System32\rundll32.exe [2009-7-14 45568] R2 ClickToRunSvc;Microsoft Office-tjänsten Klicka-och-Kör;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-3-17 2211000] R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;C:\Program Files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-4-27 239680] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520] R2 ISCTAgent;Intel® Smart Connect Technology Agent;C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2013-8-1 198120] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2014-3-14 169432] R2 MSI_SuperCharger;MSI_SuperCharger;C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [2014-3-14 161776] R2 MSI_Trigger_Service;MSI_Trigger_Service;C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2014-3-14 30240] R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 133928] R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2014-3-14 160256] R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2013-8-1 21408] R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2013-8-1 21920] R3 INETMON;INETMON;C:\Windows\System32\drivers\INETMON.sys [2014-3-14 29088] R3 IntcDAud;Intel® bildskärmsljud;C:\Windows\System32\drivers\IntcDAud.sys [2014-3-14 449528] R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-8-1 46568] R3 iusb3hub;Drivrutin för Intel® USB 3.0 Nav;C:\Windows\System32\drivers\iusb3hub.sys [2014-3-14 358896] R3 iusb3xhc;Drivrutin för Intel® USB 3.0 Utbyggbar värdstyrenhet;C:\Windows\System32\drivers\iusb3xhc.sys [2014-3-14 792560] R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2014-3-24 32344] R3 NisSrv;Microsoft Nätverkskontroll;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872] R3 NTIOLib_1_0_3;NTIOLib_1_0_3;C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [2014-3-14 13368] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-3-14 849992] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-23 111616] S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-3-14 19456] S3 Tdsshbecr;Handelsbanken card reader;C:\Windows\System32\drivers\shbecr.sys [2014-3-26 50176] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-14 56832] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-3-14 30208] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-17 1255736] . =============== File Associations =============== . FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . 2014-05-01 08:47:43 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9C867FE9-54FC-4037-A6E2-0E2849702998}\mpengine.dll 2014-04-30 08:47:50 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2014-04-29 09:16:12 -------- d--h--w- C:\ProgramData\CanonIJScan 2014-04-27 15:02:20 -------- d-----w- C:\Program Files (x86)\FOXIT SOFTWARE 2014-04-23 11:15:28 -------- d-s---w- C:\Windows\System32\CompatTel 2014-04-23 11:15:22 465408 ----a-w- C:\Windows\System32\aepdu.dll 2014-04-23 11:15:22 424448 ----a-w- C:\Windows\System32\aeinv.dll 2014-04-20 08:51:40 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F99F113C-2B64-4831-BCCC-A0B31247090B}\gapaengine.dll 2014-04-18 10:41:37 -------- d-----w- C:\ProgramData\23b057d7780d4f1a 2014-04-18 10:41:31 -------- d-----w- C:\Users\Britt-Marie\AppData\Local\Packages 2014-04-18 10:41:25 -------- d-----w- C:\ProgramData\WOwCouaPOn 2014-04-11 12:48:03 -------- d-----w- C:\Users\Britt-Marie\AppData\Local\LPT 2014-04-10 12:45:10 -------- d-----w- C:\Program Files (x86)\BankID 2014-04-10 11:41:14 -------- d-----w- C:\Users\Britt-Marie\AppData\Roaming\BankID 2014-04-10 08:02:35 -------- d-----w- C:\Windows\MSSecurityNS 2014-04-10 08:02:35 -------- d-----w- C:\Windows\MSSecurityNi 2014-04-06 12:47:18 -------- d-----w- C:\Program Files (x86)\Alien Skin 2014-04-06 08:18:17 -------- d-----w- C:\Users\Britt-Marie\AppData\Roaming\AMPSoft 2014-04-06 08:17:56 1009664 ----a-w- C:\Users\Britt-Marie\FontViewer.exe 2014-04-06 08:08:03 -------- d-----w- C:\Users\Britt-Marie\AppData\Local\RadioSure 2014-04-05 12:16:39 550602 ----a-w- C:\Program Files (x86)\EyeCand3.8bf 2014-04-05 12:16:39 409600 ----a-w- C:\Program Files (x86)\EC3-ENG.8BF 2014-04-05 12:16:39 127184 ----a-w- C:\Program Files (x86)\UNWISE.EXE 2014-04-05 12:16:39 -------- d-----w- C:\Program Files (x86)\Eye Candy 4000 2014-04-05 10:44:50 -------- d-----w- C:\Program Files (x86)\SuperBladePro 2014-04-04 14:40:43 -------- d-----w- C:\ProgramData\Lucis 2014-04-03 12:48:14 -------- d--h--w- C:\ProgramData\CanonIJQuickMenu 2014-04-03 12:40:21 -------- d-----w- C:\ProgramData\CanonIJPLM 2014-04-03 12:29:33 321536 ----a-w- C:\Windows\SysWow64\CNC_BWL.dll 2014-04-03 12:29:33 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll 2014-04-03 12:29:04 -------- d-----w- C:\ProgramData\CanonIJWSpt 2014-04-03 12:26:58 -------- d-----w- C:\Program Files\Canon 2014-04-03 12:24:53 -------- d-----w- C:\Program Files (x86)\Canon 2014-04-03 12:24:30 30208 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDBW.DLL 2014-04-03 12:24:30 101888 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPBW.DLL 2014-04-03 12:24:19 391168 ----a-w- C:\Windows\System32\CNMLMBW.DLL 2014-04-03 12:24:10 367104 ----a-w- C:\Windows\System32\CNC_BWL.dll 2014-04-03 12:24:10 282624 ----a-w- C:\Windows\System32\CNC_BWC.dll 2014-04-03 12:24:10 17920 ----a-w- C:\Windows\System32\CNHMCA6.dll 2014-04-03 12:24:10 106496 ----a-w- C:\Windows\System32\CNC_BWI.dll . ==================== Find3M ==================== . 2014-04-29 14:44:37 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-04-29 14:44:37 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2014-04-17 11:28:30 952 --sha-w- C:\Windows\SysWow64\KGyGaAvL.sys 2014-03-17 08:41:00 86016 ----a-w- C:\Windows\SysWow64\psbase.DLL 2014-03-17 08:41:00 49152 ----a-w- C:\Windows\System32\pstorec.DLL 2014-03-17 08:41:00 45056 ----a-w- C:\Windows\SysWow64\pstorec.DLL 2014-03-17 08:41:00 36864 ----a-w- C:\Windows\System32\pstorsvc.DLL 2014-03-17 08:41:00 25088 ----a-w- C:\Windows\SysWow64\pstorsvc.DLL 2014-03-17 08:41:00 126976 ----a-w- C:\Windows\System32\psbase.DLL 2014-03-11 08:52:30 133928 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2014-03-06 09:32:16 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll 2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll 2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-03-06 08:32:07 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll 2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll 2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll 2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll 2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll 2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll 2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll 2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll 2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll 2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll 2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2014-03-04 09:17:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe 2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys 2014-02-04 02:35:56 190912 ----a-w- C:\Windows\System32\drivers\storport.sys 2014-02-04 02:35:49 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys 2014-02-04 02:35:35 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2014-02-04 02:32:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2014-02-04 02:32:12 624128 ----a-w- C:\Windows\System32\qedit.dll 2014-02-04 02:28:36 2048 ----a-w- C:\Windows\System32\iologmsg.dll 2014-02-04 02:04:22 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2014-02-04 02:04:11 509440 ----a-w- C:\Windows\SysWow64\qedit.dll 2014-02-04 02:00:39 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll . ============= FINISH: 11:15:23,65 =============== Attach.txt
  11. Hej igen Lite feedback: Det var nätaggregatet, och nu är det fixat. När jag ändå hade burit dit datorn frågade jag om grafikkortet och möjligheterna att ändra upplösningen. Det slutade med att dom fick byta ut kortet. Nu kan jag ställa in widescreen format och 1440 x 900. Det blev mycket bättre än med det gamla kortet.
  12. Hej Datorn är på verkstan nu. Körde iväg med den i går. Dom hade mycket att göra, så dom ringer nån gång i nästa vecka. Ibland hann jag stänga av den, men ibland blev det plötsligt bara ränder över hela skärmen och då blev jag tvungen att dra ur kontakten. Om jag tryckte på knapparna på datorn blev det ingen reaktion alls eller omstart. Jaq lovar att berätta hur det gick. Tack för alla försök att hjälpa mig.
  13. Jag har haft lägre upplösning än den optimala i många år, med den gamla skärmen. Den nya vägrade först att starta med den upplösningen, så jag fick sätta tillbaks den gamla skärmen, ändra upplösning i datorn och sen byta igen. Då startade den nya och jag fick givetvis trixa sen, eftersom den nya är widescreen. Det är alltid en balansgång att se så bra det går, men ändå måste ju alla programfönster få plats på skärmen. Den nya är på 1920 x 1080, men jag har den ställd på 1280 x 768pxlar. Dessutom har jag DPIinställningen på 120 (stor storlek) och Stora Teckensnitt inställt på Utseendefliken. Jag har XP, så det finns en inställningsmöjlighet mer än i W7, som jag har på min laptop. Men laptopen gillar jag verkligen inte. Det är en nödlösning för min del. På skärmen står det H = 47 V = 60 hz vad nu det betyder. Jag glömde ju att fråga vad Ni kan läsa ut av att spänningen är låg? Jag funderade i natt och jag måste säga att jag tvivlar på att det kan vara skärmen. Möjligen p g a något annat fel, men inte för att upplösningen inte är den optimala. Jag har ändrat upplösning på alla dom datorer/skärmar som jag hade när jag jobbade - på mitt användarkonto alltså. Det har aldrig orsakat något strul. Jag lämnade datorn på i natt och den hade stängt av sig själv i morse. Nu har den stått på i drygt 6 timmar utan att strula. Det ovanstående hann jag knappt skicka iväg innan bilden blev randig.. Apropå ingenting: då går det inte att stänga av med kontakten på datorn, den startar om vilken knapp jag än använder. Däremot går det förstås att dra ur kontakten/stänga av på skarvkontakten. Jag undrar ju om jag förvärrar något om jag använder den då och då, tills jag kan/orkar bära iväg med den till datorbutiken? Jag har inte haft den på sen i går kväll. Det här skriver jag på laptopen.
×
×
  • Skapa nytt...