Just nu i M3-nätverket
Gå till innehåll

Sosso

Medlem
  • Antal inlägg

    191
  • Gick med

  • Senaste besök

Allt postat av Sosso

  1. Jooo... en annan fråga..... som jag funderat på mååånga gånger, men aldrig kommit längre än så.. När man öppnar ett nytt program kommer ju den där säkerhetsfrågan.. Är d bra att klicka ja alltid? Vad "händer" om man klickar nej??
  2. Ok, tack... Planen är väl att jag kanske ska installera om windows, och börja från början.. men jag vet inte om/när jag ska fixa d...
  3. För att lixom börja om från början.... rensa på skräp... format c: =)
  4. Det verkar ha försvunnit tack och lov... inga pop-up fönster och sidbyten.. Fick ladda om sidan hela tiden tidigare nästan varje gång jag klickade någonstans.. Datorn känns snabbare nu åxå... Är allt "skräp" i datorn borta nu då?
  5. Fix result of Farbar Recovery Scan Tool (x64) Version:26-07-2015 Ran by Sosso at 2015-07-27 12:59:33 Run:3 Running from C:\Users\Sosso\Desktop Loaded Profiles: Sosso (Available Profiles: Sosso & Langen) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: CloseProcesses: HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [mbot_se_014010025] => [X] GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File Toolbar: HKLM - AVAST! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File FF Plugin: @ MICROSOFT.com/GENUINE -> disabled No File FF Plugin-x32: @ MICROSOFT.com/GENUINE -> disabled No File FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox PROFILES\ob96lpwm.default\extensions\quick_start@gmail.com [not found] FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\searchffv2@gmail.com [not found] FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\AVJYFVOD75109374@HCDE39471360.com [not found] CHR Extension: (ljmpghknnfhlgcgchochgijlgjpmhhfo) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmpghknnfhlgcgchochgijlgjpmhhfo [2015-07-17] CHR Extension: (CinemaP-1.9cV09.07) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-07-09] S2 MsgPlusService; "C: PROGRAM Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" [X] CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google UPDATE\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{43090D0D-E309-4D12-B3E8-0165D520BA4C}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.25.3\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File Reboot: ***************** Restore point was successfully created. Processes closed successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_se_014010025 => value removed successfully C:\Windows\system32\GroupPolicy\Machine => moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully. "HKLM\SOFTWARE\Policies\Google" => key removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully "HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => key removed successfully HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found. "HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => key removed successfully HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => key not found. HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => key removed successfully HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully "HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => key removed successfully HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found. HKLM\Software\MozillaPlugins\@ MICROSOFT.com/GENUINE => key not found. HKLM\Software\Wow6432Node\MozillaPlugins\@ MICROSOFT.com/GENUINE => key not found. C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox PROFILES\ob96lpwm.default\extensions\quick_start@gmail.com not found. C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\searchffv2@gmail.com not found. C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\AVJYFVOD75109374@HCDE39471360.com not found. C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmpghknnfhlgcgchochgijlgjpmhhfo => moved successfully. C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi => moved successfully. MsgPlusService => service removed successfully "HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully "HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => key removed successfully "HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully "HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{43090D0D-E309-4D12-B3E8-0165D520BA4C}" => key removed successfully "HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully "HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully "HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully "HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully The system needed a reboot.. ==== End of Fixlog 13:00:50 ====
  6. Antog att du jobbat eller nåt liknande, här kan du ju inte sitta 24/7 återkommer runt mitt på dagen imorgon(/idag)..
  7. Hoppas att du har tid att kolla loggarna snart så jag kan fortsätta..
  8. Låter inte mkt... Tune; hade du ngt förslag till mig hur jag går tillväga eller?
  9. Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-07-2015 Ran by Sosso at 2015-07-26 11:20:24 Running from C:\Users\Sosso\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administratör (S-1-5-21-3310348378-2041383425-807149183-500 - Administrator - Disabled) Gäst (S-1-5-21-3310348378-2041383425-807149183-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-3310348378-2041383425-807149183-1002 - Limited - Enabled) Langen (S-1-5-21-3310348378-2041383425-807149183-1003 - Administrator - Enabled) => C:\Users\Langen Sosso (S-1-5-21-3310348378-2041383425-807149183-1001 - Administrator - Enabled) => C:\Users\Sosso ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "Nero SoundTrax Help (x32 Version: 4.4.32.0 - Nero AG) Hidden µTorrent (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.6821 - CyberLink Corp.) Acer Arcade Deluxe (x32 Version: 3.0.6821 - CyberLink Corp.) Hidden Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.22 - NewTech Infosystems) Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp) Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3002 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated) Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.) Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.5.0715 - Acer Incorporated) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated) Adobe Color Common Settings (HKLM-x32\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe ExtendScript Toolkit 2 (HKLM-x32\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 3.3 64-bit (HKLM\...\{CFFF260C-F510-45BB-8F8E-1D4AC1232786}) (Version: 3.3.1 - Adobe) Adobe Reader XI (11.0.12) - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden Akamai NetSession Interface (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media) ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden ATI AVIVO64 Codecs (Version: 10.7.0.40702 - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{D10D9994-4337-8067-F5D7-9F8FEC1E4A00}) (Version: 3.0.732.0 - ATI Technologies, Inc.) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software) Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden BankID säkerhetsprogram (HKLM-x32\...\{2D6973ED-BBF2-434E-993C-37E05087B8C8}) (Version: 5.1.3.2 - Finansiell ID-Teknik BID AB) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation) ccc-core-static (x32 Version: 2009.0702.1239.20840 - ATI) Hidden Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media) DC++ 0.802 (HKLM-x32\...\DC++) (Version: 0.802 - Jacek Sieka) DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media) DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink) EasyWeather (HKLM-x32\...\{CE1B03BC-3C99-4580-A2AC-A41DB9B83378}) (Version: - 1.0) Elevated Installer (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden Everio MediaBrowser 3 (HKLM-x32\...\{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}) (Version: 3.00.233 - PIXELA) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media) Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware) Garmin Communicator Plugin (HKLM-x32\...\{C7DD94A8-F775-426C-B56C-8E555A59F9E2}) (Version: 2.9.2 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Friluftskartan Pro v2 - Norra Norrland (HKLM-x32\...\{1C19DF6D-1F26-4F03-9696-471AAAF08906}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries) Garmin MapSource (HKLM-x32\...\{58FA5D40-E35A-47ED-8AFA-68CCC758559E}) (Version: 6.15.11 - Garmin Ltd or its subsidiaries) Garmin POI Loader (HKLM-x32\...\{328019A7-0012-401D-96A2-4CDDD02675A8}) (Version: 2.5.4.0 - Garmin Ltd or its subsidiaries) Garmin Trip and Waypoint Manager v5 (HKLM-x32\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries) Garmin VIRB Edit (HKLM-x32\...\{7FE515DE-36C8-4948-9786-496CE891BBFB}) (Version: 2.9.1 - Garmin Ltd or its subsidiaries) GmapTool 0.5.7a (HKLM-x32\...\{1873789F-59D5-4002-8A2F-60A827B78F98}_is1) (Version: - AP) Google Chrome (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media) Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media) HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 10.0.13228.1563 - Hewlett-Packard) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.11352 - HP Photo Creations) HP Photosmart 6510 series Grundläggande enhetsprogramvara (HKLM\...\{238E725E-9119-4D07-A622-ADC787FC0459}) (Version: 25.0.621.0 - Hewlett-Packard Co.) HP Photosmart 6510 series Hjälp (HKLM-x32\...\{A2F95F8C-CDA9-4B08-BAD1-CA9656E4EC14}) (Version: 140.0.2.2 - Hewlett Packard) HP Photosmart 6510 series Produktförbättringsstudie (HKLM\...\{BCE3A08B-CF08-4129-B63A-CFD327DC9A7C}) (Version: 25.0.621.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC) HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.013 - HTC Corporation) HTC Sync (HKLM-x32\...\{D5B18B60-4FC3-42AD-A629-9CA10ACC06CD}) (Version: 3.0.5579 - HTC Corporation) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.1.0 - LIGHTNING UK!) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) JDownloader Download Accelerator Packages (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\JDownloader Download Accelerator Packages) (Version: - ) <==== ATTENTION Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kartex (HKLM-x32\...\{896D3C79-8E3A-40DC-87F2-2AAC9F9146EF}) (Version: 5.41.5 - Lantmäteriet) K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - ) Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.) LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Menu Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Messenger Plus! for Skype (HKLM-x32\...\Messenger Plus! for Skype) (Version: 1.5.0.122 - Yuna Software) Microsoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-041D-0000-0000000FF1CE}_OMUI.sv-se_{6DB23E19-BC1C-4C62-8158-391F65D84457}) (Version: - Microsoft) Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_OMUI.sv-se_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Language Pack 2007 - Swedish/svenska (HKLM-x32\...\OMUI.sv-se) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_OMUI.sv-se_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version: - Microsoft) Microsoft Office PowerPoint Viewer 2007 (Swedish) (HKLM-x32\...\{95120000-00AF-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_OMUI.sv-se_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version: - Microsoft) Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{2C1B58D5-6549-472C-86B7-17BE57186628}) (Version: 9.7.0621 - Microsoft Corporation) Mobile Broadband (HKLM-x32\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: - ZTE CORPORATION) Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.02.07 - Huawei Technologies Co.,Ltd) Movie Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden Mozilla Firefox (3.5.7) (HKLM-x32\...\Mozilla Firefox (3.5.7)) (Version: 3.5.7 (sv-SE) - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.) Nero 9 (HKLM-x32\...\{39135c20-3583-4d13-bf34-3277fecb56d3}) (Version: - Nero AG) Nero BackItUp (HKLM-x32\...\{0420F95C-11FF-4E02-B967-6CC22B188F9F}) (Version: 5.2.6000 - Nero AG) Nero BackItUp and Burn (HKLM-x32\...\{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}) (Version: 1.2.0009 - Nero AG) Nero BurnRights (HKLM-x32\...\{397516AE-7DFE-4F90-84E0-BD616D559434}) (Version: 3.6.17000 - Nero AG) Nero Express (HKLM-x32\...\{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}) (Version: 9.6.11000 - Nero AG) Nero RescueAgent (HKLM-x32\...\{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}) (Version: 2.6.13000 - Nero AG) Norrlands Skoterledskarta Autorouting v3.0.2.1 (HKLM-x32\...\{40554019-49FF-4A33-A401-8AE7C01D3606}_is1) (Version: - ) NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems) NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6619 - NewTech Infosystems) NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden OpenOffice.org 3.4 (HKLM-x32\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Sony PC Companion 2.10.053 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.053 - Sony) SoundTrax (x32 Version: 4.4.32.0 - Nero AG) Hidden Spotify (HKLM-x32\...\Spotify) (Version: 0.5.2 - ) Spotify (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB) Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version: - Oberon Media) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated) VantagePoint (HKLM-x32\...\InstallShield_{1D21ED4F-3C5E-45C3-9795-8C8CB2AB31DC}) (Version: 2.32.0000 - Magellan Navigation, Inc.) VantagePoint (x32 Version: 2.32.0000 - Magellan Navigation, Inc.) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated) Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{08A247F5-E34F-4D17-8731-0906DF56947E}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows-drivrutinspaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows-drivrutinspaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) ZTE LTE Device USB Driver (HKLM\...\{00C1EF09-B5B7-4082-B1F4-C35CE7A7FCA9}) (Version: - ZTE Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{43090D0D-E309-4D12-B3E8-0165D520BA4C}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.25.3\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 26-07-2015 01:36:40 Schemalagd kontrollpunkt ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2010-05-13 18:53 - 00001204 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 activate.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0D94CC3C-A086-4EAC-A629-7053D307999D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA => C:\Users\Sosso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) Task: {24A37772-BE72-451A-A90C-C4EFD82F7D39} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-31] () Task: {26F12FC0-31D6-4963-B3AE-3B53670EFFE4} - System32\Tasks\{C0F2F3E8-4EF1-4682-A49C-A92C3561B580} => pcalua.exe -a D:\setup.exe -d D:\ Task: {55366065-1771-4792-B601-23B7C83859C2} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2013-02-24] () Task: {59BAA908-FFB2-441B-AE82-49B3704598E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.) Task: {6DB7DCAE-727C-4034-A94B-601073F69EEF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.) Task: {7E776421-0322-4D5A-B5C9-9B7B29DC52D6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core => C:\Users\Sosso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.) Task: {90BA91FF-5F6A-49B4-BE63-5A2F5CBE6F06} - System32\Tasks\HPCustParticipation HP Photosmart 6510 series => C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.) Task: {94628B79-46F0-45DB-AE0E-9BAF925BC011} - System32\Tasks\{4FF670C1-69EA-4176-96A9-D8E95EE04CED} => pcalua.exe -a "D:\BackItUp and Burn\setup.exe" -d C:\Windows\SysWOW64 -c /embed"{298CECD3-2A83-48C2-8776-9A2ACE44F3CC}" /hide_splash /hide_progress /runprerequisites"BackItUp,BurnRights,Express,RescueAgent,Common" /l1053 Task: {9A8F0A68-D24A-402D-A8EA-B5D4EE5AC750} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {9AAB518B-7708-4C19-8021-1FA7D1087FB6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated) Task: {B44A328E-9DA0-4BD1-9592-B3EE0FCF1DD8} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.) Task: {BAFC9EC3-2B1C-4781-96CD-9DC9D98B01F7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA => C:\Users\Sosso\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.) Task: {BF97402D-7AF4-495C-B492-0F6AC337FBDB} - System32\Tasks\{A3876BB8-7AED-4984-B4C9-2932EA3B1122} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe" -c REMOVESERIALNUMBER="8M01-209M-AH6P-5UW0-WHAW-C53X-473X-79MH" Task: {C488DA41-810C-473D-A6F2-CC185D80DE74} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-08-22] () Task: {C8D54663-63EF-4629-A8C0-230F0BC0F108} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core => C:\Users\Sosso\AppData\Local\Google\Update\GoogleUpdate.exe [2014-09-26] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core.job => C:\Users\Sosso\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA.job => C:\Users\Sosso\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core.job => C:\Users\Sosso\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA.job => C:\Users\Sosso\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe ==================== Loaded Modules (Whitelisted) ============== 2013-02-01 19:12 - 2012-12-06 14:52 - 00136704 _____ () C:\Windows\System32\ZLHP2600.DLL 2011-08-12 17:13 - 2011-08-12 17:13 - 00087040 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2009-09-29 13:55 - 2008-07-30 04:29 - 00200704 _____ () C:\Windows\PLFSetI.exe 2012-05-23 16:57 - 2012-03-30 13:03 - 00068096 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\CancelAutoPlay.exe 2012-05-23 16:57 - 2012-04-09 04:09 - 00221512 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\dbus-daemon.exe 2012-05-23 16:57 - 2012-04-09 04:09 - 00037192 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\db_daemon.exe 2009-07-29 22:10 - 2009-07-29 22:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2009-09-29 13:54 - 2009-09-29 13:54 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2015-06-15 17:39 - 2015-06-15 17:39 - 00104400 _____ () C:\Program Files\Alwil Software\Avast5\log.dll 2015-06-15 17:38 - 2015-06-15 17:38 - 00081728 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll 2015-07-25 11:25 - 2015-07-25 11:25 - 02960384 _____ () C:\Program Files\Alwil Software\Avast5\defs\15072500\algo.dll 2015-07-25 23:03 - 2015-07-25 23:03 - 02960384 _____ () C:\Program Files\Alwil Software\Avast5\defs\15072501\algo.dll 2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll 2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll 2012-05-23 16:57 - 2011-05-06 05:03 - 00594944 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\dbus-1.dll 2012-05-23 16:57 - 2012-04-09 04:06 - 00100352 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\itapi.dll 2012-05-23 16:57 - 2012-04-09 04:05 - 00027136 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\log.dll 2012-05-23 16:57 - 2010-10-14 11:37 - 00971776 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\libxml2.dll 2012-05-23 16:57 - 2010-10-14 11:37 - 00080688 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\zlib1.dll 2012-05-23 16:57 - 2012-04-09 04:05 - 00055296 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\coder.dll 2012-05-23 16:57 - 2012-04-09 04:06 - 00043008 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\audio.dll 2012-05-23 16:57 - 2012-04-09 04:05 - 00035840 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\libConfig.dll 2012-05-23 16:57 - 2012-04-09 04:05 - 00020992 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\libctlsvr.dll 2015-03-19 17:49 - 2015-03-19 17:49 - 40540672 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll 2012-05-23 16:57 - 2007-09-09 17:07 - 00151552 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\libexpat.dll 2012-05-23 16:57 - 2011-05-06 05:02 - 00341504 _____ () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\sqlite3.dll 2015-07-25 22:57 - 2015-07-24 00:39 - 01405768 _____ () C:\Users\Sosso\AppData\Local\Google\Chrome\Application\44.0.2403.107\libglesv2.dll 2015-07-25 22:57 - 2015-07-24 00:39 - 00081224 _____ () C:\Users\Sosso\AppData\Local\Google\Chrome\Application\44.0.2403.107\libegl.dll 2015-07-25 22:57 - 2015-07-24 00:39 - 16308040 _____ () C:\Users\Sosso\AppData\Local\Google\Chrome\Application\44.0.2403.107\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Device Monitor 3.lnk => C:\Windows\pss\Device Monitor 3.lnk.CommonStartup MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: Bredbandscenter => "C:\Program Files (x86)\Glocalnet\Bredbandscenter\Launcher.exe" /winstart MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A5A48B92-8A06-46CC-AB98-D30EDF70F628}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{D8AABB03-CA8D-478A-9763-5281D43A0491}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{709F98C6-1B56-469C-AA7C-7E33F537B2FB}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{0DB6F52F-2488-4615-B42D-CC238964C6BE}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{E2801AC2-0F8F-4C4E-88FE-1DE178E8E57C}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe FirewallRules: [{392ED034-05C4-4A33-88D6-259F4A82DA6B}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe FirewallRules: [{33CCFC64-0768-4F4C-BAF5-05F205ECFB3D}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe FirewallRules: [{FBBDF12E-FE40-4368-9D9D-6CC2A8CBBBF2}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe FirewallRules: [{DEDCC112-E520-4781-84E4-385DB37B1418}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe FirewallRules: [{FFDB3DBB-9F76-4AB0-8C9B-1AA49030C147}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{34EBBF65-8F3B-4F6B-888F-2D60F7963B5B}] => (Allow) svchost.exe FirewallRules: [{D51516B1-1A10-47DC-83FB-8D40AC20926D}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{A03C9A7F-B745-4B32-B661-B9328AFC2AA9}] => (Allow) LPort=49465 FirewallRules: [{0EEA435A-9321-4904-AD0D-7C3967B386CF}] => (Allow) LPort=5000 FirewallRules: [{4610CC8D-AA6A-4332-A8AA-C9CBA99F21B1}] => (Allow) LPort=49161 FirewallRules: [{8A8C2B9F-C894-458C-B67B-13A39BA58D39}] => (Allow) LPort=5000 FirewallRules: [{2547A9F9-69CA-4305-8A73-DAF600A9AD2C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{DE90A25F-C8E1-48AB-AA1A-E55B743342A3}] => (Allow) LPort=2869 FirewallRules: [{F5B10EA6-1DBF-4D50-A18E-2CD5AF8B2D1E}] => (Allow) LPort=1900 FirewallRules: [{114303FD-B605-4055-B12F-F583B65FAC17}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [TCP Query User{0BB8A92E-3C42-46CC-8131-32B224EDBD12}C:\program files (x86)\spotify\spotify.exe] => (Block) C:\program files (x86)\spotify\spotify.exe FirewallRules: [uDP Query User{32710063-DFAE-43A5-B315-D07DA3234666}C:\program files (x86)\spotify\spotify.exe] => (Block) C:\program files (x86)\spotify\spotify.exe FirewallRules: [TCP Query User{79633B85-1F4F-4CF9-9652-89835E2C4666}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe FirewallRules: [uDP Query User{66DB7938-B85E-4502-81B2-857379FBE59E}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe FirewallRules: [{22688513-31D9-4E88-A531-05D4808C3FAD}] => (Allow) C:\Users\Sosso\AppData\Local\Temp\Update_f2df.exe FirewallRules: [{6B71143E-C801-473D-8589-314DC558DA33}] => (Allow) C:\Users\Sosso\AppData\Local\Temp\Update_f2df.exe FirewallRules: [{B0BAD60B-8DE2-4B22-BC3A-DF6B96BFCA19}] => (Allow) LPort=49163 FirewallRules: [TCP Query User{7A010090-CB7C-4067-8042-97D4F5F8A91E}C:\users\sosso\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sosso\appdata\roaming\spotify\spotify.exe FirewallRules: [uDP Query User{78B4D6A7-3ED2-47EF-8C49-02ED0325FAD7}C:\users\sosso\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\sosso\appdata\roaming\spotify\spotify.exe FirewallRules: [{0BDF4366-3F34-44F5-BEE6-FE8A2F9D64CC}] => (Allow) C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe FirewallRules: [{5BF780A0-C1A7-42E1-9CC6-49AD3281D760}] => (Allow) C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe FirewallRules: [TCP Query User{43892CE3-8370-4C4D-AAE4-7E76B2B21A0C}C:\users\sosso\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\sosso\appdata\local\akamai\netsession_win.exe FirewallRules: [uDP Query User{D68300B4-0567-409F-BD74-A9406BECAFDF}C:\users\sosso\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\sosso\appdata\local\akamai\netsession_win.exe FirewallRules: [{1AEF5771-3E88-4618-9FC9-B1E0DCDA34B6}] => (Allow) C:\Program Files\HP\HP Photosmart 6510 series\Bin\DeviceSetup.exe FirewallRules: [{FD8CF4E3-F434-46DC-8677-345CCE6E0187}] => (Allow) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe FirewallRules: [TCP Query User{11CE8622-4162-432F-85A1-D8CD0D2C76FA}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe FirewallRules: [uDP Query User{A60AD90F-24E3-446E-A445-77259214822C}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe FirewallRules: [TCP Query User{2AF07F36-F46A-4F8E-B44C-5C015832B4E4}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe FirewallRules: [uDP Query User{77F5C94A-50E3-4395-BB41-6F6A0835255A}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe FirewallRules: [{862EF843-04AE-4F75-8F85-7C1F5BCB3561}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{4A7730AB-85AE-4270-B4F7-1BB4E7D9EF35}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{93D4454F-64EE-44BE-AF6C-0E509EAC78B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C79A4709-E640-40FA-90FD-D118DC241A6D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{632AD314-5345-4CB3-9882-737E29D5C421}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4CF6F4F0-701A-4467-A4E6-59525560593A}] => (Allow) C:\Users\Sosso\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{96486FB4-0BDC-47F2-92AD-F57DEA1A5E31}] => (Allow) C:\Users\Sosso\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DA75421C-E96F-4EFB-AAD9-50C80DDDDA61}] => (Allow) C:\Users\Sosso\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [TCP Query User{5C4D5228-9745-4D4A-B28A-740A4BD99945}C:\users\sosso\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\sosso\appdata\local\google\chrome\application\chrome.exe FirewallRules: [uDP Query User{A2A7F7D8-6623-4A14-8715-7C02F85CB23A}C:\users\sosso\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\sosso\appdata\local\google\chrome\application\chrome.exe FirewallRules: [TCP Query User{AF3B9692-A0B6-4B8A-A565-19A9CC0D5D4A}C:\users\sosso\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\sosso\appdata\local\google\chrome\application\chrome.exe FirewallRules: [uDP Query User{01EF70B9-E625-4839-836C-1008CB965BC9}C:\users\sosso\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\sosso\appdata\local\google\chrome\application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/26/2015 11:13:19 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/26/2015 11:13:12 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/26/2015 11:13:12 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/26/2015 04:04:59 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/26/2015 04:04:59 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/26/2015 01:33:54 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/26/2015 01:33:54 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/26/2015 12:22:59 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/25/2015 07:25:17 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (07/25/2015 07:25:07 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Det gick inte att skapa aktiveringskontext för C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1. Det finns ett fel i manifest- eller principfilen C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2 på rad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3. En komponentversion som begärs av programmet står i konflikt med en annan komponentversion som redan är aktiv. Följande komponenter orsakar konflikten: Komponent 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Komponent 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. System errors: ============= Error: (07/26/2015 11:14:39 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (07/26/2015 10:14:39 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (07/26/2015 09:44:39 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (07/26/2015 09:14:39 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (07/26/2015 08:44:39 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (07/26/2015 07:44:39 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (07/26/2015 07:14:39 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (07/26/2015 04:44:39 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (07/26/2015 03:14:39 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (07/26/2015 02:44:39 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Microsoft Office: ========================= Error: (07/26/2015 11:13:19 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Sosso\Downloads\esetsmartinstaller_enu.exe Error: (07/26/2015 11:13:12 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Sosso\Downloads\esetsmartinstaller_enu.exe Error: (07/26/2015 11:13:12 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Sosso\Downloads\esetsmartinstaller_enu.exe Error: (07/26/2015 04:04:59 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestc:\users\sosso\desktop\esetsmartinstaller_enu (1).exe Error: (07/26/2015 04:04:59 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestc:\users\sosso\desktop\esetsmartinstaller_enu.exe Error: (07/26/2015 01:33:54 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestc:\users\sosso\desktop\esetsmartinstaller_enu (1).exe Error: (07/26/2015 01:33:54 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestc:\users\sosso\desktop\esetsmartinstaller_enu.exe Error: (07/26/2015 12:22:59 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Sosso\Downloads\esetsmartinstaller_enu.exe Error: (07/25/2015 07:25:17 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Sosso\Desktop\esetsmartinstaller_enu (1).exe Error: (07/25/2015 07:25:07 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Sosso\Desktop\esetsmartinstaller_enu (1).exe ==================== Memory info =========================== Processor: Pentium® Dual-Core CPU T4300 @ 2.10GHz Percentage of memory in use: 65% Total physical RAM: 4090.93 MB Available physical RAM: 1421.43 MB Total Virtual: 8180.06 MB Available Virtual: 4695.43 MB ==================== Drives ================================ Drive c: (ACER) (Fixed) (Total:452.97 GB) (Free:9.52 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 28212821) Partition 1: (Not Active) - (Size=12.7 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS) ==================== End of log ============================
  10. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015 Ran by Sosso (administrator) on LAPTOPSOFIA (26-07-2015 11:18:04) Running from C:\Users\Sosso\Downloads Loaded Profiles: Sosso (Available Profiles: Sosso & Langen) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe (Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\alg.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Windows\PLFSetI.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\CancelAutoPlay.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Akamai Technologies, Inc.) C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe (Spotify Ltd) C:\Users\Sosso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (ZTE) C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\mcserver.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastUI.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\dbus-daemon.exe () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\db_daemon.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation) HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-07] (Egis Technology Inc.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-19] (Synaptics Incorporated) HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-30] () HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated) HKLM\...\Run: [CancelAutoPlay.exe] => C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\CancelAutoPlay.exe [68096 2012-03-30] () HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.) HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.) HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.) HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-08-01] (CyberLink Corp.) HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-08-05] (Acer Corp.) HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [MessengerPlusForSkypeService] => "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5515496 2015-06-15] (Avast Software s.r.o.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [mbot_se_014010025] => [X] HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Google Update] => C:\Users\Sosso\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-09-26] (Google Inc.) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Facebook Update] => C:\Users\Sosso\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [sony PC Companion] => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [spotify Web Helper] => C:\Users\Sosso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2015-01-26] (Spotify Ltd) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [HP Photosmart 6510 series (NET)] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2011-10-28] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MCtlSvc.lnk [2012-05-23] ShortcutTarget: MCtlSvc.lnk -> C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\mcserver.exe (ZTE) Startup: C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Övervaka bläckvarningar - .lnk [2012-08-12] ShortcutTarget: Övervaka bläckvarningar - .lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) Startup: C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Övervaka bläckvarningar - HP Photosmart 6510 series (nätverk).lnk [2015-07-25] ShortcutTarget: Övervaka bläckvarningar - HP Photosmart 6510 series (nätverk).lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-06-15] (Avast Software s.r.o.) ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-08-07] (Egis Technology Inc.) ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-08-07] (Egis Technology Inc.) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-06-15] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.) BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-06-15] (Avast Software s.r.o.) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.) Toolbar: HKU\S-1-5-21-3310348378-2041383425-807149183-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.) DPF: HKLM-x32 {19D6A3D5-EA50-4C3B-88F0-79627C325570} http://iloapp.teamsosso.se/gallery/executable/IlosoftMultipleImageUpload.dll DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2EB15542-5E83-44FF-872F-64395312DE35}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{F1D30B37-CAC4-4C71-87B2-2EBCB93A8B31}: [DhcpNameServer] 192.168.1.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default FF Homepage: hxxp://www.google.com/ FF NetworkProxy: "no_proxies_on", "*.local" FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-02-11] (Finansiell ID-Teknik BID AB) FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2010-03-26] (GARMIN Corp.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-06-21] (RocketLife, LLP) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sosso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009-12-22] (mozilla.org) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml [2009-12-22] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009-12-22] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml [2009-12-22] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml [2009-12-22] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml [2009-12-22] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml [2009-12-22] FF Extension: personaschristopherbeard - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\personas@christopher.beard [2015-07-17] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20] FF HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\quick_start@gmail.com [not found] FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\searchffv2@gmail.com [not found] FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\AVJYFVOD75109374@HCDE39471360.com [not found] StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR Profile: C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (WOT) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2010-04-21] CHR Extension: (YouTube) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18] CHR Extension: (Google Cast) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-04-12] CHR Extension: (Google Search) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18] CHR Extension: (Avast Online Security) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-05] CHR Extension: (ljmpghknnfhlgcgchochgijlgjpmhhfo) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmpghknnfhlgcgchochgijlgjpmhhfo [2015-07-17] CHR Extension: (CinemaP-1.9cV09.07) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-07-09] CHR Extension: (Chrome Web Store Payments) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25] CHR Extension: (Gmail) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19] StartMenuInternet: Google Chrome - Chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-06-15] (Avast Software s.r.o.) R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2011-08-12] () [File not signed] R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [87344 2009-09-01] (Prolific Technology Inc.) S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 MsgPlusService; "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AF9035BDA; C:\Windows\System32\Drivers\AF9035BDA.sys [488832 2010-03-23] (AfaTech ) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-15] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-15] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-15] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-15] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-15] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-15] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-15] () S3 massfilter_lte; C:\Windows\system32\drivers\massfilter_lte.sys [18456 2011-12-20] (HandSet Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) S3 zgdcat; C:\Windows\System32\DRIVERS\zgdcat.sys [130200 2011-12-20] (ZTE Incorporated) S3 zgdcdiag; C:\Windows\System32\DRIVERS\zgdcdiag.sys [130200 2011-12-20] (ZTE Incorporated) S3 zgdcmdm; C:\Windows\System32\DRIVERS\zgdcmdm.sys [130200 2011-12-20] (ZTE Incorporated) S3 zgdcnet; C:\Windows\System32\DRIVERS\zgdcnet.sys [169496 2011-12-20] (ZTE Incorporated) S3 zgdcnmea; C:\Windows\System32\DRIVERS\zgdcnmea.sys [130200 2011-12-20] (ZTE Incorporated) S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-26 00:22 - 2015-07-26 00:22 - 00046328 _____ C:\Users\Sosso\Downloads\eset scan.txt 2015-07-25 19:24 - 2015-07-25 19:25 - 02870984 _____ (ESET) C:\Users\Sosso\Desktop\esetsmartinstaller_enu (1).exe 2015-07-25 18:54 - 2015-07-25 18:55 - 02870984 _____ (ESET) C:\Users\Sosso\Desktop\esetsmartinstaller_enu.exe 2015-07-25 18:50 - 2015-07-25 18:50 - 00000000 ___HD C:\Windows\AxInstSV 2015-07-25 17:59 - 2015-07-26 11:19 - 00025796 _____ C:\Users\Sosso\Downloads\FRST.txt 2015-07-25 17:59 - 2015-07-26 11:11 - 00000000 ____D C:\Users\Sosso\Downloads\FRST-OlderVersion 2015-07-23 14:12 - 2015-07-23 14:12 - 00275336 _____ C:\Windows\Minidump\072315-105940-01.dmp 2015-07-14 22:18 - 2015-07-14 22:18 - 00194161 _____ C:\14-7.txt 2015-07-14 21:48 - 2015-07-14 21:48 - 18009776 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-07-14 20:51 - 2015-07-14 22:19 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-14 20:50 - 2015-07-14 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-07-14 20:50 - 2015-07-14 20:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-07-14 20:50 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-07-14 20:50 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-07-09 18:22 - 2015-07-09 18:22 - 00000254 __RSH C:\ProgramData\ntuser.pol 2015-07-09 09:06 - 2015-07-09 09:06 - 00000971 _____ C:\Users\Sosso\Desktop\GUPlayer.lnk 2015-07-09 08:57 - 2015-07-25 22:54 - 00000000 ____D C:\Program Files (x86)\4b08656f-7a70-4884-822a-7ab7465c019b 2015-07-09 08:56 - 2015-07-23 17:47 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-07-09 08:52 - 2015-07-09 08:52 - 00000000 _____ C:\Windows\prleth.sys 2015-07-09 08:52 - 2015-07-09 08:52 - 00000000 _____ C:\Windows\hgfs.sys ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-26 11:18 - 2014-03-10 01:01 - 00000000 ____D C:\FRST 2015-07-26 11:17 - 2014-03-09 21:43 - 00001796 _____ C:\sc-cleaner.txt 2015-07-26 11:17 - 2010-01-11 22:42 - 07691776 ___SH C:\Users\Sosso\Downloads\Thumbs.db 2015-07-26 10:52 - 2012-08-12 02:27 - 00000338 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job 2015-07-26 10:46 - 2013-08-29 21:42 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-26 10:44 - 2010-02-20 18:51 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-26 10:44 - 2010-02-03 12:48 - 00001004 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA.job 2015-07-26 10:32 - 2009-09-29 13:49 - 01636632 _____ C:\Windows\WindowsUpdate.log 2015-07-26 08:36 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-26 08:36 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-26 08:30 - 2012-02-16 18:19 - 00000976 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA.job 2015-07-26 04:40 - 2009-12-12 01:53 - 00000000 ____D C:\Users\Langen 2015-07-26 04:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2015-07-25 23:30 - 2012-02-16 18:19 - 00000954 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core.job 2015-07-25 22:54 - 2009-09-29 13:56 - 00000000 ____D C:\Program Files (x86)\Acer Arcade Deluxe 2015-07-25 18:45 - 2010-06-21 14:44 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-07-25 18:45 - 2009-12-11 01:49 - 00000000 ____D C:\Users\Sosso 2015-07-25 18:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-25 18:44 - 2009-07-14 06:51 - 00279633 _____ C:\Windows\setupact.log 2015-07-25 18:14 - 2014-09-05 20:40 - 00000000 __SHD C:\Users\Sosso\AppData\Local\EmieUserList 2015-07-25 18:14 - 2014-09-05 20:40 - 00000000 __SHD C:\Users\Sosso\AppData\Local\EmieSiteList 2015-07-25 18:14 - 2009-12-10 20:16 - 00000000 ____D C:\Users\Sosso\AppData\Local\Google 2015-07-25 18:09 - 2014-03-10 01:02 - 00053708 _____ C:\Users\Sosso\Downloads\Addition.txt 2015-07-25 17:59 - 2014-03-10 01:00 - 02146816 _____ (Farbar) C:\Users\Sosso\Downloads\FRST64.exe 2015-07-25 17:52 - 2012-07-10 00:20 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-07-25 17:47 - 2009-08-22 10:34 - 01292186 _____ C:\Windows\PFRO.log 2015-07-25 16:58 - 2009-07-14 04:34 - 00000612 _____ C:\Windows\win.ini 2015-07-25 12:44 - 2010-02-03 12:48 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core.job 2015-07-23 14:12 - 2011-07-23 21:51 - 00000000 ____D C:\Windows\Minidump 2015-07-23 11:56 - 2009-09-29 14:45 - 00664068 _____ C:\Windows\system32\perfh01D.dat 2015-07-23 11:56 - 2009-09-29 14:45 - 00142836 _____ C:\Windows\system32\perfc01D.dat 2015-07-23 11:56 - 2009-07-14 07:13 - 01580554 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-18 07:09 - 2015-04-05 22:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-18 07:09 - 2015-04-05 22:38 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-18 07:09 - 2015-02-15 14:38 - 00000000 ____D C:\Windows\system32\appraiser 2015-07-18 07:09 - 2014-05-17 10:06 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-07-18 07:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-07-18 07:09 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2015-07-17 21:12 - 2010-01-15 16:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-07-17 20:27 - 2013-08-20 18:11 - 00000000 ____D C:\Windows\system32\MRT 2015-07-16 16:06 - 2014-02-21 00:52 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-07-16 16:04 - 2014-12-25 21:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-16 12:39 - 2010-02-20 18:51 - 00003990 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-16 12:39 - 2010-02-20 18:51 - 00003738 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-16 12:39 - 2010-02-20 18:51 - 00000990 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-16 12:39 - 2010-02-03 12:48 - 00003974 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA 2015-07-16 12:39 - 2010-02-03 12:48 - 00003578 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core 2015-07-14 21:49 - 2013-08-29 21:42 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-14 21:49 - 2013-05-03 15:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-14 21:49 - 2011-06-06 20:17 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\Users\Sosso\AppData\Roaming\Malwarebytes 2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2015-07-13 22:06 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2015-07-13 20:54 - 2009-12-11 01:50 - 00001421 _____ C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-07-09 10:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\GroupPolicy 2015-07-09 09:08 - 2009-12-13 13:33 - 00000000 ____D C:\Users\Sosso\AppData\Roaming\uTorrent 2015-07-09 09:03 - 2009-08-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone 2015-07-09 09:03 - 2009-08-22 10:43 - 00000000 ____D C:\Program Files (x86)\Acer GameZone 2015-07-09 09:03 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-07-06 20:05 - 2011-01-15 17:16 - 00001456 _____ C:\Users\Sosso\AppData\Local\Adobe Spara för webben 12.0 Prefs 2015-06-26 17:39 - 2011-02-09 20:03 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys 2015-06-26 01:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache ==================== Files in the root of some directories ======= 2009-08-22 10:43 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico 2011-09-28 22:04 - 2011-10-16 23:42 - 0000132 _____ () C:\Users\Sosso\AppData\Roaming\CS5-inställningar för PNG-format i Adobe 2010-02-06 23:02 - 2011-12-15 20:42 - 0000143 _____ () C:\Users\Sosso\AppData\Roaming\default.rss 2009-12-19 18:38 - 2015-01-06 18:01 - 0002704 _____ () C:\Users\Sosso\AppData\Roaming\wklnhst.dat 2011-01-15 17:16 - 2015-07-06 20:05 - 0001456 _____ () C:\Users\Sosso\AppData\Local\Adobe Spara för webben 12.0 Prefs 2010-08-04 22:47 - 2010-08-04 22:47 - 0007602 _____ () C:\Users\Sosso\AppData\Local\Resmon.ResmonCfg 2012-08-12 01:39 - 2012-08-12 01:39 - 0000057 _____ () C:\ProgramData\Ament.ini 2009-09-29 13:56 - 2009-09-29 14:00 - 0007830 _____ () C:\ProgramData\ArcadeDeluxe3.log 2009-08-22 10:44 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe 2010-03-23 20:48 - 2010-03-23 21:02 - 0000453 _____ () C:\ProgramData\LmeUSB.log 2010-03-23 20:48 - 2010-03-23 21:02 - 0000456 _____ () C:\ProgramData\LSDmbTH.log Some files in TEMP: ==================== C:\Users\Langen\AppData\Local\Temp\FlashPlayerUpdate.exe C:\Users\Sosso\AppData\Local\Temp\DataCard_Setup64.exe C:\Users\Sosso\AppData\Local\Temp\MsgPlusUninstall.exe C:\Users\Sosso\AppData\Local\Temp\ResetDevice.exe C:\Users\Sosso\AppData\Local\Temp\uttD852.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-23 13:35 ==================== End of log ============================
  11. Jag höll på mkt tidigare med formatering och sånt, mkt med xp, men har nog inte hålltider på något sen dess...
  12. "Lånar" tråden lite.... Jag har en win7 dator (laptop) från acer, fick ingen skiva med och det finns ingen recovery partition... Hur gör jag för att få in "rätt" win 7 igen?
  13. Ok, fixar imorgon... men en fråga först, Ska jag avinstallera och installera på nytt eller bara köra en omgång till? Jag stoppade ju eset scanningen och gjorde precis som jag skulle göra enligt din instruktion.. var ju lite snabb på att starta allt....
  14. C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\2247b45d-19c3-49cf-96bf-ed8aff6a808e.crx.vir JS/Toolbar.Crossrider.E potentially unwanted application deleted - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\2247b45d-19c3-49cf-96bf-ed8aff6a808e.dll.vir a variant of Win32/Toolbar.CrossRider.CG potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\290f1cc5-c7ea-46b7-9f1b-da1976813a1e.dll.vir a variant of Win64/Toolbar.Crossrider.P potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-1-6.exe.vir a variant of Win32/Toolbar.CrossRider.CD potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-1-7.exe.vir a variant of Win32/Toolbar.CrossRider.CD potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-10.exe.vir a variant of Win32/Toolbar.CrossRider.CO potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-3.exe.vir a variant of Win32/Toolbar.CrossRider.CH potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-4.exe.vir a variant of Win32/Toolbar.CrossRider.CH potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-5.exe.vir a variant of Win32/Toolbar.CrossRider.CC potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-6.exe.vir a variant of Win32/Toolbar.CrossRider.CD potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-64.exe.vir a variant of Win64/Toolbar.Crossrider.N potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8-7.exe.vir a variant of Win32/Toolbar.CrossRider.CD potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\336b6588-d689-4286-a3f1-4774b0f309f8.xpi.vir JS/Toolbar.Crossrider.B potentially unwanted application deleted - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\Uninstall.exe.vir a variant of Win32/Toolbar.CrossRider.CU potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\UninstallBrw.exe.vir a variant of Win32/Toolbar.CrossRider.CO potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\CinemaP-1.9cV09.07\utils.exe.vir a variant of Win32/Toolbar.CrossRider.CM potentially unwanted application deleted - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\globalupdate.exe.vir Win32/AlteredSoftware.F potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdate.exe.vir Win32/AlteredSoftware.F potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe.vir Win32/AlteredSoftware.H potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe.vir Win32/AlteredSoftware.F potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe.vir Win32/AlteredSoftware.H potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll.vir a variant of Win32/AlteredSoftware.E potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir a variant of Win32/AlteredSoftware.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir a variant of Win32/AlteredSoftware.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\GUPlayer\GUPlayerUninstaller.exe.vir a variant of Win32/TrojanDropper.Addrop.J trojan cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchCH.dll.vir Win32/ELEX.BM potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowerWatchFF.dll.vir Win32/ELEX.BM potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\BrowserAction.dll.vir a variant of Win32/ELEX.DH potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\CmdShell.exe.vir a variant of Win32/ELEX.CY potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ffsearch_toolbar!1.0.0.1031.xpi.vir Win32/Toolbar.TNT2.I potentially unwanted application deleted - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\HPNotify.exe.vir a variant of Win32/ELEX.DK potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\IeWatchDog.dll.vir Win32/ELEX.BM potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\ProtectService.exe.vir a variant of Win32/ELEX.EE potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\miuitab\SupTab.dll.vir a variant of Win32/Thinknice.B potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\aaaaaogcninhibjjfnjhhljkmdkepfnf.crx.vir Win32/BrowseFox.Q potentially unwanted application deleted - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\ProductDealsbho.dll.vir a variant of Win32/BrowseFox.AE potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\ProductDealsUninstall.exe.vir a variant of Win32/BrowseFox.AY potentially unwanted application deleted - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\updateProductDeals.exe.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\33ec.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\33ec41eac564.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\33ec64.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\4765b08d0fb448cabf21.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\4765b08d0fb448cabf2102642a05e93d.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\4765b08d0fb448cabf2102642a05e93d64.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\4765b08d0fb448cabf2164.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\b9ef2fca9fe64589b97a.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\b9ef2fca9fe64589b97a64.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\b9ef2fca9fe64589b97a90379e9f2f5e.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\b9ef2fca9fe64589b97a90379e9f2f5e64.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e789ddb0d21e49179218.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e789ddb0d21e4917921864.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e789ddb0d21e49179218742217563d5b.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e789ddb0d21e49179218742217563d5b64.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e8bbec8c4837488cbb91.dll.vir a variant of Win32/BrowseFox.N potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e8bbec8c4837488cbb912413047df2f2.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e8bbec8c4837488cbb912413047df2f264.dll.vir a variant of Win64/BrowseFox.CK potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\e8bbec8c4837488cbb9164.dll.vir a variant of Win64/BrowseFox.CI potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\ProductDeals.BrowserAdapter.exe.vir a variant of Win32/BrowseFox.AX potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\ProductDeals.BrowserAdapter64.exe.vir a variant of Win64/BrowseFox.CP potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\ProductDeals.expext.exe.vir a variant of Win32/BrowseFox.BY potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\ProductDeals.PurBrowse64.exe.vir a variant of Win64/BrowseFox.A potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\tmp3D25.tmp.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\tmp7A8.tmp.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\tmpB23F.tmp.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\utilProductDeals.exe.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\plugins\ProductDeals.BrowserAdapter.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\plugins\ProductDeals.CompatibilityChecker.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\plugins\ProductDeals.ExpExt.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\plugins\ProductDeals.FFUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\plugins\ProductDeals.GCUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Program Files (x86)\Product Deals\bin\plugins\ProductDeals.PurBrowseG.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\AVJYFVOD75109374@HCDE39471360.com\chrome\content\core\7eebb9ac322c6e2242ae07d3c08e9319.js.vir JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\AVJYFVOD75109374@HCDE39471360.com\extensionData\plugins\91.js.vir JS/Toolbar.Crossrider.B potentially unwanted application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting - quarantined C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64.sys.vir a variant of Win64/NetFilter.A potentially unsafe application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Program Files (x86)\PacFunction\updatePacFunction.exe a variant of Win32/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Program Files (x86)\PacFunction\bin\utilPacFunction.exe a variant of Win32/BrowseFox.G potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Program Files (x86)\PacFunction\bin\plugins\PacFunction.BrowserFilter.dll a variant of MSIL/BrowseFox.G potentially unwanted application deleted - quarantined C:\Program Files (x86)\4b08656f-7a70-4884-822a-7ab7465c019b\c5957811-1706-484c-94a7-68cb3d162e98.dll a variant of Win32/Toolbar.CrossRider.CG potentially unwanted application cleaned by deleting - quarantined C:\Program Files (x86)\4b08656f-7a70-4884-822a-7ab7465c019b\e9c8712a-6eb3-4978-8720-1befff8d5a49.dll a variant of Win64/Toolbar.Crossrider.P potentially unwanted application cleaned by deleting - quarantined C:\Program Files (x86)\Acer Arcade Deluxe\4a2bfd6b-8390-44ba-be12-5c3938977906.dll a variant of Win32/Toolbar.CrossRider.CG potentially unwanted application cleaned by deleting - quarantined C:\Program Files (x86)\Acer Arcade Deluxe\4b08656f-7a70-4884-822a-7ab7465c019b.dll a variant of Win64/Toolbar.Crossrider.P potentially unwanted application cleaned by deleting - quarantined C:\Users\Langen\AppData\Local\Temp\Update_8eff.exe a variant of Win32/Adware.CiDHelp application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\19.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\49a02e693d58c295bbde06b319488c40.js JS/Toolbar.Crossrider.E potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\0db43ac1e0278e93cff77e76be8b36ea.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\5bf4428d644f778fc93af7248f2d1994.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\api\fd1b592958991e60d7cba06930f22b07.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\142af5b08077226ed5da9f711d91255f.js JS/Toolbar.Crossrider.H potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\1452060f69f9a37569d24d810ba4b042.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\3cc0eb8c4e6c2d5c79f18d53aef24cfa.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\77713b276376b9ad10a5b09236218523.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\90c27ce3a17ada528d7d08aaa63241ea.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\bebd23a8ae65ace72edd6c16c852d52e.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.78_0\js\lib\fb5ddc6dc72a4e4c466e1013d8b7626e.js JS/Toolbar.Crossrider.G potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50GJS7CW\Reimage[1].exe a variant of Win32/OutBrowse.CB potentially unwanted application deleted - quarantined C:\Users\Sosso\AppData\Local\Temp\3358.exe a variant of Win32/Toolbar.CrossRider.CO potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Temp\9498.exe a variant of Win32/Toolbar.CrossRider.CO potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Temp\Cars.2006.SE.Fi.PAL.DVDR APOCALYPSE__10924_i1552997636_il777998.exe a variant of Win32/Amonetize.FU potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Temp\Update_3703.exe a variant of Win32/MessengerPlus.A potentially unwanted application deleted - quarantined C:\Users\Sosso\AppData\Local\Temp\comh.392643\globalupdate.exe Win32/AlteredSoftware.F potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Temp\comh.392643\globalupdateBroker.exe Win32/AlteredSoftware.H potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Temp\comh.392643\globalupdateCrashHandler.exe Win32/AlteredSoftware.F potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Temp\comh.392643\globalupdateOnDemand.exe Win32/AlteredSoftware.H potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Temp\comh.392643\npglobalupdateUpdate4.dll a variant of Win32/AlteredSoftware.E potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Temp\comh.392643\psmachine.dll a variant of Win32/AlteredSoftware.G potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Temp\comh.392643\psuser.dll a variant of Win32/AlteredSoftware.G potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Temp\is-D7I4D.tmp\gentlemjmp_ieu.exe multiple threats cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Temp\is-ILNC5.tmp\399.exe a variant of Win32/Adware.EoRezo.AZ application cleaned by deleting - quarantined C:\Users\Sosso\AppData\Local\Temp\Rar$EX00.392\Cars.2006.SE.Fi.PAL.DVDR APOCALYPSE_10924_i30387306_il345.exe a variant of Win32/Amonetize.DW potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\Downloads\Cars.2006.SE.Fi.PAL.DVDR+APOCALYPSE_10924_i30387306_il345.exe.zip a variant of Win32/Amonetize.DW potentially unwanted application deleted - quarantined C:\Users\Sosso\Downloads\NIKON D5000 user guide provided through pdfretriever.com.exe a variant of Win32/GetNow.J potentially unwanted application cleaned by deleting - quarantined C:\Users\Sosso\Downloads\TorchSetup.exe a variant of Win32/Toolbar.SearchSuite.W potentially unwanted application deleted - quarantined C:\Users\Sosso\Downloads\uTorrent.exe a variant of Win32/Bunndle potentially unsafe application cleaned by deleting - quarantined
  15. Stoppade den faktiskt.. 'gör om gör rätt' logg kommer strax
  16. Oj, insåg precis att jag missade dom avancerade inställningarna, 68% genomsökt nu.. kan jag avbryta och börja om eller ska jag fortsätta?
  17. Fick en uppdatering av avast.. som ville starta om datorn, den ville inte starta igen, suck... återställning pågår. Detta hände förra veckan åxå efter en win update... ska försöka göra onlinescan så fort d e klart... återkommer asap.
  18. Internet Explorer säger att det inte går att köra tillägget, och Chrome vill att jag ska ladda ner nåt..
  19. Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-07-2015 Ran by Sosso at 2015-07-25 18:07:02 Running from C:\Users\Sosso\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administratör (S-1-5-21-3310348378-2041383425-807149183-500 - Administrator - Disabled) Gäst (S-1-5-21-3310348378-2041383425-807149183-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-3310348378-2041383425-807149183-1002 - Limited - Enabled) Langen (S-1-5-21-3310348378-2041383425-807149183-1003 - Administrator - Enabled) => C:\Users\Langen Sosso (S-1-5-21-3310348378-2041383425-807149183-1001 - Administrator - Enabled) => C:\Users\Sosso ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) "Nero SoundTrax Help (x32 Version: 4.4.32.0 - Nero AG) Hidden µTorrent (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.6821 - CyberLink Corp.) Acer Arcade Deluxe (x32 Version: 3.0.6821 - CyberLink Corp.) Hidden Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.22 - NewTech Infosystems) Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp) Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3002 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated) Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.) Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.5.0715 - Acer Incorporated) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated) Adobe Color Common Settings (HKLM-x32\...\Adobe_6c8e2cb4fd241c55406016127a6ab2e) (Version: 1.0.1 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe ExtendScript Toolkit 2 (HKLM-x32\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 3.3 64-bit (HKLM\...\{CFFF260C-F510-45BB-8F8E-1D4AC1232786}) (Version: 3.3.1 - Adobe) Adobe Reader XI (11.0.12) - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden Akamai NetSession Interface (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media) ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden ATI AVIVO64 Codecs (Version: 10.7.0.40702 - ATI Technologies Inc.) Hidden ATI Catalyst Install Manager (HKLM\...\{D10D9994-4337-8067-F5D7-9F8FEC1E4A00}) (Version: 3.0.732.0 - ATI Technologies, Inc.) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software) Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden BankID säkerhetsprogram (HKLM-x32\...\{2D6973ED-BBF2-434E-993C-37E05087B8C8}) (Version: 5.1.3.2 - Finansiell ID-Teknik BID AB) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation) ccc-core-static (x32 Version: 2009.0702.1239.20840 - ATI) Hidden Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media) DC++ 0.802 (HKLM-x32\...\DC++) (Version: 0.802 - Jacek Sieka) DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media) DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink) EasyWeather (HKLM-x32\...\{CE1B03BC-3C99-4580-A2AC-A41DB9B83378}) (Version: - 1.0) Elevated Installer (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.) eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden Everio MediaBrowser 3 (HKLM-x32\...\{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}) (Version: 3.00.233 - PIXELA) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media) Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware) Garmin Communicator Plugin (HKLM-x32\...\{C7DD94A8-F775-426C-B56C-8E555A59F9E2}) (Version: 2.9.2 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Friluftskartan Pro v2 - Norra Norrland (HKLM-x32\...\{1C19DF6D-1F26-4F03-9696-471AAAF08906}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries) Garmin MapSource (HKLM-x32\...\{58FA5D40-E35A-47ED-8AFA-68CCC758559E}) (Version: 6.15.11 - Garmin Ltd or its subsidiaries) Garmin POI Loader (HKLM-x32\...\{328019A7-0012-401D-96A2-4CDDD02675A8}) (Version: 2.5.4.0 - Garmin Ltd or its subsidiaries) Garmin Trip and Waypoint Manager v5 (HKLM-x32\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries) Garmin VIRB Edit (HKLM-x32\...\{7FE515DE-36C8-4948-9786-496CE891BBFB}) (Version: 2.9.1 - Garmin Ltd or its subsidiaries) GmapTool 0.5.7a (HKLM-x32\...\{1873789F-59D5-4002-8A2F-60A827B78F98}_is1) (Version: - AP) Google Chrome (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Google Chrome) (Version: 44.0.2403.89 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media) Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media) HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 10.0.13228.1563 - Hewlett-Packard) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.11352 - HP Photo Creations) HP Photosmart 6510 series Grundläggande enhetsprogramvara (HKLM\...\{238E725E-9119-4D07-A622-ADC787FC0459}) (Version: 25.0.621.0 - Hewlett-Packard Co.) HP Photosmart 6510 series Hjälp (HKLM-x32\...\{A2F95F8C-CDA9-4B08-BAD1-CA9656E4EC14}) (Version: 140.0.2.2 - Hewlett Packard) HP Photosmart 6510 series Produktförbättringsstudie (HKLM\...\{BCE3A08B-CF08-4129-B63A-CFD327DC9A7C}) (Version: 25.0.621.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC) HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.013 - HTC Corporation) HTC Sync (HKLM-x32\...\{D5B18B60-4FC3-42AD-A629-9CA10ACC06CD}) (Version: 3.0.5579 - HTC Corporation) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.1.0 - LIGHTNING UK!) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) JDownloader Download Accelerator Packages (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\JDownloader Download Accelerator Packages) (Version: - ) <==== ATTENTION Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kartex (HKLM-x32\...\{896D3C79-8E3A-40DC-87F2-2AAC9F9146EF}) (Version: 5.41.5 - Lantmäteriet) K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - ) Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Acer Inc.) LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.) Menu Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Messenger Plus! for Skype (HKLM-x32\...\Messenger Plus! for Skype) (Version: 1.5.0.122 - Yuna Software) Microsoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-041D-0000-0000000FF1CE}_OMUI.sv-se_{6DB23E19-BC1C-4C62-8158-391F65D84457}) (Version: - Microsoft) Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_OMUI.sv-se_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Language Pack 2007 - Swedish/svenska (HKLM-x32\...\OMUI.sv-se) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_OMUI.sv-se_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version: - Microsoft) Microsoft Office PowerPoint Viewer 2007 (Swedish) (HKLM-x32\...\{95120000-00AF-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_OMUI.sv-se_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version: - Microsoft) Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{2C1B58D5-6549-472C-86B7-17BE57186628}) (Version: 9.7.0621 - Microsoft Corporation) Mobile Broadband (HKLM-x32\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: - ZTE CORPORATION) Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.02.07 - Huawei Technologies Co.,Ltd) Movie Templates - Starter Kit (x32 Version: 9.4.6.0 - Nero AG) Hidden Mozilla Firefox (3.5.7) (HKLM-x32\...\Mozilla Firefox (3.5.7)) (Version: 3.5.7 (sv-SE) - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.) Nero 9 (HKLM-x32\...\{39135c20-3583-4d13-bf34-3277fecb56d3}) (Version: - Nero AG) Nero BackItUp (HKLM-x32\...\{0420F95C-11FF-4E02-B967-6CC22B188F9F}) (Version: 5.2.6000 - Nero AG) Nero BackItUp and Burn (HKLM-x32\...\{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}) (Version: 1.2.0009 - Nero AG) Nero BurnRights (HKLM-x32\...\{397516AE-7DFE-4F90-84E0-BD616D559434}) (Version: 3.6.17000 - Nero AG) Nero Express (HKLM-x32\...\{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}) (Version: 9.6.11000 - Nero AG) Nero RescueAgent (HKLM-x32\...\{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}) (Version: 2.6.13000 - Nero AG) Norrlands Skoterledskarta Autorouting v3.0.2.1 (HKLM-x32\...\{40554019-49FF-4A33-A401-8AE7C01D3606}_is1) (Version: - ) NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems) NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6619 - NewTech Infosystems) NTI Media Maker 8 (x32 Version: 8.0.12.6619 - NewTech Infosystems) Hidden OpenOffice.org 3.4 (HKLM-x32\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Sony PC Companion 2.10.053 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.053 - Sony) SoundTrax (x32 Version: 4.4.32.0 - Nero AG) Hidden Spotify (HKLM-x32\...\Spotify) (Version: 0.5.2 - ) Spotify (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB) Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version: - Oberon Media) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated) VantagePoint (HKLM-x32\...\InstallShield_{1D21ED4F-3C5E-45C3-9795-8C8CB2AB31DC}) (Version: 2.32.0000 - Magellan Navigation, Inc.) VantagePoint (x32 Version: 2.32.0000 - Magellan Navigation, Inc.) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated) Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{08A247F5-E34F-4D17-8731-0906DF56947E}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows-drivrutinspaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows-drivrutinspaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) ZTE LTE Device USB Driver (HKLM\...\{00C1EF09-B5B7-4082-B1F4-C35CE7A7FCA9}) (Version: - ZTE Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{43090D0D-E309-4D12-B3E8-0165D520BA4C}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.25.3\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3310348378-2041383425-807149183-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  20. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-07-2015 Ran by Sosso (administrator) on LAPTOPSOFIA (25-07-2015 17:59:21) Running from C:\Users\Sosso\Downloads Loaded Profiles: Sosso (Available Profiles: Sosso & Langen) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe (Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\alg.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Windows\PLFSetI.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\CancelAutoPlay.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Akamai Technologies, Inc.) C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe (Spotify Ltd) C:\Users\Sosso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (ZTE) C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\mcserver.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\dbus-daemon.exe (Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastUI.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe () C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\db_daemon.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sosso\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation) HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-07] (Egis Technology Inc.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-19] (Synaptics Incorporated) HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-30] () HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated) HKLM\...\Run: [CancelAutoPlay.exe] => C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\CancelAutoPlay.exe [68096 2012-03-30] () HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.) HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.) HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.) HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-08-01] (CyberLink Corp.) HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-08-05] (Acer Corp.) HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [MessengerPlusForSkypeService] => "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5515496 2015-06-15] (Avast Software s.r.o.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [mbot_se_014010025] => [X] HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Google Update] => C:\Users\Sosso\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-09-26] (Google Inc.) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Sosso\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [Facebook Update] => C:\Users\Sosso\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [sony PC Companion] => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [spotify Web Helper] => C:\Users\Sosso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2015-01-26] (Spotify Ltd) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [HP Photosmart 6510 series (NET)] => C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.) HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2011-10-28] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MCtlSvc.lnk [2012-05-23] ShortcutTarget: MCtlSvc.lnk -> C:\Program Files (x86)\ZTE MF820D Modem Mobilebroadband\Bin\mcserver.exe (ZTE) Startup: C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Övervaka bläckvarningar - .lnk [2012-08-12] ShortcutTarget: Övervaka bläckvarningar - .lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) Startup: C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Övervaka bläckvarningar - HP Photosmart 6510 series (nätverk).lnk [2015-07-25] ShortcutTarget: Övervaka bläckvarningar - HP Photosmart 6510 series (nätverk).lnk -> C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-06-15] (Avast Software s.r.o.) ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-08-07] (Egis Technology Inc.) ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-08-07] (Egis Technology Inc.) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-06-15] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.) BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-06-15] (Avast Software s.r.o.) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-17] (Google Inc.) Toolbar: HKU\S-1-5-21-3310348378-2041383425-807149183-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-17] (Google Inc.) DPF: HKLM-x32 {19D6A3D5-EA50-4C3B-88F0-79627C325570} http://iloapp.teamsosso.se/gallery/executable/IlosoftMultipleImageUpload.dll DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2EB15542-5E83-44FF-872F-64395312DE35}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{F1D30B37-CAC4-4C71-87B2-2EBCB93A8B31}: [DhcpNameServer] 192.168.1.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default FF Homepage: hxxp://www.google.com/ FF NetworkProxy: "no_proxies_on", "*.local" FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2014-02-11] (Finansiell ID-Teknik BID AB) FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2010-03-26] (GARMIN Corp.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2012-06-21] (RocketLife, LLP) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sosso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin HKU\S-1-5-21-3310348378-2041383425-807149183-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Sosso\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll [2009-12-22] (mozilla.org) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml [2009-12-22] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml [2009-12-22] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml [2009-12-22] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml [2009-12-22] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml [2009-12-22] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml [2009-12-22] FF Extension: personaschristopherbeard - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\personas@christopher.beard [2015-07-17] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-20] FF HKU\S-1-5-21-3310348378-2041383425-807149183-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\quick_start@gmail.com [not found] FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\searchffv2@gmail.com [not found] FF Extension: No Name - C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\extensions\AVJYFVOD75109374@HCDE39471360.com [not found] StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR Profile: C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (WOT) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2010-04-21] CHR Extension: (YouTube) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-18] CHR Extension: (Google Cast) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-04-12] CHR Extension: (Google Search) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-18] CHR Extension: (Avast Online Security) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-05] CHR Extension: (ljmpghknnfhlgcgchochgijlgjpmhhfo) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmpghknnfhlgcgchochgijlgjpmhhfo [2015-07-17] CHR Extension: (CinemaP-1.9cV09.07) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-07-09] CHR Extension: (Chrome Web Store Payments) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25] CHR Extension: (Gmail) - C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-18] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19] StartMenuInternet: Google Chrome - Chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-06-15] (Avast Software s.r.o.) S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2011-08-12] () [File not signed] R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [87344 2009-09-01] (Prolific Technology Inc.) S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software) [File not signed] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 MsgPlusService; "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AF9035BDA; C:\Windows\System32\Drivers\AF9035BDA.sys [488832 2010-03-23] (AfaTech ) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-15] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-15] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-15] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-15] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-15] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-15] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-15] () S3 massfilter_lte; C:\Windows\system32\drivers\massfilter_lte.sys [18456 2011-12-20] (HandSet Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) S3 zgdcat; C:\Windows\System32\DRIVERS\zgdcat.sys [130200 2011-12-20] (ZTE Incorporated) S3 zgdcdiag; C:\Windows\System32\DRIVERS\zgdcdiag.sys [130200 2011-12-20] (ZTE Incorporated) S3 zgdcmdm; C:\Windows\System32\DRIVERS\zgdcmdm.sys [130200 2011-12-20] (ZTE Incorporated) S3 zgdcnet; C:\Windows\System32\DRIVERS\zgdcnet.sys [169496 2011-12-20] (ZTE Incorporated) S3 zgdcnmea; C:\Windows\System32\DRIVERS\zgdcnmea.sys [130200 2011-12-20] (ZTE Incorporated) S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-25 17:59 - 2015-07-25 18:02 - 00026259 _____ C:\Users\Sosso\Downloads\FRST.txt 2015-07-25 17:59 - 2015-07-25 17:59 - 00000000 ____D C:\Users\Sosso\Downloads\FRST-OlderVersion 2015-07-25 17:00 - 2015-07-25 17:00 - 02248704 _____ C:\Users\Sosso\Desktop\adwcleaner_4.208.exe 2015-07-23 14:12 - 2015-07-23 14:12 - 00275336 _____ C:\Windows\Minidump\072315-105940-01.dmp 2015-07-14 22:18 - 2015-07-14 22:18 - 00194161 _____ C:\14-7.txt 2015-07-14 21:48 - 2015-07-14 21:48 - 18009776 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-07-14 20:51 - 2015-07-14 22:19 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-14 20:50 - 2015-07-14 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-07-14 20:50 - 2015-07-14 20:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-07-14 20:50 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-07-14 20:50 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-07-09 18:22 - 2015-07-09 18:22 - 00000254 __RSH C:\ProgramData\ntuser.pol 2015-07-09 09:06 - 2015-07-09 09:06 - 00000971 _____ C:\Users\Sosso\Desktop\GUPlayer.lnk 2015-07-09 08:57 - 2015-07-09 08:58 - 00000000 ____D C:\Program Files (x86)\4b08656f-7a70-4884-822a-7ab7465c019b 2015-07-09 08:56 - 2015-07-23 17:47 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-07-09 08:52 - 2015-07-09 08:52 - 00000000 _____ C:\Windows\prleth.sys 2015-07-09 08:52 - 2015-07-09 08:52 - 00000000 _____ C:\Windows\hgfs.sys 2015-07-09 08:50 - 2015-07-09 08:50 - 01513936 _____ C:\Users\Sosso\Downloads\Cars.2006.SE.Fi.PAL.DVDR+APOCALYPSE_10924_i30387306_il345.exe.zip 2015-06-25 16:48 - 2015-06-25 16:48 - 00000000 ____D C:\Users\Sosso\AppData\Local\GWX ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-25 17:59 - 2014-03-10 01:01 - 00000000 ____D C:\FRST 2015-07-25 17:59 - 2014-03-10 01:00 - 02146816 _____ (Farbar) C:\Users\Sosso\Downloads\FRST64.exe 2015-07-25 17:58 - 2010-01-11 22:42 - 07569920 ___SH C:\Users\Sosso\Downloads\Thumbs.db 2015-07-25 17:56 - 2009-09-29 13:49 - 01549797 _____ C:\Windows\WindowsUpdate.log 2015-07-25 17:54 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-25 17:54 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-25 17:52 - 2012-08-12 02:27 - 00000338 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job 2015-07-25 17:52 - 2012-07-10 00:20 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-07-25 17:49 - 2010-06-21 14:44 - 00000437 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2015-07-25 17:47 - 2009-08-22 10:34 - 01292186 _____ C:\Windows\PFRO.log 2015-07-25 17:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-25 17:47 - 2009-07-14 06:51 - 00279577 _____ C:\Windows\setupact.log 2015-07-25 17:46 - 2013-08-29 21:42 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-25 17:45 - 2014-03-09 21:55 - 00000000 ____D C:\AdwCleaner 2015-07-25 17:44 - 2010-02-20 18:51 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-25 17:44 - 2010-02-03 12:48 - 00001004 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA.job 2015-07-25 17:30 - 2012-02-16 18:19 - 00000976 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA.job 2015-07-25 16:58 - 2009-07-14 04:34 - 00000612 _____ C:\Windows\win.ini 2015-07-25 12:44 - 2010-02-03 12:48 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core.job 2015-07-24 23:30 - 2012-02-16 18:19 - 00000954 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core.job 2015-07-23 14:12 - 2011-07-23 21:51 - 00000000 ____D C:\Windows\Minidump 2015-07-23 11:56 - 2009-09-29 14:45 - 00664068 _____ C:\Windows\system32\perfh01D.dat 2015-07-23 11:56 - 2009-09-29 14:45 - 00142836 _____ C:\Windows\system32\perfc01D.dat 2015-07-23 11:56 - 2009-07-14 07:13 - 01580554 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-18 07:09 - 2015-04-05 22:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-18 07:09 - 2015-04-05 22:38 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-18 07:09 - 2015-02-15 14:38 - 00000000 ____D C:\Windows\system32\appraiser 2015-07-18 07:09 - 2014-05-17 10:06 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-07-18 07:09 - 2009-12-12 01:53 - 00000000 ____D C:\Users\Langen 2015-07-18 07:09 - 2009-12-11 01:49 - 00000000 ____D C:\Users\Sosso 2015-07-18 07:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-07-18 07:09 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2015-07-18 07:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration 2015-07-17 21:12 - 2010-01-15 16:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-07-17 20:27 - 2013-08-20 18:11 - 00000000 ____D C:\Windows\system32\MRT 2015-07-16 16:06 - 2014-02-21 00:52 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-07-16 16:04 - 2014-12-25 21:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-16 12:39 - 2010-02-20 18:51 - 00003990 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-16 12:39 - 2010-02-20 18:51 - 00003738 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-16 12:39 - 2010-02-20 18:51 - 00000990 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-16 12:39 - 2010-02-03 12:48 - 00003974 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001UA 2015-07-16 12:39 - 2010-02-03 12:48 - 00003578 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3310348378-2041383425-807149183-1001Core 2015-07-14 21:49 - 2013-08-29 21:42 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-14 21:49 - 2013-05-03 15:29 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-14 21:49 - 2011-06-06 20:17 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\Users\Sosso\AppData\Roaming\Malwarebytes 2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-07-14 20:50 - 2010-09-26 20:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2015-07-13 22:06 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD 2015-07-13 20:54 - 2009-12-11 01:50 - 00001421 _____ C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-07-09 10:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\GroupPolicy 2015-07-09 09:08 - 2009-12-13 13:33 - 00000000 ____D C:\Users\Sosso\AppData\Roaming\uTorrent 2015-07-09 09:03 - 2009-08-22 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone 2015-07-09 09:03 - 2009-08-22 10:43 - 00000000 ____D C:\Program Files (x86)\Acer GameZone 2015-07-09 09:03 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-07-09 08:58 - 2009-09-29 13:56 - 00000000 ____D C:\Program Files (x86)\Acer Arcade Deluxe 2015-07-09 08:53 - 2009-12-10 20:16 - 00000000 ____D C:\Users\Sosso\AppData\Local\Google 2015-07-06 20:05 - 2011-01-15 17:16 - 00001456 _____ C:\Users\Sosso\AppData\Local\Adobe Spara för webben 12.0 Prefs 2015-06-26 17:39 - 2011-02-09 20:03 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys 2015-06-26 01:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-06-25 05:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat ==================== Files in the root of some directories ======= 2009-08-22 10:43 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico 2011-09-28 22:04 - 2011-10-16 23:42 - 0000132 _____ () C:\Users\Sosso\AppData\Roaming\CS5-inställningar för PNG-format i Adobe 2010-02-06 23:02 - 2011-12-15 20:42 - 0000143 _____ () C:\Users\Sosso\AppData\Roaming\default.rss 2009-12-19 18:38 - 2015-01-06 18:01 - 0002704 _____ () C:\Users\Sosso\AppData\Roaming\wklnhst.dat 2011-01-15 17:16 - 2015-07-06 20:05 - 0001456 _____ () C:\Users\Sosso\AppData\Local\Adobe Spara för webben 12.0 Prefs 2010-08-04 22:47 - 2010-08-04 22:47 - 0007602 _____ () C:\Users\Sosso\AppData\Local\Resmon.ResmonCfg 2012-08-12 01:39 - 2012-08-12 01:39 - 0000057 _____ () C:\ProgramData\Ament.ini 2009-09-29 13:56 - 2009-09-29 14:00 - 0007830 _____ () C:\ProgramData\ArcadeDeluxe3.log 2009-08-22 10:44 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe 2010-03-23 20:48 - 2010-03-23 21:02 - 0000453 _____ () C:\ProgramData\LmeUSB.log 2010-03-23 20:48 - 2010-03-23 21:02 - 0000456 _____ () C:\ProgramData\LSDmbTH.log Some files in TEMP: ==================== C:\Users\Langen\AppData\Local\Temp\FlashPlayerUpdate.exe C:\Users\Langen\AppData\Local\Temp\Update_8eff.exe C:\Users\Sosso\AppData\Local\Temp\3358.exe C:\Users\Sosso\AppData\Local\Temp\9498.exe C:\Users\Sosso\AppData\Local\Temp\Cars.2006.SE.Fi.PAL.DVDR APOCALYPSE__10924_i1552997636_il777998.exe C:\Users\Sosso\AppData\Local\Temp\DataCard_Setup64.exe C:\Users\Sosso\AppData\Local\Temp\MsgPlusUninstall.exe C:\Users\Sosso\AppData\Local\Temp\Quarantine.exe C:\Users\Sosso\AppData\Local\Temp\ResetDevice.exe C:\Users\Sosso\AppData\Local\Temp\sqlite3.dll C:\Users\Sosso\AppData\Local\Temp\Update_3703.exe C:\Users\Sosso\AppData\Local\Temp\uttD852.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-23 13:35 ==================== End of log ============================
  21. # AdwCleaner v4.208 - Logfile created 25/07/2015 at 17:44:48 # Updated 09/07/2015 by Xplode # Database : 2015-07-15.1 [server] # Operating system : Windows 7 Home Premium Service Pack 1 (x64) # Username : Sosso - LAPTOPSOFIA # Running from : C:\Users\Sosso\Desktop\adwcleaner_4.208.exe # Option : Cleaning ***** [ Services ] ***** [#] Service Deleted : globalUpdate [#] Service Deleted : globalUpdatem [#] Service Deleted : IHProtect Service [#] Service Deleted : Util Product Deals [#] Service Deleted : Update Product Deals Service Deleted : {33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64 Service Deleted : {4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64 Service Deleted : {b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64 Service Deleted : {e789ddb0-d21e-4917-9218-742217563d5b}Gw64 Service Deleted : {e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64 ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\IHProtectUpDate Folder Deleted : C:\Program Files (x86)\globalUpdate Folder Deleted : C:\Program Files (x86)\predm Folder Deleted : C:\Program Files (x86)\yuna software Folder Deleted : C:\Program Files (x86)\GUPlayer Folder Deleted : C:\Program Files (x86)\miuitab Folder Deleted : C:\Program Files (x86)\Product Deals Folder Deleted : C:\Program Files (x86)\CinemaP-1.9cV09.07 Folder Deleted : C:\Users\Sosso\AppData\Local\Temp\Product Deals Folder Deleted : C:\Users\Sosso\AppData\Local\globalUpdate Folder Deleted : C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer [!] Folder Deleted : C:\Users\Sosso\Documents\hosts Folder Deleted : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\quick_start@gmail.com Folder Deleted : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\searchffv2@gmail.com Folder Deleted : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\AVJYFVOD75109374@HCDE39471360.com Folder Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh File Deleted : C:\Windows\SysWOW64\SafeAppLM.ocx File Deleted : C:\Windows\System32\drivers\{33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64.sys File Deleted : C:\Windows\System32\drivers\{4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64.sys File Deleted : C:\Windows\System32\drivers\{b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64.sys File Deleted : C:\Windows\System32\drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys File Deleted : C:\Windows\System32\drivers\{e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64.sys File Deleted : C:\Users\Sosso\Desktop\Continue Mybest Offerstoday Uninstaller.lnk File Deleted : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\user.js File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\oursurfing.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\defaults\preferences\prefs.js File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox-branding.js File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox-l10n.js File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox.js File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\reporter.js File Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage File Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage-journal File Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage File Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal File Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage File Deleted : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal ***** [ Scheduled tasks ] ***** Task Deleted : globalUpdateUpdateTaskMachineCore Task Deleted : globalUpdateUpdateTaskMachineUA Task Deleted : amiupdaterExd Task Deleted : amiupdaterExi Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-1-6 Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-1-7 Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-10_user Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-3 Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-4 Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-5 Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-5_user Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-6 Task Deleted : 336b6588-d689-4286-a3f1-4774b0f309f8-7 ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm Key Deleted : HKCU\Software\Mozilla\Extends Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe Key Deleted : HKLM\System\CurrentControlSet\Services\Eventlog\Application\registry helper service Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Product Deals Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Product Deals Key Deleted : HKLM\SOFTWARE\2247b45d-19c3-49cf-96bf-ed8aff6a808e Key Deleted : HKLM\SOFTWARE\290f1cc5-c7ea-46b7-9f1b-da1976813a1e Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD01946E-5501-4E11-B279-EFDFFD4C1487} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{69a859ac-025d-4178-bfd3-e7bf178c3a10} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD01946E-5501-4E11-B279-EFDFFD4C1487} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : HKCU\Software\APN PIP Key Deleted : HKCU\Software\AskPartnerNetwork Key Deleted : HKCU\Software\GlobalUpdate Key Deleted : HKCU\Software\HomeTab Key Deleted : HKCU\Software\InstalledBrowserExtensions Key Deleted : HKCU\Software\MyBestOffersToday Key Deleted : HKCU\Software\simplytech Key Deleted : HKCU\Software\TutoTag Key Deleted : HKCU\Software\yuna software Key Deleted : HKCU\Software\PacFunction Key Deleted : HKCU\Software\WajIEnhance Key Deleted : HKCU\Software\TNT2 Key Deleted : HKCU\Software\WajIntEnhance Key Deleted : HKCU\Software\SearchProtectWS Key Deleted : HKCU\Software\Appscion Key Deleted : HKCU\Software\Linkey Key Deleted : HKCU\Software\YorkNewCin Key Deleted : HKCU\Software\HighDefAction Key Deleted : HKCU\Software\ArenaHD Key Deleted : HKCU\Software\Kromtech Key Deleted : HKCU\Software\Product Deals Key Deleted : HKCU\Software\CinemaP-1.9cV09.07 Key Deleted : HKCU\Software\CinemaP-1.9cV09.07-nv Key Deleted : HKCU\Software\CinemaP-1.9cV09.07-nv-ie Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\GlobalUpdate Key Deleted : HKLM\SOFTWARE\Iminent Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions Key Deleted : HKLM\SOFTWARE\SearchProtect Key Deleted : HKLM\SOFTWARE\Tutorials Key Deleted : HKLM\SOFTWARE\yuna software Key Deleted : HKLM\SOFTWARE\PacFunction Key Deleted : HKLM\SOFTWARE\IHProtect Key Deleted : HKLM\SOFTWARE\WajIntEnhance Key Deleted : HKLM\SOFTWARE\SpeedBit Key Deleted : HKLM\SOFTWARE\AIM Toolbar Key Deleted : HKLM\SOFTWARE\YorkNewCin Key Deleted : HKLM\SOFTWARE\HighDefAction Key Deleted : HKLM\SOFTWARE\oursurfingSoftware Key Deleted : HKLM\SOFTWARE\ArenaHD Key Deleted : HKLM\SOFTWARE\searchult Key Deleted : HKLM\SOFTWARE\Product Deals Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV09.07 Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV09.07-nv Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV09.07-nv-ie Key Deleted : HKU\.DEFAULT\Software\BABSOLUTION Key Deleted : HKU\.DEFAULT\Software\CinemaP-1.9cV09.07-nv Key Deleted : HKU\.DEFAULT\Software\CinemaP-1.9cV09.07-nv-ie Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GUPlayer Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV09.07 Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD Key Deleted : [x64] HKLM\SOFTWARE\CinemaP-1.9cV09.07-nv Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Product Deals Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local> ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17840 Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Page] Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] -\\ Mozilla Firefox v3.5.7 (sv-SE) [ob96lpwm.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://www.oursurfing.com/newtab/?type=nt&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX"); [ob96lpwm.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "oursurfing"); [ob96lpwm.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "oursurfing"); [ob96lpwm.default\prefs.js] - Line Deleted : user_pref("extensions.enabledAddons", "searchffv2%40gmail.com:0.0.4,quick_start%40gmail.com:3.1.4"); -\\ Google Chrome v [C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=110824&tt=4812_3&babsrc=SP_ss&mntrId=a43664880000000000000617c4bca52f [C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.awesomehp.com/web/?type=ds&ts=1394364637&from=ild&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms} [C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.hemfoder.se/sok/doSearch?search_input={searchTerms}&search_input_defaulttext=S%C3%B6k+produkt&action_results=S%C3%B6k [C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms} [C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms} ************************* AdwCleaner[R0].txt - [7939 bytes] - [10/03/2014 00:54:55] AdwCleaner[R1].txt - [7922 bytes] - [10/03/2014 19:51:50] AdwCleaner[R2].txt - [23408 bytes] - [25/07/2015 17:01:24] AdwCleaner[R3].txt - [23468 bytes] - [25/07/2015 17:04:37] AdwCleaner[R4].txt - [23528 bytes] - [25/07/2015 17:42:30] AdwCleaner[s0].txt - [7249 bytes] - [10/03/2014 19:53:12] AdwCleaner[s1].txt - [20214 bytes] - [25/07/2015 17:44:48] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [20274 bytes] ##########
  22. Har nu sökt en gång till på namnet addition, i hela datorn, den finns inte, det finns 2 gamla dock, från 2014.. # AdwCleaner v4.208 - Logfile created 25/07/2015 at 17:04:37 # Updated 09/07/2015 by Xplode # Database : 2015-07-15.1 [server] # Operating system : Windows 7 Home Premium Service Pack 1 (x64) # Username : Sosso - LAPTOPSOFIA # Running from : C:\Users\Sosso\Desktop\adwcleaner_4.208.exe # Option : Scan ***** [ Services ] ***** Service Found : globalUpdate Service Found : globalUpdatem Service Found : IHProtect Service Service Found : Util Product Deals Service Found : Update Product Deals Service Found : Update Product Deals Service Found : Util Product Deals Service Found : {33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64 Service Found : {4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64 Service Found : {b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64 Service Found : {e789ddb0-d21e-4917-9218-742217563d5b}Gw64 Service Found : {e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64 ***** [ Files / Folders ] ***** File Found : C:\Program Files (x86)\Mozilla Firefox\browser\defaults\preferences\prefs.js File Found : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox.js File Found : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox-branding.js File Found : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\firefox-l10n.js File Found : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\reporter.js File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\oursurfing.xml File Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage File Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal File Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage File Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal File Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage File Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.selectgo00.selectgo.net_0.localstorage-journal File Found : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\user.js File Found : C:\Users\Sosso\Desktop\Continue Mybest Offerstoday Uninstaller.lnk File Found : C:\Windows\System32\drivers\{33ec41ea-c5a6-4add-92af-1f91084dc817}Gw64.sys File Found : C:\Windows\System32\drivers\{4765b08d-0fb4-48ca-bf21-02642a05e93d}Gw64.sys File Found : C:\Windows\System32\drivers\{b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64.sys File Found : C:\Windows\System32\drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys File Found : C:\Windows\System32\drivers\{e8bbec8c-4837-488c-bb91-2413047df2f2}Gw64.sys File Found : C:\Windows\SysWOW64\SafeAppLM.ocx Folder Found : C:\Program Files (x86)\CinemaP-1.9cV09.07 Folder Found : C:\Program Files (x86)\globalUpdate Folder Found : C:\Program Files (x86)\GUPlayer Folder Found : C:\Program Files (x86)\miuitab Folder Found : C:\Program Files (x86)\predm Folder Found : C:\Program Files (x86)\Product Deals Folder Found : C:\Program Files (x86)\yuna software Folder Found : C:\ProgramData\IHProtectUpDate Folder Found : C:\Users\Sosso\AppData\Local\globalUpdate Folder Found : C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh Folder Found : C:\Users\Sosso\AppData\Local\Temp\Product Deals Folder Found : C:\Users\Sosso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GUPlayer Folder Found : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\AVJYFVOD75109374@HCDE39471360.com Folder Found : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\quick_start@gmail.com Folder Found : C:\Users\Sosso\AppData\Roaming\Mozilla\Firefox\Profiles\ob96lpwm.default\Extensions\searchffv2@gmail.com Folder Found : C:\Users\Sosso\Documents\hosts ***** [ Scheduled tasks ] ***** Task Found : globalUpdateUpdateTaskMachineCore Task Found : globalUpdateUpdateTaskMachineUA Task Found : amiupdaterExd Task Found : amiupdaterExi Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-1-6 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-1-7 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-10_user Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-3 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-4 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-5 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-5_user Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-6 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-7 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-1-6 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-1-7 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-10_user Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-3 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-4 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-5 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-5_user Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-6 Task Found : 336b6588-d689-4286-a3f1-4774b0f309f8-7 ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local> Data Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local Key Found : HKCU\Software\APN PIP Key Found : HKCU\Software\AppDataLow\Software\Crossrider Key Found : HKCU\Software\Appscion Key Found : HKCU\Software\ArenaHD Key Found : HKCU\Software\AskPartnerNetwork Key Found : HKCU\Software\CinemaP-1.9cV09.07 Key Found : HKCU\Software\CinemaP-1.9cV09.07-nv Key Found : HKCU\Software\CinemaP-1.9cV09.07-nv-ie Key Found : HKCU\Software\GlobalUpdate Key Found : HKCU\Software\HighDefAction Key Found : HKCU\Software\HomeTab Key Found : HKCU\Software\InstalledBrowserExtensions Key Found : HKCU\Software\Kromtech Key Found : HKCU\Software\Linkey Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GUPlayer Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com Key Found : HKCU\Software\Mozilla\Extends Key Found : HKCU\Software\MyBestOffersToday Key Found : HKCU\Software\PacFunction Key Found : HKCU\Software\Product Deals Key Found : HKCU\Software\SearchProtectWS Key Found : HKCU\Software\simplytech Key Found : HKCU\Software\Simplytech\HomeTab Key Found : HKCU\Software\TNT2 Key Found : HKCU\Software\TutoTag Key Found : HKCU\Software\WajIEnhance Key Found : HKCU\Software\WajIntEnhance Key Found : HKCU\Software\YorkNewCin Key Found : HKCU\Software\yuna software Key Found : [x64] HKCU\Software\APN PIP Key Found : [x64] HKCU\Software\Appscion Key Found : [x64] HKCU\Software\ArenaHD Key Found : [x64] HKCU\Software\AskPartnerNetwork Key Found : [x64] HKCU\Software\CinemaP-1.9cV09.07 Key Found : [x64] HKCU\Software\CinemaP-1.9cV09.07-nv Key Found : [x64] HKCU\Software\CinemaP-1.9cV09.07-nv-ie Key Found : [x64] HKCU\Software\GlobalUpdate Key Found : [x64] HKCU\Software\HighDefAction Key Found : [x64] HKCU\Software\HomeTab Key Found : [x64] HKCU\Software\InstalledBrowserExtensions Key Found : [x64] HKCU\Software\Kromtech Key Found : [x64] HKCU\Software\Linkey Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} Key Found : [x64] HKCU\Software\MyBestOffersToday Key Found : [x64] HKCU\Software\PacFunction Key Found : [x64] HKCU\Software\Product Deals Key Found : [x64] HKCU\Software\SearchProtectWS Key Found : [x64] HKCU\Software\simplytech Key Found : [x64] HKCU\Software\Simplytech\HomeTab Key Found : [x64] HKCU\Software\TNT2 Key Found : [x64] HKCU\Software\TutoTag Key Found : [x64] HKCU\Software\WajIEnhance Key Found : [x64] HKCU\Software\WajIntEnhance Key Found : [x64] HKCU\Software\YorkNewCin Key Found : [x64] HKCU\Software\yuna software Key Found : HKLM\SOFTWARE\2247b45d-19c3-49cf-96bf-ed8aff6a808e Key Found : HKLM\SOFTWARE\290f1cc5-c7ea-46b7-9f1b-da1976813a1e Key Found : HKLM\SOFTWARE\AIM Toolbar Key Found : HKLM\SOFTWARE\ArenaHD Key Found : HKLM\SOFTWARE\AskPartnerNetwork Key Found : HKLM\SOFTWARE\CinemaP-1.9cV09.07 Key Found : HKLM\SOFTWARE\CinemaP-1.9cV09.07-nv Key Found : HKLM\SOFTWARE\CinemaP-1.9cV09.07-nv-ie Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} Key Found : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Found : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} Key Found : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30} Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7} Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87} Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474} Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Key Found : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD01946E-5501-4E11-B279-EFDFFD4C1487} Key Found : HKLM\SOFTWARE\Classes\CLSID\{dd01946e-5501-4e11-b279-efdffd4c1487} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C} Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78} Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10 Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine Key Found : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc Key Found : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 Key Found : HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967} Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{69a859ac-025d-4178-bfd3-e7bf178c3a10} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F} Key Found : HKLM\SOFTWARE\Conduit Key Found : HKLM\SOFTWARE\GlobalUpdate Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh Key Found : HKLM\SOFTWARE\HighDefAction Key Found : HKLM\SOFTWARE\IHProtect Key Found : HKLM\SOFTWARE\Iminent Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd01946e-5501-4e11-b279-efdffd4c1487} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD01946E-5501-4E11-B279-EFDFFD4C1487} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV09.07 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 Key Found : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 Key Found : HKLM\SOFTWARE\oursurfingSoftware Key Found : HKLM\SOFTWARE\PacFunction Key Found : HKLM\SOFTWARE\Product Deals Key Found : HKLM\SOFTWARE\SearchProtect Key Found : HKLM\SOFTWARE\searchult Key Found : HKLM\SOFTWARE\SpeedBit Key Found : HKLM\SOFTWARE\Tutorials Key Found : HKLM\SOFTWARE\WajIntEnhance Key Found : HKLM\SOFTWARE\YorkNewCin Key Found : HKLM\SOFTWARE\yuna software Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService Key Found : HKLM\System\CurrentControlSet\Services\Eventlog\Application\registry helper service Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update Product Deals Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util Product Deals Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm Key Found : [x64] HKLM\SOFTWARE\ArenaHD Key Found : [x64] HKLM\SOFTWARE\CinemaP-1.9cV09.07-nv Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Found : [x64] HKLM\SOFTWARE\HighDefAction Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Product Deals Key Found : [x64] HKLM\SOFTWARE\YorkNewCin Key Found : HKU\.DEFAULT\Software\BABSOLUTION Key Found : HKU\.DEFAULT\Software\CinemaP-1.9cV09.07-nv Key Found : HKU\.DEFAULT\Software\CinemaP-1.9cV09.07-nv-ie Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [searchffv2@gmail.com] ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17840 Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [search Page] - hxxp://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms} Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms} Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.oursurfing.com/web/?type=ds&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms} Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] - hxxp://www.oursurfing.com/web/?type=ds&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms} -\\ Mozilla Firefox v3.5.7 (sv-SE) [ob96lpwm.default] - Line Found : user_pref("browser.newtab.url", "hxxp://www.oursurfing.com/newtab/?type=nt&ts=1436424717&z=536efcd523c0f680ab1ff3agfz7c6q8z0o6zdm1oaw&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX"); [ob96lpwm.default] - Line Found : user_pref("browser.search.defaultenginename", "oursurfing"); [ob96lpwm.default] - Line Found : user_pref("browser.search.selectedEngine", "oursurfing"); [ob96lpwm.default] - Line Found : user_pref("extensions.enabledAddons", "searchffv2%40gmail.com:0.0.4,quick_start%40gmail.com:3.1.4"); -\\ Google Chrome v [C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=110824&tt=4812_3&babsrc=SP_ss&mntrId=a43664880000000000000617c4bca52f [C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.awesomehp.com/web/?type=ds&ts=1394364637&from=ild&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms} [C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.hemfoder.se/sok/doSearch?search_input={searchTerms}&search_input_defaulttext=S%C3%B6k+produkt&action_results=S%C3%B6k [C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms} [C:\Users\Sosso\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1436424760&z=a9054f01f40e4ff35ce685egazcc3q4z5o5zdmeqab&from=amt&uid=HitachiXHTS545050B9A300_090917PB4406Q7J1D6LBX&q={searchTerms} ************************* AdwCleaner[R0].txt - [7939 bytes] - [10/03/2014 00:54:55] AdwCleaner[R1].txt - [7922 bytes] - [10/03/2014 19:51:50] AdwCleaner[R2].txt - [23408 bytes] - [25/07/2015 17:01:24] AdwCleaner[R3].txt - [23077 bytes] - [25/07/2015 17:04:37] AdwCleaner[s0].txt - [7249 bytes] - [10/03/2014 19:53:12] ########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [23196 bytes] ##########
×
×
  • Skapa nytt...