Just nu i M3-nätverket
Gå till innehåll

The OldBoy

Medlem
  • Antal inlägg

    126
  • Gick med

  • Senaste besök

Om The OldBoy

  • Medlemstitel
    Aktiv
  • Födelsedag 1967-04-23

Kontaktinformation

  • Hemsida
    http://

Profil

  • Ort
    GÄLLIVARE
  1. Jag tackar för svaret. Det lät ju ganska tryggt iaf. Ska kolla under dagen imorgon med min dotter så kan jag återkomma med ett svar. Ingen av filerna har skapats i samband med filmtittandet, 2016 och 2017 var det på dom. Om det hjälper så här är min dotters logg. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018 Ran by Sanna (ATTENTION: The user is not administrator) on LARSSONS (27-07-2018 00:24:59) Running from C:\Users\Sanna\Desktop Loaded Profiles: Robert & Sanna (Available Profiles: Robert & Kicki & Jonatan & Sanna) Platform: Windows 7 Professional Service Pack 1 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) Failed to access process -> smss.exe Failed to access process -> csrss.exe Failed to access process -> wininit.exe Failed to access process -> csrss.exe Failed to access process -> services.exe Failed to access process -> winlogon.exe Failed to access process -> lsass.exe Failed to access process -> lsm.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> MsMpEng.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> stacsv64.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> spoolsv.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> armsvc.exe Failed to access process -> AdminService.exe Failed to access process -> DbxSvc.exe Failed to access process -> svchost.exe Failed to access process -> HeciServer.exe Failed to access process -> Jhi_service.exe Failed to access process -> mbbService.exe Failed to access process -> WUDFHost.exe Failed to access process -> taskhost.exe Failed to access process -> dwm.exe Failed to access process -> DPAgent.exe Failed to access process -> explorer.exe Failed to access process -> WUDFHost.exe Failed to access process -> hkcmd.exe Failed to access process -> igfxpers.exe Failed to access process -> msseces.exe Failed to access process -> BtvStack.exe Failed to access process -> BtTray.exe Failed to access process -> SynTPEnh.exe Failed to access process -> SearchIndexer.exe Failed to access process -> iusb3mon.exe Failed to access process -> SSDMonitor.exe Failed to access process -> Monitor.exe Failed to access process -> SynTPHelper.exe Failed to access process -> IAStorIcon.exe Failed to access process -> MOM.exe Failed to access process -> IAStorDataMgrSvc.exe Failed to access process -> IntelMeFWService.exe Failed to access process -> LMS.exe Failed to access process -> CCC.exe Failed to access process -> PresentationFontCache.exe Failed to access process -> NisSrv.exe Failed to access process -> UNS.exe Failed to access process -> firefox.exe Failed to access process -> firefox.exe Failed to access process -> firefox.exe Failed to access process -> firefox.exe Failed to access process -> firefox.exe Failed to access process -> firefox.exe Failed to access process -> svchost.exe Failed to access process -> csrss.exe Failed to access process -> winlogon.exe Failed to access process -> taskeng.exe (DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe () C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe Failed to access process -> SearchProtocolHost.exe Failed to access process -> SearchFilterHost.exe Failed to access process -> WmiPrvSE.exe Failed to access process -> WmiPrvSE.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (IDT, Inc.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-08] (Atheros Communications) HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [763520 2012-08-08] (Qualcomm Atheros) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation) HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-30] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-21] (PC Tools) HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] () HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3754168 2018-07-13] (Dropbox, Inc.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2012-01-31] (Hewlett-Packard Company) HKU\S-1-5-21-2840372283-3277346836-1678619748-1006\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-2840372283-3277346836-1678619748-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 Lsa: [Notification Packages] DPPassFilter scecli GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION GroupPolicyUsers\S-1-5-21-2840372283-3277346836-1678619748-1006\User: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{15C9309F-2D61-4493-A2EB-A27D30C302E8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{828A6D20-85FA-4808-972E-8631BFCEAF38}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{C2169304-81CF-4364-BABE-34D00756F2CD}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{D3DCA75A-2147-45E5-B180-A7F3C0033D9D}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{FA9E7353-C6A5-48D6-BCB0-6A9E1FE66DFE}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-e64618d9 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-2840372283-3277346836-1678619748-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/15 HKU\S-1-5-21-2840372283-3277346836-1678619748-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/15 URLSearchHook: [S-1-5-21-2840372283-3277346836-1678619748-1002] ATTENTION => Default URLSearchHook is missing SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope value is missing SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5204772c&q={searchTerms} SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-435b79d8&q={searchTerms} SearchScopes: HKU\S-1-5-21-2840372283-3277346836-1678619748-1006 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2840372283-3277346836-1678619748-1006 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2840372283-3277346836-1678619748-1006 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CMNTDF BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.) BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-08] (Qualcomm Atheros Commnucations) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22] (Hewlett-Packard) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-21] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-21] (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Sanna\AppData\Roaming\Mozilla\Firefox\Profiles\4zage0n1.default [2018-07-21] FF Extension: (WebCompat Reporter) - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-07-08] [Legacy] [not signed] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2012-09-26] [Legacy] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-21] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2840372283-3277346836-1678619748-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sanna\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-23] (Unity Technologies ApS) StartMenuInternet: FIREFOX.EXE - firefox.exe ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211072 2012-08-08] (Qualcomm Atheros Commnucations) [File not signed] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-05-24] () S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-26] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-26] (Dropbox, Inc.) R2 DbxSvc; C:\windows\system32\DbxSvc.exe [51392 2018-07-13] (Dropbox, Inc.) S2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-03-15] (DigitalPersona, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-05-24] (EasyAntiCheat Ltd) S4 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-01-31] (Hewlett-Packard Company) S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard) S4 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company) S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2016-02-04] () R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation) R2 lmhosts; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 lmhosts; C:\windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S4 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-03-22] () [File not signed] R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] () R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 NlaSvc; C:\windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 NlaSvc; C:\windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 nsi; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 nsi; C:\windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools) S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-03-07] (PDF Complete Inc) S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software) [File not signed] S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) S4 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-04-05] (ArcSoft, Inc.) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S4 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-08] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.) R1 archlp; C:\windows\System32\drivers\archlp.sys [136192 2010-07-07] () R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.) S3 BTATH_LWFLT; C:\windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-08] (Qualcomm Atheros) S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [64312 2012-01-31] (Hewlett-Packard Company) S3 dg_ssudbus; C:\windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [93640 2012-03-22] (McAfee, Inc.) R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158792 2012-03-22] (McAfee, Inc.) R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R3 NisDrv; C:\windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2017-03-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed] R3 SPUVCbv; C:\windows\System32\Drivers\SPUVCbv_x64.sys [1062008 2012-08-03] (Sunplus) S3 ssudmdm; C:\windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 Tdsshbecr; C:\windows\System32\DRIVERS\shbecr.sys [50176 2008-09-28] (Todos Data System AB) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-07-27 00:24 - 2018-07-27 00:25 - 000021923 _____ C:\Users\Sanna\Desktop\FRST.txt 2018-07-27 00:24 - 2018-07-26 04:09 - 002412544 _____ (Farbar) C:\Users\Sanna\Desktop\FRST64.exe 2018-07-27 00:07 - 2018-07-27 00:07 - 000003928 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{034F7A82-0E77-4EBF-BE1C-AA2912655A69} 2018-07-26 04:12 - 2018-07-26 04:13 - 000054417 _____ C:\Users\Robert\Desktop\Addition.txt 2018-07-26 04:10 - 2018-07-27 00:24 - 000000000 ____D C:\FRST 2018-07-26 04:10 - 2018-07-26 04:13 - 000066247 _____ C:\Users\Robert\Desktop\FRST.txt 2018-07-26 04:09 - 2018-07-26 04:09 - 002412544 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe 2018-07-22 18:09 - 2018-07-22 18:09 - 000000000 ___HD C:\Users\Public\Shared Files 2018-07-22 18:02 - 2018-07-22 18:02 - 000000000 ____D C:\Users\Jonatan\AppData\Roaming\EasyAntiCheat 2018-07-19 15:37 - 2018-06-21 02:58 - 000398376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2018-07-19 15:37 - 2018-06-21 02:00 - 000348824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2018-07-19 15:37 - 2018-06-16 19:07 - 025743872 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2018-07-19 15:37 - 2018-06-16 18:46 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2018-07-19 15:37 - 2018-06-16 18:46 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2018-07-19 15:37 - 2018-06-16 18:36 - 020286464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2018-07-19 15:37 - 2018-06-16 18:33 - 002902016 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2018-07-19 15:37 - 2018-06-16 18:32 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2018-07-19 15:37 - 2018-06-16 18:31 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2018-07-19 15:37 - 2018-06-16 18:31 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2018-07-19 15:37 - 2018-06-16 18:31 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2018-07-19 15:37 - 2018-06-16 18:30 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2018-07-19 15:37 - 2018-06-16 18:27 - 005779968 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2018-07-19 15:37 - 2018-06-16 18:24 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2018-07-19 15:37 - 2018-06-16 18:23 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2018-07-19 15:37 - 2018-06-16 18:20 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2018-07-19 15:37 - 2018-06-16 18:19 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2018-07-19 15:37 - 2018-06-16 18:19 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2018-07-19 15:37 - 2018-06-16 18:19 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2018-07-19 15:37 - 2018-06-16 18:19 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2018-07-19 15:37 - 2018-06-16 18:19 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2018-07-19 15:37 - 2018-06-16 18:12 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2018-07-19 15:37 - 2018-06-16 18:08 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2018-07-19 15:37 - 2018-06-16 18:06 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2018-07-19 15:37 - 2018-06-16 18:06 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2018-07-19 15:37 - 2018-06-16 18:05 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec 2018-07-19 15:37 - 2018-06-16 18:05 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2018-07-19 15:37 - 2018-06-16 18:04 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2018-07-19 15:37 - 2018-06-16 18:02 - 002295296 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2018-07-19 15:37 - 2018-06-16 18:02 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx 2018-07-19 15:37 - 2018-06-16 18:02 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2018-07-19 15:37 - 2018-06-16 18:01 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll 2018-07-19 15:37 - 2018-06-16 17:59 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2018-07-19 15:37 - 2018-06-16 17:59 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2018-07-19 15:37 - 2018-06-16 17:58 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2018-07-19 15:37 - 2018-06-16 17:57 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2018-07-19 15:37 - 2018-06-16 17:57 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2018-07-19 15:37 - 2018-06-16 17:56 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2018-07-19 15:37 - 2018-06-16 17:56 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2018-07-19 15:37 - 2018-06-16 17:55 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2018-07-19 15:37 - 2018-06-16 17:55 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2018-07-19 15:37 - 2018-06-16 17:53 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll 2018-07-19 15:37 - 2018-06-16 17:47 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2018-07-19 15:37 - 2018-06-16 17:46 - 015283200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2018-07-19 15:37 - 2018-06-16 17:44 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2018-07-19 15:37 - 2018-06-16 17:42 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2018-07-19 15:37 - 2018-06-16 17:42 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2018-07-19 15:37 - 2018-06-16 17:42 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx 2018-07-19 15:37 - 2018-06-16 17:42 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2018-07-19 15:37 - 2018-06-16 17:41 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll 2018-07-19 15:37 - 2018-06-16 17:40 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2018-07-19 15:37 - 2018-06-16 17:39 - 002135552 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2018-07-19 15:37 - 2018-06-16 17:39 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2018-07-19 15:37 - 2018-06-16 17:38 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2018-07-19 15:37 - 2018-06-16 17:37 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2018-07-19 15:37 - 2018-06-16 17:36 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll 2018-07-19 15:37 - 2018-06-16 17:34 - 004496384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2018-07-19 15:37 - 2018-06-16 17:32 - 013680128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2018-07-19 15:37 - 2018-06-16 17:30 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll 2018-07-19 15:37 - 2018-06-16 17:29 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2018-07-19 15:37 - 2018-06-16 17:28 - 002060288 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2018-07-19 15:37 - 2018-06-16 17:27 - 003241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2018-07-19 15:37 - 2018-06-16 17:27 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2018-07-19 15:37 - 2018-06-16 17:16 - 001545216 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2018-07-19 15:37 - 2018-06-16 17:08 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2018-07-19 15:37 - 2018-06-16 17:05 - 001313792 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2018-07-19 15:37 - 2018-06-16 17:04 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2018-07-19 15:37 - 2018-06-16 17:04 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2018-07-19 15:37 - 2018-06-13 18:20 - 014185984 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2018-07-19 15:37 - 2018-06-13 18:19 - 001867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll 2018-07-19 15:37 - 2018-06-13 17:55 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2018-07-19 15:37 - 2018-06-13 17:54 - 001499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll 2018-07-19 15:37 - 2018-06-13 17:40 - 003226112 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2018-07-19 15:37 - 2018-06-08 18:27 - 005577408 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2018-07-19 15:37 - 2018-06-08 18:27 - 000708288 _____ (Microsoft Corporation) C:\windows\system32\winload.efi 2018-07-19 15:37 - 2018-06-08 18:27 - 000262336 _____ (Microsoft Corporation) C:\windows\system32\hal.dll 2018-07-19 15:37 - 2018-06-08 18:27 - 000154816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2018-07-19 15:37 - 2018-06-08 18:27 - 000095424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2018-07-19 15:37 - 2018-06-08 18:23 - 000631640 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi 2018-07-19 15:37 - 2018-06-08 18:22 - 001665344 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2018-07-19 15:37 - 2018-06-08 18:21 - 000369664 _____ (Microsoft Corporation) C:\windows\system32\zipfldr.dll 2018-07-19 15:37 - 2018-06-08 18:21 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll 2018-07-19 15:37 - 2018-06-08 18:21 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2018-07-19 15:37 - 2018-06-08 18:21 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll 2018-07-19 15:37 - 2018-06-08 18:21 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2018-07-19 15:37 - 2018-06-08 18:21 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 002066432 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 001461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 001211904 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 001163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000512000 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2018-07-19 15:37 - 2018-06-08 18:19 - 000357888 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll 2018-07-19 15:37 - 2018-06-08 18:19 - 000182272 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll 2018-07-19 15:37 - 2018-06-08 18:19 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2018-07-19 15:37 - 2018-06-08 18:19 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll 2018-07-19 15:37 - 2018-06-08 18:19 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2018-07-19 15:37 - 2018-06-08 18:19 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:02 - 004050624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2018-07-19 15:37 - 2018-06-08 18:02 - 003962048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2018-07-19 15:37 - 2018-06-08 17:57 - 001314072 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 001417728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000330240 _____ (Microsoft Corporation) C:\windows\SysWOW64\zipfldr.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:44 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe 2018-07-19 15:37 - 2018-06-08 17:44 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys 2018-07-19 15:37 - 2018-06-08 17:44 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\dnscacheugc.exe 2018-07-19 15:37 - 2018-06-08 17:44 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe 2018-07-19 15:37 - 2018-06-08 17:43 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2018-07-19 15:37 - 2018-06-08 17:39 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe 2018-07-19 15:37 - 2018-06-08 17:38 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2018-07-19 15:37 - 2018-06-08 17:38 - 000129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys 2018-07-19 15:37 - 2018-06-08 17:34 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys 2018-07-19 15:37 - 2018-06-08 17:34 - 000159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys 2018-07-19 15:37 - 2018-06-08 17:34 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2018-07-19 15:37 - 2018-06-08 17:33 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2018-07-19 15:37 - 2018-06-08 17:33 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2018-07-19 15:37 - 2018-06-08 17:29 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll 2018-07-19 15:37 - 2018-06-08 17:28 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnscacheugc.exe 2018-07-19 15:37 - 2018-06-08 17:27 - 000050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe 2018-07-19 15:37 - 2018-06-08 17:21 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2018-07-19 15:37 - 2018-06-08 17:21 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2018-07-19 15:37 - 2018-06-08 17:21 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2018-07-19 15:37 - 2018-06-08 17:21 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2018-07-19 15:37 - 2018-06-08 17:19 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll 2018-07-19 15:37 - 2018-06-08 17:19 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:19 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:19 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2018-07-19 15:37 - 2018-06-07 18:20 - 000022528 _____ (Microsoft Corporation) C:\windows\system32\wfapigp.dll 2018-07-19 15:37 - 2018-06-07 18:19 - 000828928 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll 2018-07-19 15:37 - 2018-06-07 18:19 - 000749568 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll 2018-07-19 15:37 - 2018-06-07 18:19 - 000108544 _____ (Microsoft Corporation) C:\windows\system32\icfupgd.dll 2018-07-19 15:37 - 2018-06-07 17:57 - 000463360 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll 2018-07-19 15:37 - 2018-06-07 17:49 - 000077312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys 2018-07-19 15:37 - 2018-06-07 17:34 - 000018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfapigp.dll 2018-07-19 15:37 - 2018-05-31 18:28 - 001893568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2018-07-19 15:37 - 2018-05-31 18:28 - 000377024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys 2018-07-19 15:37 - 2018-05-31 18:28 - 000287936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2018-07-19 15:37 - 2018-05-02 17:32 - 000344064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys 2018-07-19 15:37 - 2018-05-02 17:32 - 000325632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys 2018-07-19 15:37 - 2018-05-02 17:32 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys 2018-07-19 15:37 - 2018-05-02 17:32 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys 2018-07-19 15:37 - 2018-05-02 17:32 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys 2018-07-19 15:37 - 2018-05-02 17:32 - 000025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys 2018-07-19 15:37 - 2018-05-02 17:32 - 000007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys 2018-07-19 15:37 - 2018-04-26 15:05 - 000998912 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000918296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000065880 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000063832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000021848 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000020824 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000019288 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000018776 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000016216 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000015704 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000015704 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000015192 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000014168 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000014168 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000013656 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000013656 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000013656 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000013152 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012632 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2018-07-19 15:37 - 2018-04-25 18:02 - 000124416 _____ (Microsoft Corporation) C:\windows\system32\wkssvc.dll 2018-07-19 15:37 - 2018-04-25 17:18 - 000115200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys 2018-07-14 01:18 - 2018-07-14 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2018-07-13 04:01 - 2018-07-13 04:01 - 000051392 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe 2018-07-13 04:01 - 2018-07-13 04:01 - 000050232 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys 2018-07-13 04:01 - 2018-07-13 04:01 - 000045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys 2018-07-13 04:01 - 2018-07-13 04:01 - 000045640 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys 2018-07-12 03:59 - 2018-06-13 18:23 - 000140992 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe 2018-07-12 03:59 - 2018-06-13 18:18 - 000680960 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 002860032 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe 2018-07-12 03:59 - 2018-06-08 15:05 - 001602048 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 000783872 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 000612352 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 000470016 _____ (Microsoft Corporation) C:\windows\system32\centel.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 000443392 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 000301056 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 000246272 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-07-27 00:23 - 2012-11-20 03:23 - 000000304 _____ C:\windows\Tasks\RMAutoUpdate.job 2018-07-27 00:23 - 2012-11-20 03:20 - 000000000 ____D C:\ProgramData\TEMP 2018-07-27 00:22 - 2016-01-26 12:46 - 000001000 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job 2018-07-27 00:12 - 2016-01-26 12:46 - 000001004 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job 2018-07-26 23:58 - 2016-11-25 19:13 - 000000344 _____ C:\windows\Tasks\{2D0E1AE0-044C-4654-803F-7314B2656530}.job 2018-07-26 23:57 - 2016-09-25 13:57 - 000000352 _____ C:\windows\Tasks\{32F8A50F-B0E5-9A67-235D-4D253F24B6EA}.job 2018-07-26 23:29 - 2017-03-18 10:55 - 000000270 _____ C:\windows\Tasks\{6E925741-CFD2-85F5-554F-6F5CD46F5BB3}.job 2018-07-26 23:28 - 2017-02-27 18:01 - 000000284 _____ C:\windows\Tasks\{6E3CBFAE-E703-7847-2926-2EAC3FC5C8D5}.job 2018-07-26 23:28 - 2016-11-07 19:59 - 000000338 _____ C:\windows\Tasks\{6525CB6C-7411-A4FD-545C-35E9616A8E43}.job 2018-07-26 11:05 - 2013-12-14 00:00 - 000000932 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2840372283-3277346836-1678619748-1002UA.job 2018-07-26 04:00 - 2009-07-14 06:45 - 000031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-07-26 04:00 - 2009-07-14 06:45 - 000031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-07-26 00:54 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT 2018-07-25 04:41 - 2012-04-18 02:53 - 001564032 _____ C:\windows\SysWOW64\PerfStringBackup.INI 2018-07-25 04:41 - 2012-04-18 01:27 - 000666708 _____ C:\windows\system32\perfh01D.dat 2018-07-25 04:41 - 2012-04-18 01:27 - 000144074 _____ C:\windows\system32\perfc01D.dat 2018-07-25 04:41 - 2009-07-14 07:13 - 001564032 _____ C:\windows\system32\PerfStringBackup.INI 2018-07-25 04:41 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf 2018-07-24 23:05 - 2013-12-14 00:00 - 000000910 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2840372283-3277346836-1678619748-1002Core.job 2018-07-22 21:03 - 2014-07-07 18:40 - 000113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2018-07-22 18:09 - 2012-10-23 22:44 - 000000000 ____D C:\Intel 2018-07-22 18:09 - 2009-07-14 05:20 - 000000000 __SHD C:\Users\Public\Libraries 2018-07-22 18:02 - 2018-05-24 20:26 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat 2018-07-22 14:41 - 2012-10-18 17:29 - 000003924 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{49B7ED8B-99FA-46CC-9F36-6152835EC61A} 2018-07-22 14:29 - 2017-05-28 16:28 - 000000000 ____D C:\Users\Jonatan\AppData\Roaming\Rupego 2018-07-22 14:28 - 2016-09-25 14:57 - 000000604 _____ C:\Users\Jonatan\AppData\Roaming\WB.CFG 2018-07-22 12:40 - 2012-10-18 18:07 - 000003932 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{23C8C752-D752-487F-935C-77AA34599D68} 2018-07-21 12:50 - 2016-12-10 12:04 - 000000000 ____D C:\Users\Sanna\AppData\LocalLow\Mozilla 2018-07-20 18:22 - 2009-07-14 05:20 - 000000000 ____D C:\windows\rescache 2018-07-20 15:36 - 2012-10-18 18:03 - 000003924 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{8C5058F9-0EE0-483E-B47E-40BCC2588FE0} 2018-07-20 15:27 - 2009-07-14 06:45 - 002265488 _____ C:\windows\system32\FNTCACHE.DAT 2018-07-17 00:02 - 2010-11-21 05:27 - 000563832 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe 2018-07-14 09:56 - 2015-04-15 03:58 - 000000000 ____D C:\windows\system32\appraiser 2018-07-14 01:19 - 2016-01-26 12:46 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-07-14 00:38 - 2016-08-02 20:32 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-07-14 00:38 - 2015-07-02 00:06 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task 2018-07-12 03:58 - 2013-07-26 02:37 - 000000000 ____D C:\windows\system32\MRT 2018-07-12 03:43 - 2012-10-18 00:33 - 134675576 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2018-07-08 01:23 - 2017-08-08 12:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-06-27 01:28 - 2017-01-31 13:41 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk Files to move or delete: ==================== C:\Windows\Tasks\{2D0E1AE0-044C-4654-803F-7314B2656530}.job C:\Windows\Tasks\{32F8A50F-B0E5-9A67-235D-4D253F24B6EA}.job C:\Windows\Tasks\{6525CB6C-7411-A4FD-545C-35E9616A8E43}.job C:\Windows\Tasks\{6E3CBFAE-E703-7847-2926-2EAC3FC5C8D5}.job C:\Windows\Tasks\{6E925741-CFD2-85F5-554F-6F5CD46F5BB3}.job Some files in TEMP: ==================== 2002-07-03 17:34 - 2002-07-03 17:34 - 004924514 _____ (Macromedia, Inc.) C:\Users\Sanna\AppData\Local\Temp\setup.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\SysWOW64\wininit.exe => File is digitally signed C:\windows\explorer.exe => File is digitally signed C:\windows\SysWOW64\explorer.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\SysWOW64\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\SysWOW64\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\SysWOW64\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\dnsapi.dll => File is digitally signed C:\windows\SysWOW64\dnsapi.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed ATTENTION: ==> Could not access BCD. The user is not administrator LastRegBack: 2018-07-17 02:56 ==================== End of FRST.txt ============================ Addition.txt
  2. Hejsan! När jag var i Norge i veckan så skulle dottern titta på någon film på nätet och då pep datorn till, varpå sambon körde MSE som hittade denna fil. När jag sedan kom hem så körde jag Mbam den hittade ingenting, nu har datorn uppdaterat Windows och då vid omstarten så hade MSE avaktiverats så då är ju min fundering om det är nå skit kvar? Min logg. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018 Ran by Robert (administrator) on LARSSONS (26-07-2018 04:10:42) Running from C:\Users\Robert\Desktop Loaded Profiles: Robert (Available Profiles: Robert & Kicki & Jonatan & Sanna) Platform: Windows 7 Professional Service Pack 1 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\ProgramData\MobileBrServ\mbbService.exe (DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe () C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-03-05] (IDT, Inc.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-08] (Atheros Communications) HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [763520 2012-08-08] (Qualcomm Atheros) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation) HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-30] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-21] (PC Tools) HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] () HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3754168 2018-07-13] (Dropbox, Inc.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2012-01-31] (Hewlett-Packard Company) HKU\S-1-5-21-2840372283-3277346836-1678619748-1002\...\Run: [Facebook Update] => C:\Users\Robert\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-12-14] (Facebook Inc.) HKU\S-1-5-21-2840372283-3277346836-1678619748-1002\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-2840372283-3277346836-1678619748-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-2840372283-3277346836-1678619748-1002\...\Policies\Explorer: [NoInstrumentation] 1 HKU\S-1-5-21-2840372283-3277346836-1678619748-1002\...\MountPoints2: {91b23c91-0cd2-11e4-af7b-20689d875c02} - D:\Startme.exe HKU\S-1-5-21-2840372283-3277346836-1678619748-1002\...\MountPoints2: {cd044407-84b3-11e6-8f68-20689d875c02} - D:\AutoRun.exe HKU\S-1-5-21-2840372283-3277346836-1678619748-1002\...\MountPoints2: {ee045f60-b87f-11e6-b2ca-20689d875c02} - D:\startme.exe Lsa: [Notification Packages] DPPassFilter scecli GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION GroupPolicyUsers\S-1-5-21-2840372283-3277346836-1678619748-1006\User: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{15C9309F-2D61-4493-A2EB-A27D30C302E8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{828A6D20-85FA-4808-972E-8631BFCEAF38}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Tcpip\..\Interfaces\{C2169304-81CF-4364-BABE-34D00756F2CD}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{D3DCA75A-2147-45E5-B180-A7F3C0033D9D}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{FA9E7353-C6A5-48D6-BCB0-6A9E1FE66DFE}: [DhcpNameServer] 192.168.8.1 192.168.8.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-e64618d9 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope value is missing SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-5204772c&q={searchTerms} SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-435b79d8&q={searchTerms} SearchScopes: HKU\S-1-5-21-2840372283-3277346836-1678619748-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.) BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-08] (Qualcomm Atheros Commnucations) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-22] (Hewlett-Packard) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-21] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-21] (Oracle Corporation) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\knwsqase.default-1473547257397 [2018-07-26] FF Homepage: Mozilla\Firefox\Profiles\knwsqase.default-1473547257397 -> hxxps://www.facebook.com/ hxxps://www.blocket.se/gallivare?q=outback&cg=1020&w=3&st=s&ps=&pe=&mys=2015&mye=&ms=&me=&cxpf=&cxpt=&fu=2&gb=&ca=1_4&is=1&l=0&md=th hxxp://www.nsd.se/nyheter/ FF Extension: (WebCompat Reporter) - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-07-08] [Legacy] [not signed] FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2012-09-26] [Legacy] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-21] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2840372283-3277346836-1678619748-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Robert\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-2840372283-3277346836-1678619748-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Robert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS) StartMenuInternet: FIREFOX.EXE - firefox.exe Chrome: ======= CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default [2018-02-21] CHR Extension: (Google Presentationer) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-31] CHR Extension: (Google Dokument) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-31] CHR Extension: (Google Drive) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-31] CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-31] CHR Extension: (Google Kalkylark) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-31] CHR Extension: (Google Dokument Offline) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-31] CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-31] CHR Extension: (Gmail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-31] CHR Extension: (Chrome Media Router) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-31] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211072 2012-08-08] (Qualcomm Atheros Commnucations) [File not signed] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-05-24] () S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-26] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-26] (Dropbox, Inc.) R2 DbxSvc; C:\windows\system32\DbxSvc.exe [51392 2018-07-13] (Dropbox, Inc.) S2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-03-15] (DigitalPersona, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-05-24] (EasyAntiCheat Ltd) S4 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477056 2012-01-31] (Hewlett-Packard Company) S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard) S4 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company) S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [387144 2016-02-04] () R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation) S4 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S4 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2012-03-22] () [File not signed] R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] () R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) S4 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools) S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1134584 2012-03-07] (PDF Complete Inc) S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software) [File not signed] S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) S4 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-04-05] (ArcSoft, Inc.) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S4 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-08] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.) R1 archlp; C:\windows\System32\drivers\archlp.sys [136192 2010-07-07] () R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.) S3 BTATH_LWFLT; C:\windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-08] (Qualcomm Atheros) S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [64312 2012-01-31] (Hewlett-Packard Company) S3 dg_ssudbus; C:\windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [93640 2012-03-22] (McAfee, Inc.) R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158792 2012-03-22] (McAfee, Inc.) R0 MpFilter; C:\windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R1 MpKsl2c6abc72; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E89D917D-157B-41C4-9024-E65BB66AEDB4}\MpKsl2c6abc72.sys [58120 2018-07-26] (Microsoft Corporation) R3 NisDrv; C:\windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2017-03-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed] R3 SPUVCbv; C:\windows\System32\Drivers\SPUVCbv_x64.sys [1062008 2012-08-03] (Sunplus) S3 ssudmdm; C:\windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 Tdsshbecr; C:\windows\System32\DRIVERS\shbecr.sys [50176 2008-09-28] (Todos Data System AB) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-07-26 04:10 - 2018-07-26 04:12 - 000021859 _____ C:\Users\Robert\Desktop\FRST.txt 2018-07-26 04:10 - 2018-07-26 04:10 - 000000000 ____D C:\FRST 2018-07-26 04:09 - 2018-07-26 04:09 - 002412544 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe 2018-07-22 18:09 - 2018-07-22 18:09 - 000000000 ___HD C:\Users\Public\Shared Files 2018-07-22 18:02 - 2018-07-22 18:02 - 000000000 ____D C:\Users\Jonatan\AppData\Roaming\EasyAntiCheat 2018-07-19 15:37 - 2018-06-21 02:58 - 000398376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2018-07-19 15:37 - 2018-06-21 02:00 - 000348824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2018-07-19 15:37 - 2018-06-16 19:07 - 025743872 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2018-07-19 15:37 - 2018-06-16 18:46 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2018-07-19 15:37 - 2018-06-16 18:46 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2018-07-19 15:37 - 2018-06-16 18:36 - 020286464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2018-07-19 15:37 - 2018-06-16 18:33 - 002902016 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2018-07-19 15:37 - 2018-06-16 18:32 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2018-07-19 15:37 - 2018-06-16 18:31 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2018-07-19 15:37 - 2018-06-16 18:31 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2018-07-19 15:37 - 2018-06-16 18:31 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2018-07-19 15:37 - 2018-06-16 18:30 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2018-07-19 15:37 - 2018-06-16 18:27 - 005779968 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2018-07-19 15:37 - 2018-06-16 18:24 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2018-07-19 15:37 - 2018-06-16 18:23 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2018-07-19 15:37 - 2018-06-16 18:20 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2018-07-19 15:37 - 2018-06-16 18:19 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2018-07-19 15:37 - 2018-06-16 18:19 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2018-07-19 15:37 - 2018-06-16 18:19 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2018-07-19 15:37 - 2018-06-16 18:19 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2018-07-19 15:37 - 2018-06-16 18:19 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2018-07-19 15:37 - 2018-06-16 18:12 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2018-07-19 15:37 - 2018-06-16 18:08 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2018-07-19 15:37 - 2018-06-16 18:06 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2018-07-19 15:37 - 2018-06-16 18:06 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2018-07-19 15:37 - 2018-06-16 18:05 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec 2018-07-19 15:37 - 2018-06-16 18:05 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2018-07-19 15:37 - 2018-06-16 18:04 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2018-07-19 15:37 - 2018-06-16 18:02 - 002295296 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2018-07-19 15:37 - 2018-06-16 18:02 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx 2018-07-19 15:37 - 2018-06-16 18:02 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2018-07-19 15:37 - 2018-06-16 18:01 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll 2018-07-19 15:37 - 2018-06-16 17:59 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2018-07-19 15:37 - 2018-06-16 17:59 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2018-07-19 15:37 - 2018-06-16 17:58 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2018-07-19 15:37 - 2018-06-16 17:57 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2018-07-19 15:37 - 2018-06-16 17:57 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2018-07-19 15:37 - 2018-06-16 17:56 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2018-07-19 15:37 - 2018-06-16 17:56 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2018-07-19 15:37 - 2018-06-16 17:55 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2018-07-19 15:37 - 2018-06-16 17:55 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2018-07-19 15:37 - 2018-06-16 17:53 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll 2018-07-19 15:37 - 2018-06-16 17:47 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2018-07-19 15:37 - 2018-06-16 17:46 - 015283200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2018-07-19 15:37 - 2018-06-16 17:44 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2018-07-19 15:37 - 2018-06-16 17:42 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2018-07-19 15:37 - 2018-06-16 17:42 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2018-07-19 15:37 - 2018-06-16 17:42 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx 2018-07-19 15:37 - 2018-06-16 17:42 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2018-07-19 15:37 - 2018-06-16 17:41 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll 2018-07-19 15:37 - 2018-06-16 17:40 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2018-07-19 15:37 - 2018-06-16 17:39 - 002135552 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2018-07-19 15:37 - 2018-06-16 17:39 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2018-07-19 15:37 - 2018-06-16 17:38 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2018-07-19 15:37 - 2018-06-16 17:37 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2018-07-19 15:37 - 2018-06-16 17:36 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll 2018-07-19 15:37 - 2018-06-16 17:34 - 004496384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2018-07-19 15:37 - 2018-06-16 17:32 - 013680128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2018-07-19 15:37 - 2018-06-16 17:30 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll 2018-07-19 15:37 - 2018-06-16 17:29 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2018-07-19 15:37 - 2018-06-16 17:28 - 002060288 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2018-07-19 15:37 - 2018-06-16 17:27 - 003241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2018-07-19 15:37 - 2018-06-16 17:27 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2018-07-19 15:37 - 2018-06-16 17:16 - 001545216 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2018-07-19 15:37 - 2018-06-16 17:08 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2018-07-19 15:37 - 2018-06-16 17:05 - 001313792 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2018-07-19 15:37 - 2018-06-16 17:04 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2018-07-19 15:37 - 2018-06-16 17:04 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2018-07-19 15:37 - 2018-06-13 18:20 - 014185984 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2018-07-19 15:37 - 2018-06-13 18:19 - 001867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll 2018-07-19 15:37 - 2018-06-13 17:55 - 012880384 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2018-07-19 15:37 - 2018-06-13 17:54 - 001499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll 2018-07-19 15:37 - 2018-06-13 17:40 - 003226112 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2018-07-19 15:37 - 2018-06-08 18:27 - 005577408 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2018-07-19 15:37 - 2018-06-08 18:27 - 000708288 _____ (Microsoft Corporation) C:\windows\system32\winload.efi 2018-07-19 15:37 - 2018-06-08 18:27 - 000262336 _____ (Microsoft Corporation) C:\windows\system32\hal.dll 2018-07-19 15:37 - 2018-06-08 18:27 - 000154816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2018-07-19 15:37 - 2018-06-08 18:27 - 000095424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2018-07-19 15:37 - 2018-06-08 18:23 - 000631640 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi 2018-07-19 15:37 - 2018-06-08 18:22 - 001665344 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2018-07-19 15:37 - 2018-06-08 18:21 - 000369664 _____ (Microsoft Corporation) C:\windows\system32\zipfldr.dll 2018-07-19 15:37 - 2018-06-08 18:21 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll 2018-07-19 15:37 - 2018-06-08 18:21 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2018-07-19 15:37 - 2018-06-08 18:21 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll 2018-07-19 15:37 - 2018-06-08 18:21 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2018-07-19 15:37 - 2018-06-08 18:21 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 002066432 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 001461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 001211904 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 001163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000512000 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll 2018-07-19 15:37 - 2018-06-08 18:20 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2018-07-19 15:37 - 2018-06-08 18:19 - 000357888 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll 2018-07-19 15:37 - 2018-06-08 18:19 - 000182272 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll 2018-07-19 15:37 - 2018-06-08 18:19 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2018-07-19 15:37 - 2018-06-08 18:19 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll 2018-07-19 15:37 - 2018-06-08 18:19 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2018-07-19 15:37 - 2018-06-08 18:19 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:18 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 18:02 - 004050624 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2018-07-19 15:37 - 2018-06-08 18:02 - 003962048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2018-07-19 15:37 - 2018-06-08 17:57 - 001314072 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 001417728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000330240 _____ (Microsoft Corporation) C:\windows\SysWOW64\zipfldr.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2018-07-19 15:37 - 2018-06-08 17:55 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:54 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:44 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe 2018-07-19 15:37 - 2018-06-08 17:44 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys 2018-07-19 15:37 - 2018-06-08 17:44 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\dnscacheugc.exe 2018-07-19 15:37 - 2018-06-08 17:44 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe 2018-07-19 15:37 - 2018-06-08 17:43 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2018-07-19 15:37 - 2018-06-08 17:39 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe 2018-07-19 15:37 - 2018-06-08 17:38 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2018-07-19 15:37 - 2018-06-08 17:38 - 000129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys 2018-07-19 15:37 - 2018-06-08 17:34 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys 2018-07-19 15:37 - 2018-06-08 17:34 - 000159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys 2018-07-19 15:37 - 2018-06-08 17:34 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2018-07-19 15:37 - 2018-06-08 17:33 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2018-07-19 15:37 - 2018-06-08 17:33 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2018-07-19 15:37 - 2018-06-08 17:29 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll 2018-07-19 15:37 - 2018-06-08 17:28 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnscacheugc.exe 2018-07-19 15:37 - 2018-06-08 17:27 - 000050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe 2018-07-19 15:37 - 2018-06-08 17:21 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2018-07-19 15:37 - 2018-06-08 17:21 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2018-07-19 15:37 - 2018-06-08 17:21 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2018-07-19 15:37 - 2018-06-08 17:21 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2018-07-19 15:37 - 2018-06-08 17:19 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll 2018-07-19 15:37 - 2018-06-08 17:19 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:19 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:19 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2018-07-19 15:37 - 2018-06-08 17:19 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2018-07-19 15:37 - 2018-06-07 18:20 - 000022528 _____ (Microsoft Corporation) C:\windows\system32\wfapigp.dll 2018-07-19 15:37 - 2018-06-07 18:19 - 000828928 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll 2018-07-19 15:37 - 2018-06-07 18:19 - 000749568 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll 2018-07-19 15:37 - 2018-06-07 18:19 - 000108544 _____ (Microsoft Corporation) C:\windows\system32\icfupgd.dll 2018-07-19 15:37 - 2018-06-07 17:57 - 000463360 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll 2018-07-19 15:37 - 2018-06-07 17:49 - 000077312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys 2018-07-19 15:37 - 2018-06-07 17:34 - 000018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfapigp.dll 2018-07-19 15:37 - 2018-05-31 18:28 - 001893568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2018-07-19 15:37 - 2018-05-31 18:28 - 000377024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys 2018-07-19 15:37 - 2018-05-31 18:28 - 000287936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2018-07-19 15:37 - 2018-05-02 17:32 - 000344064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys 2018-07-19 15:37 - 2018-05-02 17:32 - 000325632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys 2018-07-19 15:37 - 2018-05-02 17:32 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys 2018-07-19 15:37 - 2018-05-02 17:32 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys 2018-07-19 15:37 - 2018-05-02 17:32 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys 2018-07-19 15:37 - 2018-05-02 17:32 - 000025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys 2018-07-19 15:37 - 2018-05-02 17:32 - 000007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys 2018-07-19 15:37 - 2018-04-26 15:05 - 000998912 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000918296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000065880 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000063832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000021848 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000020824 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000019288 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000018776 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000016216 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000015704 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000015704 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000015192 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000014168 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000014168 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-2-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000013656 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000013656 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000013656 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000013152 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012632 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-2-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l2-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011608 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-2-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2018-07-19 15:37 - 2018-04-26 15:05 - 000011096 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2018-07-19 15:37 - 2018-04-25 18:02 - 000124416 _____ (Microsoft Corporation) C:\windows\system32\wkssvc.dll 2018-07-19 15:37 - 2018-04-25 17:18 - 000115200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys 2018-07-14 01:18 - 2018-07-14 01:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2018-07-13 04:01 - 2018-07-13 04:01 - 000051392 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe 2018-07-13 04:01 - 2018-07-13 04:01 - 000050232 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys 2018-07-13 04:01 - 2018-07-13 04:01 - 000045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys 2018-07-13 04:01 - 2018-07-13 04:01 - 000045640 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys 2018-07-12 03:59 - 2018-06-13 18:23 - 000140992 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe 2018-07-12 03:59 - 2018-06-13 18:18 - 000680960 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 002860032 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe 2018-07-12 03:59 - 2018-06-08 15:05 - 001602048 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 000783872 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 000612352 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 000470016 _____ (Microsoft Corporation) C:\windows\system32\centel.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 000443392 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 000301056 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2018-07-12 03:59 - 2018-06-08 15:05 - 000246272 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-07-26 04:12 - 2016-01-26 12:46 - 000001004 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job 2018-07-26 04:00 - 2009-07-14 06:45 - 000031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-07-26 04:00 - 2009-07-14 06:45 - 000031536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-07-26 03:58 - 2016-11-25 19:13 - 000000344 _____ C:\windows\Tasks\{2D0E1AE0-044C-4654-803F-7314B2656530}.job 2018-07-26 03:57 - 2016-09-25 13:57 - 000000352 _____ C:\windows\Tasks\{32F8A50F-B0E5-9A67-235D-4D253F24B6EA}.job 2018-07-26 03:51 - 2016-11-19 18:04 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Mozilla 2018-07-26 02:29 - 2017-03-18 10:55 - 000000270 _____ C:\windows\Tasks\{6E925741-CFD2-85F5-554F-6F5CD46F5BB3}.job 2018-07-26 02:28 - 2017-02-27 18:01 - 000000284 _____ C:\windows\Tasks\{6E3CBFAE-E703-7847-2926-2EAC3FC5C8D5}.job 2018-07-26 02:28 - 2016-11-07 19:59 - 000000338 _____ C:\windows\Tasks\{6525CB6C-7411-A4FD-545C-35E9616A8E43}.job 2018-07-26 02:05 - 2013-12-14 00:00 - 000000932 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2840372283-3277346836-1678619748-1002UA.job 2018-07-26 02:00 - 2012-10-18 00:21 - 000007601 _____ C:\Users\Robert\AppData\Local\Resmon.ResmonCfg 2018-07-26 00:55 - 2012-11-20 03:23 - 000000304 _____ C:\windows\Tasks\RMAutoUpdate.job 2018-07-26 00:55 - 2012-11-20 03:20 - 000000000 ____D C:\ProgramData\TEMP 2018-07-26 00:54 - 2016-01-26 12:46 - 000001000 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job 2018-07-26 00:54 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT 2018-07-25 04:41 - 2012-04-18 02:53 - 001564032 _____ C:\windows\SysWOW64\PerfStringBackup.INI 2018-07-25 04:41 - 2012-04-18 01:27 - 000666708 _____ C:\windows\system32\perfh01D.dat 2018-07-25 04:41 - 2012-04-18 01:27 - 000144074 _____ C:\windows\system32\perfc01D.dat 2018-07-25 04:41 - 2009-07-14 07:13 - 001564032 _____ C:\windows\system32\PerfStringBackup.INI 2018-07-25 04:41 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf 2018-07-24 23:05 - 2013-12-14 00:00 - 000000910 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2840372283-3277346836-1678619748-1002Core.job 2018-07-23 23:11 - 2013-07-27 00:11 - 000000000 ____D C:\Users\Kicki\Documents\Outlook-filer 2018-07-23 23:09 - 2017-05-06 20:11 - 000000000 ____D C:\Users\Kicki\AppData\LocalLow\Mozilla 2018-07-23 19:13 - 2013-07-25 01:44 - 000000000 ____D C:\Users\Robert\Documents\Outlook-filer 2018-07-22 21:03 - 2014-07-07 18:40 - 000113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2018-07-22 18:09 - 2012-10-23 22:44 - 000000000 ____D C:\Intel 2018-07-22 18:09 - 2009-07-14 05:20 - 000000000 __SHD C:\Users\Public\Libraries 2018-07-22 18:02 - 2018-05-24 20:26 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat 2018-07-22 18:02 - 2018-05-24 15:45 - 000000000 ____D C:\Users\Jonatan\AppData\Local\UnrealEngine 2018-07-22 14:41 - 2012-10-18 17:29 - 000003924 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{49B7ED8B-99FA-46CC-9F36-6152835EC61A} 2018-07-22 14:29 - 2017-05-28 16:28 - 000000000 ____D C:\Users\Jonatan\AppData\Roaming\Rupego 2018-07-22 14:28 - 2016-09-25 14:57 - 000000604 _____ C:\Users\Jonatan\AppData\Roaming\WB.CFG 2018-07-22 14:10 - 2016-11-20 11:30 - 000000000 ____D C:\Users\Jonatan\AppData\LocalLow\Mozilla 2018-07-22 12:40 - 2012-10-18 18:07 - 000003932 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{23C8C752-D752-487F-935C-77AA34599D68} 2018-07-21 12:50 - 2016-12-10 12:04 - 000000000 ____D C:\Users\Sanna\AppData\LocalLow\Mozilla 2018-07-20 18:22 - 2009-07-14 05:20 - 000000000 ____D C:\windows\rescache 2018-07-20 15:36 - 2012-10-18 18:03 - 000003924 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{8C5058F9-0EE0-483E-B47E-40BCC2588FE0} 2018-07-20 15:27 - 2009-07-14 06:45 - 002265488 _____ C:\windows\system32\FNTCACHE.DAT 2018-07-17 00:02 - 2010-11-21 05:27 - 000563832 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe 2018-07-14 09:56 - 2015-04-15 03:58 - 000000000 ____D C:\windows\system32\appraiser 2018-07-14 01:19 - 2016-01-26 12:46 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-07-14 00:38 - 2016-08-02 20:32 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-07-14 00:38 - 2015-07-02 00:06 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task 2018-07-12 03:58 - 2013-07-26 02:37 - 000000000 ____D C:\windows\system32\MRT 2018-07-12 03:43 - 2012-10-18 00:33 - 134675576 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2018-07-08 01:23 - 2017-08-08 12:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-06-27 01:28 - 2017-01-31 13:41 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ==================== Files in the root of some directories ======= 2012-10-18 00:21 - 2018-07-26 02:00 - 000007601 _____ () C:\Users\Robert\AppData\Local\Resmon.ResmonCfg Files to move or delete: ==================== C:\Windows\Tasks\{2D0E1AE0-044C-4654-803F-7314B2656530}.job C:\Windows\Tasks\{32F8A50F-B0E5-9A67-235D-4D253F24B6EA}.job C:\Windows\Tasks\{6525CB6C-7411-A4FD-545C-35E9616A8E43}.job C:\Windows\Tasks\{6E3CBFAE-E703-7847-2926-2EAC3FC5C8D5}.job C:\Windows\Tasks\{6E925741-CFD2-85F5-554F-6F5CD46F5BB3}.job Some files in TEMP: ==================== 2002-07-03 17:34 - 2002-07-03 17:34 - 004924514 _____ (Macromedia, Inc.) C:\Users\Sanna\AppData\Local\Temp\setup.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\SysWOW64\wininit.exe => File is digitally signed C:\windows\explorer.exe => File is digitally signed C:\windows\SysWOW64\explorer.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\SysWOW64\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\SysWOW64\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\SysWOW64\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\dnsapi.dll => File is digitally signed C:\windows\SysWOW64\dnsapi.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-07-17 02:56 ==================== End of FRST.txt ============================ Addition.txt
  3. Hejsan! Har min mammas dator som har blivit så seg, hänger sig mitt i surfande för att 20-40sek senare fortsätta! Start av nya program kan ta flera minuter och att stänga av datorn tar flera minuter. Win uppdate funkar inte har haft på datorn över ett dygn utan att den hittar någonting. Har kört FRST så jag vore glad om någon kunde kolla om det finns några konstigheter i loggen. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016 Ran by Barbro (administrator) on BARBRO-HP (12-05-2016 21:42:12) Running from C:\Users\Barbro\Desktop Loaded Profiles: Barbro (Available Profiles: Barbro) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-17] (Advanced Micro Devices, Inc.) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-362326277-3939839522-939615748-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-362326277-3939839522-939615748-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-18\...\Run: [bredbandsbolaget Servicecenter] => C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe [443752 2010-01-20] (Bredbandsbolaget) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-14] (EasyBits Software Corp.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BankID säkerhetsprogram.lnk [2011-09-21] ShortcutTarget: BankID säkerhetsprogram.lnk -> C:\Program Files (x86)\Personal\bin\Personal.exe (No File) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C3F4FC6D-159A-405F-B242-19C2D990D8E9}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-362326277-3939839522-939615748-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQCON/10 SearchScopes: HKLM -> {6A121CF6-9CF1-4CF9-A05D-B0DCF16944EC} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM -> {A5083538-D0DD-4E6F-829B-A627ECC5EA35} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF SearchScopes: HKLM -> {AFF34859-ACAC-4AAF-BEB0-B74C9ACA2E7D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {6A121CF6-9CF1-4CF9-A05D-B0DCF16944EC} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 -> {A5083538-D0DD-4E6F-829B-A627ECC5EA35} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF SearchScopes: HKLM-x32 -> {AFF34859-ACAC-4AAF-BEB0-B74C9ACA2E7D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-362326277-3939839522-939615748-1000 -> {6A121CF6-9CF1-4CF9-A05D-B0DCF16944EC} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-362326277-3939839522-939615748-1000 -> {A5083538-D0DD-4E6F-829B-A627ECC5EA35} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF SearchScopes: HKU\S-1-5-21-362326277-3939839522-939615748-1000 -> {AFF34859-ACAC-4AAF-BEB0-B74C9ACA2E7D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-23] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation) BHO-x32: Bredbandsbolaget Servicecenter Plugin -> {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} -> C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll [2010-01-20] (Bredbandsbolaget) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-23] (Oracle Corporation) Toolbar: HKU\S-1-5-21-362326277-3939839522-939615748-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File FireFox: ======== FF ProfilePath: C:\Users\Barbro\AppData\Roaming\Mozilla\Firefox\Profiles\cau1lokj.default-1414015575459 FF SelectedSearchEngine: DuckDuckGo FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-13] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-09-13] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.) FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.5.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File] FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-23] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-23] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-362326277-3939839522-939615748-1000: @nsroblox.roblox.com/launcher -> C:\Users\Barbro\AppData\Local\Roblox\Versions\version-d2fd1d56447746e9\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation) FF Plugin HKU\S-1-5-21-362326277-3939839522-939615748-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Barbro\AppData\Local\Roblox\Versions\version-d2fd1d56447746e9\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation) ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] S4 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-30] () S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed] R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) S4 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-04-20] (Realtek Semiconductor Corp.) [File not signed] S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) S4 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia) S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-05-12 21:42 - 2016-05-12 21:43 - 00011280 _____ C:\Users\Barbro\Desktop\FRST.txt 2016-05-12 21:28 - 2016-05-12 21:41 - 00000000 ____D C:\FRST 2016-05-12 21:23 - 2016-05-12 21:23 - 02381312 _____ (Farbar) C:\Users\Barbro\Desktop\FRST64.exe 2016-05-11 10:18 - 2016-05-11 10:18 - 39641424 _____ C:\Users\Barbro\Downloads\bankid_installation(34).exe 2016-05-11 10:17 - 2016-05-11 10:18 - 39641424 _____ C:\Users\Barbro\Downloads\bankid_installation(33).exe 2016-05-11 10:00 - 2016-05-11 10:03 - 39641424 _____ C:\Users\Barbro\Downloads\bankid_installation(32).exe 2016-05-11 09:56 - 2016-05-11 09:57 - 39641424 _____ C:\Users\Barbro\Downloads\bankid_installation(31).exe 2016-05-11 09:56 - 2016-05-11 09:56 - 39641424 _____ C:\Users\Barbro\Downloads\bankid_installation(30).exe 2016-05-11 09:51 - 2016-05-11 09:52 - 39641424 _____ C:\Users\Barbro\Downloads\bankid_installation(29).exe 2016-05-01 15:52 - 2016-05-01 15:52 - 35944016 _____ C:\Users\Barbro\Downloads\bankid_installation(28).exe 2016-04-18 10:24 - 2016-04-18 10:24 - 35944016 _____ C:\Users\Barbro\Downloads\bankid_installation(27).exe 2016-04-17 21:49 - 2016-04-17 21:51 - 35944016 _____ C:\Users\Barbro\Downloads\bankid_installation(26).exe 2016-04-17 21:47 - 2016-04-17 21:48 - 35944016 _____ C:\Users\Barbro\Downloads\bankid_installation(25).exe 2016-04-17 21:41 - 2016-04-17 21:42 - 35944016 _____ C:\Users\Barbro\Downloads\bankid_installation(24).exe 2016-04-15 15:30 - 2016-05-11 10:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-04-15 15:29 - 2016-04-15 15:29 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2016-04-15 15:29 - 2016-04-15 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2016-04-15 15:29 - 2016-04-15 15:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-04-15 15:29 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-04-15 15:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-04-15 15:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-04-15 15:23 - 2016-04-15 15:25 - 22851472 _____ (Malwarebytes ) C:\Users\Barbro\Downloads\mbam-setup-2.2.1.1043.exe 2016-04-12 22:21 - 2016-04-13 09:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-05-12 21:27 - 2009-07-14 06:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-05-12 21:27 - 2009-07-14 06:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-05-12 21:26 - 2014-10-24 01:19 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-05-12 11:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-11 15:35 - 2013-01-29 20:20 - 00000000 ____D C:\Windows\pss 2016-04-26 15:54 - 2010-07-14 14:42 - 00668266 _____ C:\Windows\system32\perfh01D.dat 2016-04-26 15:54 - 2010-07-14 14:42 - 00145158 _____ C:\Windows\system32\perfc01D.dat 2016-04-26 15:54 - 2009-07-14 07:13 - 01594346 _____ C:\Windows\system32\PerfStringBackup.INI 2016-04-26 15:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2016-04-22 09:57 - 2011-05-25 17:35 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-04-21 23:12 - 2013-12-24 01:32 - 00000000 ____D C:\Users\Barbro\AppData\Local\CrashDumps 2016-04-13 21:32 - 2013-08-23 11:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service ==================== Files in the root of some directories ======= 2010-12-20 10:59 - 2010-12-20 10:59 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log 2010-07-14 16:09 - 2010-07-14 16:09 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log 2010-12-20 10:59 - 2010-12-20 10:59 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log 2010-07-14 16:03 - 2010-07-14 16:04 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log 2010-12-20 10:58 - 2010-12-20 10:58 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log 2010-12-20 10:59 - 2010-12-20 10:59 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log 2010-07-14 16:02 - 2010-07-14 16:03 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log 2010-07-14 16:04 - 2010-07-14 16:09 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log 2010-12-20 11:00 - 2010-12-20 11:00 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-11-23 13:11 ==================== End of FRST.txt ============================ Mvh Robert Addition.txt
  4. Så där ja då får den anses som frisk. Har även använt Secunias program så nu är den uppdaterad också! Som sagt var JÄTTE tack för hjälpen. :)
  5. Tycker att den funkar helt ok. Du gör ett fantastiskt jobb med detta måste jag säga. :)
  6. Nu äntligen är den klar! Detta var vad den hittade. C:\AdwCleaner\Quarantine\C\Users\Barbro\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir a variant of Android/Mobserv.A potentially unwanted application
  7. Måste ändå bara säga att DU är suveränt snabb att svara. Nu när datorn startade om så går iaf. firefox igång på en gång ca 5sek. Helt OK det lilla jag har provat än så länge. Har du sett nå konstigt i loggarna? # AdwCleaner v4.001 - Report created 23/10/2014 at 15:56:28 # DB v2014-10-21.1 # Updated 20/10/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Barbro - BARBRO-HP # Running from : C:\Users\Barbro\Desktop\adwcleaner_4.001.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Barbro\AppData\Local\genienext Folder Deleted : C:\Users\Barbro\AppData\Local\Mobogenie Folder Deleted : C:\Users\Barbro\Documents\Mobogenie File Deleted : C:\Users\Barbro\daemonprocess.txt ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E} Key Deleted : HKCU\Software\Softonic Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17344 -\\ Mozilla Firefox v33.0 (x86 sv-SE) ************************* AdwCleaner[R0].txt - [1485 octets] - [23/10/2014 15:12:39] AdwCleaner[R1].txt - [1545 octets] - [23/10/2014 15:49:05] AdwCleaner[R2].txt - [1605 octets] - [23/10/2014 15:52:43] AdwCleaner[s0].txt - [1487 octets] - [23/10/2014 15:56:28] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1547 octets] ##########
  8. Här var det snabba svar! EDIT. Detta var det som ESSET hittade "Mobogenie". # AdwCleaner v4.001 - Report created 23/10/2014 at 15:12:39 # Updated 20/10/2014 by Xplode # Database : 2014-10-21.1 # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Barbro - BARBRO-HP # Running from : C:\Users\Barbro\Desktop\adwcleaner_4.001.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\Users\Barbro\daemonprocess.txt Folder Found : C:\Users\Barbro\AppData\Local\genienext Folder Found : C:\Users\Barbro\AppData\Local\Mobogenie Folder Found : C:\Users\Barbro\Documents\Mobogenie ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\Softonic Key Found : [x64] HKCU\Software\Softonic Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17344 -\\ Mozilla Firefox v33.0 (x86 sv-SE) ************************* AdwCleaner[R0].txt - [1333 octets] - [23/10/2014 15:12:39] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1393 octets] ##########
  9. Hejsan! Har en vän med otroligt seg dator, firefox tar ca 1min att starta och när man väl är där så kan den "hoppa" bakåt ett par sidor helt utan anledning. Detta började för ca 3v sedan. Hennes son har kört någon Online scan (ESSET tror han att den hette?) men hon visste inte själv vilken, den hade hitta 7 hot som åtgärdades Har kört Mbam hittar ingenting. Virusprogrammet hittar ingenting, tog 12 timmar att köra!? Här kommer FRST-loggen iaf. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2014 Ran by Barbro (administrator) on BARBRO-HP on 23-10-2014 14:23:31 Running from C:\Users\Barbro\Desktop Loaded Profile: Barbro (Available profiles: Barbro) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Svenska (Sverige) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Technology Nexus AB) C:\Program Files (x86)\Personal\bin\Personal.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6245408 2010-05-26] (Realtek Semiconductor) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-17] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-362326277-3939839522-939615748-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-362326277-3939839522-939615748-1000\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-18\...\Run: [bredbandsbolaget Servicecenter] => C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe [443752 2010-01-20] (Bredbandsbolaget) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BankID säkerhetsprogram.lnk ShortcutTarget: BankID säkerhetsprogram.lnk -> C:\Program Files (x86)\Personal\bin\Personal.exe (Technology Nexus AB) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/10 SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {6A121CF6-9CF1-4CF9-A05D-B0DCF16944EC} URL = http://sv.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM - {A5083538-D0DD-4E6F-829B-A627ECC5EA35} URL = http://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {6A121CF6-9CF1-4CF9-A05D-B0DCF16944EC} URL = http://sv.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 - {A5083538-D0DD-4E6F-829B-A627ECC5EA35} URL = http://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF SearchScopes: HKCU - {6A121CF6-9CF1-4CF9-A05D-B0DCF16944EC} URL = http://sv.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKCU - {A5083538-D0DD-4E6F-829B-A627ECC5EA35} URL = http://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Bredbandsbolaget Servicecenter Plugin -> {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} -> C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll (Bredbandsbolaget) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-14] (EasyBits Software Corp.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Barbro\AppData\Roaming\Mozilla\Firefox\Profiles\cau1lokj.default-1414015575459 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @se.nexus/Personal -> C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed] S4 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-30] () S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed] R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) S4 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-04-20] (Realtek Semiconductor Corp.) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-23 14:23 - 2014-10-23 14:24 - 00010856 _____ () C:\Users\Barbro\Desktop\FRST.txt 2014-10-23 14:22 - 2014-10-23 14:23 - 00000000 ____D () C:\FRST 2014-10-23 14:22 - 2014-10-23 14:22 - 02112000 _____ (Farbar) C:\Users\Barbro\Desktop\FRST64.exe 2014-10-23 14:21 - 2014-10-23 14:21 - 01103360 _____ (Farbar) C:\Users\Barbro\Desktop\FRST.exe 2014-10-23 01:39 - 2014-10-23 01:39 - 00002598 _____ () C:\Windows\DPINST.LOG 2014-10-23 00:06 - 2014-10-23 00:06 - 00000000 ____D () C:\Users\Barbro\Desktop\Gammal Firefox-data 2014-10-23 00:02 - 2014-10-23 00:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-22 19:02 - 2014-10-22 19:02 - 02347384 _____ (ESET) C:\Users\Barbro\Desktop\esetsmartinstaller_enu.exe 2014-10-22 19:02 - 2014-10-22 19:02 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-10-19 16:49 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-19 16:35 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-19 16:33 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-19 16:33 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-19 16:32 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-10-19 16:32 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-10-19 16:32 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-10-19 16:32 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-19 16:32 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-19 16:32 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-19 16:32 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-19 16:32 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-19 16:32 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-19 16:32 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-19 16:32 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-19 16:32 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-19 16:32 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-19 16:32 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-19 16:32 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-19 16:32 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-19 16:32 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-19 16:32 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-19 16:32 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-19 16:32 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-19 16:32 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-19 16:32 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-19 16:32 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-19 16:32 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-19 16:32 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-19 16:32 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-19 16:32 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-19 16:31 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-19 16:31 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-19 16:31 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-19 16:31 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-19 16:31 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-19 16:31 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-19 16:31 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-19 16:31 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-19 16:31 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-19 16:31 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-19 16:31 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-19 16:31 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-19 16:31 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-19 16:31 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-19 16:31 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-19 16:31 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-19 16:31 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-19 16:31 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-19 16:31 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-19 16:31 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-19 16:31 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-19 16:31 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-19 16:31 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-19 16:31 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-19 16:31 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-19 16:31 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-19 16:31 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-19 16:31 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-19 16:31 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-19 16:31 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-19 16:31 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-19 16:31 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-19 16:31 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-19 16:31 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-19 16:31 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-19 16:31 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-19 16:31 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-19 16:31 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-19 16:31 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-19 16:31 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-19 16:26 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-19 16:26 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-19 16:26 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-19 16:26 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-19 16:26 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-19 16:26 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-19 16:26 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-19 16:26 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-19 16:26 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-19 16:26 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-19 16:26 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-19 16:23 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-19 16:23 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-19 16:23 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-19 16:22 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-09-30 23:05 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-09-30 23:05 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-27 11:45 - 2014-10-22 20:50 - 00001344 _____ () C:\Windows\setupact.log 2014-09-27 11:45 - 2014-09-27 11:45 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-25 15:42 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-09-25 15:42 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-09-25 15:42 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-09-25 15:42 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-09-25 15:42 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-09-25 15:42 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-09-25 15:42 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-09-25 15:42 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-09-25 15:42 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-09-25 15:42 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-09-25 15:42 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-09-25 15:42 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-09-25 15:20 - 2014-09-25 15:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-09-25 15:20 - 2014-09-25 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-25 15:20 - 2014-09-25 15:19 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-09-25 15:20 - 2014-09-25 15:19 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-09-25 15:20 - 2014-09-25 15:19 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-09-25 15:19 - 2014-09-25 15:19 - 00000000 ____D () C:\Program Files (x86)\Java 2014-09-25 15:06 - 2014-09-25 15:07 - 00004601 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log 2014-09-25 15:05 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-25 15:05 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-23 14:12 - 2013-07-21 16:26 - 01114074 _____ () C:\Windows\WindowsUpdate.log 2014-10-23 01:42 - 2014-01-22 16:52 - 00000000 ____D () C:\Users\Barbro\AppData\Local\Mobogenie 2014-10-23 01:41 - 2010-07-14 14:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-10-23 00:06 - 2013-08-23 11:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-22 23:36 - 2014-06-17 14:03 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-22 23:36 - 2014-06-17 14:03 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-10-22 23:36 - 2014-06-17 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-10-22 23:36 - 2014-06-17 14:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-10-22 20:58 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-22 20:58 - 2009-07-14 06:45 - 00026192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-22 20:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-20 16:11 - 2009-07-14 06:45 - 00305464 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-20 16:08 - 2014-05-06 20:28 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-10-15 13:59 - 2013-08-23 12:20 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-15 13:52 - 2011-05-14 17:12 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-01 11:11 - 2014-06-17 14:03 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-01 11:11 - 2014-06-17 14:03 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-01 11:11 - 2014-06-17 14:03 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-09-25 16:14 - 2013-12-24 01:32 - 00000000 ____D () C:\Users\Barbro\AppData\Local\CrashDumps 2014-09-25 15:21 - 2014-04-24 17:59 - 00000000 ____D () C:\ProgramData\Oracle Some content of TEMP: ==================== C:\Users\Barbro\AppData\Local\Temp\_isD51E.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-02 12:08 ==================== End Of Log ============================
  10. Har kört den och den verkar inte hitta något! Så med andra ord så ska det vara risk fritt nu! # AdwCleaner v3.017 - Report created 16/01/2014 at 19:19:28 # Updated 12/01/2014 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Robert - LARSSONS # Running from : C:\Users\Robert\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Robert\AppData\Roaming\registry mechanic ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v16.0.1 (sv-SE) [ File : C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\tspebyy9.default-1351105419330\prefs.js ] [ File : C:\Users\Kicki\AppData\Roaming\Mozilla\Firefox\Profiles\c54gup7i.default\prefs.js ] [ File : C:\Users\Jonatan\AppData\Roaming\Mozilla\Firefox\Profiles\oknsj4a6.default\prefs.js ] [ File : C:\Users\Sanna\AppData\Roaming\Mozilla\Firefox\Profiles\4zage0n1.default\prefs.js ] ************************* AdwCleaner[R0].txt - [1152 octets] - [16/01/2014 19:18:09] AdwCleaner[s0].txt - [1077 octets] - [16/01/2014 19:19:28] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1137 octets] ########## Och tack än en gång för den snabba hjälpen.
  11. Jag körde den i samband med att jag kollade igenom datorn om jag hittade något! EDIT: Kan den ha tagit bort den
  12. Jaha ja... Nu blir jag lite osäker här!? Jag upplevde datorn lite seg och avinstallerade esets-onlinescan och även psi-secunita. Och efter det när jag startat om firefox så är den tillbaks (nation zoom) som en flik sist i raden!? Stängde ner webbläsare och kollade i datorn om jag hittar någonting efter den men nej så då startat jag om firefox och då är den borta!? Så nu är jag ganska villrådig! så vad göra jag skickar en DDS logg med iaf!? DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 Run by Robert at 16:43:28 on 2014-01-16 Microsoft Windows 7 Professional 6.1.7601.1.1252.46.1053.18.6027.4190 [GMT 1:00] . AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\windows\system32\svchost.exe -k GPSvcGroup C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Bluetooth Suite\adminservice.exe c:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\System32\WUDFHost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\system32\taskhost.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com uDefault_Page_URL = hxxp://www.google.com mStart Page = hxxp://www.google.com mSearch Page = hxxp://www.google.com mDefault_Page_URL = hxxp://www.google.com mDefault_Search_URL = hxxp://www.google.com mWinlogon: Userinit = userinit.exe, BHO: File Sanitizer for HP ProtectTools: {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL uRun: [Facebook Update] "C:\Users\Robert\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: DisableCAD = dword:1 IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Ski&cka till OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 TCP: NameServer = 192.168.1.1 TCP: Interfaces\{15C9309F-2D61-4493-A2EB-A27D30C302E8} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{15C9309F-2D61-4493-A2EB-A27D30C302E8}\4556C6562394E6475627E65647D21353333443 : DHCPNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{15C9309F-2D61-4493-A2EB-A27D30C302E8}\D4F68656D663 : DHCPNameServer = 168.95.1.1 192.168.6.1 TCP: Interfaces\{C2169304-81CF-4364-BABE-34D00756F2CD} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Notify: DeviceNP - DeviceNP.dll SSODL: WebCheck - <orphaned> LSA: Notification Packages = DPPassFilter scecli mASetup: {438363A8-F486-4C37-834C-4955773CB3D3} - msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn x64-mStart Page = hxxp://www.google.com x64-mSearch Page = hxxp://www.google.com x64-mDefault_Page_URL = hxxp://www.google.com x64-mDefault_Search_URL = hxxp://www.google.com x64-mWinlogon: Userinit = C:\windows\System32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox\Profiles\tspebyy9.default-1351105419330\ FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/|http://www.faktiskt.se/modules.php?name=Forums|http://www.nsd.se/ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl.dll FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl64.dll FF - plugin: C:\Users\Robert\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll . ============= SERVICES / DRIVERS =============== . R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\windows\System32\drivers\amdkmpfd.sys [2012-3-20 32896] R0 iusb3hcs;Switchdrivrutin för Intel® USB 3.0 Värdstyrenhet;C:\windows\System32\drivers\iusb3hcs.sys [2012-3-27 19224] R0 MfeEpeOpal;MfeEpeOpal;C:\windows\System32\drivers\MfeEpeOpal.sys [2012-3-22 93640] R0 MfeEpePc;MfeEpePc;C:\windows\System32\drivers\MfeEpePc.sys [2012-3-22 158792] R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-9-27 248240] R1 archlp;archlp;C:\windows\System32\drivers\archlp.sys [2012-9-26 136192] R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-8-8 211072] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-4-18 13592] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-3-7 629984] R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-9-26 128280] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-9-26 165144] R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2012-8-30 134944] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-9-26 363800] R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;C:\windows\System32\drivers\ArcSoftVCapture.sys [2012-9-26 42816] R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2012-9-26 88728] R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2012-9-26 344216] R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\windows\System32\drivers\btath_avdt.sys [2012-9-26 114840] R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2012-9-26 33944] R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2012-9-26 178840] R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2012-9-26 77464] R3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2012-9-26 135832] R3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2012-9-26 574616] R3 IntcDAud;Intel® Bildskärmsljud;C:\windows\System32\drivers\IntcDAud.sys [2011-12-6 331264] R3 intelkmd;intelkmd;C:\windows\System32\drivers\igdpmd64.sys [2012-3-26 14748416] R3 iusb3hub;Drivrutin för Intel® USB 3.0 Nav;C:\windows\System32\drivers\iusb3hub.sys [2012-3-27 356632] R3 iusb3xhc;Drivrutin för Intel® USB 3.0 Utbyggbar värdstyrenhet;C:\windows\System32\drivers\iusb3xhc.sys [2012-3-27 789272] R3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2012-2-28 173656] R3 NisSrv;Microsoft Nätverkskontroll;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-4-18 648808] R3 SPUVCbv;SPUVCb Driver Service;C:\windows\System32\drivers\SPUVCBv_x64.sys [2012-9-26 1062008] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S3 DAMDrv;DAMDrv;C:\windows\System32\drivers\DAMDrv64.sys [2012-1-31 64312] S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2013-12-30 111616] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-10-26 19456] S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136] S3 Tdsshbecr;Handelsbanken card reader;C:\windows\System32\drivers\shbecr.sys [2012-10-17 50176] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-10-26 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2012-10-26 30208] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\windows\System32\Wat\WatAdminSvc.exe [2012-10-18 1255736] S4 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-3-29 235520] S4 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2012-1-31 477056] S4 HP Power Assistant Service;HP Power Assistant Service;C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2012-3-14 152992] S4 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-10 86072] S4 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040] S4 hpCMSrv;HP Connection Manager 4 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-3-15 1420160] S4 HPFSService;File Sanitizer for HP ProtectTools;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2012-3-22 372824] S4 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-3-14 365440] S4 hpsrv;HP Service;C:\windows\System32\hpservice.exe [2012-3-16 33560] S4 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2012-3-21 1327104] S4 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-11-20 794272] S4 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-4-18 1134584] S4 PdiService;Portrait Displays SDK Service;C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2012-9-26 117552] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S4 uArcCapture;ArcCapture;C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe [2012-9-26 498352] S4 vcsFPService;Validity VCS Fingerprint Service;C:\windows\System32\vcsFPService.exe [2012-3-20 2694224] S4 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-8-8 323584] . =============== File Associations =============== . ShellExec: DigitalTheatre.exe: open="c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTStart.exe" "%1" . =============== Created Last 30 ================ . 2014-01-16 14:42:01 -------- d-----w- C:\Users\Robert\AppData\Roaming\Registry Mechanic 2014-01-16 01:35:01 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{70F67D3A-60F4-4736-8A0D-609EF463CCA8}\mpengine.dll 2014-01-16 01:32:33 99840 ----a-w- C:\windows\System32\drivers\usbccgp.sys 2014-01-16 01:32:33 7808 ----a-w- C:\windows\System32\drivers\usbd.sys 2014-01-16 01:32:33 53248 ----a-w- C:\windows\System32\drivers\usbehci.sys 2014-01-16 01:32:33 343040 ----a-w- C:\windows\System32\drivers\usbhub.sys 2014-01-16 01:32:33 325120 ----a-w- C:\windows\System32\drivers\usbport.sys 2014-01-16 01:32:33 3156480 ----a-w- C:\windows\System32\win32k.sys 2014-01-16 01:32:33 30720 ----a-w- C:\windows\System32\drivers\usbuhci.sys 2014-01-16 01:32:33 25600 ----a-w- C:\windows\System32\drivers\usbohci.sys 2014-01-16 01:32:32 376768 ----a-w- C:\windows\System32\drivers\netio.sys 2014-01-16 01:28:51 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll 2014-01-16 01:28:51 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll 2014-01-16 01:28:51 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll 2014-01-16 01:28:51 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll 2014-01-16 01:28:51 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll 2014-01-16 00:25:41 -------- d-----w- C:\Users\Robert\AppData\Local\Secunia PSI 2014-01-16 00:25:30 -------- d-----w- C:\Program Files (x86)\Secunia 2014-01-15 23:13:07 25928 ----a-w- C:\windows\System32\drivers\mbam.sys 2014-01-15 23:13:07 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-01-15 20:53:22 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2014-01-12 23:08:24 -------- d-----w- C:\ProgramData\STOPzilla! 2014-01-12 22:32:33 -------- d-----w- C:\Program Files\Enigma Software Group 2014-01-12 22:31:24 -------- d-----w- C:\windows\72AAF4551E54475BB0AB5413C78D0E63.TMP 2014-01-12 22:31:23 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard 2014-01-11 20:59:04 -------- d-----w- C:\ProgramData\IePluginService 2013-12-30 00:14:00 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe 2013-12-30 00:14:00 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 2013-12-30 00:14:00 12625920 ----a-w- C:\windows\System32\wmploc.DLL 2013-12-30 00:13:59 12625408 ----a-w- C:\windows\SysWow64\wmploc.DLL 2013-12-30 00:11:59 5769216 ----a-w- C:\windows\System32\jscript9.dll 2013-12-30 00:11:59 4243968 ----a-w- C:\windows\SysWow64\jscript9.dll 2013-12-30 00:02:33 465920 ----a-w- C:\windows\System32\WMPhoto.dll 2013-12-30 00:02:33 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll 2013-12-30 00:02:30 335360 ----a-w- C:\windows\System32\msieftp.dll 2013-12-30 00:02:30 301568 ----a-w- C:\windows\SysWow64\msieftp.dll 2013-12-30 00:02:26 81408 ----a-w- C:\windows\System32\imagehlp.dll 2013-12-30 00:02:26 159232 ----a-w- C:\windows\SysWow64\imagehlp.dll 2013-12-30 00:02:25 2048 ----a-w- C:\windows\SysWow64\tzres.dll 2013-12-30 00:02:25 2048 ----a-w- C:\windows\System32\tzres.dll 2013-12-30 00:02:14 230400 ----a-w- C:\windows\System32\drivers\portcls.sys 2013-12-30 00:02:14 116736 ----a-w- C:\windows\System32\drivers\drmk.sys 2013-12-30 00:01:58 156160 ----a-w- C:\windows\System32\cscript.exe 2013-12-30 00:01:58 150016 ----a-w- C:\windows\System32\wshom.ocx 2013-12-30 00:01:58 121856 ----a-w- C:\windows\SysWow64\wshom.ocx 2013-12-30 00:01:57 202752 ----a-w- C:\windows\System32\scrrun.dll 2013-12-30 00:01:57 168960 ----a-w- C:\windows\System32\wscript.exe 2013-12-30 00:01:57 163840 ----a-w- C:\windows\SysWow64\scrrun.dll 2013-12-30 00:01:57 141824 ----a-w- C:\windows\SysWow64\wscript.exe 2013-12-30 00:01:57 126976 ----a-w- C:\windows\SysWow64\cscript.exe . ==================== Find3M ==================== . 2014-01-16 01:31:29 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-01-16 01:31:29 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-11-26 10:19:07 2724864 ----a-w- C:\windows\System32\mshtml.tlb 2013-11-26 10:18:23 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll 2013-11-26 09:48:07 66048 ----a-w- C:\windows\System32\iesetup.dll 2013-11-26 09:46:25 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll 2013-11-26 09:23:02 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb 2013-11-26 09:18:39 139264 ----a-w- C:\windows\System32\ieUnatt.exe 2013-11-26 09:18:09 111616 ----a-w- C:\windows\System32\ieetwcollector.exe 2013-11-26 09:16:57 708608 ----a-w- C:\windows\System32\jscript9diag.dll 2013-11-26 08:28:16 553472 ----a-w- C:\windows\SysWow64\jscript9diag.dll 2013-11-26 08:02:16 1995264 ----a-w- C:\windows\System32\inetcpl.cpl 2013-11-26 07:32:06 1928192 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2013-11-26 07:07:57 2334208 ----a-w- C:\windows\System32\wininet.dll 2013-11-26 06:33:33 1820160 ----a-w- C:\windows\SysWow64\wininet.dll 2013-11-19 10:21:41 267936 ------w- C:\windows\System32\MpSigStub.exe 2013-10-30 02:52:54 1795952 ----a-w- C:\windows\System32\WdfCoInstaller01011.dll 2013-10-30 02:52:50 169712 ----a-w- C:\windows\SysWow64\SynTPCom.dll 2013-10-30 02:52:48 549104 ----a-w- C:\windows\System32\drivers\SynTP.sys 2013-10-30 02:52:48 422640 ----a-w- C:\windows\System32\SynTPCo19.dll 2013-10-30 02:52:48 252144 ----a-w- C:\windows\System32\SynTPAPI.dll 2013-10-30 02:52:42 723184 ----a-w- C:\windows\System32\SynCOM.dll 2013-10-30 02:52:42 400624 ----a-w- C:\windows\SysWow64\SynCom.dll 2013-10-30 02:52:36 161880 ----a-w- C:\windows\System32\pca-manta.bin 2013-10-30 02:52:34 92 ----a-w- C:\windows\System32\calibration.bin . ============= FINISH: 16:43:55,03 =============== EDIT: glömde bifoga attach filen attach.txt
  13. Och som vanligt Cecilia så måste jag TACKA hjärtligt för den super snabba hjälpen du ger. :thumbsup: Har nu städat datorn klart, ska bara köra Secunias program för att se om jag behöver uppdatera någonting! Än en gång JÄTTE tack för hjälpen.
  14. Den syns direkt i listan när jag klickar på start-knappen? Jag högerklickade och tog bort den! den försvann. Jag har även sökt efter den i sök funktionen och den hittar ingenting. För tillfället har jag inga mera frågor.
×
×
  • Skapa nytt...