Just nu i M3-nätverket
Gå till innehåll

SweetPack vägrar försvinna


Bert

Rekommendera Poster

Jag kör Windows Vista och Chrome browser. Tidigare fungerade Chrome så att vid klick på "Ny flik", fick jag en sida med ofta använda länkar. Numera blir resultatet ett felmeddelande med följande text:

 

"Det fanns ingen webbsida på webbadressen: chrome-extension://ogccgbmabaphcakpiclgcnmcnimhokcj/newtab.html"

 

Skurken är, har jag kommit underfund med någonting som heter: SweetPacks Chrome Extension 1.3.0.2 och är installerad av tredje part.

 

Jag kan avlägsna programmet genom att gå till "Verktyg" och "Tillägg". Problemet är att när jag kör Chrome på nytt är SweetPack installerat på nytt, utan att jag velat ha det. Hur ska jag slippa skräpet.

Länk till kommentar
Dela på andra webbplatser

Hej,

Aldrig hört talas om det, men går det inte att avinstallera detta den vanliga vägen via Kontrollpanelen > Program

Länk till kommentar
Dela på andra webbplatser

Om det inte går/hjälper så kan vi se vad OTL visar.

Spara OTL på Skrivbordet.

http://oldtimer.geekstogo.com/OTL.exe

Stäng alla program.

Kör OTL.

 

Under Output högt upp så välj Minimal Output.

Bocka för LOP Check och Purity Check.

Tryck på Run Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTL.txt och Extras.txt. I ditt svar klistrar du in loggen OTL.txt. Medan du bifogar Extras.txt som en fil.

Länk till kommentar
Dela på andra webbplatser

Hoppas att jag har lyckats göra det du bad om och att det kanske också kan ge tips om varför Vista är så trög och fläkten sätter i gång vid minsta arbete. Så här ser OTL.txt ut:

 

 

OTL logfile created on: 13.2.2013 18:28:48 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bert\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000081D | Country: Finland | Language: SVF | Date Format: d.M.yyyy

 

1,87 Gb Total Physical Memory | 1,09 Gb Available Physical Memory | 58,00% Memory free

3,98 Gb Paging File | 2,88 Gb Available in Paging File | 72,28% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 91,45 Gb Total Space | 22,85 Gb Free Space | 24,98% Space Free | Partition Type: NTFS

Drive D: | 45,72 Gb Total Space | 30,40 Gb Free Space | 66,50% Space Free | Partition Type: NTFS

 

Computer Name: VISTA | User Name: Bert | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Bert\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\AVG Secure Search\vprot.exe ()

PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe ()

PRC - C:\Program Files\Java\jre7\launch4j-tmp\JShotTray.exe (Oracle Corporation)

PRC - C:\Users\Bert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program Files\Soluto\SolutoLauncherService.exe (Soluto)

PRC - C:\Program Files\Soluto\SolutoService.exe (Soluto)

PRC - C:\Program Files\Soluto\soluto.exe (Soluto)

PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)

PRC - C:\program files\25 clips\25clips.exe (M8 Software)

PRC - C:\Program Files\DNA\ESUS_DNA\ESUS_DNA.exe ()

PRC - C:\Program Files\Storegate\Autostore\AutoStoreSvc.exe (Storegate AB)

PRC - C:\Program Files\Emotum\Mobile Broadband Service\NvtlSrvr.exe ()

PRC - C:\Program Files\Norman\Ngs\Bin\Nnf.exe (Norman ASA)

PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)

PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)

PRC - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

PRC - C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

PRC - C:\Program Files\TouchFreeze\TouchFreeze.exe ()

PRC - C:\program files\casio\photo loader\plauto.exe (CASIO COMPUTER CO.,LTD.)

PRC - C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe ()

PRC - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGHIDProbe\f353c603c8099616564333f6ff959b69\PCGHIDProbe.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15e2d7f51f15830591727d6d6a1e4032\System.ServiceProcess.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Soluto\bb37b62f7248a84e0c29426e283836a1\Soluto.ni.exe ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6f841ac0a2ce41ee61f1433bfb51934f\System.Windows.Forms.ni.dll ()

MOD - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\SiteSafety.dll ()

MOD - C:\Program Files\AVG Secure Search\vprot.exe ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPostBootResources\f06f6c7fef8c6b99320578218ab223b0\PCGPostBootResources.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGRSPProbe\1b3aa4cdf4bcf044d1cbbd028cc9b75c\PCGRSPProbe.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Community.CsharpSql#\fa7ad0175d62cbd93ad88b3999a2606b\Community.CsharpSqlite.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGWuInfo\dd51f7499e0462f22bf02d641bc69a2c\PCGWuInfo.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\34ad86718590a1d118ff6ac502aca9c4\Interop.IWshRuntimeLibrary.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\a40e02ee99efbbebdcbe426a9f3ed1ea\PCGUsersCenter.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAppControlPlugin#\eeaf6b9b9cc12fb4838e3abaca1e8241\PCGAppControlPluginLoader.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGClientCommon\d9917c06c4931fb99096cbef1d2ecfd2\PCGClientCommon.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\5d9002e67d6d589d92b37ddc67c56656\PCGBootVisualizingCommon.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\c6a31a7a1dc19455ae1b9660ecb8bd94\PCGDriverProbe.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\4071bf24a33d84197f8a7dfa3e3b3aa3\PCGConfiguration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDatabase\2eee650c841475016d4849b45bc81f51\PCGDatabase.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\10861730d44383405ab72e4f58efd25e\PCGAzureEntityFramework.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureShared\c4c63167434616540787d6168450db30\PCGAzureShared.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGCommunication\889c24fcac3327ad7ee78d2ed5106a52\PCGCommunication.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPreCompiled\f2ce9ca6f2244a2ca14405d76bf39268\PCGPreCompiled.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPrestoSerializer\a6624b0e2a0ab40ffd491b1f359d1925\PCGPrestoSerializer.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\6d68137015c2f2af3690e8db2b074a1c\Ionic.Zip.Reduced.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\e0bea4002abd11ad16ef20204e5b4b25\Newtonsoft.Json.Net35.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGFramework\3bc304e31c932f35056fe1955f1dc1ad\PCGFramework.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\b9a512b1a0ff08637e94b4cc62a1fecb\System.Data.Linq.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\2cbdbc8bb7fcf0d7eb7a8d616e141d79\System.Core.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll ()

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll ()

MOD - C:\Program Files\Soluto\PCGDllExportInspector.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_sv_b77a5c561934e089\mscorlib.resources.dll ()

MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_sv_b77a5c561934e089\System.resources.dll ()

MOD - C:\Program Files\TouchFreeze\TouchFreeze.exe ()

MOD - C:\Program Files\TouchFreeze\TouchFreeze.dll ()

MOD - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll ()

MOD - C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe ()

 

 

========== Services (SafeList) ==========

 

SRV - (TestHandler) -- C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe File not found

SRV - (Scheduler) -- File not found

SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe File not found

SRV - (vToolbarUpdater14.1.7) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.1.7\ToolbarUpdater.exe ()

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (SolutoLauncherService) -- C:\Program Files\Soluto\SolutoLauncherService.exe (Soluto)

SRV - (SolutoService) -- C:\Program Files\Soluto\SolutoService.exe (Soluto)

SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)

SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)

SRV - (EmotumMBBSvc) -- C:\Program Files\Emotum\Mobile Broadband Service\mbbsvc.exe ()

SRV - (ESUSClient_DNA) -- C:\Program Files\DNA\ESUS_DNA\ESUS_DNA.exe ()

SRV - (AutostoreSG) -- C:\Program Files\Storegate\Autostore\AutoStoreSvc.exe (Storegate AB)

SRV - (NvtlService) -- C:\Program Files\Emotum\Mobile Broadband Service\NvtlSrvr.exe ()

SRV - (NNFSVC) -- C:\Program Files\Norman\Ngs\Bin\Nnf.exe (Norman ASA)

SRV - (MatSvc) -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)

SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (ASKUpgrade) -- C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe ()

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()

 

 

========== Driver Services (SafeList) ==========

 

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (nvcfsr) -- File not found

DRV - (nregsec) -- File not found

DRV - (NGS) -- File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (GEARAspiWDM) -- System32\Drivers\GEARAspiWDM.sys File not found

DRV - (cpuz135) -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys File not found

DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found

DRV - (ASPI32) -- File not found

DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)

DRV - (Soluto) -- C:\Windows\System32\drivers\Soluto.sys (Soluto LTD.)

DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)

DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)

DRV - (RRNetCapMP) -- C:\Windows\System32\drivers\rrnetcap.sys (RapidSolution Software AG)

DRV - (RRNetCap) -- C:\Windows\System32\drivers\rrnetcap.sys (RapidSolution Software AG)

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)

DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)

DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)

DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)

DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)

DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)

DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)

DRV - (UnlockerDriver5) -- C:\Program Files\Unlocker\UnlockerDriver5.sys ()

DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)

DRV - (ew_usbenumfilter) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)

DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)

DRV - (tapvpn) -- C:\Windows\System32\drivers\tapvpn.sys (The OpenVPN Project)

DRV - (nvatabus) -- C:\Windows\System32\drivers\nvatabus.sys (NVIDIA Corporation)

DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)

DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )

DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)

DRV - (amdide) -- C:\Windows\System32\drivers\amdide.sys (Advanced Micro Devices)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0F0AtA0DtA0FtCzyzzyCtN0D0Tzu0CtAtCtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1666820113'>http://searchfunmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0F0AtA0DtA0FtCzyzzyCtN0D0Tzu0CtAtCtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1666820113

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4'>http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4

IE - HKLM\..\URLSearchHook: {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeFi.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {6dabbda0-1da5-4a2f-bc89-2ae084c572fa} - C:\Program Files\ToggleSW\prxtbTog2.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)

IE - HKLM\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)

IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2088752'>http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2088752

IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0F0AtA0DtA0FtCzyzzyCtN0D0Tzu0CtAtCtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1666820113'>http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0F0AtA0DtA0FtCzyzzyCtN0D0Tzu0CtAtCtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1666820113

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = file:///C:/Users/Bert/Documents/My [binary data over 200 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0F0AtA0DtA0FtCzyzzyCtN0D0Tzu0CtAtCtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1666820113

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook: {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeFi.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {6dabbda0-1da5-4a2f-bc89-2ae084c572fa} - C:\Program Files\ToggleSW\prxtbTog2.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)

IE - HKCU\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=ironto&s={searchTerms}&f=4

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNA

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={A4CEFB9D-395D-4642-9B4D-6EC26C4E6BD8}&mid=ac132093505147d1bca3d14a4b97a697-449aa8dabaf5ef05dda7c9d1865ccd405a7bf01b&lang=en&ds=ts024&pr=sa&d=2012-02-23 21:13:42&v=12.2.5.32&sap=dsp&q={searchTerms}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2088752

IE - HKCU\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0F0AtA0DtA0FtCzyzzyCtN0D0Tzu0CtAtCtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1666820113

IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=UT2

IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/?search={searchTerms}&loc=search_box

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: "Funmoods"

FF - prefs.js..browser.search.defaultthis.engineName: "Learn10 Customized Web Search"

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.selectedEngine: "Funmoods"

FF - prefs.js..browser.startup.homepage: "http://searchfunmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0F0AtA0DtA0FtCzyzzyCtN0D0Tzu0CtAtCtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1666820113"

FF - prefs.js..extensions.enabledItems: {DCBD1271-D228-4082-9FBC-36D9B7660B03}:1.1.9.1

FF - prefs.js..extensions.enabledItems: {e1170235-2845-420c-acc3-42261a29dd46}:4.0.1

FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42

FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0

FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.0.0

FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.3

FF - prefs.js..extensions.enabledItems: {28197867-b1ef-4140-8e3b-55c45b9c8460}:2.5.5

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: {189a3550-6eb1-4108-9045-3340abb2e79f}:2.7.1.3

FF - prefs.js..network.proxy.type: 2

FF - prefs.js..browser.startup.homepage: "file:///C:/Users/Bert/Documents/My%20Dropbox/Diverse/TVVECKA.HTM"

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "AVG Secure Search"

FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "AVG Secure Search"

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2189212&SearchSource=3&q={searchTerms}"

FF - prefs.js..keyword.URL: "http://searchfunmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0F0AtA0DtA0FtCzyzzyCtN0D0Tzu0CtAtCtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1666820113&q="

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.1.7\\npsitesafety.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bert\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bert\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010.03.06 08:23:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.1.0.10 [2013.02.11 08:05:49 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.11.10 15:51:45 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.01.09 21:33:17 | 000,000,000 | ---D | M]

 

[2009.09.14 07:14:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bert\AppData\Roaming\mozilla\Extensions

[2009.06.01 08:29:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\extensions

[2009.06.01 08:29:38 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

[2012.11.05 17:38:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions

[2010.07.28 08:25:38 | 000,000,000 | ---D | M] (Learn10 Toolbar) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{189a3550-6eb1-4108-9045-3340abb2e79f}

[2010.04.27 20:06:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010.04.08 10:09:32 | 000,000,000 | ---D | M] (Integrated Gmail) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}

[2010.02.18 14:35:25 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}

[2010.01.29 09:41:58 | 000,000,000 | ---D | M] () -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03}

[2010.01.22 14:15:36 | 000,000,000 | ---D | M] (Clipmarks) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{e1170235-2845-420c-acc3-42261a29dd46}

[2011.04.02 21:23:55 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\ffxtlbr@Facemoods.com

[2012.11.05 17:38:43 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\ffxtlbr@funmoods.com

[2012.11.02 18:45:13 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\plugin@yontoo.com

[2012.11.02 18:43:02 | 000,213,316 | ---- | M] () (No name found) -- C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\extensions\torntv@torntv.com.xpi

[2010.10.10 16:46:56 | 000,004,669 | ---- | M] () (No name found) -- C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\extensions\ffxtlbr@Facemoods.com\content\xpiInstallLgc.js

[2010.06.12 07:11:40 | 000,000,917 | ---- | M] () -- C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\searchplugins\conduit.xml

[2012.11.05 17:38:42 | 000,000,783 | ---- | M] () -- C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\searchplugins\Funmoods.xml

[2012.11.02 18:45:01 | 000,003,993 | ---- | M] () -- C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\searchplugins\sweetim.xml

[2010.10.24 08:58:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2010.05.19 06:53:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010.03.06 08:23:21 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX

File not found (No name found) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION

File not found (No name found) -- C:\PROGRAM FILES\PRICEGONG\2.0.0\FF

[2010.05.19 06:52:43 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011.04.02 21:24:02 | 000,002,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml

 

========== Chrome ==========

 

CHR - homepage: file:///C:/Users/Bert/Documents/My%20Dropbox/Diverse/TVVECKA.HTM

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},

CHR - homepage: file:///C:/Users/Bert/Documents/My%20Dropbox/Diverse/TVVECKA.HTM

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Bert\AppData\Local\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Bert\AppData\Local\Google\Chrome\Application\24.0.1312.57\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Bert\AppData\Local\Google\Chrome\Application\24.0.1312.57\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

CHR - plugin: NPLastPass (Enabled) = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\1.90.7_0\nplastpass.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Google Earth Plugin (Disabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Disabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll

CHR - plugin: Windows Presentation Foundation (Disabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Shockwave for Director (Disabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Disabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Disabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll

CHR - plugin: RealJukebox NS Plugin (Disabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll

CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\npsitesafety.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll

CHR - Extension: YouTube = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: S\u00F6k p\u00E5 Google = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: LastPass = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.21_0\

CHR - Extension: avast! WebRep = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\

CHR - Extension: Google Dictionary (by Google) = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\

CHR - Extension: Google Mail Checker = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\

CHR - Extension: Gmail = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

CHR - Extension: YouTube = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: S\u00F6k p\u00E5 Google = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: LastPass = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.21_0\

CHR - Extension: avast! WebRep = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\

CHR - Extension: Google Dictionary (by Google) = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\

CHR - Extension: Google Mail Checker = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\

CHR - Extension: Gmail = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

 

O1 HOSTS File: ([2010.02.07 09:58:33 | 000,000,766 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (WeFiBar Toolbar) - {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeFi.dll (Conduit Ltd.)

O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll (facemoods.com BHO)

O2 - BHO: (ToggleSW Toolbar) - {6dabbda0-1da5-4a2f-bc89-2ae084c572fa} - C:\Program Files\ToggleSW\prxtbTog2.dll (Conduit Ltd.)

O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (SecureBrowsingBho Helper) - {7632ABCA-B104-4fbc-9C70-419C4147061B} - C:\Program Files\Finjan Secure Browsing\bho.dll (Finjan LTD)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll ()

O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Inc.)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)

O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)

O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)

O3 - HKLM\..\Toolbar: (WeFiBar Toolbar) - {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeFi.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (ToggleSW Toolbar) - {6dabbda0-1da5-4a2f-bc89-2ae084c572fa} - C:\Program Files\ToggleSW\prxtbTog2.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll ()

O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods)

O3 - HKLM\..\Toolbar: (Finjan Secure Browsing) - {B99F805C-F0B1-48EA-8C8B-753BFCBED913} - C:\Program Files\Finjan Secure Browsing\bho.dll (Finjan LTD)

O3 - HKLM\..\Toolbar: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll (facemoods.com)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)

O3 - HKCU\..\Toolbar\WebBrowser: (WeFiBar Toolbar) - {0B876028-B388-4F6D-922F-F52FAEC8535F} - C:\Program Files\WeFiBar\tbWeFi.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)

O3 - HKCU\..\Toolbar\WebBrowser: (ToggleSW Toolbar) - {6DABBDA0-1DA5-4A2F-BC89-2AE084C572FA} - C:\Program Files\ToggleSW\prxtbTog2.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Finjan Secure Browsing) - {B99F805C-F0B1-48EA-8C8B-753BFCBED913} - C:\Program Files\Finjan Secure Browsing\bho.dll (Finjan LTD)

O3 - HKCU\..\Toolbar\WebBrowser: (Hotspot Shield Toolbar) - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()

O4 - HKCU..\Run: [] File not found

O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKCU..\Run: [TouchFreeze] C:\Program Files\TouchFreeze\TouchFreeze.exe ()

O4 - Startup: C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: LastPass - file://C:\Program Files\LastPass\context.html?cmd=lastpass File not found

O8 - Extra context menu item: LastPass-formulärifyllning - file://C:\Program Files\LastPass\context.html?cmd=fillforms File not found

O9 - Extra 'Tools' menuitem : &Inställningar i Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

O9 - Extra Button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx (ArmHelper Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.241.198.245 62.241.198.246

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{162E8F81-5FA2-48D3-84F0-9172F6B4ED15}: DhcpNameServer = 62.241.198.245 62.241.198.246

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AE064AB-9DB5-427E-A28F-F3DAB149864E}: DhcpNameServer = 62.241.198.246 62.241.198.245

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B43052A3-87EF-483C-9AA7-9037F3585DF4}: DhcpNameServer = 62.241.198.245 62.241.198.246

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8F7EE34-1973-414A-8695-04A615796CDE}: DhcpNameServer = 62.241.198.245 62.241.198.246

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll ()

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)

O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\fsc_wallpaper1.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\fsc_wallpaper1.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{149ccb29-04a1-11dd-834d-00030d734f64}\Shell - "" = AutoRun

O33 - MountPoints2\{19fbb060-c43c-11e1-9ce1-00030d734f64}\Shell - "" = AutoRun

O33 - MountPoints2\{19fbb060-c43c-11e1-9ce1-00030d734f64}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{19fbb07d-c43c-11e1-9ce1-001e101f8aaa}\Shell - "" = AutoRun

O33 - MountPoints2\{19fbb07d-c43c-11e1-9ce1-001e101f8aaa}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{4e78a42e-8fca-11e1-8785-00030d734f64}\Shell - "" = AutoRun

O33 - MountPoints2\{4e78a42e-8fca-11e1-8785-00030d734f64}\Shell\AutoRun\command - "" = F:\application\Nokia_Internet_Modem.exe

O33 - MountPoints2\{55b7c421-cc47-11e1-b1c7-001e101f8924}\Shell - "" = AutoRun

O33 - MountPoints2\{55b7c421-cc47-11e1-b1c7-001e101f8924}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{d8a5c2b9-cb4c-11e1-ba68-001e101fa1f5}\Shell - "" = AutoRun

O33 - MountPoints2\{d8a5c2b9-cb4c-11e1-ba68-001e101fa1f5}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{d8a5c2c9-cb4c-11e1-ba68-00030d734f64}\Shell - "" = AutoRun

O33 - MountPoints2\{d8a5c2c9-cb4c-11e1-ba68-00030d734f64}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{da76e518-cb56-11e1-b711-00030d734f64}\Shell - "" = AutoRun

O33 - MountPoints2\{da76e518-cb56-11e1-b711-00030d734f64}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{da76e52a-cb56-11e1-b711-001e101f2c0e}\Shell - "" = AutoRun

O33 - MountPoints2\{da76e52a-cb56-11e1-b711-001e101f2c0e}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{f2b6f772-c591-11e1-a7f8-001e101f57d0}\Shell - "" = AutoRun

O33 - MountPoints2\{f2b6f772-c591-11e1-a7f8-001e101f57d0}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{f3ecca91-db1f-11e1-9128-001e101f9843}\Shell - "" = AutoRun

O33 - MountPoints2\{f3ecca91-db1f-11e1-9128-001e101f9843}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\G\Shell - "" = AutoRun

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2013.02.13 17:58:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bert\Desktop\OTL.exe

[2013.02.13 16:24:45 | 000,000,000 | ---D | C] -- C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanMem

[2013.02.13 16:24:42 | 000,000,000 | ---D | C] -- C:\Windows\CleanMem

[2013.02.13 16:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\CleanMem

[2013.02.13 09:17:02 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2013.02.13 09:16:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2013.02.13 09:16:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2013.02.13 09:16:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2013.02.13 09:16:58 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2013.02.13 09:16:55 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2013.02.13 09:16:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2013.02.13 09:16:52 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2013.02.13 08:14:33 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2013.02.13 08:14:31 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2013.02.13 08:14:21 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2013.02.13 08:14:21 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2013.02.05 08:09:41 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2013.02.05 08:08:32 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2013.02.05 08:08:32 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2013.02.05 08:08:32 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2013.01.17 17:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[2013.01.17 17:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN

[2013.01.17 16:19:10 | 000,000,000 | ---D | C] -- C:\Users\Bert\AppData\Roaming\vlc

[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2013.02.13 18:26:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013.02.13 18:18:26 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job

[2013.02.13 18:18:01 | 000,000,982 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013.02.13 18:11:11 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-164467782-455546942-1231415452-1000UA.job

[2013.02.13 18:10:13 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job

[2013.02.13 18:09:43 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013.02.13 18:09:43 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013.02.13 18:09:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.02.13 17:58:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bert\Desktop\OTL.exe

[2013.02.13 17:57:00 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library8.Full.job

[2013.02.13 17:17:05 | 000,000,187 | ---- | M] () -- C:\Windows\System32\CleanMem.ini

[2013.02.13 17:15:16 | 000,000,020 | ---- | M] () -- C:\Windows\cmm.dat

[2013.02.13 15:34:10 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-164467782-455546942-1231415452-1000Core.job

[2013.02.13 11:42:50 | 000,002,048 | ---- | M] () -- C:\Windows\MKDEWE.TRN

[2013.02.13 09:38:07 | 000,376,736 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013.02.13 09:12:35 | 000,606,388 | ---- | M] () -- C:\Windows\System32\perfh01D.dat

[2013.02.13 09:12:35 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013.02.13 09:12:35 | 000,120,758 | ---- | M] () -- C:\Windows\System32\perfc01D.dat

[2013.02.13 09:12:35 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013.02.11 08:03:45 | 000,033,112 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys

[2013.02.10 20:51:48 | 000,002,043 | ---- | M] () -- C:\Users\Bert\Desktop\Google Chrome.lnk

[2013.02.10 19:44:00 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library5.Full.job

[2013.02.10 19:07:00 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library9.Full.job

[2013.02.09 18:07:57 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Blommor.Incremental.job

[2013.02.09 18:07:56 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library9.Incremental.job

[2013.02.09 18:07:56 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Elräkning.Full.job

[2013.02.08 18:01:00 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library6.Full.job

[2013.02.08 17:59:00 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library4.Incremental.job

[2013.02.08 17:52:00 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Blommor.Full.job

[2013.02.08 13:09:43 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2013.02.08 13:09:43 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2013.02.07 17:58:00 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library3.Incremental.job

[2013.02.07 17:54:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Elräkning.Incremental.job

[2013.02.06 18:07:00 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Lotus.Full.job

[2013.02.06 18:01:00 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library6.Incremental.job

[2013.02.05 08:08:13 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2013.02.05 08:07:58 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2013.02.05 08:07:58 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2013.02.05 08:07:57 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2013.02.05 08:07:54 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll

[2013.02.05 08:07:54 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll

[2013.02.04 16:19:49 | 000,002,377 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2013.02.04 14:23:42 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini

[2013.02.04 14:23:40 | 000,247,808 | ---- | M] () -- C:\Users\Bert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013.02.04 09:17:24 | 000,002,045 | ---- | M] () -- C:\Users\Bert\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013.02.04 09:09:29 | 000,000,956 | ---- | M] () -- C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2013.01.22 20:48:51 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Opera diverse.Full.job

[2013.01.22 20:48:51 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Lotus.Incremental.job

[2013.01.22 20:48:51 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library3.Full.job

[2013.01.17 17:11:31 | 000,000,865 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2013.01.17 01:28:58 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

[2013.01.14 20:05:33 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library5.Incremental.job

[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2013.02.13 17:15:16 | 000,000,020 | ---- | C] () -- C:\Windows\cmm.dat

[2013.02.04 09:09:29 | 000,000,956 | ---- | C] () -- C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2013.01.17 17:11:31 | 000,000,865 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2013.01.03 17:10:45 | 001,904,343 | ---- | C] () -- C:\Users\Bert\Stieg Larsson - Uomini Che Odiano Le Donne.pdf

[2012.12.23 12:36:17 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT

[2012.11.05 17:39:01 | 000,290,500 | ---- | C] () -- C:\Users\Bert\AppData\Local\funmoods-speeddial_sf.crx

[2012.11.05 17:38:55 | 000,031,465 | ---- | C] () -- C:\Users\Bert\AppData\Local\funmoods.crx

[2012.07.24 08:51:35 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI

[2012.07.22 15:32:17 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Screen Savers

[2012.07.22 15:32:17 | 000,000,268 | RH-- | C] () -- C:\Users\Bert\AppData\Roaming\Sampler Files

[2012.07.22 15:32:17 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT

[2012.07.22 15:32:17 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Standard

[2012.07.22 15:30:11 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Scripts Menu

[2012.07.22 15:30:11 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Screen Saver

[2012.07.22 15:30:11 | 000,000,268 | RH-- | C] () -- C:\Users\Bert\AppData\Roaming\Sampler Instruments

[2012.07.22 15:30:11 | 000,000,268 | RH-- | C] () -- C:\Users\Bert\AppData\Roaming\Sampler

[2012.07.22 15:30:11 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT

[2012.07.22 15:30:11 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT

[2012.07.22 15:30:11 | 000,000,012 | RH-- | C] () -- C:\ProgramData\StartupItems

[2012.07.22 15:30:11 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Speech Enhancer

[2012.07.04 22:31:48 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe

[2012.06.24 11:30:11 | 000,158,208 | ---- | C] () -- C:\Windows\System32\AI_VideoConverterContextMenu.dll

[2012.06.04 18:25:46 | 000,000,669 | ---- | C] () -- C:\Windows\MyHeritage.INI

[2012.06.04 18:23:59 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll

[2012.05.31 16:43:30 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

[2012.05.20 10:21:18 | 000,131,176 | ---- | C] () -- C:\Windows\System32\mp3gain.exe

[2012.05.20 10:21:18 | 000,086,016 | ---- | C] () -- C:\Windows\System32\akrip32.dll

[2012.05.20 10:21:15 | 000,307,200 | ---- | C] () -- C:\Windows\System32\Mp3Ctrl.dll

[2012.05.20 10:21:13 | 000,003,180 | ---- | C] () -- C:\Users\Bert\AppData\Local\ZortamMp3MediaStudio.iss

[2012.01.23 16:59:21 | 000,000,029 | ---- | C] () -- C:\Windows\DEBUGSM.INI

[2012.01.19 20:29:24 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat

[2011.07.11 20:00:15 | 000,000,090 | ---- | C] () -- C:\Windows\System32\ftm31.dat

[2011.06.18 18:28:43 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini

[2011.04.02 07:38:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2011.04.02 07:36:53 | 000,176,214 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2011.03.27 15:39:57 | 000,000,254 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2010.03.30 12:03:26 | 000,000,680 | ---- | C] () -- C:\Users\Bert\AppData\Local\d3d9caps.dat

[2009.01.28 15:00:31 | 001,026,656 | ---- | C] () -- C:\Users\Bert\vb5run.zip

[2009.01.28 14:57:49 | 000,094,909 | ---- | C] () -- C:\Users\Bert\econv.zip

[2008.04.11 10:11:22 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat

[2008.04.08 12:58:09 | 000,000,000 | ---- | C] () -- C:\Users\Bert\AppData\Roaming\wklnhst.dat

[2008.04.02 21:22:11 | 000,247,808 | ---- | C] () -- C:\Users\Bert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008.04.02 09:46:04 | 004,194,304 | ---- | C] () -- C:\Users\Bert\NTUSER.bak

 

========== ZeroAccess Check ==========

 

[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== LOP Check ==========

 

[2008.04.04 07:53:06 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\AD ON Multimedia

[2012.06.24 11:30:36 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Aimersoft Video Converter Std

[2012.04.17 13:47:47 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Audacity

[2008.05.21 18:27:58 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Autodesk

[2009.02.05 16:28:38 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Columbus Soft

[2012.07.05 05:46:46 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\cspa

[2012.05.18 09:28:19 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Digiarty

[2012.10.26 10:04:50 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Diino

[2013.02.13 18:12:57 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Dropbox

[2009.01.15 18:15:47 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\EPSON

[2011.03.21 08:18:11 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Firetrust

[2008.04.04 07:53:05 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\FreeCommander

[2008.04.11 13:21:24 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Goodsol

[2008.11.19 13:04:22 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\GrassGames

[2013.02.07 17:18:12 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\iPodder

[2008.04.12 08:08:37 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Local

[2012.10.06 09:16:34 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\M8 Software

[2013.02.12 10:20:53 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\MailWasherPro

[2012.06.04 18:31:38 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\MyHeritage

[2010.05.26 11:53:04 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\New Tier

[2012.07.24 08:44:43 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Nikon

[2012.03.04 17:34:34 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Nokia

[2009.11.26 11:03:59 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Nokia Ovi Suite

[2012.01.06 18:43:38 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Nokia Suite

[2012.03.31 08:55:19 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Notepad++

[2009.02.05 21:18:33 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Noteworthy Software

[2009.03.04 08:57:11 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\OpenOffice.org

[2012.01.06 15:26:44 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Opera

[2009.04.01 19:49:08 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\PC Suite

[2008.04.09 11:59:08 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Qualcomm

[2009.03.31 08:17:26 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\QuickScan

[2009.02.05 17:41:05 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Scoretec

[2012.06.30 08:29:47 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Softland

[2012.05.31 17:52:18 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Soluto

[2012.06.24 10:53:33 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Sound Editor Pro

[2008.10.25 12:46:50 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\SpinTop

[2010.08.18 11:29:58 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Stardock

[2009.06.15 08:38:15 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\StreamTorrent

[2012.04.11 09:34:30 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\SuperUtils.com

[2009.08.20 11:36:39 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\System Tweaker

[2012.02.29 17:27:56 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\SystemRequirementsLab

[2011.11.26 08:47:23 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\TeamViewer

[2009.07.22 16:27:50 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\TellJack.ECEEB4FB867C407E2A221A102A5A5A4FE268EE6C.1

[2008.04.08 12:58:11 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Template

[2012.06.04 18:23:58 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\The Complete Genealogy Reporter - FTB

[2012.01.19 12:40:01 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Thunderbird

[2012.07.15 08:05:15 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\TV-Browser

[2010.02.07 09:45:40 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Uniblue

[2010.01.28 16:15:17 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\UseNeXT

[2013.01.02 21:18:26 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\uTorrent

[2012.05.27 10:19:31 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\XUSSoft

[2013.01.02 19:59:39 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\YCanPDF

[2008.09.04 08:54:40 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Överföringsmapp för HP Share-to-Web

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:0FD841FF

@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:DA18FD1D

@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:08388108

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:88050731

@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:EBC2DB92

@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:4B7BEAFF

@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:211ED887

 

< End of report >

Länk till kommentar
Dela på andra webbplatser

Avinstallera följande i Kontrollpanelens lista över installerade program (vissa kanske inte finns med där):

Learn10 Toolbar pga http://www.systemlookup.com/CLSID/61644-tbLear_dll_tbLea0_dll_tbLea1_dll.html

PriceGong http://www.systemlookup.com/FF_Extensions/447-PriceGong.html

Ask Toolbar http://www.systemlookup.com/CLSID/19521-A5SRCHAS_DLL.html

AskBar http://www.systemlookup.com/CLSID/20564-askBar_dll_askBar2_dll_askBar_dll.html

Facemoods http://www.systemlookup.com/CLSID/65761-escort_dll_facemoods_dll.html

Funmoods http://www.systemlookup.com/CLSID/74553-funmoods_dll_escort_dll.html

Yontoo http://www.systemlookup.com/CLSID/56875-YontooIEClient_dll_YontooIEClient_2_dll.html

TornTV http://www.systemlookup.com/FF_Extensions/2690-torntv_torntv_com_xpi.html

WeFiBar Toolbar http://www.systemlookup.com/CLSID/58309-tbWeFi_dll_tbWeF0_dll_tbWeF1_dll.html

ToggleSW Toolbar http://www.systemlookup.com/CLSID/58315-tbTogg_dll_tbTog0_dll_tbTog1_dll.html

AVG Security Toolbar http://www.systemlookup.com/CLSID/73582-AVG_Secure_Search_toolbar_dll.html

Hotspot Shield Toolbar http://www.systemlookup.com/CLSID/52901-tbHots_dll_tbHot0_dll_tbHot1_dll_tbHot2_dll_prxtbHots_dll_prxtbHot0_dll_prxtbHot1_dll_prxtbHot2_dll.html

IncrediMail MediaBar 2 Toolbar http://www.systemlookup.com/CLSID/73833-tbIncr_dll_tbInc0_dll_tbInc1_dll_tbInc2_dll_prxtbIncr_dll_prxtbInc0_dll_prxtbInc1_dll_prxtbInc2_dll.html

 

 

Det finns rester av Norman och AVG antivirus. Kör deras särskilda städprogram:

AVG Remover(32bit) http://www.avg.com/us-en/utilities

http://forum.norman.com/showthread.php?tid=2626

 

Starta om datorn.

 

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram så att de inte krockar med OTL.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

 

Starta programmet OTL (i Vista/Windows7 högerklicka och välj Kör som administratör).

Kopiera alla raderna i rutan:

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmood...E&cr=1666820113
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoo...earchTerms}&f=4
IE - HKLM\..\URLSearchHook: {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeFi.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {6dabbda0-1da5-4a2f-bc89-2ae084c572fa} - C:\Program Files\ToggleSW\prxtbTog2.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2088752
IE - HKLM\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmood...E&cr=1666820113
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchfunmood...E&cr=1666820113
IE - HKCU\..\URLSearchHook: {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeFi.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {6dabbda0-1da5-4a2f-bc89-2ae084c572fa} - C:\Program Files\ToggleSW\prxtbTog2.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)
IE - HKCU\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoo...earchTerms}&f=4
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....sa&d=2012-02-23 21:13:42&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2088752
IE - HKCU\..\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}: "URL" = http://searchfunmood...E&cr=1666820113
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.c...m=1&toolbar=UT2
FF - prefs.js..browser.search.defaultenginename: "Funmoods"
FF - prefs.js..browser.search.defaultthis.engineName: "Learn10 Customized Web Search"
FF - prefs.js..browser.search.selectedEngine: "Funmoods"
FF - prefs.js..browser.startup.homepage: "http://searchfunmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0F0AtA0DtA0FtCzyzzyCtN0D0Tzu0CtAtCtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1666820113"
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.0.0
FF - prefs.js..extensions.enabledItems: {189a3550-6eb1-4108-9045-3340abb2e79f}:2.7.1.3
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2189212&SearchSource=3&q={searchTerms}"
FF - prefs.js..keyword.URL: "http://searchfunmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0F0AtA0DtA0FtCzyzzyCtN0D0Tzu0CtAtCtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1666820113&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
[2009.06.01 08:29:38 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.07.28 08:25:38 | 000,000,000 | ---D | M] (Learn10 Toolbar) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{189a3550-6eb1-4108-9045-3340abb2e79f}
[2011.04.02 21:23:55 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\ffxtlbr@Facemoods.com
[2012.11.05 17:38:43 | 000,000,000 | ---D | M] (Funmoods.com) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\ffxtlbr@funmoods.com
[2012.11.02 18:45:13 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\plugin@yontoo.com
[2012.11.02 18:43:02 | 000,213,316 | ---- | M] () (No name found) -- C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\extensions\torntv@torntv.com.xpi
[2010.10.10 16:46:56 | 000,004,669 | ---- | M] () (No name found) -- C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\extensions\ffxtlbr@Facemoods.com\content\xpiInstallLgc.js
[2010.06.12 07:11:40 | 000,000,917 | ---- | M] () -- C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\searchplugins\conduit.xml
[2012.11.05 17:38:42 | 000,000,783 | ---- | M] () -- C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\searchplugins\Funmoods.xml
[2012.11.02 18:45:01 | 000,003,993 | ---- | M] () -- C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\searchplugins\sweetim.xml
[2010.05.19 06:53:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.04.02 21:24:02 | 000,002,049 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
O2 - BHO: (WeFiBar Toolbar) - {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeFi.dll (Conduit Ltd.)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (ToggleSW Toolbar) - {6dabbda0-1da5-4a2f-bc89-2ae084c572fa} - C:\Program Files\ToggleSW\prxtbTog2.dll (Conduit Ltd.)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Ask Search Assistant BHO) - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)
O2 - BHO: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3 - HKLM\..\Toolbar: (WeFiBar Toolbar) - {0b876028-b388-4f6d-922f-f52faec8535f} - C:\Program Files\WeFiBar\tbWeFi.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ToggleSW Toolbar) - {6dabbda0-1da5-4a2f-bc89-2ae084c572fa} - C:\Program Files\ToggleSW\prxtbTog2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods)
O3 - HKLM\..\Toolbar: (Hotspot Shield Toolbar) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (WeFiBar Toolbar) - {0B876028-B388-4F6D-922F-F52FAEC8535F} - C:\Program Files\WeFiBar\tbWeFi.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (ToggleSW Toolbar) - {6DABBDA0-1DA5-4A2F-BC89-2AE084C572FA} - C:\Program Files\ToggleSW\prxtbTog2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Hotspot Shield Toolbar) - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files\Hotspot_Shield\tbHot1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [] File not found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll ()
[2013.02.13 18:10:13 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2012.11.05 17:39:01 | 000,290,500 | ---- | C] () -- C:\Users\Bert\AppData\Local\funmoods-speeddial_sf.crx
[2012.11.05 17:38:55 | 000,031,465 | ---- | C] () -- C:\Users\Bert\AppData\Local\funmoods.crx
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:0FD841FF
@Alternate Data Stream - 96 bytes -> C:\ProgramData\TEMP:DA18FD1D
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:08388108
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:88050731
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:EBC2DB92
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:4B7BEAFF
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:211ED887
:Commands
[CREATERESTOREPOINT]
[REBOOT]

Klistra in dem i rutan Custom Scans/Fixes. Kontrollera att det ser exakt likadant ut, t ex när det gäller radbrytningar.

Tryck på Run Fix.

Om du blir tillfrågad om att starta om datorn så gör det.

Det kommer upp en logg i Anteckningar. Kopiera den och klistra in i ditt svar.

 

Om den inte kommer automatiskt så hittar du den i mappen c:\_OTL\Moved Files med ett namn som innehåller dagens datum och klockslaget för körningen.

 

Se till att aktivera antivirusprogram mm innan du ansluter datorn till internet.

Länk till kommentar
Dela på andra webbplatser

Hur gör jag för att kunna bifoga Extras.txt. Jag klickade Bläddra och valde filen, klickade öppna och skickade, trodde jag. Kom filen fram?

Länk till kommentar
Dela på andra webbplatser

Här kommer logfilen:

 

 

========== OTL ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0b876028-b388-4f6d-922f-f52faec8535f}\ not found.

File C:\Program Files\WeFiBar\tbWeFi.dll not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6dabbda0-1da5-4a2f-bc89-2ae084c572fa}\ not found.

File C:\Program Files\ToggleSW\prxtbTog2.dll not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\ not found.

File C:\Program Files\Hotspot_Shield\tbHot1.dll not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\ not found.

File C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll not found.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}\ not found.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{0b876028-b388-4f6d-922f-f52faec8535f} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0b876028-b388-4f6d-922f-f52faec8535f}\ not found.

File C:\Program Files\WeFiBar\tbWeFi.dll not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{6dabbda0-1da5-4a2f-bc89-2ae084c572fa} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6dabbda0-1da5-4a2f-bc89-2ae084c572fa}\ not found.

File C:\Program Files\ToggleSW\prxtbTog2.dll not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{9CB65206-89C4-402c-BA80-02D8C59F9B1D} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CB65206-89C4-402c-BA80-02D8C59F9B1D}\ not found.

File C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c95a4e8e-816d-4655-8c79-d736da1adb6d} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\ not found.

File C:\Program Files\Hotspot_Shield\tbHot1.dll not found.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\ not found.

File C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found.

Prefs.js: "Funmoods" removed from browser.search.defaultenginename

Prefs.js: "Learn10 Customized Web Search" removed from browser.search.defaultthis.engineName

Prefs.js: "Funmoods" removed from browser.search.selectedEngine

Prefs.js: "http://searchfunmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0F0AtA0DtA0FtCzyzzyCtN0D0Tzu0CtAtCtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1666820113" removed from browser.startup.homepage

Prefs.js: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.0.0 removed from extensions.enabledItems

Prefs.js: {189a3550-6eb1-4108-9045-3340abb2e79f}:2.7.1.3 removed from extensions.enabledItems

Prefs.js: "AVG Secure Search" removed from sweetim.toolbar.previous.browser.search.defaultenginename

Prefs.js: "AVG Secure Search" removed from sweetim.toolbar.previous.browser.search.selectedEngine

Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2189212&SearchSource=3&q={searchTerms}" removed from sweetim.toolbar.previous.browser.search.defaulturl

Prefs.js: "http://searchfunmoods.com/?f=1&a=fmtgl&chnl=fmtgl&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0F0AtA0DtA0FtCzyzzyCtN0D0Tzu0CtAtCtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1666820113&q=" removed from keyword.URL

Prefs.js: "" removed from sweetim.toolbar.previous.keyword.URL

Folder C:\Users\Bert\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\ not found.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{189a3550-6eb1-4108-9045-3340abb2e79f}\searchplugin folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{189a3550-6eb1-4108-9045-3340abb2e79f}\META-INF folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{189a3550-6eb1-4108-9045-3340abb2e79f}\lib folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{189a3550-6eb1-4108-9045-3340abb2e79f}\defaults folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{189a3550-6eb1-4108-9045-3340abb2e79f}\components folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{189a3550-6eb1-4108-9045-3340abb2e79f}\chrome folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{189a3550-6eb1-4108-9045-3340abb2e79f} folder moved successfully.

Folder C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\ffxtlbr@Facemoods.com\ not found.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\ffxtlbr@funmoods.com\META-INF folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\ffxtlbr@funmoods.com\content\imgs\flgs folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\ffxtlbr@funmoods.com\content\imgs folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\ffxtlbr@funmoods.com\content\images folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\ffxtlbr@funmoods.com\content folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\ffxtlbr@funmoods.com folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\plugin@yontoo.com\skin folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\plugin@yontoo.com\META-INF folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\plugin@yontoo.com\locale\en-US folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\plugin@yontoo.com\locale folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\plugin@yontoo.com\defaults\preferences folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\plugin@yontoo.com\defaults folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\plugin@yontoo.com\content folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\plugin@yontoo.com folder moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\extensions\torntv@torntv.com.xpi moved successfully.

File C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\extensions\ffxtlbr@Facemoods.com\content\xpiInstallLgc.js not found.

C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\searchplugins\conduit.xml moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\searchplugins\Funmoods.xml moved successfully.

C:\Users\Bert\AppData\Roaming\mozilla\firefox\profiles\nyfncvtt.default\searchplugins\sweetim.xml moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\locale folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome\content folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\chrome folder moved successfully.

C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} folder moved successfully.

C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0b876028-b388-4f6d-922f-f52faec8535f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0b876028-b388-4f6d-922f-f52faec8535f}\ not found.

File C:\Program Files\WeFiBar\tbWeFi.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.

File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.

C:\Program Files\ConduitEngine\prxConduitEngine.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64182481-4F71-486b-A045-B233BD0DA8FC}\ deleted successfully.

File C:\Program Files\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6dabbda0-1da5-4a2f-bc89-2ae084c572fa}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6dabbda0-1da5-4a2f-bc89-2ae084c572fa}\ not found.

File C:\Program Files\ToggleSW\prxtbTog2.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}\ not found.

File C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.

File C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CB65201-89C4-402c-BA80-02D8C59F9B1D}\ not found.

File C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\ not found.

File C:\Program Files\Hotspot_Shield\tbHot1.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\ not found.

File C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.

C:\Program Files\Yontoo\YontooIEClient.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB1-4EC0-403e-8DD8-394C54984B2C}\ not found.

File C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0b876028-b388-4f6d-922f-f52faec8535f} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0b876028-b388-4f6d-922f-f52faec8535f}\ not found.

File C:\Program Files\WeFiBar\tbWeFi.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.

File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.

File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{6dabbda0-1da5-4a2f-bc89-2ae084c572fa} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6dabbda0-1da5-4a2f-bc89-2ae084c572fa}\ not found.

File C:\Program Files\ToggleSW\prxtbTog2.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.

File C:\Program Files\AVG Secure Search\14.1.0.10\AVG Secure Search_toolbar.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}\ not found.

File C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{c95a4e8e-816d-4655-8c79-d736da1adb6d} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\ not found.

File C:\Program Files\Hotspot_Shield\tbHot1.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}\ not found.

File C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}\ not found.

File C:\Program Files\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{FE063DB9-4EC0-403e-8DD8-394C54984B2C} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403e-8DD8-394C54984B2C}\ not found.

File C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B876028-B388-4F6D-922F-F52FAEC8535F} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B876028-B388-4F6D-922F-F52FAEC8535F}\ not found.

File C:\Program Files\WeFiBar\tbWeFi.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}\ not found.

File C:\Program Files\AskBarDis\bar\bin\askBar.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6DABBDA0-1DA5-4A2F-BC89-2AE084C572FA} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DABBDA0-1DA5-4A2F-BC89-2AE084C572FA}\ not found.

File C:\Program Files\ToggleSW\prxtbTog2.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}\ not found.

File C:\Program Files\Hotspot_Shield\tbHot1.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0}\ not found.

File C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FE063DB9-4EC0-403E-8DD8-394C54984B2C} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}\ not found.

File C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt not found.

File C:\Program Files\AVG Secure Search\vprot.exe not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.

File C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol\ not found.

File C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.1.7\ViProtocol.dll not found.

C:\Windows\Tasks\Wise Care 365.job moved successfully.

C:\Users\Bert\AppData\Local\funmoods-speeddial_sf.crx moved successfully.

C:\Users\Bert\AppData\Local\funmoods.crx moved successfully.

ADS C:\ProgramData\TEMP:0FD841FF deleted successfully.

ADS C:\ProgramData\TEMP:DA18FD1D deleted successfully.

ADS C:\ProgramData\TEMP:08388108 deleted successfully.

ADS C:\ProgramData\TEMP:88050731 deleted successfully.

ADS C:\ProgramData\TEMP:EBC2DB92 deleted successfully.

ADS C:\ProgramData\TEMP:4B7BEAFF deleted successfully.

ADS C:\ProgramData\TEMP:211ED887 deleted successfully.

========== COMMANDS ==========

Restore point Set: OTL Restore Point

 

OTL by OldTimer - Version 3.2.69.0 log created on 02132013_211422

Länk till kommentar
Dela på andra webbplatser

Här kommer dagens logfil:

 

 

OTL logfile created on: 14.2.2013 08:15:13 - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Bert\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000081D | Country: Finland | Language: SVF | Date Format: d.M.yyyy

 

1,87 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 61,22% Memory free

3,98 Gb Paging File | 3,07 Gb Available in Paging File | 77,19% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 91,45 Gb Total Space | 21,86 Gb Free Space | 23,91% Space Free | Partition Type: NTFS

Drive D: | 45,72 Gb Total Space | 30,40 Gb Free Space | 66,50% Space Free | Partition Type: NTFS

 

Computer Name: VISTA | User Name: Bert | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Bert\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Users\Bert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files\Google\Update\1.3.21.124\GoogleCrashHandler.exe (Google Inc.)

PRC - C:\Program Files\Soluto\SolutoLauncherService.exe (Soluto)

PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)

PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)

PRC - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)

PRC - C:\Program Files\DNA\ESUS_DNA\ESUS_DNA.exe ()

PRC - C:\Program Files\Emotum\Mobile Broadband Service\NvtlSrvr.exe ()

PRC - C:\Program Files\Norman\Ngs\Bin\Nnf.exe (Norman ASA)

PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)

PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)

PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)

PRC - C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)

PRC - C:\Program Files\EPSON\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

PRC - C:\Program Files\TouchFreeze\TouchFreeze.exe ()

PRC - C:\program files\casio\photo loader\plauto.exe (CASIO COMPUTER CO.,LTD.)

PRC - C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe ()

PRC - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Program Files\TouchFreeze\TouchFreeze.exe ()

MOD - C:\Program Files\TouchFreeze\TouchFreeze.dll ()

MOD - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll ()

MOD - C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe ()

MOD - C:\Windows\System32\atitmmxx.dll ()

 

 

========== Services (SafeList) ==========

 

SRV - (TestHandler) -- C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe File not found

SRV - (Scheduler) -- File not found

SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe File not found

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (SolutoLauncherService) -- C:\Program Files\Soluto\SolutoLauncherService.exe (Soluto)

SRV - (SolutoService) -- C:\Program Files\Soluto\SolutoService.exe (Soluto)

SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)

SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)

SRV - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)

SRV - (EmotumMBBSvc) -- C:\Program Files\Emotum\Mobile Broadband Service\mbbsvc.exe ()

SRV - (ESUSClient_DNA) -- C:\Program Files\DNA\ESUS_DNA\ESUS_DNA.exe ()

SRV - (AutostoreSG) -- C:\Program Files\Storegate\Autostore\AutoStoreSvc.exe (Storegate AB)

SRV - (NvtlService) -- C:\Program Files\Emotum\Mobile Broadband Service\NvtlSrvr.exe ()

SRV - (NNFSVC) -- C:\Program Files\Norman\Ngs\Bin\Nnf.exe (Norman ASA)

SRV - (MatSvc) -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe (Microsoft Corporation)

SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE ()

 

 

========== Driver Services (SafeList) ==========

 

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found

DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found

DRV - (nvcfsr) -- File not found

DRV - (nregsec) -- File not found

DRV - (NGS) -- File not found

DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found

DRV - (GEARAspiWDM) -- System32\Drivers\GEARAspiWDM.sys File not found

DRV - (cpuz135) -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys File not found

DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found

DRV - (ASPI32) -- File not found

DRV - (Soluto) -- C:\Windows\System32\drivers\Soluto.sys (Soluto LTD.)

DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)

DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)

DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)

DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)

DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)

DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)

DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)

DRV - (RRNetCapMP) -- C:\Windows\System32\drivers\rrnetcap.sys (RapidSolution Software AG)

DRV - (RRNetCap) -- C:\Windows\System32\drivers\rrnetcap.sys (RapidSolution Software AG)

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)

DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)

DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)

DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)

DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)

DRV - (ewusbnet) -- C:\Windows\System32\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)

DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)

DRV - (UnlockerDriver5) -- C:\Program Files\Unlocker\UnlockerDriver5.sys ()

DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)

DRV - (ew_usbenumfilter) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)

DRV - (amdiox86) -- C:\Windows\System32\drivers\amdiox86.sys (Advanced Micro Devices)

DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)

DRV - (tapvpn) -- C:\Windows\System32\drivers\tapvpn.sys (The OpenVPN Project)

DRV - (nvatabus) -- C:\Windows\System32\drivers\nvatabus.sys (NVIDIA Corporation)

DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)

DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )

DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)

DRV - (amdide) -- C:\Windows\System32\drivers\amdide.sys (Advanced Micro Devices)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = file:///C:/Users/Bert/Documents/My [binary data over 200 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SUNA

IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/?search={searchTerms}&loc=search_box

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaultthis.engineName: ""

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.selectedEngine: ""

FF - prefs.js..browser.startup.homepage: ""

FF - prefs.js..extensions.enabledItems: {DCBD1271-D228-4082-9FBC-36D9B7660B03}:1.1.9.1

FF - prefs.js..extensions.enabledItems: {e1170235-2845-420c-acc3-42261a29dd46}:4.0.1

FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42

FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0

FF - prefs.js..extensions.enabledItems:

FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.3

FF - prefs.js..extensions.enabledItems: {28197867-b1ef-4140-8e3b-55c45b9c8460}:2.5.5

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems:

FF - prefs.js..network.proxy.type: 2

FF - prefs.js..browser.startup.homepage: "file:///C:/Users/Bert/Documents/My%20Dropbox/Diverse/TVVECKA.HTM"

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""

FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""

FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""

FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&barid={7C058C96-250C-11E2-8249-00030D734F64}&q="

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Bert\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Bert\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010.03.06 08:23:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.11.10 15:51:45 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.01.09 21:33:17 | 000,000,000 | ---D | M]

 

[2009.09.14 07:14:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bert\AppData\Roaming\mozilla\Extensions

[2013.02.13 21:14:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions

[2010.04.27 20:06:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010.04.08 10:09:32 | 000,000,000 | ---D | M] (Integrated Gmail) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}

[2010.02.18 14:35:25 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}

[2010.01.29 09:41:58 | 000,000,000 | ---D | M] () -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{DCBD1271-D228-4082-9FBC-36D9B7660B03}

[2010.01.22 14:15:36 | 000,000,000 | ---D | M] (Clipmarks) -- C:\Users\Bert\AppData\Roaming\mozilla\Firefox\Profiles\nyfncvtt.default\extensions\{e1170235-2845-420c-acc3-42261a29dd46}

[2013.02.13 21:14:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2010.03.06 08:23:21 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES\GOOGLE\GOOGLE GEARS\FIREFOX

File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

File not found (No name found) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION

File not found (No name found) -- C:\PROGRAM FILES\PRICEGONG\2.0.0\FF

File not found (No name found) -- C:\USERS\BERT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NYFNCVTT.DEFAULT\EXTENSIONS\{189A3550-6EB1-4108-9045-3340ABB2E79F}

[2010.05.19 06:52:43 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

 

========== Chrome ==========

 

CHR - homepage: file:///C:/Users/Bert/Documents/My%20Dropbox/Diverse/TVVECKA.HTM

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},

CHR - homepage: file:///C:/Users/Bert/Documents/My%20Dropbox/Diverse/TVVECKA.HTM

CHR - plugin: Standardprofil (Disabled) = C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll

CHR - plugin: Error reading preferences file

CHR - Extension: YouTube = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Sök på Google = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: LastPass = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.21_0\

CHR - Extension: avast! WebRep = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\

CHR - Extension: Google Dictionary (by Google) = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\

CHR - Extension: Google Mail Checker = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\

CHR - Extension: Gmail = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

CHR - Extension: YouTube = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\

CHR - Extension: Sök på Google = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\

CHR - Extension: LastPass = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.21_0\

CHR - Extension: avast! WebRep = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\

CHR - Extension: Google Dictionary (by Google) = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\

CHR - Extension: Google Mail Checker = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\

CHR - Extension: Gmail = C:\Users\Bert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

 

O1 HOSTS File: ([2010.02.07 09:58:33 | 000,000,766 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (SecureBrowsingBho Helper) - {7632ABCA-B104-4fbc-9C70-419C4147061B} - C:\Program Files\Finjan Secure Browsing\bho.dll (Finjan LTD)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll (Google Inc.)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (Finjan Secure Browsing) - {B99F805C-F0B1-48EA-8C8B-753BFCBED913} - C:\Program Files\Finjan Secure Browsing\bho.dll (Finjan LTD)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Finjan Secure Browsing) - {B99F805C-F0B1-48EA-8C8B-753BFCBED913} - C:\Program Files\Finjan Secure Browsing\bho.dll (Finjan LTD)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)

O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKCU..\Run: [TouchFreeze] C:\Program Files\TouchFreeze\TouchFreeze.exe ()

O4 - Startup: C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Bert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: LastPass - file://C:\Program Files\LastPass\context.html?cmd=lastpass File not found

O8 - Extra context menu item: LastPass-formulärifyllning - file://C:\Program Files\LastPass\context.html?cmd=fillforms File not found

O9 - Extra 'Tools' menuitem : &Inställningar i Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

O9 - Extra Button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)

O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx (ArmHelper Control)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.241.198.245 62.241.198.246

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{162E8F81-5FA2-48D3-84F0-9172F6B4ED15}: DhcpNameServer = 62.241.198.245 62.241.198.246

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AE064AB-9DB5-427E-A28F-F3DAB149864E}: DhcpNameServer = 62.241.198.246 62.241.198.245

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B43052A3-87EF-483C-9AA7-9037F3585DF4}: DhcpNameServer = 62.241.198.245 62.241.198.246

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E8F7EE34-1973-414A-8695-04A615796CDE}: DhcpNameServer = 62.241.198.245 62.241.198.246

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Program Files\Soluto\soluto.exe /userinit) - C:\Program Files\Soluto\soluto.exe (Soluto)

O22 - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files\Stardock\Fences\FencesMenu.dll (Stardock)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\fsc_wallpaper1.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\fsc_wallpaper1.jpg

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{149ccb29-04a1-11dd-834d-00030d734f64}\Shell - "" = AutoRun

O33 - MountPoints2\{19fbb060-c43c-11e1-9ce1-00030d734f64}\Shell - "" = AutoRun

O33 - MountPoints2\{19fbb060-c43c-11e1-9ce1-00030d734f64}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{19fbb07d-c43c-11e1-9ce1-001e101f8aaa}\Shell - "" = AutoRun

O33 - MountPoints2\{19fbb07d-c43c-11e1-9ce1-001e101f8aaa}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{4e78a42e-8fca-11e1-8785-00030d734f64}\Shell - "" = AutoRun

O33 - MountPoints2\{4e78a42e-8fca-11e1-8785-00030d734f64}\Shell\AutoRun\command - "" = F:\application\Nokia_Internet_Modem.exe

O33 - MountPoints2\{55b7c421-cc47-11e1-b1c7-001e101f8924}\Shell - "" = AutoRun

O33 - MountPoints2\{55b7c421-cc47-11e1-b1c7-001e101f8924}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{d8a5c2b9-cb4c-11e1-ba68-001e101fa1f5}\Shell - "" = AutoRun

O33 - MountPoints2\{d8a5c2b9-cb4c-11e1-ba68-001e101fa1f5}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{d8a5c2c9-cb4c-11e1-ba68-00030d734f64}\Shell - "" = AutoRun

O33 - MountPoints2\{d8a5c2c9-cb4c-11e1-ba68-00030d734f64}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{da76e518-cb56-11e1-b711-00030d734f64}\Shell - "" = AutoRun

O33 - MountPoints2\{da76e518-cb56-11e1-b711-00030d734f64}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{da76e52a-cb56-11e1-b711-001e101f2c0e}\Shell - "" = AutoRun

O33 - MountPoints2\{da76e52a-cb56-11e1-b711-001e101f2c0e}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{f2b6f772-c591-11e1-a7f8-001e101f57d0}\Shell - "" = AutoRun

O33 - MountPoints2\{f2b6f772-c591-11e1-a7f8-001e101f57d0}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\{f3ecca91-db1f-11e1-9128-001e101f9843}\Shell - "" = AutoRun

O33 - MountPoints2\{f3ecca91-db1f-11e1-9128-001e101f9843}\Shell\AutoRun\command - "" = F:\Autorun.exe

O33 - MountPoints2\G\Shell - "" = AutoRun

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2013.02.13 21:14:22 | 000,000,000 | ---D | C] -- C:\_OTL

[2013.02.13 17:58:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Bert\Desktop\OTL.exe

[2013.02.13 16:24:45 | 000,000,000 | ---D | C] -- C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CleanMem

[2013.02.13 16:24:42 | 000,000,000 | ---D | C] -- C:\Windows\CleanMem

[2013.02.13 16:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\CleanMem

[2013.02.13 09:17:02 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2013.02.13 09:16:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2013.02.13 09:16:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2013.02.13 09:16:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2013.02.13 09:16:58 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2013.02.13 09:16:55 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2013.02.13 09:16:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2013.02.13 09:16:52 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2013.02.13 08:14:33 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2013.02.13 08:14:31 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2013.02.13 08:14:21 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2013.02.13 08:14:21 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2013.02.05 08:09:41 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2013.02.05 08:08:32 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2013.02.05 08:08:32 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2013.02.05 08:08:32 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2013.01.17 17:11:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[2013.01.17 17:11:03 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN

[2013.01.17 16:19:10 | 000,000,000 | ---D | C] -- C:\Users\Bert\AppData\Roaming\vlc

[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2013.02.14 08:18:00 | 000,000,982 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013.02.14 08:11:02 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-164467782-455546942-1231415452-1000UA.job

[2013.02.14 08:02:19 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job

[2013.02.14 07:26:18 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013.02.14 07:15:51 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2013.02.14 07:15:51 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2013.02.14 07:15:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.02.13 17:58:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Bert\Desktop\OTL.exe

[2013.02.13 17:57:00 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library8.Full.job

[2013.02.13 17:17:05 | 000,000,187 | ---- | M] () -- C:\Windows\System32\CleanMem.ini

[2013.02.13 17:15:16 | 000,000,020 | ---- | M] () -- C:\Windows\cmm.dat

[2013.02.13 15:34:10 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-164467782-455546942-1231415452-1000Core.job

[2013.02.13 11:42:50 | 000,002,048 | ---- | M] () -- C:\Windows\MKDEWE.TRN

[2013.02.13 09:38:07 | 000,376,736 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013.02.13 09:12:35 | 000,606,388 | ---- | M] () -- C:\Windows\System32\perfh01D.dat

[2013.02.13 09:12:35 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013.02.13 09:12:35 | 000,120,758 | ---- | M] () -- C:\Windows\System32\perfc01D.dat

[2013.02.13 09:12:35 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013.02.10 20:51:48 | 000,002,043 | ---- | M] () -- C:\Users\Bert\Desktop\Google Chrome.lnk

[2013.02.10 19:44:00 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library5.Full.job

[2013.02.10 19:07:00 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library9.Full.job

[2013.02.09 18:07:57 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Blommor.Incremental.job

[2013.02.09 18:07:56 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library9.Incremental.job

[2013.02.09 18:07:56 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Elräkning.Full.job

[2013.02.08 18:01:00 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library6.Full.job

[2013.02.08 17:59:00 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library4.Incremental.job

[2013.02.08 17:52:00 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Blommor.Full.job

[2013.02.08 13:09:43 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2013.02.08 13:09:43 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2013.02.07 17:58:00 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library3.Incremental.job

[2013.02.07 17:54:00 | 000,000,340 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Elräkning.Incremental.job

[2013.02.06 18:07:00 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Lotus.Full.job

[2013.02.06 18:01:00 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library6.Incremental.job

[2013.02.05 08:08:13 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2013.02.05 08:07:58 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2013.02.05 08:07:58 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2013.02.05 08:07:57 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe

[2013.02.05 08:07:54 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll

[2013.02.05 08:07:54 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll

[2013.02.04 16:19:49 | 000,002,377 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2013.02.04 14:23:42 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini

[2013.02.04 14:23:40 | 000,247,808 | ---- | M] () -- C:\Users\Bert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013.02.04 09:17:24 | 000,002,045 | ---- | M] () -- C:\Users\Bert\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013.02.04 09:09:29 | 000,000,956 | ---- | M] () -- C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2013.01.22 20:48:51 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Opera diverse.Full.job

[2013.01.22 20:48:51 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Lotus.Incremental.job

[2013.01.22 20:48:51 | 000,000,324 | ---- | M] () -- C:\Windows\tasks\Diino Backup - Bert - Library3.Full.job

[2013.01.17 17:11:31 | 000,000,865 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2013.01.17 01:28:58 | 000,232,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2013.02.13 17:15:16 | 000,000,020 | ---- | C] () -- C:\Windows\cmm.dat

[2013.02.04 09:09:29 | 000,000,956 | ---- | C] () -- C:\Users\Bert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

[2013.01.17 17:11:31 | 000,000,865 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2013.01.03 17:10:45 | 001,904,343 | ---- | C] () -- C:\Users\Bert\Stieg Larsson - Uomini Che Odiano Le Donne.pdf

[2012.12.23 12:36:17 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT

[2012.07.24 08:51:35 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI

[2012.07.22 15:32:17 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Screen Savers

[2012.07.22 15:32:17 | 000,000,268 | RH-- | C] () -- C:\Users\Bert\AppData\Roaming\Sampler Files

[2012.07.22 15:32:17 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT

[2012.07.22 15:32:17 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Standard

[2012.07.22 15:30:11 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Scripts Menu

[2012.07.22 15:30:11 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Screen Saver

[2012.07.22 15:30:11 | 000,000,268 | RH-- | C] () -- C:\Users\Bert\AppData\Roaming\Sampler Instruments

[2012.07.22 15:30:11 | 000,000,268 | RH-- | C] () -- C:\Users\Bert\AppData\Roaming\Sampler

[2012.07.22 15:30:11 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT

[2012.07.22 15:30:11 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT

[2012.07.22 15:30:11 | 000,000,012 | RH-- | C] () -- C:\ProgramData\StartupItems

[2012.07.22 15:30:11 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Speech Enhancer

[2012.07.04 22:31:48 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe

[2012.06.24 11:30:11 | 000,158,208 | ---- | C] () -- C:\Windows\System32\AI_VideoConverterContextMenu.dll

[2012.06.04 18:25:46 | 000,000,669 | ---- | C] () -- C:\Windows\MyHeritage.INI

[2012.06.04 18:23:59 | 000,454,656 | ---- | C] () -- C:\Windows\System32\PaintX.dll

[2012.05.31 16:43:30 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

[2012.05.20 10:21:18 | 000,131,176 | ---- | C] () -- C:\Windows\System32\mp3gain.exe

[2012.05.20 10:21:18 | 000,086,016 | ---- | C] () -- C:\Windows\System32\akrip32.dll

[2012.05.20 10:21:15 | 000,307,200 | ---- | C] () -- C:\Windows\System32\Mp3Ctrl.dll

[2012.05.20 10:21:13 | 000,003,180 | ---- | C] () -- C:\Users\Bert\AppData\Local\ZortamMp3MediaStudio.iss

[2012.01.23 16:59:21 | 000,000,029 | ---- | C] () -- C:\Windows\DEBUGSM.INI

[2012.01.19 20:29:24 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat

[2011.07.11 20:00:15 | 000,000,090 | ---- | C] () -- C:\Windows\System32\ftm31.dat

[2011.06.18 18:28:43 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini

[2011.04.02 07:38:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

[2011.04.02 07:36:53 | 000,176,214 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat

[2011.03.27 15:39:57 | 000,000,254 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2010.03.30 12:03:26 | 000,000,680 | ---- | C] () -- C:\Users\Bert\AppData\Local\d3d9caps.dat

[2009.01.28 15:00:31 | 001,026,656 | ---- | C] () -- C:\Users\Bert\vb5run.zip

[2009.01.28 14:57:49 | 000,094,909 | ---- | C] () -- C:\Users\Bert\econv.zip

[2008.04.11 10:11:22 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat

[2008.04.08 12:58:09 | 000,000,000 | ---- | C] () -- C:\Users\Bert\AppData\Roaming\wklnhst.dat

[2008.04.02 21:22:11 | 000,247,808 | ---- | C] () -- C:\Users\Bert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008.04.02 09:46:04 | 004,194,304 | ---- | C] () -- C:\Users\Bert\NTUSER.bak

 

========== ZeroAccess Check ==========

 

[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== LOP Check ==========

 

[2008.04.04 07:53:06 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\AD ON Multimedia

[2012.06.24 11:30:36 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Aimersoft Video Converter Std

[2012.04.17 13:47:47 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Audacity

[2008.05.21 18:27:58 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Autodesk

[2009.02.05 16:28:38 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Columbus Soft

[2012.07.05 05:46:46 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\cspa

[2012.05.18 09:28:19 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Digiarty

[2012.10.26 10:04:50 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Diino

[2013.02.14 07:21:33 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Dropbox

[2009.01.15 18:15:47 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\EPSON

[2011.03.21 08:18:11 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Firetrust

[2008.04.04 07:53:05 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\FreeCommander

[2008.04.11 13:21:24 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Goodsol

[2008.11.19 13:04:22 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\GrassGames

[2013.02.07 17:18:12 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\iPodder

[2008.04.12 08:08:37 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Local

[2012.10.06 09:16:34 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\M8 Software

[2013.02.14 08:09:40 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\MailWasherPro

[2012.06.04 18:31:38 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\MyHeritage

[2010.05.26 11:53:04 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\New Tier

[2012.07.24 08:44:43 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Nikon

[2012.03.04 17:34:34 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Nokia

[2009.11.26 11:03:59 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Nokia Ovi Suite

[2012.01.06 18:43:38 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Nokia Suite

[2012.03.31 08:55:19 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Notepad++

[2009.02.05 21:18:33 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Noteworthy Software

[2009.03.04 08:57:11 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\OpenOffice.org

[2012.01.06 15:26:44 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Opera

[2009.04.01 19:49:08 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\PC Suite

[2008.04.09 11:59:08 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Qualcomm

[2009.03.31 08:17:26 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\QuickScan

[2009.02.05 17:41:05 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Scoretec

[2012.06.30 08:29:47 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Softland

[2012.05.31 17:52:18 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Soluto

[2012.06.24 10:53:33 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Sound Editor Pro

[2008.10.25 12:46:50 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\SpinTop

[2010.08.18 11:29:58 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Stardock

[2009.06.15 08:38:15 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\StreamTorrent

[2012.04.11 09:34:30 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\SuperUtils.com

[2009.08.20 11:36:39 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\System Tweaker

[2012.02.29 17:27:56 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\SystemRequirementsLab

[2011.11.26 08:47:23 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\TeamViewer

[2009.07.22 16:27:50 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\TellJack.ECEEB4FB867C407E2A221A102A5A5A4FE268EE6C.1

[2008.04.08 12:58:11 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Template

[2012.06.04 18:23:58 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\The Complete Genealogy Reporter - FTB

[2012.01.19 12:40:01 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Thunderbird

[2012.07.15 08:05:15 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\TV-Browser

[2010.02.07 09:45:40 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Uniblue

[2010.01.28 16:15:17 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\UseNeXT

[2013.01.02 21:18:26 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\uTorrent

[2012.05.27 10:19:31 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\XUSSoft

[2013.01.02 19:59:39 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\YCanPDF

[2008.09.04 08:54:40 | 000,000,000 | ---D | M] -- C:\Users\Bert\AppData\Roaming\Överföringsmapp för HP Share-to-Web

 

========== Purity Check ==========

 

 

 

< End of report >

Länk till kommentar
Dela på andra webbplatser

Så här tidigt på morgonen glömde jag naturligtvis att stänga antivirusprogrammet innan jag körde OTL. I går lyckades jag inte heller avintallera resterna av Norman.

Länk till kommentar
Dela på andra webbplatser

När man kör OTL utan någon fix behöver inte antivirusprogrammet vara avstängt.

 

Då tar vi bort Norman-tjänsten med OTL.

 

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram så att de inte krockar med OTL.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

 

Starta programmet OTL (i Vista/Windows7 högerklicka och välj Kör som administratör).

Kopiera alla raderna i rutan:

:OTL
SRV - (NNFSVC) -- C:\Program Files\Norman\Ngs\Bin\Nnf.exe (Norman ASA)
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&barid={7C058C96-250C-11E2-8249-00030D734F64}&q="
:Commands
[CREATERESTOREPOINT]
[REBOOT]

Klistra in dem i rutan Custom Scans/Fixes. Kontrollera att det ser exakt likadant ut, t ex när det gäller radbrytningar.

Tryck på Run Fix.

Om du blir tillfrågad om att starta om datorn så gör det.

Det kommer upp en logg i Anteckningar. Kopiera den och klistra in i ditt svar.

 

Om den inte kommer automatiskt så hittar du den i mappen c:\_OTL\Moved Files med ett namn som innehåller dagens datum och klockslaget för körningen.

 

Se till att aktivera antivirusprogram mm innan du ansluter datorn till internet.

 

Ta bort mappen C:\Program Files\Norman.

 

Hur fungerar datorn nu?

Länk till kommentar
Dela på andra webbplatser

Vid senaste uppstart fanns inte SweetPack, men jag återkommer ifall problemet upprepas. Datorns uppstart tar fortfarande ovanligt lång tid och fläkten går för det mesta.

 

Logfilen från idag:

 

 

========== OTL ==========

Service NNFSVC stopped successfully!

Service NNFSVC deleted successfully!

C:\Program Files\Norman\Ngs\Bin\Nnf.exe moved successfully.

Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaultenginename

Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.selectedEngine

Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaulturl

Prefs.js: "http://search.sweetim.com/search.asp?src=2&barid={7C058C96-250C-11E2-8249-00030D734F64}&q=" removed from keyword.URL

========== COMMANDS ==========

Restore point Set: OTL Restore Point

 

OTL by OldTimer - Version 3.2.69.0 log created on 02142013_170037

Länk till kommentar
Dela på andra webbplatser

När det gäller fläkten (och kanske uppstartstiden) skulle jag tro att det börjar bli mycket damm i datorn så att kylningen fungerar dåligt. Är det en bärbar eller en stationär dator?

 

 

Starta OTL.

Tryck på knappen CleanUp! och det kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.

 

Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/

Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Länk till kommentar
Dela på andra webbplatser

Jag har en bärbar Fulitsu Amilo Pa 2510. Datorn har varit avstängd några timmar och vid uppstart fanns ingen SweetPack, så den delen har visst lyckats. Tusen tack för den hjälpen!

Länk till kommentar
Dela på andra webbplatser

Det är ofta svårt att själv få bort damm i en bärbar dator. Det man kan göra är att skruva bort de luckor som finns och se om man kommer åt något.

 

Eforums guide för dammborttagning i en stationär dator: //eforum.idg.se/topic/335021-ta-bort-damm-i-en-stationar-dator/

Även om den inte gäller din dator så kan du få en viss förståelse om vad som har hänt och hur man ska handskas med innanmätet i en dator.

Länk till kommentar
Dela på andra webbplatser

Jag gladde mig i förtid, för idag är SweetPack-tillägget tillbaka i Chrome och ny flik ger meddelandet:

 

Det fanns ingen webbsida på webbadressen: chrome-extension://ogccgbmabaphcakpiclgcnmcnimhokcj/newtab.html

Fel 6 (net::ERR_FILE_NOT_FOUND): Det gick inte att hitta filen eller katalogen.

 

Jag står maktlös!

Länk till kommentar
Dela på andra webbplatser

Jag hoppas att jag slutligen har hittat en lösning på den envisa SweetPack. På nätet fanns denna sida, som jag följde och fick Chrome att fungera som förr. Men tack för all hjälp, som jag fått. Den fick mej att rensa och avlägsna många onödiga och eventuellt skadliga saker på min dator.

 

http://forums.anvisoft.com/viewtopic-56-2184-0.html

 

 

SweetPack har inte synts till på ett halft dygn.

Länk till kommentar
Dela på andra webbplatser

"Ny flik" visar väl sådant som har installerats tidigare, om jag inte har missförstått det, och felmeddelandet innebar att SweetPack inte längre fanns installerat men informationen om det fanns kvar. Sidan http://support.google.com/chrome/bin/answer.py?hl=sv&answer=95451 tar upp hur man hanterar "Ny flik", du har ju visserligen löst det nu men det kan ju vara bra till en annan gång.

 

Om du menar att du installerade Anvisoft Smart Defender, och inte bara följde det som står om inställningar i Chrome, så kan det ju vara bra att läsa andras åsikter om programmet:

http://download.cnet.com/Anvi-Smart-Defender/3000-8022_4-75628502.html#rateit

http://krebsonsecurity.com/2012/11/infamous-hacker-heading-chinese-antivirus-firm/

https://www.mywot.com/en/scorecard/anvisoft.com?utm_source=addon&utm_content=popup

Länk till kommentar
Dela på andra webbplatser

Jag gick till Chromes sökmotorer och där fanns SweetPack. Jag deletade den och trodde att saken var ur världen. Så var det nu inte! Troligen använder den sig av olika namn och nu har jag deletat en del andra sökmotorer, som såg en aning märkliga ut. SweetPack kommer troligtvis att bli en livslång kompanjon.

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...