Just nu i M3-nätverket
Gå till innehåll

En massa reklamfönster


lizzy_lini

Rekommendera Poster

lizzy_lini

Hejsan

 

Hjälper en kompis med hennes dator. Är e massa blinkande pou-up:er som dyker upp hela tiden. I sökfältet står det mysearchdial. Har inte scannat ngt ännu, mer än med FRST, eller vad det nu heter.

 

Kan någon hjälpa mig?

 

Bifogar en mbam logg och adwcleaner.

Addition.txt

FRST.txt

mbam.txt

AdwCleanerR0.txt

Länk till kommentar
Dela på andra webbplatser

lizzy_lini

Tar ut en ny logg efter lite scanningar och borttag av program.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by PetraL (administrator) on PETRA on 28-05-2014 22:47:34
Running from C:\Users\PetraL\Downloads
Platform: Windows 8 (X64) OS Language: Swedish
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Spotify Ltd) C:\Users\PetraL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [682840 2013-06-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7770936 2013-04-12] (Motorola Solutions, Inc.)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-05-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-28] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1988245170-786186578-318433116-1001\...\Run: [spotify] => C:\Users\PetraL\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-17] (Spotify Ltd)
HKU\S-1-5-21-1988245170-786186578-318433116-1001\...\Run: [spotify Web Helper] => C:\Users\PetraL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-17] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/11
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/11
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/11
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=vit_14_13_ff&cd=2XzuyEtN2Y1L1QzutD0Czz0B0F0DtByEtD0E0B0DtBtByD0EtN0D0Tzu0SzztCyDtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByCyDzzyB0CzytAtG0CtCtByEtG0CyE0AtCtGzzyD0F0FtGyBzz0CtC0AzzyCzzzz0B0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtD0D0D0BtDyE0FtGyBtAzztAtG0A0D0FtBtGzyyCtDyDtGtD0F0B0Bzzzz0DyC0FyB0DyB2Q&cr=453903572&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=vit_14_13_ff&cd=2XzuyEtN2Y1L1QzutD0Czz0B0F0DtByEtD0E0B0DtBtByD0EtN0D0Tzu0SzztCyDtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByCyDzzyB0CzytAtG0CtCtByEtG0CyE0AtCtGzzyD0F0FtGyBzz0CtC0AzzyCzzzz0B0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtD0D0D0BtDyE0FtGyBtAzztAtG0A0D0FtBtGzyyCtDyDtGtD0F0B0Bzzzz0DyC0FyB0DyB2Q&cr=453903572&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {A4784A78-86AA-410A-B275-A16A50D72315} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM-x32 - {A4784A78-86AA-410A-B275-A16A50D72315} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=vit_14_13_ff&cd=2XzuyEtN2Y1L1QzutD0Czz0B0F0DtByEtD0E0B0DtBtByD0EtN0D0Tzu0SzztCyDtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByCyDzzyB0CzytAtG0CtCtByEtG0CyE0AtCtGzzyD0F0FtGyBzz0CtC0AzzyCzzzz0B0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtD0D0D0BtDyE0FtGyBtAzztAtG0A0D0FtBtGzyyCtDyDtGtD0F0B0Bzzzz0DyC0FyB0DyB2Q&cr=453903572&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=vit_14_13_ff&cd=2XzuyEtN2Y1L1QzutD0Czz0B0F0DtByEtD0E0B0DtBtByD0EtN0D0Tzu0SzztCyDtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByCyDzzyB0CzytAtG0CtCtByEtG0CyE0AtCtGzzyD0F0FtGyBzz0CtC0AzzyCzzzz0B0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtD0D0D0BtDyE0FtGyBtAzztAtG0A0D0FtBtGzyyCtDyDtGtD0F0B0Bzzzz0DyC0FyB0DyB2Q&cr=453903572&ir=
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - {A4784A78-86AA-410A-B275-A16A50D72315} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default
FF DefaultSearchEngine: Mysearchdial
FF SearchEngineOrder.1: Mysearchdial
FF SelectedSearchEngine: Mysearchdial
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF user.js: detected! => C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml
FF Extension: KoinnGeCoupon - C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default\Extensions\73oyaiuu@y-.edu [2014-05-26]
FF Extension: easyytoshoP - C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default\Extensions\tiwuf@iiigec.org [2014-04-17]
FF Extension: ConveErtItAPp - C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default\Extensions\yxff-0yoi@y-lzzhlrv.com [2014-04-21]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-25]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-28] (AVAST Software)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-05-28] (Intel)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-26] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-26] (CyberLink)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-05-03] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156104 2013-06-04] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [758072 2013-04-19] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-16] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-17] (Realtek Semiconductor)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3379440 2013-04-16] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-28] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-03-25] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [112584 2013-06-20] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2013-03-29] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-08] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3597792 2013-05-14] (Intel Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [408136 2013-05-09] (Realsil Semiconductor Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-05-28] (Windows ® Win 7 DDK provider)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-05-28] ()
R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64; C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64.sys [61120 2014-04-24] (StdLib)
R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}w64; C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys [60704 2014-05-26] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 22:23 - 2014-05-28 22:23 - 00009317 _____ () C:\Users\PetraL\Desktop\AdwCleaner[R0].txt
2014-05-28 22:21 - 2014-05-28 22:22 - 00000000 ____D () C:\AdwCleaner
2014-05-28 22:20 - 2014-05-28 22:21 - 01327971 _____ () C:\Users\PetraL\Downloads\adwcleaner_3.211.exe
2014-05-28 22:14 - 2014-05-28 22:14 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-05-28 22:12 - 2014-05-28 22:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-28 22:12 - 2014-05-28 22:12 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-28 22:07 - 2014-05-28 22:07 - 00055876 _____ () C:\Users\PetraL\Desktop\mbam.txt
2014-05-28 21:55 - 2014-05-28 21:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 21:54 - 2014-05-28 21:54 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-28 21:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-28 21:54 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-28 21:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-28 21:53 - 2014-05-28 21:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\PetraL\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-28 21:47 - 2014-05-28 21:47 - 17278160 _____ (Malwarebytes Corporation ) C:\Users\PetraL\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-28 20:37 - 2014-05-28 20:38 - 00030829 _____ () C:\Users\PetraL\Downloads\Addition.txt
2014-05-28 20:36 - 2014-05-28 22:47 - 00019410 _____ () C:\Users\PetraL\Downloads\FRST.txt
2014-05-28 20:36 - 2014-05-28 22:47 - 00000000 ____D () C:\FRST
2014-05-28 20:35 - 2014-05-28 20:36 - 02066944 _____ (Farbar) C:\Users\PetraL\Downloads\FRST64(1).exe
2014-05-28 20:35 - 2014-05-28 20:35 - 02066944 _____ (Farbar) C:\Users\PetraL\Downloads\FRST64.exe
2014-05-28 12:44 - 2014-05-26 20:57 - 00060704 _____ (StdLib) C:\Windows\system32\Drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys
2014-05-26 21:50 - 2014-05-28 22:07 - 00000000 ____D () C:\ProgramData\ExtrraSShoPPer
2014-05-19 11:25 - 2014-05-28 14:53 - 00000000 ____D () C:\Users\PetraL\Desktop\Ny mapp
2014-05-19 11:23 - 2014-05-19 11:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-05-19 11:21 - 2014-05-19 11:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-05-17 15:22 - 2014-05-01 22:37 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-17 15:22 - 2014-05-01 22:37 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-17 15:05 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-17 15:05 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-17 15:05 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-17 15:05 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-17 15:05 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-17 15:05 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-17 15:05 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-17 15:05 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-17 15:05 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-17 15:05 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-17 15:05 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-17 15:05 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-17 15:05 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-05-17 15:05 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-05-17 15:05 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-05-17 15:05 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-17 15:05 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-17 15:05 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-05-17 15:05 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-05-17 15:05 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-17 15:05 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-17 15:05 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-17 15:05 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-17 15:05 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-05-17 15:05 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-05-17 15:05 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-17 15:05 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-17 15:05 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-17 15:05 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-17 15:05 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-17 15:05 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-17 15:05 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-05-17 15:05 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-17 15:05 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-17 15:05 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-17 15:04 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-17 15:04 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-17 15:04 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-17 15:04 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-17 15:04 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-14 14:00 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 14:00 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 14:00 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 14:00 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 14:00 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 14:00 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 14:00 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 14:00 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 14:00 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-14 14:00 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-14 14:00 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 14:00 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 14:00 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 14:00 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 14:00 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-14 14:00 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 14:00 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 14:00 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-14 14:00 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-14 14:00 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 14:00 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 14:00 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 14:00 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 14:00 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 14:00 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-14 14:00 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-14 14:00 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 14:00 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-14 14:00 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 14:00 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-14 14:00 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 14:00 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 14:00 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 14:00 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 14:00 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 14:00 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 14:00 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 14:00 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 14:00 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-14 14:00 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 14:00 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 14:00 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 14:00 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 14:00 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 14:00 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-14 14:00 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-14 14:00 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-14 14:00 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-14 14:00 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-14 14:00 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-14 14:00 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-14 14:00 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-14 14:00 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-14 14:00 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-12 17:23 - 2014-05-12 17:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 16:51 - 2014-05-28 12:39 - 00000000 ____D () C:\Users\PetraL\AppData\Local\Spotify
2014-05-12 16:51 - 2014-05-12 16:51 - 00001815 _____ () C:\Users\PetraL\Desktop\Spotify.lnk
2014-05-12 16:51 - 2014-05-12 16:51 - 00001801 _____ () C:\Users\PetraL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-05-12 16:50 - 2014-05-28 22:15 - 00000000 ____D () C:\Users\PetraL\AppData\Roaming\Spotify
2014-05-12 16:49 - 2014-05-12 16:49 - 00126112 _____ (Spotify Ltd) C:\Users\PetraL\Downloads\SpotifySetup.exe

==================== One Month Modified Files and Folders =======

2014-05-28 22:47 - 2014-05-28 20:36 - 00019410 _____ () C:\Users\PetraL\Downloads\FRST.txt
2014-05-28 22:47 - 2014-05-28 20:36 - 00000000 ____D () C:\FRST
2014-05-28 22:34 - 2014-03-25 17:54 - 00000000 ___RD () C:\Users\PetraL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-28 22:23 - 2014-05-28 22:23 - 00009317 _____ () C:\Users\PetraL\Desktop\AdwCleaner[R0].txt
2014-05-28 22:22 - 2014-05-28 22:21 - 00000000 ____D () C:\AdwCleaner
2014-05-28 22:21 - 2014-05-28 22:20 - 01327971 _____ () C:\Users\PetraL\Downloads\adwcleaner_3.211.exe
2014-05-28 22:20 - 2013-07-25 03:51 - 00752070 _____ () C:\Windows\system32\perfh01D.dat
2014-05-28 22:20 - 2013-07-25 03:51 - 00163854 _____ () C:\Windows\system32\perfc01D.dat
2014-05-28 22:20 - 2012-07-26 09:28 - 01850512 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-28 22:15 - 2014-05-12 16:50 - 00000000 ____D () C:\Users\PetraL\AppData\Roaming\Spotify
2014-05-28 22:15 - 2014-03-25 17:55 - 00000000 ____D () C:\Users\PetraL\Documents\Youcam
2014-05-28 22:14 - 2014-05-28 22:14 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-05-28 22:14 - 2013-10-06 19:14 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-05-28 22:14 - 2013-10-06 18:58 - 00003298 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2014-05-28 22:14 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 22:13 - 2014-03-25 18:19 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-28 22:13 - 2014-03-25 18:18 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-28 22:13 - 2014-03-25 18:18 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-28 22:13 - 2014-03-25 18:18 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-28 22:13 - 2012-08-04 00:23 - 00503118 _____ () C:\Windows\PFRO.log
2014-05-28 22:13 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-28 22:12 - 2014-05-28 22:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-28 22:12 - 2014-05-28 22:12 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-28 22:12 - 2014-03-25 18:18 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-28 22:12 - 2014-03-25 18:18 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-28 22:12 - 2014-03-25 18:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-28 22:12 - 2014-03-25 18:18 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-28 22:12 - 2014-03-25 18:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-28 22:12 - 2014-03-25 18:18 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-28 22:08 - 2013-07-24 21:34 - 00000000 ____D () C:\Windows\fi
2014-05-28 22:08 - 2012-07-26 07:26 - 00000194 _____ () C:\Windows\win.ini
2014-05-28 22:07 - 2014-05-28 22:07 - 00055876 _____ () C:\Users\PetraL\Desktop\mbam.txt
2014-05-28 22:07 - 2014-05-26 21:50 - 00000000 ____D () C:\ProgramData\ExtrraSShoPPer
2014-05-28 22:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-28 21:56 - 2014-03-26 13:56 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-28 21:55 - 2014-05-28 21:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 21:54 - 2014-05-28 21:54 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-28 21:53 - 2014-05-28 21:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\PetraL\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-28 21:49 - 2014-03-26 13:49 - 00000308 _____ () C:\Windows\Tasks\MySearchDial.job
2014-05-28 21:47 - 2014-05-28 21:47 - 17278160 _____ (Malwarebytes Corporation ) C:\Users\PetraL\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-28 20:40 - 2014-03-25 17:52 - 01354948 _____ () C:\Windows\WindowsUpdate.log
2014-05-28 20:38 - 2014-05-28 20:37 - 00030829 _____ () C:\Users\PetraL\Downloads\Addition.txt
2014-05-28 20:36 - 2014-05-28 20:35 - 02066944 _____ (Farbar) C:\Users\PetraL\Downloads\FRST64(1).exe
2014-05-28 20:35 - 2014-05-28 20:35 - 02066944 _____ (Farbar) C:\Users\PetraL\Downloads\FRST64.exe
2014-05-28 14:53 - 2014-05-19 11:25 - 00000000 ____D () C:\Users\PetraL\Desktop\Ny mapp
2014-05-28 12:49 - 2014-03-26 12:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-28 12:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-28 12:39 - 2014-05-12 16:51 - 00000000 ____D () C:\Users\PetraL\AppData\Local\Spotify
2014-05-26 21:51 - 2014-04-17 09:42 - 00000000 ____D () C:\ProgramData\b2c05059bc36ccba
2014-05-26 20:57 - 2014-05-28 12:44 - 00060704 _____ (StdLib) C:\Windows\system32\Drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys
2014-05-19 13:49 - 2012-07-26 09:21 - 00036677 _____ () C:\Windows\setupact.log
2014-05-19 11:35 - 2014-03-25 17:52 - 00000000 ____D () C:\Users\PetraL\AppData\Local\Packages
2014-05-19 11:23 - 2014-05-19 11:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-05-19 11:21 - 2014-05-19 11:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-05-17 16:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-05-17 15:25 - 2014-03-25 17:54 - 00000000 ___RD () C:\Users\PetraL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 15:21 - 2014-03-25 21:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-14 14:11 - 2014-03-25 20:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 14:10 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-13 19:56 - 2014-03-26 13:56 - 00003756 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-12 17:23 - 2014-05-12 17:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 16:51 - 2014-05-12 16:51 - 00001815 _____ () C:\Users\PetraL\Desktop\Spotify.lnk
2014-05-12 16:51 - 2014-05-12 16:51 - 00001801 _____ () C:\Users\PetraL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-05-12 16:49 - 2014-05-12 16:49 - 00126112 _____ (Spotify Ltd) C:\Users\PetraL\Downloads\SpotifySetup.exe
2014-05-12 07:26 - 2014-05-28 21:54 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-28 21:54 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-28 21:54 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-08 10:28 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\PetraL\Documents\Medicin 1
2014-05-06 07:14 - 2014-05-14 14:00 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-14 14:00 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-14 14:00 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-14 14:00 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-14 14:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-14 14:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-04 17:12 - 2014-03-25 20:32 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-01 22:37 - 2014-05-17 15:22 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:37 - 2014-05-17 15:22 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\PetraL\AppData\Local\Temp\BackupSetup.exe
C:\Users\PetraL\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-14 14:00] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-28 13:46

==================== End Of Log ============================

 

 

Fick bara ut den ena filen nu, ngt fel?

Länk till kommentar
Dela på andra webbplatser

Addition.txt skapas bara första gången som standard, dock kan man bocka för Addition.txt i FRST:s fönster för att skapa den en gång till.

 

Har du låtit MBAM och AdwCleaner ta bort allt de hittade?

Om inte gör det och klistra sen in nya FRST.txt och Addition.txt.

Länk till kommentar
Dela på andra webbplatser

lizzy_lini

Hejsan

 

Här kommer loggarna.

Bifogar även en skärmdump på en skum ruta enligt mig. jag har aldrig arbetat i windows8 så vet inte hur man får info om uppdateringar, men skulle microsoft använda sig av en sådan ruta så känns det väldig oseriöst i mitt tycke.... =)

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by PetraL (administrator) on PETRA on 29-05-2014 08:44:02
Running from C:\Users\PetraL\Downloads
Platform: Windows 8 (X64) OS Language: Swedish
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Spotify Ltd) C:\Users\PetraL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [682840 2013-06-25] (Alps Electric Co., Ltd.)
HKLM\...\Run: [bTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7770936 2013-04-12] (Motorola Solutions, Inc.)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-05-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-05-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-28] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1988245170-786186578-318433116-1001\...\Run: [spotify] => C:\Users\PetraL\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-17] (Spotify Ltd)
HKU\S-1-5-21-1988245170-786186578-318433116-1001\...\Run: [spotify Web Helper] => C:\Users\PetraL\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-17] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/11
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/11
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON13/11
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=vit_14_13_ff&cd=2XzuyEtN2Y1L1QzutD0Czz0B0F0DtByEtD0E0B0DtBtByD0EtN0D0Tzu0SzztCyDtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByCyDzzyB0CzytAtG0CtCtByEtG0CyE0AtCtGzzyD0F0FtGyBzz0CtC0AzzyCzzzz0B0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtD0D0D0BtDyE0FtGyBtAzztAtG0A0D0FtBtGzyyCtDyDtGtD0F0B0Bzzzz0DyC0FyB0DyB2Q&cr=453903572&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=vit_14_13_ff&cd=2XzuyEtN2Y1L1QzutD0Czz0B0F0DtByEtD0E0B0DtBtByD0EtN0D0Tzu0SzztCyDtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StByCyDzzyB0CzytAtG0CtCtByEtG0CyE0AtCtGzzyD0F0FtGyBzz0CtC0AzzyCzzzz0B0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCtD0D0D0BtDyE0FtGyBtAzztAtG0A0D0FtBtGzyyCtDyDtGtD0F0B0Bzzzz0DyC0FyB0DyB2Q&cr=453903572&ir=
SearchScopes: HKLM - {A4784A78-86AA-410A-B275-A16A50D72315} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {A4784A78-86AA-410A-B275-A16A50D72315} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {58F12B37-D3CB-4ECD-85B8-7B6C479B3994} URL = http://www.google.com/search?hl=sv&q={searchTerms}
SearchScopes: HKCU - {A4784A78-86AA-410A-B275-A16A50D72315} URL =
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml
FF Extension: easyytoshoP - C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default\Extensions\tiwuf@iiigec.org [2014-04-17]
FF Extension: ConveErtItAPp - C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default\Extensions\yxff-0yoi@y-lzzhlrv.com [2014-04-21]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-25]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-28] (AVAST Software)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-05-28] (Intel)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-26] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-26] (CyberLink)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-05-03] (Hewlett-Packard Development Company, L.P.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Corporation)
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156104 2013-06-04] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [758072 2013-04-19] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-16] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-17] (Realtek Semiconductor)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3379440 2013-04-16] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-28] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-03-25] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [112584 2013-06-20] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2013-03-29] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99800 2013-05-08] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3597792 2013-05-14] (Intel Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [408136 2013-05-09] (Realsil Semiconductor Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-05-28] (Windows ® Win 7 DDK provider)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-05-29] ()
R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64; C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64.sys [61120 2014-04-24] (StdLib)
R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}w64; C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys [60704 2014-05-26] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 23:03 - 2014-05-28 23:03 - 00007968 _____ () C:\Users\PetraL\Desktop\AdwCleaner[s0].txt
2014-05-28 22:23 - 2014-05-28 22:23 - 00009317 _____ () C:\Users\PetraL\Desktop\AdwCleaner[R0].txt
2014-05-28 22:21 - 2014-05-29 08:42 - 00000000 ____D () C:\AdwCleaner
2014-05-28 22:20 - 2014-05-28 22:21 - 01327971 _____ () C:\Users\PetraL\Downloads\adwcleaner_3.211.exe
2014-05-28 22:14 - 2014-05-29 08:42 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-05-28 22:12 - 2014-05-28 22:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-28 22:12 - 2014-05-28 22:12 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-28 22:07 - 2014-05-28 22:07 - 00055876 _____ () C:\Users\PetraL\Desktop\mbam.txt
2014-05-28 21:55 - 2014-05-29 08:33 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-28 21:54 - 2014-05-28 21:54 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-28 21:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-28 21:54 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-28 21:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-28 21:53 - 2014-05-28 21:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\PetraL\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-28 21:47 - 2014-05-28 21:47 - 17278160 _____ (Malwarebytes Corporation ) C:\Users\PetraL\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-28 20:37 - 2014-05-28 20:38 - 00030829 _____ () C:\Users\PetraL\Downloads\Addition.txt
2014-05-28 20:36 - 2014-05-29 08:44 - 00016993 _____ () C:\Users\PetraL\Downloads\FRST.txt
2014-05-28 20:36 - 2014-05-29 08:44 - 00000000 ____D () C:\FRST
2014-05-28 20:35 - 2014-05-28 20:36 - 02066944 _____ (Farbar) C:\Users\PetraL\Downloads\FRST64(1).exe
2014-05-28 20:35 - 2014-05-28 20:35 - 02066944 _____ (Farbar) C:\Users\PetraL\Downloads\FRST64.exe
2014-05-28 12:44 - 2014-05-26 20:57 - 00060704 _____ (StdLib) C:\Windows\system32\Drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys
2014-05-19 11:25 - 2014-05-28 14:53 - 00000000 ____D () C:\Users\PetraL\Desktop\Ny mapp
2014-05-19 11:23 - 2014-05-19 11:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-05-19 11:21 - 2014-05-19 11:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-05-17 15:22 - 2014-05-01 22:37 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-17 15:22 - 2014-05-01 22:37 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-17 15:05 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-17 15:05 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-17 15:05 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-17 15:05 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-17 15:05 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-17 15:05 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-17 15:05 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-17 15:05 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-17 15:05 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-17 15:05 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-17 15:05 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-17 15:05 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-17 15:05 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-17 15:05 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-05-17 15:05 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-05-17 15:05 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-05-17 15:05 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-17 15:05 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-17 15:05 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-05-17 15:05 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-05-17 15:05 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-17 15:05 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-17 15:05 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-17 15:05 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-17 15:05 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-05-17 15:05 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-05-17 15:05 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-17 15:05 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-17 15:05 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-17 15:05 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-17 15:05 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-17 15:05 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-17 15:05 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-05-17 15:05 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-17 15:05 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-17 15:05 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-17 15:04 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-17 15:04 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-17 15:04 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-17 15:04 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-17 15:04 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-14 14:00 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 14:00 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 14:00 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 14:00 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 14:00 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 14:00 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 14:00 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 14:00 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 14:00 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-14 14:00 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-14 14:00 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 14:00 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 14:00 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 14:00 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 14:00 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-14 14:00 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 14:00 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 14:00 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-14 14:00 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-14 14:00 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 14:00 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 14:00 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 14:00 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 14:00 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 14:00 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-14 14:00 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-14 14:00 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 14:00 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-14 14:00 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 14:00 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-14 14:00 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 14:00 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 14:00 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 14:00 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 14:00 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 14:00 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 14:00 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 14:00 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 14:00 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-14 14:00 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 14:00 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 14:00 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 14:00 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 14:00 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 14:00 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-14 14:00 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-14 14:00 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-14 14:00 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-14 14:00 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-14 14:00 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-14 14:00 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-14 14:00 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-14 14:00 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-14 14:00 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-12 17:23 - 2014-05-12 17:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 16:51 - 2014-05-28 12:39 - 00000000 ____D () C:\Users\PetraL\AppData\Local\Spotify
2014-05-12 16:51 - 2014-05-12 16:51 - 00001815 _____ () C:\Users\PetraL\Desktop\Spotify.lnk
2014-05-12 16:51 - 2014-05-12 16:51 - 00001801 _____ () C:\Users\PetraL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-05-12 16:50 - 2014-05-29 08:43 - 00000000 ____D () C:\Users\PetraL\AppData\Roaming\Spotify
2014-05-12 16:49 - 2014-05-12 16:49 - 00126112 _____ (Spotify Ltd) C:\Users\PetraL\Downloads\SpotifySetup.exe

==================== One Month Modified Files and Folders =======

2014-05-29 08:44 - 2014-05-28 20:36 - 00016993 _____ () C:\Users\PetraL\Downloads\FRST.txt
2014-05-29 08:44 - 2014-05-28 20:36 - 00000000 ____D () C:\FRST
2014-05-29 08:43 - 2014-05-12 16:50 - 00000000 ____D () C:\Users\PetraL\AppData\Roaming\Spotify
2014-05-29 08:43 - 2014-03-25 17:55 - 00000000 ____D () C:\Users\PetraL\Documents\Youcam
2014-05-29 08:42 - 2014-05-28 22:21 - 00000000 ____D () C:\AdwCleaner
2014-05-29 08:42 - 2014-05-28 22:14 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-05-29 08:42 - 2013-10-06 19:14 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-05-29 08:42 - 2013-10-06 18:58 - 00003300 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2014-05-29 08:42 - 2012-08-04 00:23 - 00504196 _____ () C:\Windows\PFRO.log
2014-05-29 08:42 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-29 08:42 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-29 08:40 - 2014-03-25 17:52 - 01389365 _____ () C:\Windows\WindowsUpdate.log
2014-05-29 08:33 - 2014-05-28 21:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-29 08:26 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-28 23:56 - 2014-03-26 13:56 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-28 23:11 - 2014-03-25 18:00 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1988245170-786186578-318433116-1001
2014-05-28 23:06 - 2013-07-25 03:51 - 00752070 _____ () C:\Windows\system32\perfh01D.dat
2014-05-28 23:06 - 2013-07-25 03:51 - 00163854 _____ () C:\Windows\system32\perfc01D.dat
2014-05-28 23:06 - 2012-07-26 09:28 - 01850512 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-28 23:03 - 2014-05-28 23:03 - 00007968 _____ () C:\Users\PetraL\Desktop\AdwCleaner[s0].txt
2014-05-28 22:34 - 2014-03-25 17:54 - 00000000 ___RD () C:\Users\PetraL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-28 22:23 - 2014-05-28 22:23 - 00009317 _____ () C:\Users\PetraL\Desktop\AdwCleaner[R0].txt
2014-05-28 22:21 - 2014-05-28 22:20 - 01327971 _____ () C:\Users\PetraL\Downloads\adwcleaner_3.211.exe
2014-05-28 22:13 - 2014-03-25 18:19 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-28 22:13 - 2014-03-25 18:18 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-28 22:13 - 2014-03-25 18:18 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-28 22:13 - 2014-03-25 18:18 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-28 22:12 - 2014-05-28 22:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-28 22:12 - 2014-05-28 22:12 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-28 22:12 - 2014-03-25 18:18 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-28 22:12 - 2014-03-25 18:18 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-28 22:12 - 2014-03-25 18:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-28 22:12 - 2014-03-25 18:18 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-28 22:12 - 2014-03-25 18:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-28 22:12 - 2014-03-25 18:18 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-28 22:08 - 2013-07-24 21:34 - 00000000 ____D () C:\Windows\fi
2014-05-28 22:08 - 2012-07-26 07:26 - 00000194 _____ () C:\Windows\win.ini
2014-05-28 22:07 - 2014-05-28 22:07 - 00055876 _____ () C:\Users\PetraL\Desktop\mbam.txt
2014-05-28 21:54 - 2014-05-28 21:54 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 21:54 - 2014-05-28 21:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-28 21:53 - 2014-05-28 21:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\PetraL\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-05-28 21:47 - 2014-05-28 21:47 - 17278160 _____ (Malwarebytes Corporation ) C:\Users\PetraL\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-28 20:38 - 2014-05-28 20:37 - 00030829 _____ () C:\Users\PetraL\Downloads\Addition.txt
2014-05-28 20:36 - 2014-05-28 20:35 - 02066944 _____ (Farbar) C:\Users\PetraL\Downloads\FRST64(1).exe
2014-05-28 20:35 - 2014-05-28 20:35 - 02066944 _____ (Farbar) C:\Users\PetraL\Downloads\FRST64.exe
2014-05-28 14:53 - 2014-05-19 11:25 - 00000000 ____D () C:\Users\PetraL\Desktop\Ny mapp
2014-05-28 12:49 - 2014-03-26 12:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-28 12:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-28 12:39 - 2014-05-12 16:51 - 00000000 ____D () C:\Users\PetraL\AppData\Local\Spotify
2014-05-26 21:51 - 2014-04-17 09:42 - 00000000 ____D () C:\ProgramData\b2c05059bc36ccba
2014-05-26 20:57 - 2014-05-28 12:44 - 00060704 _____ (StdLib) C:\Windows\system32\Drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys
2014-05-19 13:49 - 2012-07-26 09:21 - 00036677 _____ () C:\Windows\setupact.log
2014-05-19 11:35 - 2014-03-25 17:52 - 00000000 ____D () C:\Users\PetraL\AppData\Local\Packages
2014-05-19 11:23 - 2014-05-19 11:23 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-05-19 11:21 - 2014-05-19 11:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-05-17 16:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-05-17 15:25 - 2014-03-25 17:54 - 00000000 ___RD () C:\Users\PetraL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 15:21 - 2014-03-25 21:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-17 15:21 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-14 14:11 - 2014-03-25 20:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 14:10 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-13 19:56 - 2014-03-26 13:56 - 00003756 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-12 17:23 - 2014-05-12 17:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-12 16:51 - 2014-05-12 16:51 - 00001815 _____ () C:\Users\PetraL\Desktop\Spotify.lnk
2014-05-12 16:51 - 2014-05-12 16:51 - 00001801 _____ () C:\Users\PetraL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-05-12 16:49 - 2014-05-12 16:49 - 00126112 _____ (Spotify Ltd) C:\Users\PetraL\Downloads\SpotifySetup.exe
2014-05-12 07:26 - 2014-05-28 21:54 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-28 21:54 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-28 21:54 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-08 10:28 - 2014-03-29 08:57 - 00000000 ____D () C:\Users\PetraL\Documents\Medicin 1
2014-05-06 07:14 - 2014-05-14 14:00 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-14 14:00 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-14 14:00 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-14 14:00 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-14 14:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-14 14:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-04 17:12 - 2014-03-25 20:32 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-01 22:37 - 2014-05-17 15:22 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:37 - 2014-05-17 15:22 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\PetraL\AppData\Local\Temp\BackupSetup.exe
C:\Users\PetraL\AppData\Local\Temp\Quarantine.exe
C:\Users\PetraL\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-14 14:00] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-28 13:46

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by PetraL at 2014-05-29 08:44:26
Running from C:\Users\PetraL\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.201.1711.122 - Alps Electric)
AMD Catalyst Install Manager (HKLM\...\{9329FB02-864A-0B4D-B98E-EDECF804F22B}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
BankID säkerhetsprogram (HKLM-x32\...\{2D6973ED-BBF2-434E-993C-37E05087B8C8}) (Version: 5.1.3.2 - Finansiell ID-Teknik BID AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0518.334.4496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0518.334.4496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0518.334.4496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0518.334.4496 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2013.0518.334.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0518.0333.4496 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0518.334.4496 - Advanced Micro Devices, Inc.) Hidden
COnveritsPDF (HKLM-x32\...\{734E01CA-17DF-C45B-9082-D4D09732D089}) (Version:  - ConveertsPDF)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.4.6515 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.4.2928 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.2.4128 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.2.4128 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3026 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.4.3026 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3021 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.4.3021 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.3024 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.1.3024 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.2922 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 5.0.1.2922 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Hewlett-Packard ACLM.NET v1.2.2.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.9.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{69A7894E-99A2-423D-8815-7D3A23F1C413}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Recovery Manager (x32 Version: 11.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6838.4521 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{C88F84E5-AE23-44BD-922C-2ABEACACAF7A}) (Version: 7.2.23.56 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{1C5BBAD8-4079-4014-8803-751333FBC112}) (Version: 1.0.8 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{A48BD764-CFDF-40A5-A07A-710908044F5D}) (Version: 2.2.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 - Hewlett-Packard Company)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 16.00.5000.0348 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3224 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 16.0.5.0046 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{444400C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.0.1306.0342 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1034 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.6.0.1033 - Intel Corporation) Hidden
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel® Smart Connect Technology 4.1 x64 (HKLM\...\{DBECAE94-4C04-40AC-9AFB-FA9953258EAF}) (Version: 4.1.41.2234 - Intel)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® WiDi (HKLM\...\{90621A56-901E-417D-A8CB-E8E3A6793C29}) (Version: 4.1.19.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6ec41eb7-bff8-4dd4-9278-57f45f6e6e0e}) (Version: 16.0.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.00.4000.0176 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - sv-se (HKLM\...\O365HomePremRetail - sv-se) (Version: 15.0.4615.1002 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 sv-SE)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
OpenOffice Packages (HKCU\...\OpenOffice Packages) (Version:  - ) <==== ATTENTION
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 1.1.9200.15 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.31 - Stardock Software, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
tOppdeal (HKLM-x32\...\{9B149088-3FB6-875E-C1A4-A25A6E9D278D}) (Version:  - topdeAl)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

06-05-2014 08:42:47 Schemalagd kontrollpunkt
14-05-2014 12:08:42 Windows Update
17-05-2014 13:19:23 Windows Update
26-05-2014 19:30:24 Windows Update
28-05-2014 20:11:54 avast! antivirus system restore point

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0CA859C0-64DE-417D-BA14-E120CA5099F5} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {295E6423-89E9-423F-8B56-597896EB7129} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-28] (AVAST Software)
Task: {2B8C3F67-E7F3-4544-B915-F7FE38AD9398} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink)
Task: {42DFA3ED-2884-4D8C-B107-56C1C7D66EDD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {4D584904-2385-481E-91CF-14D539FE457C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {4DD9ADB4-946C-474E-9A76-D559F5844992} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {61E13A84-E4CA-4675-9D63-A75DE927A891} - \MySearchDial No Task File <==== ATTENTION
Task: {81646F32-A51F-4DF1-A56B-096D0B168E78} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A8B82C0B-9B97-4185-A17F-F4520A3C1E76} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {BBF4A8D7-20C2-4ABE-912A-B687F535BCD6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-05-26] (Microsoft Corporation)
Task: {BF709C90-7936-44B1-9F16-446E3B9EB0AC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C8966C25-E1F8-4B64-A630-1AE6ED0DF8DB} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-04-19] (Intel)
Task: {E1AF0F22-398E-47CD-846C-2BEE9C0B3CA3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FA63B2A8-3707-4704-8A97-BF6C941342E1} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {FB10304A-63AD-4DB3-B8C7-63C500AC6C9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-03-26 18:46 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-26 12:01 - 2014-04-15 03:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-04-15 16:45 - 2013-04-15 16:45 - 00182760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 00060392 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2014-05-28 21:45 - 2014-05-28 21:45 - 02259456 _____ () C:\Program Files\AVAST Software\Avast\defs\14052801\algo.dll
2014-03-25 18:18 - 2014-03-25 18:18 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-06 19:23 - 2013-03-12 16:51 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-12 23:53 - 2013-03-12 23:53 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/28/2014 02:56:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7703

Error: (05/28/2014 02:56:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7703

Error: (05/28/2014 02:56:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/28/2014 02:56:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6453

Error: (05/28/2014 02:56:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6453

Error: (05/28/2014 02:56:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/28/2014 02:56:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5172

Error: (05/28/2014 02:56:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5172

Error: (05/28/2014 02:56:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/28/2014 02:56:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3906


System errors:
=============
Error: (05/29/2014 08:42:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten avast! HardwareID kunde inte startas på grund av följande fel:
%%127

Error: (05/29/2014 08:42:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten avast! HardwareID kunde inte startas på grund av följande fel:
%%127

Error: (05/29/2014 08:42:29 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT instans)
Description: 0xc000014d0

Error: (05/29/2014 08:26:38 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: En timeout (30000 ms) inträffade vid väntan på transaktionssvar från tjänsten Dnscache.

Error: (05/29/2014 01:43:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjänsten CyberLink PowerDVD 12 Media Server Service avslutades oväntat. Detta har skett 2 gånger.

Error: (05/29/2014 00:03:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjänsten CyberLink PowerDVD 12 Media Server Service avslutades oväntat. Detta har skett 1 gånger.

Error: (05/28/2014 10:59:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten avast! HardwareID kunde inte startas på grund av följande fel:
%%127

Error: (05/28/2014 10:59:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten avast! HardwareID kunde inte startas på grund av följande fel:
%%127

Error: (05/28/2014 10:59:45 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT instans)
Description: 0xc000014d0

Error: (05/28/2014 10:59:27 PM) (Source: DCOM) (EventID: 10010) (User: PETRA)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}


Microsoft Office Sessions:
=========================
Error: (05/28/2014 02:56:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7703

Error: (05/28/2014 02:56:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7703

Error: (05/28/2014 02:56:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/28/2014 02:56:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6453

Error: (05/28/2014 02:56:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6453

Error: (05/28/2014 02:56:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/28/2014 02:56:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5172

Error: (05/28/2014 02:56:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5172

Error: (05/28/2014 02:56:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/28/2014 02:56:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3906


==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 7962.14 MB
Available physical RAM: 6365.89 MB
Total Pagefile: 9178.14 MB
Available Pagefile: 7472.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:910.09 GB) (Free:860.84 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:20.64 GB) (Free:2.08 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 0D5E6520)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 3EAB455A)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

 

 

AdwCleanerS1.txt

post-41754-0-17804500-1401346392_thumb.png

Länk till kommentar
Dela på andra webbplatser

lizzy_lini

Har inaktiverat två tillägg.

 

ConvErtItApp och easyytoshoP, efter det har jag inte fått mer reklam och ovan ruta. Än så länge. Är dessa oseriösa?

 

Körde även en bootscan med Avast. Men den sa inte att den hittat ngt, vet inte var man hittar logg.

 

Kan My search dial och optimizer pro ha följt med en installtion av openoffice, verkar vara samma datum på dem?

Länk till kommentar
Dela på andra webbplatser

1. I bilden du bifogade syns att den kommer från drivertickets.net så det är förstås inte från Microsoft.

 

2. Om man inte hämtar OpenOffice på den officiella webbplatsen kan den andra webbplatsen ha packat om installationsfilen och lagt till onödiga saker.

 

3. Starta Anteckningar.

Kopiera alla rader i rutan:

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...r=453903572&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...r=453903572&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Extension: easyytoshoP - C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default\Extensions\tiwuf@iiigec.org [2014-04-17]
FF Extension: ConveErtItAPp - C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default\Extensions\yxff-0yoi@y-lzzhlrv.com [2014-04-21]
R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64; C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64.sys [61120 2014-04-24] (StdLib)
R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}w64; C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys [60704 2014-05-26] (StdLib)
Task: {61E13A84-E4CA-4675-9D63-A75DE927A891} - \MySearchDial No Task File <==== ATTENTION
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

Länk till kommentar
Dela på andra webbplatser

lizzy_lini

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 02
Ran by PetraL at 2014-05-29 15:28:43 Run:1
Running from C:\Users\PetraL\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...r=453903572&ir='>http://start.mysearc...r=453903572&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://start.mysearc...r=453903572&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Extension: easyytoshoP - C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default\Extensions\tiwuf@iiigec.org [2014-04-17]
FF Extension: ConveErtItAPp - C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default\Extensions\yxff-0yoi@y-lzzhlrv.com [2014-04-21]
R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64; C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64.sys [61120 2014-04-24] (StdLib)
R1 {29b136c9-938d-4d3d-8df8-d649d9b74d02}w64; C:\Windows\System32\drivers\{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64.sys [60704 2014-05-26] (StdLib)
Task: {61E13A84-E4CA-4675-9D63-A75DE927A891} - \MySearchDial No Task File <==== ATTENTION
*****************

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default\Extensions\tiwuf@iiigec.org => Moved successfully.
C:\Users\PetraL\AppData\Roaming\Mozilla\Firefox\Profiles\z3xxmext.default\Extensions\yxff-0yoi@y-lzzhlrv.com => Moved successfully.
{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64 => Unable to stop service
{29b136c9-938d-4d3d-8df8-d649d9b74d02}Gw64 => Service deleted successfully.
{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64 => Unable to stop service
{29b136c9-938d-4d3d-8df8-d649d9b74d02}w64 => Service deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61E13A84-E4CA-4675-9D63-A75DE927A891} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61E13A84-E4CA-4675-9D63-A75DE927A891} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySearchDial => Key deleted successfully.


The system needed a reboot.

==== End of Fixlog ====

Länk till kommentar
Dela på andra webbplatser

Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet Remove found threats

Bocka för Scan Archives

 

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Start

 

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Länk till kommentar
Dela på andra webbplatser

lizzy_lini

C:\AdwCleaner\Quarantine\C\Users\PetraL\AppData\Roaming\0V1L2Z2Z1T1I1L1T\OpenOffice Packages\uninstaller.exe.vir    Win32/InstallCore.AZ potentially unwanted application
C:\Users\PetraL\Downloads\ccsetup414.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application
 

Länk till kommentar
Dela på andra webbplatser

C:\Users\PetraL\Downloads\ccsetup414.exe

Det är installationsfilen för CCleaner och den ligger i mappen "Hämtade filer". Avgör själva om ni tycker att filen ska bort.

 

Verkar allt bra med datorn nu så att det är dags att avinstallera specialprogrammen?

Länk till kommentar
Dela på andra webbplatser

lizzy_lini

C:\Users\PetraL\Downloads\ccsetup414.exe

Det är installationsfilen för CCleaner och den ligger i mappen "Hämtade filer". Avgör själva om ni tycker att filen ska bort.

 

Verkar allt bra med datorn nu så att det är dags att avinstallera specialprogrammen?

japp, allt verkar vara okej

Länk till kommentar
Dela på andra webbplatser

Bra!

 

1. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Uninstall-knappen.

 

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe

Dubbelklicka på filen för att starta programmet.

Tryck på knappen CleanUp! och FRST kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.

 

3. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/

Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.



×
×
  • Skapa nytt...