Just nu i M3-nätverket
Gå till innehåll
brillo1

Badcopy Pro, Pandora recovery, recuva virus?

Rekommendera Poster

brillo1

Jag laddade ner det här programmet http://download.cnet.com/BadCopy-Pro...-10054455.html för att återställa bilder från ett minneskort. programmet hittade en massa bilder men ville ha betalt för att återställa dessa. Laddade efter detta ned två andra program som ska vara helt gratis och fungera, dessa var pandora recovery http://download.cnet.com/Pandora-Rec...-10694796.html och recuva http://pcsupport.about.com/od/filere...uva-review.htm dock hittade dessa program inte filerna :/.
Nu har datorn iallafall börja bete sig konstigt. Helt plötsligt stängdes spotify och min sonos playlist av, sen stängdes även firefox ned medans jag satt och skrev ett inlägg på ett forum. När jag öppnade firefox igen ville den köra ett tillägg i browsern som jag inte godkänt så jag körde avast browser cleanup som tog bort det tillägget. Nu har det dock dykt upp två nya ikoner på skrivbordet en mypcbackup och en som heter sync folder som jag aldrig sett förut.

Jag har kört en full scan med avast och det hittar ingenting men jag är ändå lite orolig.

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
brillo1

Här är loggarna, dock såg jag att filen sparades i downloads och inte på skrivbordet hoppas det inte gör något. Måste den sparas på skrivbordet så får jag bara göra om.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by Joakim (administrator) on SHELDON on 26-08-2014 12:49:10
Running from C:\Users\Joakim\Downloads
Platform: Windows 8.1 (X64) OS Language: Svenska (Sverige)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Spotify Ltd) C:\Users\Joakim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Technology Nexus AB) C:\Program Files (x86)\Personal\bin\Personal.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Dropbox, Inc.) C:\Users\Joakim\AppData\Roaming\Dropbox\bin\Dropbox.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wsqmcons.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [btTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-10-31] (Qualcomm Atheros)
HKLM\...\Run: [btvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-31] (Atheros Communications)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-12-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3664065698-3413274990-3579748532-1001\...\Run: [spotify Web Helper] => C:\Users\Joakim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-14] (Spotify Ltd)
HKU\S-1-5-21-3664065698-3413274990-3579748532-1001\...\MountPoints2: {803fca2a-2b59-11e3-be7c-6c71d99cbf32} - "E:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BankID säkerhetsprogram.lnk
ShortcutTarget: BankID säkerhetsprogram.lnk -> C:\Program Files (x86)\Personal\bin\Personal.exe (Technology Nexus AB)
Startup: C:\Users\Joakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Joakim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Joakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: SaveSense -> {2e32cfe5-df92-4ae5-b0be-609ed0df74a6} -> C:\Program Files (x86)\SaveSense\SaveSenseIE.dll (SaveSense)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Joakim\AppData\Roaming\Mozilla\Firefox\Profiles\p5vqu0c2.default
FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @se.nexus/Personal -> C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @acestream.net/acestreamplugin,version=2.2.1-next -> C:\Users\Joakim\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml
FF Extension: Who stole my pictures? - C:\Users\Joakim\AppData\Roaming\Mozilla\Firefox\Profiles\p5vqu0c2.default\Extensions\images@wink.su.xpi [2014-06-03]
FF Extension: Self-Destructing Cookies - C:\Users\Joakim\AppData\Roaming\Mozilla\Firefox\Profiles\p5vqu0c2.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-10-25]
FF Extension: Media Hint - C:\Users\Joakim\AppData\Roaming\Mozilla\Firefox\Profiles\p5vqu0c2.default\Extensions\mediahint@jetpack.xpi [2013-08-18]
FF Extension: Adblock Plus - C:\Users\Joakim\AppData\Roaming\Mozilla\Firefox\Profiles\p5vqu0c2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-10-31] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36424 2014-08-14] (Just Develop It)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [31616 2012-10-01] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [45488 2012-12-20] (ASUSTek Computer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-31] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 TdsNordecr; C:\Windows\system32\DRIVERS\nordecr.sys [28672 2007-10-30] (Todos Data System AB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 12:49 - 2014-08-26 12:50 - 00018090 _____ () C:\Users\Joakim\Downloads\FRST.txt
2014-08-26 12:48 - 2014-08-26 12:49 - 00000000 ____D () C:\FRST
2014-08-26 12:48 - 2014-08-26 12:48 - 02103296 _____ (Farbar) C:\Users\Joakim\Downloads\FRST64.exe
2014-08-23 12:48 - 2014-08-23 12:48 - 00000000 ____D () C:\Users\Joakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
2014-08-23 12:48 - 2014-08-23 12:48 - 00000000 ____D () C:\Program Files (x86)\SaveSense
2014-08-23 12:38 - 2014-08-23 12:38 - 00004026 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-23 12:38 - 2014-08-23 12:38 - 00001987 _____ () C:\Users\Joakim\Desktop\Sync Folder.lnk
2014-08-23 12:37 - 2014-08-23 12:38 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-23 12:37 - 2014-08-23 12:37 - 00001105 _____ () C:\Users\Joakim\Desktop\MyPC Backup.lnk
2014-08-23 12:37 - 2014-08-23 12:37 - 00000000 ____D () C:\Users\Joakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-23 12:36 - 2014-08-23 12:36 - 00699016 _____ (CNET Download.com) C:\Users\Joakim\Downloads\cbsidlm-cbsi213-Pandora_Recovery-ORG-10694796.exe
2014-08-23 12:26 - 2014-08-23 12:40 - 00000000 ____D () C:\Users\Joakim\Desktop\Ny mapp
2014-08-23 12:23 - 2014-08-23 12:23 - 04210920 _____ (Piriform Ltd) C:\Users\Joakim\Downloads\rcsetup151.exe
2014-08-23 12:13 - 2014-08-23 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BadCopy Pro
2014-08-23 12:13 - 2014-08-23 12:13 - 00890864 _____ () C:\Users\Joakim\Downloads\badcopy-setup.exe
2014-08-23 12:13 - 2014-08-23 12:13 - 00000000 ____D () C:\Program Files (x86)\Jufsoft
2014-08-20 20:24 - 2014-08-20 20:25 - 00000730 _____ () C:\Users\Joakim\Desktop\Förfrågan-Eleven.txt
2014-08-16 10:24 - 2014-08-16 10:24 - 00000000 ____D () C:\Users\Joakim\AppData\Local\Sonos,_Inc
2014-08-16 09:57 - 2014-08-23 13:37 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-08-16 09:57 - 2014-08-16 09:57 - 11462680 _____ (Sonos, Inc. ) C:\Users\Joakim\Downloads\SonosDesktopController50.exe
2014-08-16 09:57 - 2014-08-16 09:57 - 00001959 _____ () C:\Users\Public\Desktop\Sonos.lnk
2014-08-16 09:57 - 2014-08-16 09:57 - 00000000 ____D () C:\Users\Joakim\AppData\Local\Downloaded Installations
2014-08-16 09:57 - 2014-08-16 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2014-08-16 09:57 - 2014-08-16 09:57 - 00000000 ____D () C:\Program Files (x86)\Sonos
2014-08-13 21:34 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-13 21:34 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-13 21:28 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-13 21:28 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-13 21:28 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-13 21:28 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-13 21:28 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-13 21:28 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-13 21:28 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-13 21:28 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-13 21:28 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-13 21:28 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-13 21:28 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-13 21:28 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-13 21:28 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-13 21:28 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-13 21:28 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-13 21:28 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-13 21:28 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-13 21:28 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-13 21:28 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-13 21:28 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 21:28 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-13 21:28 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-13 21:28 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-13 21:28 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-13 21:28 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-13 21:28 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-13 21:28 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-13 21:28 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-13 21:28 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-13 21:28 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-13 21:28 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-13 21:28 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-13 21:28 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-13 21:28 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-13 21:28 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-13 21:28 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-13 21:28 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-13 21:28 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-13 21:28 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-13 21:28 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-13 21:28 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-13 21:28 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-13 21:28 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-13 21:27 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-13 21:27 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-13 21:27 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-13 21:27 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-13 21:27 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-13 21:27 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-13 21:27 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-13 21:27 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-13 21:27 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-13 21:27 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-13 21:27 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-13 21:27 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-13 21:27 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-13 21:27 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-13 21:27 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-13 21:27 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-13 21:27 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-13 21:27 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-13 21:27 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-13 21:27 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-13 21:27 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-13 21:27 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-13 21:27 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-13 21:27 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-13 21:27 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-13 21:27 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-13 21:27 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-13 21:27 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-13 21:27 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-13 21:27 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-13 21:27 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-13 21:27 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-13 21:27 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-13 21:27 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-13 21:27 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-13 21:27 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-13 21:27 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-13 21:27 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-13 21:27 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-13 21:27 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-13 21:26 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-13 21:26 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-13 21:26 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-13 21:26 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-13 21:26 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-13 21:26 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-13 21:25 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-13 21:25 - 2014-08-07 00:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-13 21:25 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-13 21:25 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-13 21:25 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-13 21:25 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-13 21:25 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-13 21:25 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-13 21:25 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-13 21:25 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-13 21:25 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-13 21:25 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-13 21:25 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 21:25 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 21:25 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 21:25 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-13 21:25 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-13 21:25 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 21:25 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-13 21:25 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-13 21:25 - 2014-05-31 12:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-13 21:25 - 2014-05-31 12:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-13 21:25 - 2014-05-31 12:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-13 21:25 - 2014-05-31 12:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-13 21:25 - 2014-05-31 12:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-13 21:25 - 2014-05-31 08:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-13 21:25 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-13 21:25 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-13 21:25 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-13 21:25 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-13 21:25 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-13 21:25 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-13 21:25 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-13 21:25 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-13 21:25 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-13 21:25 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-12 19:48 - 2014-08-12 20:02 - 00000000 ____D () C:\Users\Joakim\Desktop\Parga 2014
2014-07-30 11:20 - 2014-07-30 11:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 20:20 - 2014-07-29 20:31 - 3404347156 _____ () C:\Users\Joakim\Desktop\The_Old__the_Young__amp__the_Sea__full_film_.1080.mp4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-26 12:50 - 2014-08-26 12:49 - 00018090 _____ () C:\Users\Joakim\Downloads\FRST.txt
2014-08-26 12:50 - 2014-07-11 19:11 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-26 12:49 - 2014-08-26 12:48 - 00000000 ____D () C:\FRST
2014-08-26 12:48 - 2014-08-26 12:48 - 02103296 _____ (Farbar) C:\Users\Joakim\Downloads\FRST64.exe
2014-08-26 12:48 - 2013-12-03 10:54 - 01970965 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-26 12:47 - 2014-06-19 11:41 - 00000000 ___RD () C:\Users\Joakim\Dropbox
2014-08-26 12:47 - 2014-06-19 11:39 - 00000000 ____D () C:\Users\Joakim\AppData\Roaming\Dropbox
2014-08-26 12:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-26 12:46 - 2013-08-09 16:25 - 00000062 _____ () C:\Users\Joakim\AppData\Roaming\sp_data.sys
2014-08-23 13:45 - 2014-02-06 19:02 - 00003924 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F21A9DD5-9C7B-4B4A-9725-4B49364E82B1}
2014-08-23 13:37 - 2014-08-16 09:57 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-08-23 12:48 - 2014-08-23 12:48 - 00000000 ____D () C:\Users\Joakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
2014-08-23 12:48 - 2014-08-23 12:48 - 00000000 ____D () C:\Program Files (x86)\SaveSense
2014-08-23 12:42 - 2013-08-09 16:33 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3664065698-3413274990-3579748532-1001
2014-08-23 12:40 - 2014-08-23 12:26 - 00000000 ____D () C:\Users\Joakim\Desktop\Ny mapp
2014-08-23 12:38 - 2014-08-23 12:38 - 00004026 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-23 12:38 - 2014-08-23 12:38 - 00001987 _____ () C:\Users\Joakim\Desktop\Sync Folder.lnk
2014-08-23 12:38 - 2014-08-23 12:37 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-08-23 12:37 - 2014-08-23 12:37 - 00001105 _____ () C:\Users\Joakim\Desktop\MyPC Backup.lnk
2014-08-23 12:37 - 2014-08-23 12:37 - 00000000 ____D () C:\Users\Joakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-08-23 12:36 - 2014-08-23 12:36 - 00699016 _____ (CNET Download.com) C:\Users\Joakim\Downloads\cbsidlm-cbsi213-Pandora_Recovery-ORG-10694796.exe
2014-08-23 12:27 - 2014-08-23 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BadCopy Pro
2014-08-23 12:26 - 2014-04-26 08:20 - 00000000 ____D () C:\Users\Joakim\Desktop\Div foton
2014-08-23 12:26 - 2014-03-19 21:19 - 00000000 ____D () C:\Users\Joakim\Desktop\Redigeringsfoton
2014-08-23 12:26 - 2013-12-03 10:40 - 00000000 ____D () C:\Users\Joakim
2014-08-23 12:23 - 2014-08-23 12:23 - 04210920 _____ (Piriform Ltd) C:\Users\Joakim\Downloads\rcsetup151.exe
2014-08-23 12:13 - 2014-08-23 12:13 - 00890864 _____ () C:\Users\Joakim\Downloads\badcopy-setup.exe
2014-08-23 12:13 - 2014-08-23 12:13 - 00000000 ____D () C:\Program Files (x86)\Jufsoft
2014-08-23 12:10 - 2013-09-30 06:14 - 01740478 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-23 12:10 - 2013-09-30 05:57 - 00741256 _____ () C:\WINDOWS\system32\perfh01D.dat
2014-08-23 12:10 - 2013-09-30 05:57 - 00155110 _____ () C:\WINDOWS\system32\perfc01D.dat
2014-08-23 00:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-22 11:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-21 15:13 - 2013-10-14 11:57 - 00126464 ___SH () C:\Users\Joakim\Desktop\Thumbs.db
2014-08-20 21:14 - 2014-06-21 19:56 - 00000000 ____D () C:\Users\Joakim\Desktop\jocke jobbansökan
2014-08-20 20:25 - 2014-08-20 20:24 - 00000730 _____ () C:\Users\Joakim\Desktop\Förfrågan-Eleven.txt
2014-08-18 11:53 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-17 23:47 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-17 20:30 - 2014-06-19 11:41 - 00001073 _____ () C:\Users\Joakim\Desktop\Dropbox.lnk
2014-08-17 20:30 - 2014-06-19 11:40 - 00000000 ____D () C:\Users\Joakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-17 20:19 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-17 20:18 - 2013-08-22 16:44 - 00388016 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-17 20:18 - 2013-08-09 18:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-17 20:17 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-17 20:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-17 20:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-17 20:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-17 20:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-17 20:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-17 15:12 - 2014-04-19 19:32 - 00000000 ____D () C:\Users\Joakim\Desktop\100_FUJI
2014-08-17 10:08 - 2014-07-11 19:11 - 00003756 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-08-17 10:08 - 2014-04-12 10:09 - 00000027 _____ () C:\Program Files\plugins.dat
2014-08-16 10:24 - 2014-08-16 10:24 - 00000000 ____D () C:\Users\Joakim\AppData\Local\Sonos,_Inc
2014-08-16 09:57 - 2014-08-16 09:57 - 11462680 _____ (Sonos, Inc. ) C:\Users\Joakim\Downloads\SonosDesktopController50.exe
2014-08-16 09:57 - 2014-08-16 09:57 - 00001959 _____ () C:\Users\Public\Desktop\Sonos.lnk
2014-08-16 09:57 - 2014-08-16 09:57 - 00000000 ____D () C:\Users\Joakim\AppData\Local\Downloaded Installations
2014-08-16 09:57 - 2014-08-16 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2014-08-16 09:57 - 2014-08-16 09:57 - 00000000 ____D () C:\Program Files (x86)\Sonos
2014-08-15 20:19 - 2013-08-19 18:08 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-15 20:17 - 2013-08-19 18:08 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-15 20:14 - 2014-07-11 09:29 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-13 23:35 - 2013-08-10 22:56 - 00000000 ____D () C:\Users\Joakim\AppData\Roaming\Spotify
2014-08-13 21:24 - 2014-04-23 07:16 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-13 21:20 - 2014-06-11 21:18 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-13 21:18 - 2014-06-13 21:03 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-13 21:18 - 2014-06-13 21:02 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-13 21:18 - 2014-04-23 07:24 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-13 21:18 - 2014-04-23 07:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-13 21:18 - 2014-04-23 07:16 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 21:18 - 2014-04-23 07:16 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 21:18 - 2014-04-23 07:16 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-13 21:18 - 2014-04-23 07:16 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 21:18 - 2014-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 21:17 - 2014-04-23 12:49 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 21:17 - 2014-04-23 12:46 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-13 21:17 - 2014-04-23 07:24 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-13 21:17 - 2014-04-23 07:16 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-13 21:17 - 2014-04-23 07:16 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 21:17 - 2014-04-23 07:16 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 21:17 - 2014-04-23 07:16 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-12 20:02 - 2014-08-12 19:48 - 00000000 ____D () C:\Users\Joakim\Desktop\Parga 2014
2014-08-12 10:20 - 2013-08-10 22:57 - 00000000 ____D () C:\Users\Joakim\AppData\Local\Spotify
2014-08-07 04:12 - 2014-08-13 21:25 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-07 00:39 - 2014-08-13 21:25 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-07 00:38 - 2014-08-13 21:25 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-02 07:44 - 2014-08-13 21:25 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-02 05:56 - 2014-08-13 21:25 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-02 05:11 - 2014-08-13 21:25 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2014-05-01 09:23 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2014-05-01 09:23 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-01 13:30 - 2014-04-12 10:09 - 00000000 ____D () C:\Users\Joakim\AppData\Roaming\vlc
2014-08-01 11:38 - 2013-08-22 16:46 - 00300201 _____ () C:\WINDOWS\setupact.log
2014-07-30 11:20 - 2014-07-30 11:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 23:23 - 2013-09-19 19:26 - 00119296 ___SH () C:\Users\Joakim\Downloads\Thumbs.db
2014-07-29 20:31 - 2014-07-29 20:20 - 3404347156 _____ () C:\Users\Joakim\Desktop\The_Old__the_Young__amp__the_Sea__full_film_.1080.mp4
2014-07-27 15:24 - 2013-09-17 15:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 15:24 - 2013-09-17 15:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Joakim\AppData\Local\Temp\BackupSetup.exe
C:\Users\Joakim\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_lpvrf.dll
C:\Users\Joakim\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Joakim\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 20:48

==================== End Of Log ============================

Addition.txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

1. I ett senare skede blir det mycket lättare om FRST ligger på skrivbordet så du kan flytta den från Downloads till skrivbordet.

 

2. Avinstallera MyPC Backup i Kontrollpanelen:

 

3. Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på Report-knappen.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
brillo1

Här kommer adwcleaner loggen

 

# AdwCleaner v3.308 - Report created 26/08/2014 at 13:59:15
# Updated 20/08/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Joakim - SHELDON
# Running from : C:\Users\Joakim\Desktop\adwcleaner_3.308.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found : C:\Program Files (x86)\SaveSense
Folder Found : C:\Users\Joakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense

***** [ Scheduled Tasks ] *****

Task Found : LaunchSignup

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\SaveSense
Key Found : [x64] HKCU\Software\SaveSense
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Found : HKLM\SOFTWARE\SaveSense
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v31.0 (x86 sv-SE)

[ File : C:\Users\Joakim\AppData\Roaming\Mozilla\Firefox\Profiles\p5vqu0c2.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1194 octets] - [26/08/2014 13:59:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1254 octets] ##########
 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

1. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

 

Klicka på Clean-knappen.

Tryck på OK.

Tryck på OK fler gånger om det kommer upp meddelanden.

 

Datorn kommer att startas om.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[s0].txt

 

2. Kör FRST igen och klistra in den nya FRST.txt (Addition.txt behövs inte) så får vi se vad som är kvar där.

 

3. Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet Remove found threats

Bocka för Scan Archives

 

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Start

 

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
brillo1

Först adw loggen

 

# AdwCleaner v3.308 - Report created 27/08/2014 at 08:36:17
# Updated 20/08/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Joakim - SHELDON
# Running from : C:\Users\Joakim\Desktop\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\SaveSense
Folder Deleted : C:\Users\Joakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense

***** [ Scheduled Tasks ] *****

Task Deleted : LaunchSignup

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKCU\Software\SaveSense
Key Deleted : HKLM\SOFTWARE\SaveSense
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v31.0 (x86 sv-SE)

[ File : C:\Users\Joakim\AppData\Roaming\Mozilla\Firefox\Profiles\p5vqu0c2.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1342 octets] - [26/08/2014 13:59:15]
AdwCleaner[R1].txt - [1402 octets] - [27/08/2014 08:34:41]
AdwCleaner[s0].txt - [1290 octets] - [27/08/2014 08:36:17]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1350 octets] ##########
 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
brillo1

FRST loggen

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by Joakim (administrator) on SHELDON on 27-08-2014 08:41:54
Running from C:\Users\Joakim\Desktop
Platform: Windows 8.1 (X64) OS Language: Svenska (Sverige)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Spotify Ltd) C:\Users\Joakim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Technology Nexus AB) C:\Program Files (x86)\Personal\bin\Personal.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Users\Joakim\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [btTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-10-31] (Qualcomm Atheros)
HKLM\...\Run: [btvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-31] (Atheros Communications)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-12-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3664065698-3413274990-3579748532-1001\...\Run: [spotify Web Helper] => C:\Users\Joakim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-14] (Spotify Ltd)
HKU\S-1-5-21-3664065698-3413274990-3579748532-1001\...\MountPoints2: {803fca2a-2b59-11e3-be7c-6c71d99cbf32} - "E:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BankID säkerhetsprogram.lnk
ShortcutTarget: BankID säkerhetsprogram.lnk -> C:\Program Files (x86)\Personal\bin\Personal.exe (Technology Nexus AB)
Startup: C:\Users\Joakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Joakim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: SaveSense -> {2e32cfe5-df92-4ae5-b0be-609ed0df74a6} -> C:\Program Files (x86)\SaveSense\SaveSenseIE.dll No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Joakim\AppData\Roaming\Mozilla\Firefox\Profiles\p5vqu0c2.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @se.nexus/Personal -> C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @acestream.net/acestreamplugin,version=2.2.1-next -> C:\Users\Joakim\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml
FF Extension: Who stole my pictures? - C:\Users\Joakim\AppData\Roaming\Mozilla\Firefox\Profiles\p5vqu0c2.default\Extensions\images@wink.su.xpi [2014-06-03]
FF Extension: Self-Destructing Cookies - C:\Users\Joakim\AppData\Roaming\Mozilla\Firefox\Profiles\p5vqu0c2.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-10-25]
FF Extension: Media Hint - C:\Users\Joakim\AppData\Roaming\Mozilla\Firefox\Profiles\p5vqu0c2.default\Extensions\mediahint@jetpack.xpi [2013-08-18]
FF Extension: Adblock Plus - C:\Users\Joakim\AppData\Roaming\Mozilla\Firefox\Profiles\p5vqu0c2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-10-31] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [30080 2012-10-01] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [31616 2012-10-01] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [45488 2012-12-20] (ASUSTek Computer Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-31] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-08-14] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107328 2012-10-01] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [42816 2012-10-01] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [64832 2012-10-01] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [96576 2012-10-01] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229184 2012-10-01] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363328 2012-10-01] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 TdsNordecr; C:\Windows\system32\DRIVERS\nordecr.sys [28672 2007-10-30] (Todos Data System AB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-27 08:41 - 2014-08-27 08:42 - 00016314 _____ () C:\Users\Joakim\Desktop\FRST.txt
2014-08-27 08:39 - 2014-08-27 08:39 - 00001434 _____ () C:\Users\Joakim\Desktop\AdwCleaner[s0].txt
2014-08-26 13:59 - 2014-08-27 08:36 - 00000000 ____D () C:\AdwCleaner
2014-08-26 13:57 - 2014-08-26 13:57 - 01364531 _____ () C:\Users\Joakim\Desktop\adwcleaner_3.308.exe
2014-08-26 12:50 - 2014-08-26 12:51 - 00026366 _____ () C:\Users\Joakim\Downloads\Addition.txt
2014-08-26 12:49 - 2014-08-26 12:51 - 00046663 _____ () C:\Users\Joakim\Downloads\FRST.txt
2014-08-26 12:48 - 2014-08-27 08:41 - 00000000 ____D () C:\FRST
2014-08-26 12:48 - 2014-08-26 12:48 - 02103296 _____ (Farbar) C:\Users\Joakim\Desktop\FRST64.exe
2014-08-23 12:26 - 2014-08-23 12:40 - 00000000 ____D () C:\Users\Joakim\Desktop\Ny mapp
2014-08-23 12:23 - 2014-08-23 12:23 - 04210920 _____ (Piriform Ltd) C:\Users\Joakim\Downloads\rcsetup151.exe
2014-08-23 12:13 - 2014-08-23 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BadCopy Pro
2014-08-23 12:13 - 2014-08-23 12:13 - 00000000 ____D () C:\Program Files (x86)\Jufsoft
2014-08-20 20:24 - 2014-08-20 20:25 - 00000730 _____ () C:\Users\Joakim\Desktop\Förfrågan-Eleven.txt
2014-08-16 10:24 - 2014-08-16 10:24 - 00000000 ____D () C:\Users\Joakim\AppData\Local\Sonos,_Inc
2014-08-16 09:57 - 2014-08-23 13:37 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-08-16 09:57 - 2014-08-16 09:57 - 11462680 _____ (Sonos, Inc. ) C:\Users\Joakim\Downloads\SonosDesktopController50.exe
2014-08-16 09:57 - 2014-08-16 09:57 - 00001959 _____ () C:\Users\Public\Desktop\Sonos.lnk
2014-08-16 09:57 - 2014-08-16 09:57 - 00000000 ____D () C:\Users\Joakim\AppData\Local\Downloaded Installations
2014-08-16 09:57 - 2014-08-16 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2014-08-16 09:57 - 2014-08-16 09:57 - 00000000 ____D () C:\Program Files (x86)\Sonos
2014-08-13 21:34 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-13 21:34 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-13 21:28 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-13 21:28 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-13 21:28 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-13 21:28 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-13 21:28 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-13 21:28 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-13 21:28 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-13 21:28 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-13 21:28 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-13 21:28 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-13 21:28 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-13 21:28 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-13 21:28 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-13 21:28 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-13 21:28 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-13 21:28 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-13 21:28 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-13 21:28 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-13 21:28 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-13 21:28 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 21:28 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-13 21:28 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-13 21:28 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-13 21:28 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-13 21:28 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-13 21:28 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-13 21:28 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-13 21:28 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-13 21:28 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-13 21:28 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-13 21:28 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-13 21:28 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-13 21:28 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-13 21:28 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-13 21:28 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-13 21:28 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-13 21:28 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-13 21:28 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-13 21:28 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-13 21:28 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-13 21:28 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-13 21:28 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-13 21:28 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-13 21:27 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-13 21:27 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-13 21:27 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-13 21:27 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-13 21:27 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-13 21:27 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-13 21:27 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-13 21:27 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-13 21:27 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-13 21:27 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-13 21:27 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-13 21:27 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-13 21:27 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-13 21:27 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-13 21:27 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-13 21:27 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-13 21:27 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-13 21:27 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-13 21:27 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-13 21:27 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-13 21:27 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-13 21:27 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-13 21:27 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-13 21:27 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-13 21:27 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-13 21:27 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-13 21:27 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-13 21:27 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-13 21:27 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-13 21:27 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-13 21:27 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-13 21:27 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-13 21:27 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-13 21:27 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-13 21:27 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-13 21:27 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-13 21:27 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-13 21:27 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-13 21:27 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-13 21:27 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-13 21:26 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-13 21:26 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-13 21:26 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-13 21:26 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-13 21:26 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-13 21:26 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-13 21:25 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-13 21:25 - 2014-08-07 00:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-13 21:25 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-13 21:25 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-13 21:25 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-13 21:25 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-13 21:25 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-13 21:25 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-13 21:25 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-13 21:25 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-13 21:25 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-13 21:25 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-13 21:25 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 21:25 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 21:25 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 21:25 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-13 21:25 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-13 21:25 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 21:25 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-13 21:25 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-13 21:25 - 2014-05-31 12:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-13 21:25 - 2014-05-31 12:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-13 21:25 - 2014-05-31 12:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-13 21:25 - 2014-05-31 12:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-13 21:25 - 2014-05-31 12:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-13 21:25 - 2014-05-31 08:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-13 21:25 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-13 21:25 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-13 21:25 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-13 21:25 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-13 21:25 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-13 21:25 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-13 21:25 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-13 21:25 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-13 21:25 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-13 21:25 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-12 19:48 - 2014-08-12 20:02 - 00000000 ____D () C:\Users\Joakim\Desktop\Parga 2014
2014-07-30 11:20 - 2014-07-30 11:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 20:20 - 2014-07-29 20:31 - 3404347156 _____ () C:\Users\Joakim\Desktop\The_Old__the_Young__amp__the_Sea__full_film_.1080.mp4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-27 08:42 - 2014-08-27 08:41 - 00016314 _____ () C:\Users\Joakim\Desktop\FRST.txt
2014-08-27 08:42 - 2014-06-19 11:41 - 00000000 ___RD () C:\Users\Joakim\Dropbox
2014-08-27 08:42 - 2014-06-19 11:39 - 00000000 ____D () C:\Users\Joakim\AppData\Roaming\Dropbox
2014-08-27 08:41 - 2014-08-26 12:48 - 00000000 ____D () C:\FRST
2014-08-27 08:39 - 2014-08-27 08:39 - 00001434 _____ () C:\Users\Joakim\Desktop\AdwCleaner[s0].txt
2014-08-27 08:39 - 2013-08-09 16:25 - 00000062 _____ () C:\Users\Joakim\AppData\Roaming\sp_data.sys
2014-08-27 08:37 - 2013-09-29 21:05 - 00067862 _____ () C:\WINDOWS\PFRO.log
2014-08-27 08:37 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-27 08:36 - 2014-08-26 13:59 - 00000000 ____D () C:\AdwCleaner
2014-08-27 08:36 - 2013-12-03 10:54 - 02013082 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-27 08:36 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-27 08:33 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-26 14:13 - 2014-02-06 19:02 - 00003924 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F21A9DD5-9C7B-4B4A-9725-4B49364E82B1}
2014-08-26 14:05 - 2013-08-09 16:33 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3664065698-3413274990-3579748532-1001
2014-08-26 13:57 - 2014-08-26 13:57 - 01364531 _____ () C:\Users\Joakim\Desktop\adwcleaner_3.308.exe
2014-08-26 12:51 - 2014-08-26 12:50 - 00026366 _____ () C:\Users\Joakim\Downloads\Addition.txt
2014-08-26 12:51 - 2014-08-26 12:49 - 00046663 _____ () C:\Users\Joakim\Downloads\FRST.txt
2014-08-26 12:50 - 2014-07-11 19:11 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-26 12:48 - 2014-08-26 12:48 - 02103296 _____ (Farbar) C:\Users\Joakim\Desktop\FRST64.exe
2014-08-23 13:37 - 2014-08-16 09:57 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-08-23 12:40 - 2014-08-23 12:26 - 00000000 ____D () C:\Users\Joakim\Desktop\Ny mapp
2014-08-23 12:27 - 2014-08-23 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BadCopy Pro
2014-08-23 12:26 - 2014-04-26 08:20 - 00000000 ____D () C:\Users\Joakim\Desktop\Div foton
2014-08-23 12:26 - 2014-03-19 21:19 - 00000000 ____D () C:\Users\Joakim\Desktop\Redigeringsfoton
2014-08-23 12:26 - 2013-12-03 10:40 - 00000000 ____D () C:\Users\Joakim
2014-08-23 12:23 - 2014-08-23 12:23 - 04210920 _____ (Piriform Ltd) C:\Users\Joakim\Downloads\rcsetup151.exe
2014-08-23 12:13 - 2014-08-23 12:13 - 00000000 ____D () C:\Program Files (x86)\Jufsoft
2014-08-23 12:10 - 2013-09-30 06:14 - 01740478 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-23 12:10 - 2013-09-30 05:57 - 00741256 _____ () C:\WINDOWS\system32\perfh01D.dat
2014-08-23 12:10 - 2013-09-30 05:57 - 00155110 _____ () C:\WINDOWS\system32\perfc01D.dat
2014-08-23 00:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-22 11:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-21 15:13 - 2013-10-14 11:57 - 00126464 ___SH () C:\Users\Joakim\Desktop\Thumbs.db
2014-08-20 21:14 - 2014-06-21 19:56 - 00000000 ____D () C:\Users\Joakim\Desktop\jocke jobbansökan
2014-08-20 20:25 - 2014-08-20 20:24 - 00000730 _____ () C:\Users\Joakim\Desktop\Förfrågan-Eleven.txt
2014-08-18 11:53 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-17 23:47 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-17 20:30 - 2014-06-19 11:41 - 00001073 _____ () C:\Users\Joakim\Desktop\Dropbox.lnk
2014-08-17 20:30 - 2014-06-19 11:40 - 00000000 ____D () C:\Users\Joakim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-17 20:18 - 2013-08-22 16:44 - 00388016 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-17 20:18 - 2013-08-09 18:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-17 20:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-17 20:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-17 20:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-17 20:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-17 20:15 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-17 15:12 - 2014-04-19 19:32 - 00000000 ____D () C:\Users\Joakim\Desktop\100_FUJI
2014-08-17 10:08 - 2014-07-11 19:11 - 00003756 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-08-17 10:08 - 2014-04-12 10:09 - 00000027 _____ () C:\Program Files\plugins.dat
2014-08-16 10:24 - 2014-08-16 10:24 - 00000000 ____D () C:\Users\Joakim\AppData\Local\Sonos,_Inc
2014-08-16 09:57 - 2014-08-16 09:57 - 11462680 _____ (Sonos, Inc. ) C:\Users\Joakim\Downloads\SonosDesktopController50.exe
2014-08-16 09:57 - 2014-08-16 09:57 - 00001959 _____ () C:\Users\Public\Desktop\Sonos.lnk
2014-08-16 09:57 - 2014-08-16 09:57 - 00000000 ____D () C:\Users\Joakim\AppData\Local\Downloaded Installations
2014-08-16 09:57 - 2014-08-16 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2014-08-16 09:57 - 2014-08-16 09:57 - 00000000 ____D () C:\Program Files (x86)\Sonos
2014-08-15 20:19 - 2013-08-19 18:08 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-15 20:17 - 2013-08-19 18:08 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-15 20:14 - 2014-07-11 09:29 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-13 23:35 - 2013-08-10 22:56 - 00000000 ____D () C:\Users\Joakim\AppData\Roaming\Spotify
2014-08-13 21:24 - 2014-04-23 07:16 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-13 21:20 - 2014-06-11 21:18 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-08-13 21:18 - 2014-06-13 21:03 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-13 21:18 - 2014-06-13 21:02 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-13 21:18 - 2014-04-23 07:24 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-13 21:18 - 2014-04-23 07:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-13 21:18 - 2014-04-23 07:16 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 21:18 - 2014-04-23 07:16 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 21:18 - 2014-04-23 07:16 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-13 21:18 - 2014-04-23 07:16 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 21:18 - 2014-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 21:17 - 2014-04-23 12:49 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 21:17 - 2014-04-23 12:46 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-13 21:17 - 2014-04-23 07:24 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-13 21:17 - 2014-04-23 07:16 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-13 21:17 - 2014-04-23 07:16 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 21:17 - 2014-04-23 07:16 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 21:17 - 2014-04-23 07:16 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-12 20:02 - 2014-08-12 19:48 - 00000000 ____D () C:\Users\Joakim\Desktop\Parga 2014
2014-08-12 10:20 - 2013-08-10 22:57 - 00000000 ____D () C:\Users\Joakim\AppData\Local\Spotify
2014-08-07 04:12 - 2014-08-13 21:25 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-07 00:39 - 2014-08-13 21:25 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-07 00:38 - 2014-08-13 21:25 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-02 07:44 - 2014-08-13 21:25 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-02 05:56 - 2014-08-13 21:25 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-02 05:11 - 2014-08-13 21:25 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2014-05-01 09:23 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2014-05-01 09:23 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-01 13:30 - 2014-04-12 10:09 - 00000000 ____D () C:\Users\Joakim\AppData\Roaming\vlc
2014-08-01 11:38 - 2013-08-22 16:46 - 00300201 _____ () C:\WINDOWS\setupact.log
2014-07-30 11:20 - 2014-07-30 11:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 23:23 - 2013-09-19 19:26 - 00119296 ___SH () C:\Users\Joakim\Downloads\Thumbs.db
2014-07-29 20:31 - 2014-07-29 20:20 - 3404347156 _____ () C:\Users\Joakim\Desktop\The_Old__the_Young__amp__the_Sea__full_film_.1080.mp4

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Joakim\AppData\Local\Temp\BackupSetup.exe
C:\Users\Joakim\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzvvxts.dll
C:\Users\Joakim\AppData\Local\Temp\Quarantine.exe
C:\Users\Joakim\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 20:48

==================== End Of Log ============================

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
brillo1

eset loggen

 

C:\Users\Joakim\Downloads\rcsetup151.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

1.

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Är det meningen att det ska finnas ett McAfee-tillägg i Thunderbird eller är det bara något som är kvar efter att McAfee antivirusprogram har avinstallerats?

 

2.

C:\Users\Joakim\Downloads\rcsetup151.exe

Det är installationsfilen för Recuva som ligger i mappen "Hämtade filer". Du får själv avgöra om du vill ha kvar den.

 

3.

Starta Anteckningar.

Kopiera alla rader i rutan:

BHO-x32: SaveSense -> {2e32cfe5-df92-4ae5-b0be-609ed0df74a6} -> C:\Program Files (x86)\SaveSense\SaveSenseIE.dll No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Task: {8C1F433E-6974-4844-9F78-0C5D5F737A57} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-08-14] (MyPC Backup) <==== ATTENTION
C:\Program Files (x86)\MyPC Backup
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

 

4.

Är allt bra med datorn nu?

Har du några fler frågor innan avinstallation av FRST mm?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
brillo1

1. Har aldrig haft Thunderbird på den här datorn, inte McAfee heller för den delen. Kan Thunderbid ha installerats med Firefox?

 

2. Har avinstallerat recuva så jag slänger bara den filen.

 

3. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-08-2014
Ran by Joakim at 2014-08-28 09:12:12 Run:1
Running from C:\Users\Joakim\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
BHO-x32: SaveSense -> {2e32cfe5-df92-4ae5-b0be-609ed0df74a6} -> C:\Program Files (x86)\SaveSense\SaveSenseIE.dll No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Task: {8C1F433E-6974-4844-9F78-0C5D5F737A57} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-08-14] (MyPC Backup) <==== ATTENTION
C:\Program Files (x86)\MyPC Backup
*****************

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2e32cfe5-df92-4ae5-b0be-609ed0df74a6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{2e32cfe5-df92-4ae5-b0be-609ed0df74a6}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C1F433E-6974-4844-9F78-0C5D5F737A57}" => Key not found.
C:\Windows\System32\Tasks\LaunchSignup not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key not found.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.

==== End of Fixlog ====

 

4. Har inte märkt att något skulle vara konstigt men jag har inte använt datorn för mer än dessa saker du bett mig göra då jag har en gammal back up dator jag kunnat använda istället.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

1. Jag brukar i alla fall inte se till Thunderbird i loggarna från alla datorer där Firefox är installerat. Men det är ju tänkbart att det från McAfee har gjort registernyckeln utifall att du skulle få för dig att installera Thunderbird senare. MSK står för McAfee SpamKiller.

Finns mappen C:\Program Files\McAfee\MSK kvar i datorn?

 

2 och 3. Utmärkt

 

4. Använd datorn lite grann och när du tycker att allt verkar bra eller om du hittar något mer så skriv ett inlägg.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
brillo1

Finns ingen McAfee mapp alls i datorn.

 

Tror du att det är ok att använda bankid osv på datorn eller ska jag avvakta?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
brillo1

Om jag söker på McAfee i startmenyn (söker överallt) eller vad det heter i windows 8 så får jag upp en länk till www.mcafee.com/us och sen vad jag antar är förslag som mcafee logga in, mcafee gratis osv detta är inget jag sökt på så det måste komma från nätet. Söker jag bara i filer så får jag upp frst och addition filerna, söker jag i inställningar så kommer inget upp.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

1. Bra att mappen är borta. För att få bort referensen till den kan du göra så här:

 

Starta Anteckningar.

Kopiera alla rader i rutan:

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

 

2. Så vitt jag kan bedöma är det okej att använda datorn som vanligt, inkl. för bankärenden.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
brillo1

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-08-2014
Ran by Joakim at 2014-08-28 13:47:46 Run:2
Running from C:\Users\Joakim\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
*****************

HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com => value deleted successfully.

==== End of Fixlog ====

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
brillo1

Jo det är väl dags eftersom allt ska vara löst nu. Det är väl bara att avinstallera som vanligt? Tack så mycket för hjälpen, det här forumet är som en trygghet för oss som är mindre kompetenta på datorer. Du gör ett grymt jobb Cecilia :).

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Så här görs avinstallationerna:

 

1. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Uninstall-knappen.

 

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe

Dubbelklicka på filen för att starta programmet.

Tryck på knappen CleanUp! och FRST kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.

 

3. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/

Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
brillo1

Hade lite problem med OTC den ville inte ladda ner och stod på 100% utan att bli färdig. Sen låste sig datorn och jag fick en helt svart skärm men såg fortfarande muspekaren. Dock blev skärmen helt svart senare så jag fick stänga av på knappen. Tydligen ville datorn göra massa uppdateringar så det kanske var dessa som spökade för så fort de var klara och datorn startas om så laddades OTC ner så fort jag öppnade firefox. Nu är allt avinstallerat och jag hoppas det flyter på smidigt. Ska läsa din blogg för tipsen också.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



  • Liknande Innehåll

    • X-Men
      Av X-Men
      Enligt företaget Billig Tekniks hemsida är det betydligt viktigare att ha virus i en Windowsbaserad dator än antivirusprogram i en Apple-dator.
      Om detta går det att läsa på deras sida där de presenterar det som allmänt kallas för motmedel mot virus.
       
      Det finns ingen förklaring på varför det är bättre med ett riktigt bra virus i en Windowsbaserad dator än ett antivirusprogram i en Appledator.
      Men upplysningen kan vara värd en hel del för alla dessa som betalar dyrt för sina säkerhetsprogram. De är, enligt Billig Tekniks hemsida, onödiga i en Windowsbaserad dator. Där skall man ha virus och inget annat.
       
      http://www.billigteknik.se/221-antivirus
    • AnnaK
      Av AnnaK
      Besökte en blogg där personen hänvisade till en hemsida. När jag klickade på länken började en signal ljuda och ett fönster med följande text dök upp:
      " Meddelande från webplats….
      Har upptäckt att ditt aktuella Microsoft Windowssystem är föråldrat och korrupt.
      Detta gör att dina systemfiler automatiskt raderas.
      Var vänlig och följ instruktionerna omedelbart för att åtgärda detta problem och försäkra att ditt system hålls uppdaterat".
      En ok knapp fanns på samma fönster.
       
      Bakom detta fönster syntes ett annat fönster som jag inte såg texten på iom att det första fönstret skymde texten, men något med 
      x Ditt windows
      Windowsservern
      Var vänlig att
      Föråldrat. Det                                      sekunder 
      Nödvändigt                                         senaste
      programvaran
       
      Jag startade aktivitetshanteraren och stängde ner Internet utan att klicka på fönstret. Gjorde jag rätt och framförallt, är det någon skada skedd när jag gjorde så? Jag vill inte lägga ut länken, däremot kan jag skicka den via PM, om någon av er rutinerade vill gå in själva och testa och kolla. Tack på förhand!
       
      Hittade precis detta inlägg när jag googlade. https://eforum.idg.se/topic/355956-explorer-11-oroande-meddelande/
      Där Cecilia tipsar om; ".... börja rensningen med AdwCleaner.
      Spara AdwCleaner på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/ "
      samt
      "...Ta fram fliken Scan och dubbelklicka på den översta och senaste loggfilen.
      En rapport kommer upp, kopiera innehållet och klistra in i ditt svar...".
      Jag gör detta och återkommer med log.
    • William04
      Av William04
      Hej! Jag letar efter ett bra program för att streama AirPlay från PC, det vill säga till en Apple TV. Det finns en hel bunt med sådana program som kan ta emot AirPlay som Reflector och AirServer, men nu vill jag skicka innehållet som finns på min skärm till en Apple TV. Jag har hittat många program som t.ex. AirParrot, men dessa kostar pengar. Är det någon som vet eller känner till om det finns något program som gör detta gratis (eller med en hyfsat lång provperiod (>30 dagar)). Det enda jag kunde hitta var 5K player (https://www.5kplayer.com/), som verkar vara perfekt och lite till, men på internet står det att det i vissa fall förekommer virus, något som verkar knepigt att förstå och få en klarhet i om det gör det eller inte och jag kan inte hitta någonting tydligt eller någon recension gjord av tidningar. Har någon av er erfarenhet med 5kPlayer? Jag vågar inte ladda ner programet eftersom att jag inte har förnyat min licens för Panda Antivirus än, men när det är gjort kan en moderator gärna stänga tråden.
       
      Tacksam för alla svar, perspektiv och länkar!
    • DePhaz
      Av DePhaz
      Jo, som sagt. Jag måste vara ärlig nog att säga att jag inte riktigt hängt med i rapporteringen kring den senaste virus attacken. Allt jag vet är att det är många som är drabbade värden över och vilken typ av attack det rör sig om. SVT är dok inte övertydliga och nämnde bara att det kunde komma via mail men inget mera (de är experter på att utelämna det viktiga och slösa tid på allt annat). Så nu undrar jag: vad vågar man egentligen göra på nätet just nu? Vågar man ladda ner filer och vilken typ då? Bilder, musik, arkiv filer? Hur vågar jag bete mig för att inte få detta virus? Eller kommer det bara via e-post? Jag har min e-post via Yahoo och jag drunknar inte precis i skräppost. Har inte sett till ett enda på år och dar. 
       
      Jag sitter nu på en Ubuntu dator men vissa filer jag laddar ner (downloads till spel i  *.rar eller*.zip format) för jag över till min Windows Vista dator via USB minne (jag vill INTE diskutera att byta ut detta nu fungerande OS). Brukar först skanna minnet med ClamTK och innan jag packar upp filerna på rätt dator så kontrollerar jag dem med Avast vilket då är uppdaterat. Det är enda gången som den datorn är internet ansluten numera. Skulle inte tro att det finns så många uppdateringar till den längre. Ubuntu (12.04) datorn och Linux Mint (13) datorn uppdateras med jämna mellanrum. Mer än så kan man väl inte göra... 
       
      Så om någon som är insatt skulle kunna svara på mina frågor och förklara lite närmare så vore jag tacksam. 
    • sheridanz
      Av sheridanz
      Hej
      Finns någon som kan hjälpa mej.
      Jag försöker hjälpa en kompis med hennes dator och avast säger virus och skadlig kod
      Det verkar som virusprog blir stoppat då jag ska lösa problemen för det händer inget.
       
      Här är loggen, hoppas jag gjort rätt nu
       
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2016 Ran by Kristina (administrator) on HEMMA (20-09-2016 19:33:10) Running from C:\Users\Kristina\Downloads Loaded Profiles: Kristina (Available Profiles: Kristina) Platform: Windows 10 Home Version 1511 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: "C:\Users\Kristina\AppData\Local\Chromium\Application\chrome.exe" -- "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/   ==================== Processes (Whitelisted) =================   (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)   (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     ==================== Registry (Whitelisted) ===========================   (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)   HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-08-16] (Realtek semiconductor) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2015-10-05] (Synaptics Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-20] (AVAST Software) HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-20] (AVAST Software) BootExecute: autocheck autochk * aswBoot.exe /M:e57b5ad6 /wow /dir:"C:\Program Files\AVAST Software\Avast"   ==================== Internet (Whitelisted) ====================   (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)   Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ce834fcf-2140-4a52-bfc6-2a1e800e0e0e}: [DhcpNameServer] 192.168.1.1   Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131188616072905365&GUID=D2809E83-13A4-4605-9C95-BA46E070299F HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131188616072942096&GUID=D2809E83-13A4-4605-9C95-BA46E070299F HKU\S-1-5-21-530700673-802275041-1869102837-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE13&ocid=UE13DHP SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-530700673-802275041-1869102837-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =  SearchScopes: HKU\S-1-5-21-530700673-802275041-1869102837-1001 -> {1A117CDD-327D-424F-95CB-8BCF9CAD3B06} URL = hxxps://se.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms} SearchScopes: HKU\S-1-5-21-530700673-802275041-1869102837-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://se.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_36&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dse%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0CtDtAzzzyyCtAyCtCzy0D0CtDyBtD0AtN0D0Tzu0StCyBtCyDtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyC0DyEtBzy0Czy0CtGyByBtAyCtG0F0CyByEtGtA0AyDyEtG0BzztAyDyEyEyDtAyBtCtD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0A0F0F0B0AzztGyEtDtCyDtGyEyDyEyCtGzztA0AtDtGyCtD0F0FtDyE0FtC0DyB0A0D2QtN0A0LzuyE%26cr%3D1467038996%26a%3Dwbf_togoo_16_36%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} StartMenuInternet: IEXPLORE.EXE - iexplore.exe   FireFox: ======== FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-20] (Google Inc.) FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-20] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-20] FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF   Chrome:  ======= CHR HomePage: Default -> hxxps://www.superstart.se/ CHR Profile: C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default [2016-09-20] CHR Extension: (Google Presentationer) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-20] CHR Extension: (Google Dokument) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-20] CHR Extension: (Google Drive) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-20] CHR Extension: (YouTube) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-20] CHR Extension: (Google Kalkylark) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-20] CHR Extension: (Google Dokument Offline) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-20] CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-20] CHR Extension: (Gmail) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-20]   ==================== Services (Whitelisted) ========================   (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)   R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-20] (AVAST Software) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328616 2015-10-05] (Intel Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-10-05] (Synaptics Incorporated) S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)   ===================== Drivers (Whitelisted) ==========================   (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)   S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-20] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-20] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-20] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-20] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-20] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-20] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-09-20] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-20] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-20] (AVAST Software) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-08-16] (Realtek                                            ) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2016-01-21] (Realtek Semiconductor Corporation) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-08-16] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-08-16] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation                           ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-12-24] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-10-05] (Synaptics Incorporated) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S1 ghxgxala; \??\C:\WINDOWS\system32\drivers\ghxgxala.sys [X]   ==================== NetSvcs (Whitelisted) ===================   (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)     ==================== One Month Created files and folders ========   (If an entry is included in the fixlist, the file/folder will be moved.)   2016-09-20 19:33 - 2016-09-20 19:34 - 00012601 _____ C:\Users\Kristina\Downloads\FRST.txt 2016-09-20 19:32 - 2016-09-20 19:33 - 00000000 ____D C:\FRST 2016-09-20 19:32 - 2016-09-20 19:32 - 00000000 ____D C:\Users\Kristina\Downloads\FRST-OlderVersion 2016-09-20 19:27 - 2016-09-20 19:32 - 02402816 _____ (Farbar) C:\Users\Kristina\Downloads\FRST64.exe 2016-09-20 19:12 - 2016-09-20 19:12 - 00000000 ____D C:\Users\Kristina\AppData\Local\CEF 2016-09-20 19:01 - 2016-09-20 19:01 - 00000000 ___HD C:\OneDriveTemp 2016-09-20 18:58 - 2016-09-20 19:01 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-09-20 18:58 - 2016-09-20 19:01 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-09-20 18:57 - 2016-09-20 19:13 - 00001014 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-09-20 18:57 - 2016-09-20 19:08 - 00004072 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-09-20 18:57 - 2016-09-20 19:08 - 00003840 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-09-20 18:57 - 2016-09-20 19:08 - 00001010 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-09-20 18:57 - 2016-09-20 18:57 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2016-09-20 18:57 - 2016-09-20 18:57 - 00000000 ____D C:\Program Files (x86)\Google 2016-09-20 18:56 - 2016-09-20 18:56 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\AVAST Software 2016-09-20 18:55 - 2016-09-20 18:55 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2016-09-20 18:55 - 2016-09-20 18:55 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2016-09-20 18:55 - 2016-09-20 18:55 - 00001950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2016-09-20 18:55 - 2016-09-20 18:55 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2016-09-20 18:55 - 2016-09-20 18:54 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2016-09-20 18:55 - 2016-09-20 18:54 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2016-09-20 18:55 - 2016-09-20 18:54 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2016-09-20 18:55 - 2016-09-20 18:54 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2016-09-20 18:55 - 2016-09-20 18:54 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2016-09-20 18:55 - 2016-09-20 18:54 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2016-09-20 18:55 - 2016-09-20 18:54 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2016-09-20 18:54 - 2016-09-20 18:54 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2016-09-20 18:54 - 2016-09-20 18:54 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2016-09-20 18:54 - 2016-09-20 18:54 - 00000102 _____ C:\Users\Kristina\AppData\Roaming\WB.CFG 2016-09-20 18:53 - 2016-09-20 18:57 - 00000000 ____D C:\Program Files\AVAST Software 2016-09-20 18:52 - 2016-09-20 18:57 - 00000000 ____D C:\ProgramData\AVAST Software 2016-09-20 18:52 - 2016-09-20 18:52 - 06334848 _____ (AVAST Software) C:\Users\Kristina\Downloads\avast_free_antivirus_setup_online.exe 2016-09-20 18:49 - 2016-09-20 18:52 - 00004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{40277EE3-BB8B-465F-B093-C31454961555} 2016-09-20 18:30 - 2016-09-20 18:30 - 00003240 _____ C:\WINDOWS\System32\Tasks\{0FC3EE4B-CCE1-4DAF-A40F-CAD35D34374C} 2016-09-20 18:25 - 2016-09-20 18:25 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence 2016-09-20 18:19 - 2016-09-20 18:19 - 00003334 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task 2016-09-20 18:17 - 2016-09-20 18:17 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\Skype 2016-09-11 11:10 - 2016-09-20 19:00 - 00000000 ____D C:\Users\Kristina\AppData\Local\Google 2016-09-11 11:00 - 2016-09-20 19:25 - 00000868 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-09-11 11:00 - 2016-09-20 18:38 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-09-11 11:00 - 2016-09-20 18:25 - 00004006 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-09-11 11:00 - 2016-09-11 11:32 - 00003854 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-09-11 09:20 - 2016-09-11 11:32 - 00000000 ____D C:\Users\Kristina\AppData\Local\Adobe 2016-09-11 09:04 - 2016-09-11 09:05 - 00000000 ____D C:\ProgramData\Uniblue 2016-09-11 08:57 - 2016-09-20 19:27 - 00000296 _____ C:\WINDOWS\Tasks\PC-Mechanic Maintenance.job 2016-09-11 08:57 - 2016-09-20 19:00 - 00000310 _____ C:\WINDOWS\Tasks\PC-Mechanic Startup.job 2016-09-11 08:57 - 2016-09-20 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue 2016-09-11 08:57 - 2016-09-20 18:34 - 00000000 ____D C:\Program Files (x86)\Uniblue 2016-09-11 08:57 - 2016-09-11 10:16 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\Uniblue 2016-09-11 08:57 - 2016-09-11 08:57 - 00003342 _____ C:\WINDOWS\System32\Tasks\PC-Mechanic Maintenance 2016-09-11 08:57 - 2016-09-11 08:57 - 00002716 _____ C:\WINDOWS\System32\Tasks\PC-Mechanic Startup 2016-09-11 08:55 - 2016-09-20 18:25 - 00002479 _____ C:\Users\Kristina\Desktop\Chromium.lnk 2016-09-11 08:55 - 2016-09-11 08:55 - 00002360 _____ C:\Users\Kristina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk 2016-09-11 08:54 - 2016-09-11 08:58 - 00000000 ____D C:\Users\Kristina\AppData\Local\Chromium 2016-09-11 08:54 - 2016-09-11 08:56 - 01184656 _____ (Uniblue Systems Limited ) C:\Users\Kristina\Downloads\pcmechanicpm_15523713_.exe 2016-09-11 08:54 - 2016-09-11 08:56 - 00000000 ____D C:\Users\Kristina\AppData\Local\{B3DE8582-9776-E93A-FAEE-CCD2DE86304A} 2016-09-11 08:53 - 2016-09-20 19:18 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\{59FD6F46-7CAF-0230-1799-25E2CB4BD8DC} 2016-09-11 08:53 - 2016-09-20 18:53 - 00000996 _____ C:\WINDOWS\Tasks\Yahoo! Powered lonal.job 2016-09-11 08:53 - 2016-09-20 18:53 - 00000000 ____D C:\ProgramData\{30E2F581-BAA0-7F47-3C66-E105A6246ACB} 2016-09-11 08:53 - 2016-09-20 18:48 - 00000000 ____D C:\Program Files\ByteFence 2016-09-11 08:53 - 2016-09-20 18:21 - 00000000 ____D C:\Program Files (x86)\Corner Sunshine 2016-09-11 08:53 - 2016-09-11 08:55 - 00000000 ____D C:\Users\Kristina\AppData\Local\{59A06FFC-7D08-0344-1090-26AC34F8DA34} 2016-09-11 08:53 - 2016-09-11 08:53 - 74530506 _____ C:\Users\Kristina\Downloads\ChromeSetup [1].exe 2016-09-11 08:53 - 2016-09-11 08:53 - 00004092 _____ C:\WINDOWS\System32\Tasks\LaunchPreSignup 2016-09-11 08:53 - 2016-09-11 08:53 - 00004080 _____ C:\WINDOWS\System32\Tasks\Yahoo! Powered lonal 2016-09-11 08:53 - 2016-09-11 08:53 - 00002551 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk 2016-09-11 08:53 - 2016-09-11 08:53 - 00000254 __RSH C:\ProgramData\ntuser.pol 2016-09-11 08:51 - 2016-09-11 08:52 - 00974208 _____ ( ) C:\Users\Kristina\Downloads\ChromeSetup.exe 2016-08-29 11:24 - 2016-08-29 11:24 - 00032768 _____ C:\Users\Kristina\Downloads\123.pdf   ==================== One Month Modified files and folders ========   (If an entry is included in the fixlist, the file/folder will be moved.)   2016-09-20 19:31 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-09-20 19:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-09-20 19:20 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-09-20 19:01 - 2015-03-24 13:50 - 00000000 __RDO C:\Users\Kristina\OneDrive 2016-09-20 19:00 - 2015-03-24 13:41 - 00000000 __SHD C:\Users\Kristina\IntelGraphicsProfiles 2016-09-20 18:59 - 2016-01-21 21:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-09-20 18:58 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-09-20 18:55 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-09-20 18:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-09-20 18:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-09-20 18:22 - 2015-10-30 20:12 - 00747608 _____ C:\WINDOWS\system32\perfh01D.dat 2016-09-20 18:22 - 2015-10-30 20:12 - 00151176 _____ C:\WINDOWS\system32\perfc01D.dat 2016-09-20 18:22 - 2015-10-05 20:17 - 01768152 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-09-20 18:19 - 2015-10-05 20:24 - 00002383 _____ C:\Users\Kristina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-09-20 18:07 - 2015-10-05 19:08 - 00000000 ___HD C:\$SysReset 2016-09-20 18:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-09-11 10:45 - 2016-01-21 20:55 - 00000000 ____D C:\Users\Kristina 2016-09-11 10:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration 2016-09-11 10:33 - 2015-10-05 20:14 - 00000000 ____D C:\Users\Kristina\AppData\Local\Packages 2016-09-11 08:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-09-11 08:53 - 2015-10-05 20:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-08-29 11:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache   ==================== Files in the root of some directories =======   2016-09-20 18:54 - 2016-09-20 18:54 - 0000102 _____ () C:\Users\Kristina\AppData\Roaming\WB.CFG 2016-01-21 20:51 - 2016-01-21 20:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl   ==================== Bamital & volsnap =================   (There is no automatic fix for files that do not pass verification.)   C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed     LastRegBack: 2016-09-06 15:43   ==================== End of FRST.txt ============================Addition.txt
  • Senaste som Tittar

    Inga registrerade medlemmar är inne på denna sida.

  • Obesvarade ämnen

  • Nya ämnen

×
×
  • Skapa nytt...