Just nu i M3-nätverket
Gå till innehåll
ShorTee

skadligt program? dis.eu.criteo.com

Rekommendera Poster

När jag klickar på länkar på hemsidor kommer det upp en ruta som säger typ "error... dis.eu.criteo.com...". Dessutom öppnas nya reklam- och andra för barn opassande flikar bredvid de vi använder. När jag googlar på namnet criteo står där att programmet är ett skadligt virus. Jag har försökt att hitta det med hjälp av F-secure som är mitt antivirus utan framgång.

 

Hur kan jag göra?

 

Jag använder Win 7 och Chrome för att surfa.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015

Ran by TomasåLena (administrator) on TOMASÅLENA-HP on 22-01-2015 11:06:45

Running from C:\Users\TomasåLena\Desktop

Loaded Profiles: TomasåLena (Available profiles: TomasåLena)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Svenska (Sverige)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\CCF_Reputation\fsorsp.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\fsgk32.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

(SPAMfighter ApS) C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Telia\Supportassistenten\bin\sprtsvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

(SPAMfighter ApS) C:\Program Files (x86)\Fighters\FighterSuiteService.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Telia\Supportassistenten\bin\tgsrvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSMA32.EXE

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSHDLL64.EXE

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\fssm32.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe

(Google Inc.) C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe

(Akamai Technologies, Inc.) C:\Users\TomasåLena\AppData\Local\Akamai\netsession_win.exe

(Google Inc.) C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe

(Google Inc.) C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\chrome.exe

(Akamai Technologies, Inc.) C:\Users\TomasåLena\AppData\Local\Akamai\netsession_win.exe

(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Telia\Supportassistenten\bin\sprtcmd.exe

(SecMaker AB) C:\Program Files (x86)\Net iD\iid.exe

(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

(SPAMfighter ApS) C:\Program Files (x86)\Fighters\Tray\FightersTray.exe

(SPAMfighter ApS) C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSM32.EXE

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

(Google Inc.) C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)

HKLM\...\Run: [smartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()

HKLM\...\Run: [start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)

HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)

HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)

HKLM-x32\...\Run: [Telia] => C:\Program Files (x86)\Telia\Supportassistenten\bin\sprtcmd.exe [206120 2010-11-11] (SupportSoft, Inc.)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [Net iD] => C:\Program Files (x86)\Net iD\iid.exe [87352 2011-03-21] (SecMaker AB)

HKLM-x32\...\Run: [sSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [indexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [brMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [CommonToolkitTray] => C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [1405544 2012-11-13] (SPAMfighter ApS)

HKLM-x32\...\Run: [sfagent] => C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe [1460768 2013-01-15] (SPAMfighter ApS)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)

HKLM-x32\...\Run: [F-Secure Hoster (28332)] => C:\Program Files (x86)\Telia\Telias sakerhetstjanster\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)

HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSM32.EXE [311432 2013-01-03] (F-Secure Corporation)

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)

HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-11-11] (Hewlett-Packard)

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [Google Update] => C:\Users\TomasåLena\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [Akamai NetSession Interface] => C:\Users\TomasåLena\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [33120 2009-11-15] (Alcohol Soft Development Team)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [F5889464CCDFB1854FE254BA487C979F167DEC1F._service_run] => C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\chrome.exe [843592 2015-01-21] (Google Inc.)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-11-23] (AMD)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\RunOnce: [Adobe Speed Launcher] => 1421912218

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\MountPoints2: {33f9df51-ac63-11e3-8541-806e6f6e6963} - E:\Setup.exe

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk

ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 

HKU\S-1-5-21-388272467-1481227621-719459162-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

HKU\S-1-5-21-388272467-1481227621-719459162-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/11

URLSearchHook: HKU\S-1-5-21-388272467-1481227621-719459162-1000 - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File

SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-388272467-1481227621-719459162-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=110482&mntrId=3847fd38000000000000001b1113253d

SearchScopes: HKU\S-1-5-21-388272467-1481227621-719459162-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=110482&mntrId=3847fd38000000000000001b1113253d

SearchScopes: HKU\S-1-5-21-388272467-1481227621-719459162-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKU\S-1-5-21-388272467-1481227621-719459162-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKU\S-1-5-21-388272467-1481227621-719459162-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKU\S-1-5-21-388272467-1481227621-719459162-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKU\S-1-5-21-388272467-1481227621-719459162-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File


DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()

FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll No File

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.0.1.5 -> C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-388272467-1481227621-719459162-1000: @tools.google.com/Google Update;version=3 -> C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-388272467-1481227621-719459162-1000: @tools.google.com/Google Update;version=9 -> C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-388272467-1481227621-719459162-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\TomasåLena\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Extension: General Crawler - C:\Users\TomasåLena\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-02-28]

 

Chrome: 

=======

CHR Profile: C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Presentationer) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-17]

CHR Extension: (Google Dokument) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-17]

CHR Extension: (Google Drive) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-17]

CHR Extension: (YouTube) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-17]

CHR Extension: (Java for Chrome) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnmhlagmhphkifplfbhianbopacehadb [2015-01-12]

CHR Extension: (Sök på Google) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-17]

CHR Extension: (Google Kalkylark) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-17]

CHR Extension: (General Crawler) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje [2014-01-29]

CHR Extension: (Google Wallet) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]

CHR Extension: (Gmail) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-17]

CHR HKLM-x32\...\Chrome\Extension: [aacbndibbcpajfgnkdkaakeiojmmgmnk] - C:\Users\TomasåLena\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [jpihmmhdcobmllpcnpfbhnipmhamldje] - C:\Users\TomasåLena\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2012-02-28]

CHR HKLM-x32\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - C:\Users\TOMASL~1\AppData\Local\Temp\tbch.crx [2011-11-15]

CHR StartMenuInternet: Google Chrome - C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\chrome.exe

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]

R2 fshoster; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)

R3 FSMA; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSMA32.EXE [209032 2013-01-03] (F-Secure Corporation)

R2 FSORSPClient; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\CCF_Reputation\fsorsp.exe [61176 2012-08-06] (F-Secure Corporation)

S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-06-01] (WildTangent)

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]

R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]

R2 MSSQL$VISMA; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)

R2 SPAMfighter Update Service; C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe [216608 2013-01-15] (SPAMfighter ApS)

R2 sprtsvc_teliada; C:\Program Files (x86)\Telia\Supportassistenten\bin\sprtsvc.exe [206120 2010-11-11] (SupportSoft, Inc.)

R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]

R2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [1270376 2012-11-12] (SPAMfighter ApS)

S2 SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\SupportSoft\bin\ssrc.exe [382320 2010-11-11] (SupportSoft, Inc.)

R2 tgsrvc_teliada; C:\Program Files (x86)\Telia\Supportassistenten\bin\tgsrvc.exe [185640 2010-11-11] (SupportSoft, Inc.)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)

S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-12-02] (DT Soft Ltd)

S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed]

S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed]

S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed]

S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]

R3 F-Secure Gatekeeper; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [207400 2014-11-18] (F-Secure Corporation)

R1 F-Secure HIPS; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71112 2014-11-18] (F-Secure Corporation)

R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-08-16] ()

R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42248 2013-08-16] ()

R3 fsni; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\CCF_Scanning\bin\fsni64.sys [89640 2014-12-09] (F-Secure Corporation)

S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]

R1 fsvista; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [14472 2013-01-03] ()

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-10-24] (Duplex Secure Ltd.)

S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)

U3 a1p4ffyk; C:\Windows\System32\Drivers\a1p4ffyk.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)

U3 akz96x63; C:\Windows\System32\Drivers\akz96x63.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)

S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]

S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]

S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]

S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]

S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]

S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-01-22 11:06 - 2015-01-22 11:08 - 00028896 _____ () C:\Users\TomasåLena\Desktop\FRST.txt

2015-01-22 11:06 - 2015-01-22 11:06 - 00000000 ____D () C:\FRST

2015-01-22 11:05 - 2015-01-22 11:05 - 02126848 _____ (Farbar) C:\Users\TomasåLena\Desktop\FRST64.exe

2015-01-21 18:16 - 2015-01-21 18:16 - 00000000 ____D () C:\Users\Public\Documents\EA Games

2015-01-21 18:15 - 2015-01-21 18:15 - 00003052 _____ () C:\Windows\System32\Tasks\{ED17E0D3-4032-413B-89AB-DB48FECA389B}

2015-01-21 18:09 - 2015-01-21 18:09 - 00002083 _____ () C:\Users\Public\Desktop\The Sims 2.lnk

2015-01-21 18:09 - 2015-01-21 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES

2015-01-21 18:08 - 2015-01-21 18:08 - 00000000 ____D () C:\Users\TomasåLena\Documents\EA Games

2015-01-21 17:54 - 2015-01-21 17:54 - 00000000 ____D () C:\Program Files (x86)\EA GAMES

2015-01-21 17:54 - 2004-08-18 09:34 - 00442368 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll

2015-01-14 21:37 - 2015-01-14 21:37 - 05013680 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2015-01-14 18:47 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2015-01-14 18:47 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2015-01-14 18:47 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2015-01-14 18:47 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

2015-01-14 18:47 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll

2015-01-14 18:47 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

2015-01-14 18:46 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-01-14 18:46 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-01-14 18:46 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-01-14 18:46 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-01-14 18:46 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-01-14 18:46 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-01-14 18:46 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-01-12 23:44 - 2015-01-12 23:44 - 00000000 ____D () C:\Windows\Sun

2015-01-12 23:07 - 2015-01-12 20:46 - 40049225 ____N () C:\Users\TomasåLena\Desktop\IMG_1781.MOV

2015-01-12 23:07 - 2015-01-12 20:09 - 47983837 ____N () C:\Users\TomasåLena\Desktop\IMG_1778.MOV

2015-01-05 12:15 - 2015-01-05 12:15 - 00000000 ____D () C:\ProgramData\Reprise

2014-12-31 15:00 - 2015-01-14 22:03 - 00079569 _____ () C:\Users\TomasåLena\Documents\Pelletsstatistik 141231.xlsx

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-01-22 11:01 - 2013-04-03 17:18 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-01-22 10:43 - 2011-10-25 20:49 - 00001024 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-388272467-1481227621-719459162-1000UA.job

2015-01-22 10:42 - 2012-04-19 14:05 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-01-22 10:19 - 2011-10-28 17:10 - 00000000 ____D () C:\Windows\System32\Tasks\Games

2015-01-22 09:09 - 2011-04-07 15:54 - 01073866 _____ () C:\Windows\WindowsUpdate.log

2015-01-22 08:43 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-01-22 08:43 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-01-22 08:36 - 2014-11-09 00:48 - 00000000 ___RD () C:\Users\TomasåLena\iCloudDrive

2015-01-22 08:35 - 2013-04-03 17:18 - 00000990 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-01-22 08:35 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-01-22 08:35 - 2009-07-14 05:51 - 00169112 _____ () C:\Windows\setupact.log

2015-01-22 00:03 - 2011-10-25 20:49 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-388272467-1481227621-719459162-1000Core.job

2015-01-22 00:01 - 2011-10-25 20:51 - 00002394 _____ () C:\Users\TomasåLena\Desktop\Google Chrome.lnk

2015-01-21 18:16 - 2011-11-08 23:39 - 00000000 ____D () C:\Users\TomasåLena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2015-01-20 23:59 - 2012-02-07 14:00 - 00003216 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTomasåLena

2015-01-20 23:59 - 2012-02-07 14:00 - 00000352 _____ () C:\Windows\Tasks\HPCeeScheduleForTomasåLena.job

2015-01-18 22:47 - 2011-08-23 15:32 - 00789238 _____ () C:\Windows\PFRO.log

2015-01-18 20:10 - 2011-12-12 16:43 - 00000000 ____D () C:\Program Files (x86)\VSO

2015-01-18 19:57 - 2012-03-20 00:23 - 00000000 ____D () C:\Users\TomasåLena\AppData\Roaming\vlc

2015-01-18 18:16 - 2012-10-19 18:53 - 00000000 ____D () C:\Users\TomasåLena\AppData\Roaming\dvdcss

2015-01-15 23:25 - 2014-12-22 00:38 - 00000000 ____D () C:\Users\TomasåLena\Desktop\Tomas

2015-01-15 23:25 - 2012-05-14 22:09 - 00000000 ____D () C:\ProgramData\RH_Backups

2015-01-14 22:27 - 2013-08-16 02:01 - 00000000 ____D () C:\Windows\system32\MRT

2015-01-14 22:15 - 2011-10-28 15:33 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-01-14 21:38 - 2012-04-19 14:05 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-01-14 21:38 - 2012-04-19 14:05 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-01-14 21:38 - 2011-11-10 16:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-01-14 21:37 - 2011-11-26 20:25 - 00000000 ____D () C:\Users\TomasåLena\AppData\Roaming\Spotify

2015-01-13 00:22 - 2014-10-09 19:46 - 00078848 ___SH () C:\Users\TomasåLena\Downloads\Thumbs.db

2015-01-13 00:09 - 2011-11-26 20:25 - 00000000 ____D () C:\Users\TomasåLena\AppData\Local\Spotify

2015-01-12 23:40 - 2014-10-18 09:45 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2015-01-12 23:40 - 2013-10-20 23:32 - 00000000 ____D () C:\ProgramData\Oracle

2015-01-12 23:33 - 2014-10-18 09:44 - 00000000 ____D () C:\Program Files (x86)\Java

2015-01-12 23:08 - 2014-10-18 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2015-01-12 21:19 - 2013-09-22 17:49 - 00000000 ____D () C:\Users\TomasåLena\AppData\Local\Apple Computer

2015-01-07 00:04 - 2013-10-23 19:44 - 00279040 ___SH () C:\Users\TomasåLena\Desktop\Thumbs.db

2015-01-06 16:41 - 2011-10-25 20:44 - 01705376 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2015-01-06 16:41 - 2011-04-07 16:15 - 00717510 _____ () C:\Windows\system32\perfh01D.dat

2015-01-06 16:41 - 2011-04-07 16:15 - 00162942 _____ () C:\Windows\system32\perfc01D.dat

2015-01-06 16:41 - 2009-07-14 06:13 - 01705376 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-01-05 12:15 - 2014-05-28 12:47 - 00000000 ____D () C:\Users\TomasåLena\AppData\Roaming\SketchUp

2015-01-01 14:30 - 2014-08-31 13:32 - 00000000 ____D () C:\Users\TomasåLena\AppData\Local\Adobe

2014-12-30 12:56 - 2011-10-28 17:15 - 00000000 ____D () C:\Users\TomasåLena\AppData\Local\CrashDumps

2014-12-27 17:51 - 2011-11-02 09:57 - 00003228 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTOMASÅLENA-HP$

2014-12-27 17:51 - 2011-11-02 09:57 - 00000352 _____ () C:\Windows\Tasks\HPCeeScheduleForTOMASÅLENA-HP$.job

 

==================== Files in the root of some directories =======

2014-10-12 20:09 - 2014-10-12 20:09 - 0004900 _____ () C:\Program Files (x86)\Furnish Pro uninstal.log

2011-12-12 16:43 - 2011-12-12 16:43 - 0099384 _____ () C:\Users\TomasåLena\AppData\Roaming\inst.exe

2011-12-12 16:43 - 2011-12-12 16:43 - 0007859 _____ () C:\Users\TomasåLena\AppData\Roaming\pcouffin.cat

2011-12-12 16:43 - 2011-12-12 16:43 - 0001167 _____ () C:\Users\TomasåLena\AppData\Roaming\pcouffin.inf

2011-12-12 16:44 - 2011-12-12 16:44 - 0000034 _____ () C:\Users\TomasåLena\AppData\Roaming\pcouffin.log

2011-12-12 16:43 - 2011-12-12 16:43 - 0082816 _____ (VSO Software) C:\Users\TomasåLena\AppData\Roaming\pcouffin.sys

2011-12-12 16:45 - 2012-03-09 20:38 - 0001057 _____ () C:\Users\TomasåLena\AppData\Roaming\vso_ts_preview.xml

 

Some content of TEMP:

====================

C:\Users\TomasåLena\AppData\Local\Temp\acing.exe

C:\Users\TomasåLena\AppData\Local\Temp\amd-catalyst-14-9-win7-win8.1-64bit-dd-ccc-whql.exe

C:\Users\TomasåLena\AppData\Local\Temp\AutoRun.exe

C:\Users\TomasåLena\AppData\Local\Temp\AutoRunGUI.dll

C:\Users\TomasåLena\AppData\Local\Temp\cci.exe

C:\Users\TomasåLena\AppData\Local\Temp\COMAP.EXE

C:\Users\TomasåLena\AppData\Local\Temp\DSSExp.exe

C:\Users\TomasåLena\AppData\Local\Temp\EASOUNInstaller.exe

C:\Users\TomasåLena\AppData\Local\Temp\eauninstall.exe

C:\Users\TomasåLena\AppData\Local\Temp\ffunzip.exe

C:\Users\TomasåLena\AppData\Local\Temp\First15.exe

C:\Users\TomasåLena\AppData\Local\Temp\fsprod.dll

C:\Users\TomasåLena\AppData\Local\Temp\fssfm.dll

C:\Users\TomasåLena\AppData\Local\Temp\GURD417.exe

C:\Users\TomasåLena\AppData\Local\Temp\HPHelpUpdater.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\MSN9150.exe

C:\Users\TomasåLena\AppData\Local\Temp\Need for Speed Underground 2_uninst.exe

C:\Users\TomasåLena\AppData\Local\Temp\ose00000.exe

C:\Users\TomasåLena\AppData\Local\Temp\pdf24-creator-update.exe

C:\Users\TomasåLena\AppData\Local\Temp\preconfig.exe

C:\Users\TomasåLena\AppData\Local\Temp\raptrpatch.exe

C:\Users\TomasåLena\AppData\Local\Temp\Resource.exe

C:\Users\TomasåLena\AppData\Local\Temp\sp53904.exe

C:\Users\TomasåLena\AppData\Local\Temp\sp54931.exe

C:\Users\TomasåLena\AppData\Local\Temp\sp58915.exe

C:\Users\TomasåLena\AppData\Local\Temp\sp64126.exe

C:\Users\TomasåLena\AppData\Local\Temp\SpotifyUpgrader.exe

C:\Users\TomasåLena\AppData\Local\Temp\tbVuze.dll

C:\Users\TomasåLena\AppData\Local\Temp\uninstall.exe

C:\Users\TomasåLena\AppData\Local\Temp\UninstallHPSA.exe

C:\Users\TomasåLena\AppData\Local\Temp\UninstallHPTCA.exe

C:\Users\TomasåLena\AppData\Local\Temp\vlc-2.0.1-win32.exe

C:\Users\TomasåLena\AppData\Local\Temp\VP6Install.exe

C:\Users\TomasåLena\AppData\Local\Temp\VP6VFW.dll

C:\Users\TomasåLena\AppData\Local\Temp\_isF760.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-01-15 21:42

 

==================== End Of Log ============================

Addition.txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

1. Avinstallera "Java 7 Update 71" eftersom det är en gammal programversion med kända säkerhetshål som kan utnyttjas av en webbsida för att infektera datorn.

 

 

2. Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på Report-knappen.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[R0].txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

1. Avinstallera "Java 7 Update 71" eftersom det är en gammal programversion med kända säkerhetshål som kan utnyttjas av en webbsida för att infektera datorn.

 

 

2. Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på Report-knappen.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[R0].txt

# AdwCleaner v4.108 - Report created 23/01/2015 at 01:00:29
# Updated 17/01/2015 by Xplode
# Database : 2015-01-22.3 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : TomasåLena - TOMASÅLENA-HP
# Running from : C:\Users\TomasåLena\Desktop\adwcleaner_4.108.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Users\TOMASL~1\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Fighters
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Fighters
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Found : C:\Users\TOMASL~1\AppData\Local\Temp\BabylonToolbar
Folder Found : C:\Users\TomasåLena\AppData\Local\Babylon
Folder Found : C:\Users\TomasåLena\AppData\Local\Conduit
Folder Found : C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
Folder Found : C:\Users\TomasåLena\AppData\LocalLow\Conduit
Folder Found : C:\Users\TomasåLena\AppData\Roaming\Babylon
Folder Found : C:\Users\TomasåLena\AppData\Roaming\Fighters
Folder Found : C:\Users\TomasåLena\AppData\Roaming\Media Finder
Folder Found : C:\Users\TomasåLena\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Fighters
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\MediaFinder
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\StartSearch
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\MediaFinder
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\StartSearch
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\MF
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [CommonToolkitTray]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Google Chrome v
 
[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=110482&mntrId=3847fd38000000000000001b1113253d
[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=110482&mntrId=3847fd38000000000000001b1113253d
[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.hultsfred.se/templates/TeleSearchPage____6.aspx?opensearchquery={searchTerms}
[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=354372F4-CAB3-4D70-A595-D3EC192B46AF&apn_ptnrs=U3&apn_sauid=C649A5AD-77B1-48F4-9B13-434690AB8DC6&apn_dtid=OSJ000YYSE&q={searchTerms}
[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=354372F4-CAB3-4D70-A595-D3EC192B46AF&apn_ptnrs=U3&apn_sauid=C649A5AD-77B1-48F4-9B13-434690AB8DC6&apn_dtid=OSJ000YYSE&q={searchTerms}
[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=427&systemid=406&sr=0&q={searchTerms}
[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://isearch.avg.com/search?cid={3DD84AD1-FDC6-4D1C-9392-FFCCB48A41EE}&mid=c2c9c97847ec792058c489e9557e25da-3b39db65961cf585715944c54965421aeb9b3fb0&lang=en&ds=AVG&pr=fr&d=2011-12-05 22:25:45&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934
[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcnnbie7-sv-se
[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.disneystore.com/disney/store/DSISearch?Searchstr={searchTerms}&storeId=10051&catalogId=10002&langId=-1&pageCmdName=homeLandingPage&Ntx=mode+matchallpartial&N=0&Nu=pProductID&Nr=pPublished%3A1&Ntk=All_Shopping&Ntt=Disney+Infinity+Starter+Pack&D=Disney+Infinity+Starter+Pack&Dr=pPublished%3A1
[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://www.solresor.se/Search?quicksearchquery={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [8265 octets] - [23/01/2015 01:00:29]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8325 octets] ##########

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Programmet AdwCleaner ville att jag skulle avmarkera sånt som inte skulle raderas och sen ta bort en massa grejer. Bör jag göra om scanningen och följa instruktionerna? Vad ska jag avmarkera? Kan man sånt?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Kan du se något i rapporten från AdwCleaner som du vill ha kvar?

Jag ser inget som är värt att ha kvar men du kan ju tycka annorlunda.

 

Om du inte ser något så gör så här:

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

 

Klicka på Clean-knappen.

Tryck på OK.

Tryck på OK fler gånger om det kommer upp meddelanden.

 

Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s0].txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
# AdwCleaner v4.109 - Report created 25/01/2015 at 12:27:44

# Updated 24/01/2015 by Xplode

# Database : 2015-01-24.4 [Live]

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : TomasåLena - TOMASÅLENA-HP

# Running from : C:\Users\TomasåLena\Desktop\adwcleaner_4.109.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\Fighters

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters

Folder Deleted : C:\Program Files (x86)\Conduit

Folder Deleted : C:\Program Files (x86)\Fighters

Folder Deleted : C:\Users\TOMASL~1\AppData\Local\Temp\BabylonToolbar

Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Fighters

Folder Deleted : C:\Users\TomasåLena\AppData\Local\Babylon

Folder Deleted : C:\Users\TomasåLena\AppData\Local\Conduit

Folder Deleted : C:\Users\TomasåLena\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\TomasåLena\AppData\Roaming\Babylon

Folder Deleted : C:\Users\TomasåLena\AppData\Roaming\Media Finder

Folder Deleted : C:\Users\TomasåLena\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com

Folder Deleted : C:\Users\TomasåLena\AppData\Roaming\Fighters

Folder Deleted : C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje

File Deleted : C:\END

File Deleted : C:\Users\TOMASL~1\AppData\Local\Temp\Uninstall.exe

File Deleted : C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

 

***** [ Scheduled Tasks ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\MF

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [CommonToolkitTray]

Key Deleted : HKCU\Software\Classes\MF

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\MediaFinder

Key Deleted : HKCU\Software\Myfree Codec

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\StartSearch

Key Deleted : HKCU\Software\Fighters

Key Deleted : HKLM\SOFTWARE\Babylon

Key Deleted : HKLM\SOFTWARE\Conduit

Key Deleted : HKLM\SOFTWARE\Myfree Codec

Key Deleted : HKLM\SOFTWARE\Fighters

Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - 127.0.0.1:9421;<local>;*.local

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17496

 

 

-\\ Google Chrome v

 

[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=110482&mntrId=3847fd38000000000000001b1113253d

[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=110482&mntrId=3847fd38000000000000001b1113253d

[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=354372F4-CAB3-4D70-A595-D3EC192B46AF&apn_ptnrs=U3&apn_sauid=C649A5AD-77B1-48F4-9B13-434690AB8DC6&apn_dtid=OSJ000YYSE&q={searchTerms}

[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=354372F4-CAB3-4D70-A595-D3EC192B46AF&apn_ptnrs=U3&apn_sauid=C649A5AD-77B1-48F4-9B13-434690AB8DC6&apn_dtid=OSJ000YYSE&q={searchTerms}

[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=427&systemid=406&sr=0&q={searchTerms}

[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://isearch.avg.com/search?cid={3DD84AD1-FDC6-4D1C-9392-FFCCB48A41EE}&mid=c2c9c97847ec792058c489e9557e25da-3b39db65961cf585715944c54965421aeb9b3fb0&lang=en&ds=AVG&pr=fr&d=2011-12-05 22:25:45&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}

[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcnnbie7-sv-se

[C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.disneystore.com/disney/store/DSISearch?Searchstr={searchTerms}&storeId=10051&catalogId=10002&langId=-1&pageCmdName=homeLandingPage&Ntx=mode+matchallpartial&N=0&Nu=pProductID&Nr=pPublished%3A1&Ntk=All_Shopping&Ntt=Disney+Infinity+Starter+Pack&D=Disney+Infinity+Starter+Pack&Dr=pPublished%3A1

 

*************************

 

AdwCleaner[R0].txt - [8473 octets] - [23/01/2015 01:00:29]

AdwCleaner[R1].txt - [8214 octets] - [25/01/2015 12:26:06]

AdwCleaner[s0].txt - [7417 octets] - [25/01/2015 12:27:44]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [7477 octets] ##########

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

1. Starta FRST.

Bocka för Addition.txt.

Låt programmet skanna.

Klistra in de två nya loggarna från programmet så får vi se vad mer som ska bort.

 

 

2. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Välj alternativet Enable detection of potentially unwanted applications.

 

Klicka på Advanced Settings.

Ta bort bocken framför Remove found threats.

Bocka för:

Scan Archives

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Start

 

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01

Ran by TomasåLena (administrator) on TOMASÅLENA-HP on 26-01-2015 18:30:15

Running from C:\Users\TomasåLena\Downloads

Loaded Profiles: TomasåLena (Available profiles: TomasåLena)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Svenska (Sverige)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\CCF_Reputation\fsorsp.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\fsgk32.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Telia\Supportassistenten\bin\sprtsvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Telia\Supportassistenten\bin\tgsrvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSMA32.EXE

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSHDLL64.EXE

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\fssm32.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe

(Akamai Technologies, Inc.) C:\Users\TomasåLena\AppData\Local\Akamai\netsession_win.exe

(Google Inc.) C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\chrome.exe

(Akamai Technologies, Inc.) C:\Users\TomasåLena\AppData\Local\Akamai\netsession_win.exe

(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe

(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe

(Google Inc.) C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler.exe

(Google Inc.) C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\GoogleCrashHandler64.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

(SupportSoft, Inc.) C:\Program Files (x86)\Telia\Supportassistenten\bin\sprtcmd.exe

(SecMaker AB) C:\Program Files (x86)\Net iD\iid.exe

(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\fshoster32.exe

(F-Secure Corporation) C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSM32.EXE

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE

(Microsoft Corporation) C:\Windows\splwow64.exe

() C:\Users\TomasåLena\Desktop\adwcleaner_4.109.exe

(Microsoft Corporation) C:\Windows\System32\prevhost.exe

(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)

HKLM\...\Run: [smartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()

HKLM\...\Run: [start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-15] (Logitech Inc.)

HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)

HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)

HKLM-x32\...\Run: [Telia] => C:\Program Files (x86)\Telia\Supportassistenten\bin\sprtcmd.exe [206120 2010-11-11] (SupportSoft, Inc.)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [Net iD] => C:\Program Files (x86)\Net iD\iid.exe [87352 2011-03-21] (SecMaker AB)

HKLM-x32\...\Run: [sSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [indexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)

HKLM-x32\...\Run: [brMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)

HKLM-x32\...\Run: [F-Secure Hoster (28332)] => C:\Program Files (x86)\Telia\Telias sakerhetstjanster\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)

HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSM32.EXE [311432 2013-01-03] (F-Secure Corporation)

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [sfagent] => C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe

HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-11-11] (Hewlett-Packard)

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [Google Update] => C:\Users\TomasåLena\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-19] (Google Inc.)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [Akamai NetSession Interface] => C:\Users\TomasåLena\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [33120 2009-11-15] (Alcohol Soft Development Team)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [F5889464CCDFB1854FE254BA487C979F167DEC1F._service_run] => C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\chrome.exe [843592 2015-01-21] (Google Inc.)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-11-23] (AMD)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)

HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\RunOnce: [Adobe Speed Launcher] => 1422185401

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk

ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 

HKU\S-1-5-21-388272467-1481227621-719459162-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

HKU\S-1-5-21-388272467-1481227621-719459162-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/HPCON/11

SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKU\S-1-5-21-388272467-1481227621-719459162-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File


DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()

FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll No File

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.0.1.5 -> C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-388272467-1481227621-719459162-1000: @tools.google.com/Google Update;version=3 -> C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-388272467-1481227621-719459162-1000: @tools.google.com/Google Update;version=9 -> C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-388272467-1481227621-719459162-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\TomasåLena\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

Chrome: 

=======

CHR Profile: C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Presentationer) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-17]

CHR Extension: (Google Dokument) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-17]

CHR Extension: (Google Drive) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-17]

CHR Extension: (YouTube) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-17]

CHR Extension: (Java for Chrome) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnmhlagmhphkifplfbhianbopacehadb [2015-01-12]

CHR Extension: (Sök på Google) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-17]

CHR Extension: (Google Kalkylark) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-17]

CHR Extension: (Google Wallet) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]

CHR Extension: (Gmail) - C:\Users\TomasåLena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-17]

StartMenuInternet: Google Chrome - C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\chrome.exe

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]

R2 fshoster; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)

R3 FSMA; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSMA32.EXE [209032 2013-01-03] (F-Secure Corporation)

R2 FSORSPClient; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\CCF_Reputation\fsorsp.exe [61176 2012-08-06] (F-Secure Corporation)

S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-06-01] (WildTangent)

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]

R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]

R2 MSSQL$VISMA; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)

R2 sprtsvc_teliada; C:\Program Files (x86)\Telia\Supportassistenten\bin\sprtsvc.exe [206120 2010-11-11] (SupportSoft, Inc.)

R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]

S2 SupportSoft RemoteAssist; C:\Program Files (x86)\Common Files\SupportSoft\bin\ssrc.exe [382320 2010-11-11] (SupportSoft, Inc.)

R2 tgsrvc_teliada; C:\Program Files (x86)\Telia\Supportassistenten\bin\tgsrvc.exe [185640 2010-11-11] (SupportSoft, Inc.)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

S2 SPAMfighter Update Service; "C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe" [X]

S2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)

S3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-12-02] (DT Soft Ltd)

S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed]

S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed]

S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed]

S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]

R3 F-Secure Gatekeeper; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [207400 2014-11-18] (F-Secure Corporation)

R1 F-Secure HIPS; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71112 2014-11-18] (F-Secure Corporation)

R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-08-16] ()

R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42248 2013-08-16] ()

R3 fsni; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\CCF_Scanning\bin\fsni64.sys [89640 2014-12-09] (F-Secure Corporation)

S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]

R1 fsvista; C:\Program Files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [14472 2013-01-03] ()

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-10-24] (Duplex Secure Ltd.)

S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)

U3 ab6bec23; C:\Windows\System32\Drivers\ab6bec23.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)

U3 affpbg5u; C:\Windows\System32\Drivers\affpbg5u.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)

S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]

S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]

S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]

S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]

S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]

S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-01-26 18:30 - 2015-01-26 18:32 - 00024395 _____ () C:\Users\TomasåLena\Downloads\FRST.txt

2015-01-26 18:29 - 2015-01-26 18:29 - 00000000 ____D () C:\Users\TomasåLena\Downloads\FRST-OlderVersion

2015-01-25 12:30 - 2015-01-25 12:32 - 00000000 ____D () C:\Users\TomasåLena\AppData\Roaming\Fighters

2015-01-25 12:25 - 2015-01-25 12:25 - 02194432 _____ () C:\Users\TomasåLena\Desktop\adwcleaner_4.109.exe

2015-01-23 01:00 - 2015-01-25 12:28 - 00000000 ____D () C:\AdwCleaner

2015-01-23 00:42 - 2015-01-26 18:16 - 03539632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

2015-01-22 11:26 - 2015-01-22 11:26 - 00000000 ____D () C:\Users\TomasåLena\Documents\Support

2015-01-22 11:06 - 2015-01-26 18:30 - 00000000 ____D () C:\FRST

2015-01-22 11:05 - 2015-01-26 18:29 - 02129920 _____ (Farbar) C:\Users\TomasåLena\Downloads\FRST64.exe

2015-01-21 18:16 - 2015-01-21 18:16 - 00000000 ____D () C:\Users\Public\Documents\EA Games

2015-01-21 18:15 - 2015-01-21 18:15 - 00003052 _____ () C:\Windows\System32\Tasks\{ED17E0D3-4032-413B-89AB-DB48FECA389B}

2015-01-21 18:09 - 2015-01-21 18:09 - 00002083 _____ () C:\Users\Public\Desktop\The Sims 2.lnk

2015-01-21 18:09 - 2015-01-21 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES

2015-01-21 18:08 - 2015-01-21 18:08 - 00000000 ____D () C:\Users\TomasåLena\Documents\EA Games

2015-01-21 17:54 - 2015-01-21 17:54 - 00000000 ____D () C:\Program Files (x86)\EA GAMES

2015-01-21 17:54 - 2004-08-18 09:34 - 00442368 ____R (On2.com) C:\Windows\SysWOW64\vp6vfw.dll

2015-01-14 18:47 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2015-01-14 18:47 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2015-01-14 18:47 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2015-01-14 18:47 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

2015-01-14 18:47 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll

2015-01-14 18:47 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

2015-01-14 18:46 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-01-14 18:46 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-01-14 18:46 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-01-14 18:46 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-01-14 18:46 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-01-14 18:46 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-01-14 18:46 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-01-12 23:44 - 2015-01-12 23:44 - 00000000 ____D () C:\Windows\Sun

2015-01-12 23:07 - 2015-01-12 20:46 - 40049225 ____N () C:\Users\TomasåLena\Desktop\IMG_1781.MOV

2015-01-12 23:07 - 2015-01-12 20:09 - 47983837 ____N () C:\Users\TomasåLena\Desktop\IMG_1778.MOV

2015-01-05 12:15 - 2015-01-05 12:15 - 00000000 ____D () C:\ProgramData\Reprise

2014-12-31 15:00 - 2015-01-14 22:03 - 00079569 _____ () C:\Users\TomasåLena\Documents\Pelletsstatistik 141231.xlsx

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-01-26 18:28 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-01-26 18:28 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-01-26 18:24 - 2011-04-07 15:54 - 01154493 _____ () C:\Windows\WindowsUpdate.log

2015-01-26 18:22 - 2011-10-25 20:49 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-388272467-1481227621-719459162-1000Core.job

2015-01-26 18:18 - 2012-04-19 14:05 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-01-26 18:18 - 2012-04-19 14:05 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-01-26 18:18 - 2012-04-19 14:05 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-01-26 18:18 - 2011-11-10 16:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-01-26 18:17 - 2013-04-03 17:18 - 00000990 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-01-26 18:15 - 2013-04-03 17:18 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-01-26 18:15 - 2011-11-02 09:57 - 00003228 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTOMASÅLENA-HP$

2015-01-26 18:15 - 2011-11-02 09:57 - 00000352 _____ () C:\Windows\Tasks\HPCeeScheduleForTOMASÅLENA-HP$.job

2015-01-26 18:15 - 2011-10-25 20:49 - 00001024 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-388272467-1481227621-719459162-1000UA.job

2015-01-25 12:34 - 2012-03-28 20:25 - 00000000 ____D () C:\ProgramData\Fighters

2015-01-25 12:29 - 2014-11-09 00:48 - 00000000 ___RD () C:\Users\TomasåLena\iCloudDrive

2015-01-25 12:29 - 2011-08-23 15:32 - 00789548 _____ () C:\Windows\PFRO.log

2015-01-25 12:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-01-25 12:29 - 2009-07-14 05:51 - 00169280 _____ () C:\Windows\setupact.log

2015-01-25 12:24 - 2011-10-25 20:49 - 00000000 ____D () C:\Users\TomasåLena\AppData\Local\Apps\2.0

2015-01-25 09:16 - 2012-03-20 00:23 - 00000000 ____D () C:\Users\TomasåLena\AppData\Roaming\vlc

2015-01-25 09:09 - 2012-02-07 14:00 - 00003216 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTomasåLena

2015-01-25 09:09 - 2012-02-07 14:00 - 00000352 _____ () C:\Windows\Tasks\HPCeeScheduleForTomasåLena.job

2015-01-22 10:19 - 2011-10-28 17:10 - 00000000 ____D () C:\Windows\System32\Tasks\Games

2015-01-22 00:01 - 2011-10-25 20:51 - 00002394 _____ () C:\Users\TomasåLena\Desktop\Google Chrome.lnk

2015-01-21 18:16 - 2011-11-08 23:39 - 00000000 ____D () C:\Users\TomasåLena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2015-01-18 20:10 - 2011-12-12 16:43 - 00000000 ____D () C:\Program Files (x86)\VSO

2015-01-18 18:16 - 2012-10-19 18:53 - 00000000 ____D () C:\Users\TomasåLena\AppData\Roaming\dvdcss

2015-01-15 23:25 - 2014-12-22 00:38 - 00000000 ____D () C:\Users\TomasåLena\Desktop\Tomas

2015-01-15 23:25 - 2012-05-14 22:09 - 00000000 ____D () C:\ProgramData\RH_Backups

2015-01-14 22:27 - 2013-08-16 02:01 - 00000000 ____D () C:\Windows\system32\MRT

2015-01-14 22:15 - 2011-10-28 15:33 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-01-14 21:37 - 2011-11-26 20:25 - 00000000 ____D () C:\Users\TomasåLena\AppData\Roaming\Spotify

2015-01-13 00:22 - 2014-10-09 19:46 - 00078848 ___SH () C:\Users\TomasåLena\Downloads\Thumbs.db

2015-01-13 00:09 - 2011-11-26 20:25 - 00000000 ____D () C:\Users\TomasåLena\AppData\Local\Spotify

2015-01-12 23:40 - 2013-10-20 23:32 - 00000000 ____D () C:\ProgramData\Oracle

2015-01-12 23:33 - 2014-10-18 09:44 - 00000000 ____D () C:\Program Files (x86)\Java

2015-01-12 23:08 - 2014-10-18 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2015-01-12 21:19 - 2013-09-22 17:49 - 00000000 ____D () C:\Users\TomasåLena\AppData\Local\Apple Computer

2015-01-07 00:04 - 2013-10-23 19:44 - 00279040 ___SH () C:\Users\TomasåLena\Desktop\Thumbs.db

2015-01-06 16:41 - 2011-10-25 20:44 - 01705376 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2015-01-06 16:41 - 2011-04-07 16:15 - 00717510 _____ () C:\Windows\system32\perfh01D.dat

2015-01-06 16:41 - 2011-04-07 16:15 - 00162942 _____ () C:\Windows\system32\perfc01D.dat

2015-01-06 16:41 - 2009-07-14 06:13 - 01705376 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-01-05 12:15 - 2014-05-28 12:47 - 00000000 ____D () C:\Users\TomasåLena\AppData\Roaming\SketchUp

2015-01-01 14:30 - 2014-08-31 13:32 - 00000000 ____D () C:\Users\TomasåLena\AppData\Local\Adobe

2014-12-30 12:56 - 2011-10-28 17:15 - 00000000 ____D () C:\Users\TomasåLena\AppData\Local\CrashDumps

 

==================== Files in the root of some directories =======

 

2014-10-12 20:09 - 2014-10-12 20:09 - 0004900 _____ () C:\Program Files (x86)\Furnish Pro uninstal.log

2011-12-12 16:43 - 2011-12-12 16:43 - 0099384 _____ () C:\Users\TomasåLena\AppData\Roaming\inst.exe

2011-12-12 16:43 - 2011-12-12 16:43 - 0007859 _____ () C:\Users\TomasåLena\AppData\Roaming\pcouffin.cat

2011-12-12 16:43 - 2011-12-12 16:43 - 0001167 _____ () C:\Users\TomasåLena\AppData\Roaming\pcouffin.inf

2011-12-12 16:44 - 2011-12-12 16:44 - 0000034 _____ () C:\Users\TomasåLena\AppData\Roaming\pcouffin.log

2011-12-12 16:43 - 2011-12-12 16:43 - 0082816 _____ (VSO Software) C:\Users\TomasåLena\AppData\Roaming\pcouffin.sys

2011-12-12 16:45 - 2012-03-09 20:38 - 0001057 _____ () C:\Users\TomasåLena\AppData\Roaming\vso_ts_preview.xml

 

Some content of TEMP:

====================

C:\Users\TomasåLena\AppData\Local\Temp\acing.exe

C:\Users\TomasåLena\AppData\Local\Temp\amd-catalyst-14-9-win7-win8.1-64bit-dd-ccc-whql.exe

C:\Users\TomasåLena\AppData\Local\Temp\AutoRun.exe

C:\Users\TomasåLena\AppData\Local\Temp\AutoRunGUI.dll

C:\Users\TomasåLena\AppData\Local\Temp\cci.exe

C:\Users\TomasåLena\AppData\Local\Temp\COMAP.EXE

C:\Users\TomasåLena\AppData\Local\Temp\DSSExp.exe

C:\Users\TomasåLena\AppData\Local\Temp\EASOUNInstaller.exe

C:\Users\TomasåLena\AppData\Local\Temp\eauninstall.exe

C:\Users\TomasåLena\AppData\Local\Temp\ffunzip.exe

C:\Users\TomasåLena\AppData\Local\Temp\First15.exe

C:\Users\TomasåLena\AppData\Local\Temp\fsprod.dll

C:\Users\TomasåLena\AppData\Local\Temp\fssfm.dll

C:\Users\TomasåLena\AppData\Local\Temp\GURD417.exe

C:\Users\TomasåLena\AppData\Local\Temp\HPHelpUpdater.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\TomasåLena\AppData\Local\Temp\MSN9150.exe

C:\Users\TomasåLena\AppData\Local\Temp\Need for Speed Underground 2_uninst.exe

C:\Users\TomasåLena\AppData\Local\Temp\ose00000.exe

C:\Users\TomasåLena\AppData\Local\Temp\pdf24-creator-update.exe

C:\Users\TomasåLena\AppData\Local\Temp\preconfig.exe

C:\Users\TomasåLena\AppData\Local\Temp\Quarantine.exe

C:\Users\TomasåLena\AppData\Local\Temp\raptrpatch.exe

C:\Users\TomasåLena\AppData\Local\Temp\Resource.exe

C:\Users\TomasåLena\AppData\Local\Temp\sp53904.exe

C:\Users\TomasåLena\AppData\Local\Temp\sp54931.exe

C:\Users\TomasåLena\AppData\Local\Temp\sp58915.exe

C:\Users\TomasåLena\AppData\Local\Temp\sp64126.exe

C:\Users\TomasåLena\AppData\Local\Temp\SpotifyUpgrader.exe

C:\Users\TomasåLena\AppData\Local\Temp\sqlite3.dll

C:\Users\TomasåLena\AppData\Local\Temp\tbVuze.dll

C:\Users\TomasåLena\AppData\Local\Temp\UninstallHPSA.exe

C:\Users\TomasåLena\AppData\Local\Temp\UninstallHPTCA.exe

C:\Users\TomasåLena\AppData\Local\Temp\vlc-2.0.1-win32.exe

C:\Users\TomasåLena\AppData\Local\Temp\VP6Install.exe

C:\Users\TomasåLena\AppData\Local\Temp\VP6VFW.dll

C:\Users\TomasåLena\AppData\Local\Temp\_isF760.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-01-15 21:42

 

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01

Ran by TomasåLena at 2015-01-26 18:32:33

Running from C:\Users\TomasåLena\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Datorskydd (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}

AS: Datorskydd (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)

Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden

Akamai NetSession Interface (HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)

Akamai NetSession Interface Service (HKLM-x32\...\Akamai) (Version:  - )

AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Apple-programstöd (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

ATI Stream SDK v2 Developer (HKLM\...\{80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78}) (Version: 2.2.0.0 - ATI Technologies Inc.)

BankID säkerhetsprogram (HKLM-x32\...\{4B2557F9-8C03-4BE7-9984-4DE525076580}) (Version: 6.0.1.5 - Finansiell ID-Teknik BID AB)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bilar (HKLM-x32\...\e20ae5d9b618d5652e621d3215bfbb6f) (Version:  - )

Bilar 2 (HKLM-x32\...\{FF10D622-7BFE-48C6-8DF6-40D8CB1D3C1B}) (Version: 1.00.0000 - Disney Interactive Studios)

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden

Brother MFL-Pro Suite MFC-5890CN (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 1.0.1.0 - Brother Industries, Ltd.)

Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden

CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.0.3018 - CDBurnerXP)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Computer Security 12.77.100.0 (release) (x32 Version: 12.77.100.0 - F-Secure Corporation) Hidden

ConvertXtoDVD 4.0.11.326 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.11.326 - )

CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dropbox (HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)

DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)

DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden

EaseUS Partition Master 9.1.1 Home Edition (HKLM-x32\...\EaseUS Partition Master Home Edition_is1) (Version:  - EaseUS)

Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden

FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden

Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden

Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden

F-Secure CCF Reputation (x32 Version: 1.0.25.1877 - F-Secure) Hidden

F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden

F-Secure Network CCF 1.02.128 (x32 Version: 1.02.128.1 - F-Secure Corporation) Hidden

Furnish Pro (HKLM-x32\...\Furnish Pro) (Version:  - )

Google Chrome (HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)

Google Earth (HKLM-x32\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Handelsbanken kortläsare (HKLM-x32\...\{D4C30AE2-EAFE-4E28-A3BA-7CF7485E23C4}) (Version: 1.00.0000 - Todos Data System AB)

Handelsbankens kortläsare (HKLM-x32\...\{35C938B6-F72A-4D92-B8B5-A1F0F9B1DC76}) (Version: 1.00.0000 - Todos Data System AB)

Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)

HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4725 - Hewlett-Packard)

HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)

HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)

HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)

HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)

HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)

HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)

HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)

HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)

HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)

HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)

HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)

HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden

iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

IZArc 3.81 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 3.81 Build 1550 - Ivan Zahariev)

Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)

LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden

LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)

LEGO® Harry Potter™: Years 1-4 (HKLM-x32\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games)

LEGO® Harry Potter™: Years 5-7 (HKLM-x32\...\{5C5A944F-096E-4ADD-B8E8-887F18BA6228}) (Version: 1.0.0.0 - WB Games)

LEGO® Indiana Jones™ 2 (x32 Version: 1.00.0000 - LucasArts) Hidden

LEGO® Indiana Jones™ 2: The Adventure Continues (HKLM-x32\...\InstallShield_{11192AA7-FBE3-4150-9667-EE7279CCC769}) (Version: 1.00.0000 - LucasArts)

LEGO® Pirates of the Caribbean The Video Game (HKLM-x32\...\{64958DA4-79D3-43FD-AF06-720DAD044F9E}) (Version: 1.0.0.0 - Disney Interactive Studios)

LEGO® Star Wars™ III: The Clone Wars™ (HKLM-x32\...\{6C0A6B81-0D00-453F-B220-E1F7931B3C2A}) (Version: 1.0.0.0 - LucasArts)

LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)

Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)

Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-041D-0000-0000000FF1CE}_OMUI.sv-se_{6DB23E19-BC1C-4C62-8158-391F65D84457}) (Version:  - Microsoft)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_OMUI.sv-se_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version:  - Microsoft)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Language Pack 2007 - Swedish/svenska (HKLM-x32\...\OMUI.sv-se) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_OMUI.sv-se_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version:  - Microsoft)

Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_OMUI.sv-se_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version:  - Microsoft)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)

Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{B692E59A-055C-43B7-BE0A-9C2FE0AB88B6}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)

Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)

Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)

Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MyFreeCodec (HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\MyFreeCodec) (Version:  - )

Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden

Net iD 5.4.1 (32-bit Edition) (HKLM-x32\...\iid) (Version: 5.4.1.34 - SecMaker AB)

PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)

PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden

PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)

Pixie 1.7.6 (HKLM-x32\...\Pixie_is1) (Version: 1.7.6 - Pixie Developers)

Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden

Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)

Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden

PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)

PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden

QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)

Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden

Registry Healer 5.4.1 uninstall (HKLM-x32\...\RegHealer_is2) (Version: 5.4.1 - KsL Software)

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)

ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)

Shockwave (HKLM-x32\...\Shockwave) (Version:  - )

SketchUp 2015 (HKLM\...\{90A6F70E-96AD-4054-AB8F-42BCFA75F8EC}) (Version: 15.0.9350 - Trimble Navigation Limited)

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

SPAMfighter (HKLM-x32\...\SPAMfighter) (Version: 7.6.14 - Spamfighter ApS)

SPAMfighter (x32 Version: 7.6.14 - Spamfighter ApS) Hidden

Spotify (HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)

SQL Server System CLR Types (HKLM-x32\...\{C9FD9DF2-D92B-4321-A338-52961FECE249}) (Version: 10.1.2531.0 - Microsoft Corporation)

Supportassistenten (HKLM-x32\...\Supportassistenten_is1) (Version: 4.1.0 - TeliaSonera Sverige AB)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Säker surf (HKLM-x32\...\F-Secure ServiceEnabler 28332) (Version: 1.77.243.0 - F-Secure Corporation)

Säker surf (x32 Version: 1.77.243.0 - F-Secure Corporation) Hidden

The Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )

Tradera ProLister (HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\f396e7ec6e1240c7) (Version: 1.6.0.3 - Tradera AB)

Unity Web Player (HKU\S-1-5-21-388272467-1481227621-719459162-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.2.5 - WildTangent)

WildTangent Games App (x32 Version: 4.0.11.14 - WildTangent) Hidden

WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.2 - WildTangent)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)

Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16432 - Microsoft Corporation)

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden

VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)

World Cup Cricket 20-20 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)

Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-388272467-1481227621-719459162-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-388272467-1481227621-719459162-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-388272467-1481227621-719459162-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-388272467-1481227621-719459162-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-388272467-1481227621-719459162-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-388272467-1481227621-719459162-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-388272467-1481227621-719459162-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-388272467-1481227621-719459162-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-388272467-1481227621-719459162-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-388272467-1481227621-719459162-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-388272467-1481227621-719459162-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\TomasåLena\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)

 

==================== Restore Points  =========================

 

01-01-2015 15:31:46 Registry Healer backup

12-01-2015 23:12:55 Removed Java 8 Update 25

12-01-2015 23:32:46 Removed Java 8 Update 25

14-01-2015 22:14:31 Windows Update

15-01-2015 23:19:53 Registry Healer backup

23-01-2015 00:52:10 Removed Java 7 Update 71

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 03:34 - 2012-05-29 11:11 - 00000988 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 serial.alcohol-soft.com

127.0.0.1 www.alcohol-soft.com

127.0.0.1 images.alcohol-soft.com

127.0.0.1 trial.alcohol-soft.com

127.0.0.1 alcohol-soft.com

 

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {0B978974-DE64-4439-B32A-1AF1313991E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

Task: {19579EB9-FD7F-4BE7-ABCF-3A310B2D1A7C} - System32\Tasks\{473611DC-8C62-4E6E-977A-3764C0F8FC5E} => C:\Program Files (x86)\THQ\Disney-Pixar\Bilar\start.exe [2006-07-10] ()

Task: {1CA7CAE9-5E88-4C7D-ADC2-93D86FCA8A2D} - System32\Tasks\HPCeeScheduleForTOMASÅLENA-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)

Task: {347D0373-8831-4B73-9104-DF4E2501A664} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)

Task: {3C14FC3D-BC4F-498B-919B-1D2AC96B57C5} - System32\Tasks\{F335A843-65FF-4D1F-B598-633FAE6C3F4B} => pcalua.exe -a C:\Users\TOMASL~1\AppData\Local\Temp\{F49526B9-727B-4F41-B6D8-F17589467EDC}\setup.exe -d C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\28.0.1500.95

Task: {54DA7BB1-E598-47F4-B21B-372FD9699042} - System32\Tasks\{BFCF865D-C819-4ABB-B2EF-3F70D0A84450} => pcalua.exe -a G:\Ägaren_Säkerhetskopiera\2011-10-11_08-44-17\Memeo\2011-10-11_08-44-17\E_\Nerladdat\IZArc_Setup.exe -d G:\Ägaren_Säkerhetskopiera\2011-10-11_08-44-17\Memeo\2011-10-11_08-44-17\E_\Nerladdat

Task: {56EF1FFD-3660-4D14-BA48-2F422819B217} - System32\Tasks\{2790AAF2-406B-4DD8-B7C5-DE8D1DD9987D} => pcalua.exe -a C:\Users\TOMASL~1\AppData\Local\Temp\{47DA85FE-88DB-4DCC-817A-5E65BBAB7A37}\setup.exe -d C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\29.0.1547.66

Task: {59F51148-2C67-403F-A55D-682E12F32906} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)

Task: {61BA5294-67A5-415C-ABF5-4F2791A3C430} - System32\Tasks\{E7DEDE0B-84C8-463E-AF81-293ED03BA6A9} => pcalua.exe -a C:\Users\TOMASL~1\AppData\Local\Temp\{F025D12B-F696-47D8-825A-BE990837680D}\setup.exe -d C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\28.0.1500.95

Task: {70295429-CD7B-4161-B866-F245D42C4807} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)

Task: {78F19919-028C-4179-BC2C-660BE49710F1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)

Task: {8034079E-4703-4D3C-9F00-D62BA827FAE4} - System32\Tasks\{E131DD90-58F4-421E-BE03-E395C1CE3242} => pcalua.exe -a E:\Telia_Installationhjälp.exe -d E:\

Task: {87967D77-B53B-48D5-BD59-DE5B56D522E6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-388272467-1481227621-719459162-1000UA => C:\Users\TomasåLena\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)

Task: {89AAEB0F-860A-4A3F-BC62-652D010AD51E} - System32\Tasks\{6656C4EA-7CE5-4A5D-A5B6-EB183D34A86C} => C:\Program Files (x86)\THQ\Disney-Pixar\Bilar\start.exe [2006-07-10] ()

Task: {9465BC71-3B7F-4A83-AF3A-63F0B3E51D4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-03] (Google Inc.)

Task: {97EF40F0-4C39-4D54-AD52-36EE41A43819} - System32\Tasks\{563CA350-EE6A-4C2E-B0A5-33CDDCA9E42E} => pcalua.exe -a "C:\Users\TomasåLena\Downloads\dxwebsetup (1).exe" -d C:\Users\TomasåLena\Downloads

Task: {9BF822F0-A1AD-461F-98F2-EDF7C1B8B940} - System32\Tasks\HPCeeScheduleForTomasåLena => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)

Task: {A0CE7743-0ABF-47B5-9A3F-2EC4FE699C61} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-03] (Google Inc.)

Task: {A4E7ED28-D803-452E-97C9-09FBC43DD37E} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] ()

Task: {B5FBAE37-0E80-446E-AB17-CD4F94C3FCC9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {BBFEC41B-B967-4F9F-8AE8-675EDBED04EA} - System32\Tasks\{7F8290E9-64CC-4190-816E-3CB23DCF5924} => pcalua.exe -a E:\setup\hpznop01.exe -d E:\

Task: {CA640430-0409-4014-B3D3-47A45E17F462} - System32\Tasks\{47B25C81-960E-4F13-85FC-C9E705C654A5} => pcalua.exe -a "c:\program files (x86)\steam\steam.exe" -c steam://uninstall/4230

Task: {D4B631CD-CB6F-4F44-A9BC-7102F4B26CD1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-388272467-1481227621-719459162-1000Core => C:\Users\TomasåLena\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)

Task: {DDD29BF2-252C-4164-90E1-9EF19200A784} - System32\Tasks\Games\UpdateCheck_S-1-5-21-388272467-1481227621-719459162-1000

Task: {E1B11AA4-A30F-4357-851C-7B03E7968367} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

Task: {ED3208E4-8B14-4F56-B76B-215979FFAB13} - System32\Tasks\{ED17E0D3-4032-413B-89AB-DB48FECA389B} => pcalua.exe -a E:\Setup.exe -d E:\

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-388272467-1481227621-719459162-1000Core.job => C:\Users\TomasåLena\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-388272467-1481227621-719459162-1000UA.job => C:\Users\TomasåLena\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\HPCeeScheduleForTOMASÅLENA-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\Windows\Tasks\HPCeeScheduleForTomasåLena.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

 

==================== Loaded Modules (whitelisted) =============

 

2010-09-15 18:31 - 2010-09-15 18:31 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

2015-01-25 12:25 - 2015-01-25 12:25 - 02194432 _____ () C:\Users\TomasåLena\Desktop\adwcleaner_4.109.exe

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SupportSoft RemoteAssist => ""="Service"

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

 

========================= Accounts: ==========================

 

Administratör (S-1-5-21-388272467-1481227621-719459162-500 - Administrator - Disabled)

Gäst (S-1-5-21-388272467-1481227621-719459162-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-388272467-1481227621-719459162-1002 - Limited - Enabled)

TomasåLena (S-1-5-21-388272467-1481227621-719459162-1000 - Administrator - Enabled) => C:\Users\TomasåLena

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (01/26/2015 06:32:42 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )

Description: 1  2015-01-26  18:32:42+02:00  tomasålena-hp  SYSTEM  F-Secure DeepGuard

 Application was blocked. This was determined to be a high-risk application by system control heuristics.

 Application path: \\?\c:\windows\mod_frst.exe

 File hash: 4bb423ae4bf7b46ba1cd43c521cf9314c03cf8c4

 

Error: (01/25/2015 00:42:23 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programmet OUTLOOK.EXE, version 12.0.6691.5000, avslutades eftersom det slutade att samverka med Windows. Ytterligare information kan finnas i problemhistoriken på kontrollpanelen för Åtgärdscentret och lösningar.

 

Process-ID: 19e0

 

Starttid: 01d0389252a35c78

 

Avslutningstid: 11

 

Programsökväg: C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

 

Rapport-ID: 319a9d21-a487-11e4-bdfd-6c626dd4eb83

 

Error: (01/25/2015 00:27:42 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: WDLMW BrtWDLMW: [2015/01/25 12:27:42.954]: [00005572]: lperrcode->api = 1 , lperrcode->code = 2

 

Error: (01/25/2015 00:27:41 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: WDLMW BrtWDLMW: [2015/01/25 12:27:41.436]: [00005572]: lperrcode->api = 1 , lperrcode->code = 2

 

Error: (01/25/2015 00:27:39 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: WDLMW BrtWDLMW: [2015/01/25 12:27:39.902]: [00005572]: lperrcode->api = 1 , lperrcode->code = 2

 

Error: (01/25/2015 00:27:38 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: WDLMW BrtWDLMW: [2015/01/25 12:27:38.358]: [00005572]: lperrcode->api = 1 , lperrcode->code = 2

 

Error: (01/25/2015 00:27:36 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: WDLMW BrtWDLMW: [2015/01/25 12:27:36.814]: [00005572]: lperrcode->api = 1 , lperrcode->code = 2

 

Error: (01/25/2015 00:27:35 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: WDLMW BrtWDLMW: [2015/01/25 12:27:35.269]: [00005572]: lperrcode->api = 1 , lperrcode->code = 2

 

Error: (01/25/2015 00:27:33 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: WDLMW BrtWDLMW: [2015/01/25 12:27:33.725]: [00005572]: lperrcode->api = 1 , lperrcode->code = 2

 

Error: (01/25/2015 00:27:32 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: WDLMW BrtWDLMW: [2015/01/25 12:27:32.180]: [00005572]: lperrcode->api = 1 , lperrcode->code = 2

 

 

System errors:

=============

Error: (01/25/2015 00:29:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Tjänsten Suite Service kunde inte startas på grund av följande fel: 

%%2

 

Error: (01/25/2015 00:29:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Tjänsten SPAMfighter Update Service kunde inte startas på grund av följande fel: 

%%2

 

Error: (01/25/2015 00:28:31 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: Tjänsthanteraren försökte utföra en korrigeringsåtgärd (Starta om tjänsten) efter att tjänsten Windows Search avslutats oväntat, men denna åtgärd misslyckades med följande fel: 

%%1056

 

Error: (01/25/2015 00:28:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Tjänsten Windows Search avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

 

Error: (01/25/2015 00:28:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Tjänsten F-Secure Dll Hoster avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 10000 millisekunder: Starta om tjänsten.

 

Error: (01/25/2015 00:28:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Tjänsten SQL Server (VISMA) avslutades oväntat. Detta har skett 1 gånger.

 

Error: (01/25/2015 00:28:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Tjänsten SupportSoft Sprocket Service (teliada) avslutades oväntat. Detta har skett 1 gånger.

 

Error: (01/25/2015 00:28:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Tjänsten F-Secure Management Agent avslutades oväntat. Detta har skett 1 gånger.

 

Error: (01/25/2015 00:28:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

 

Error: (01/25/2015 00:28:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Tjänsten Suite Service avslutades oväntat. Detta har skett 1 gånger.

 

 

Microsoft Office Sessions:

=========================

Error: (04/07/2014 08:06:56 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (12/18/2013 10:49:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 61 seconds with 60 seconds of active time.  This session ended with a crash.

 

Error: (06/29/2013 08:35:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (05/13/2013 05:35:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 242 seconds with 240 seconds of active time.  This session ended with a crash.

 

Error: (12/11/2012 09:39:34 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 9 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (12/11/2012 09:39:12 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

 

Error: (12/07/2012 00:03:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3825 seconds with 1500 seconds of active time.  This session ended with a crash.

 

Error: (09/20/2012 04:41:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-05-02 17:25:28.082

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-02 17:25:27.951

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-02 17:25:25.680

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-02 17:25:25.545

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-02 17:25:23.377

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-02 17:25:23.251

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-02 17:25:20.981

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-02 17:25:20.849

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-02 17:25:18.684

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2013-05-02 17:25:18.553

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i3 CPU 550 @ 3.20GHz

Percentage of memory in use: 38%

Total physical RAM: 3959.08 MB

Available physical RAM: 2419.61 MB

Total Pagefile: 7916.34 MB

Available Pagefile: 5263.11 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:914.67 GB) (Free:647.36 GB) NTFS ==>[system with boot components (obtained from reading drive)]

Drive d: (HP_RECOVERY) (Fixed) (Total:16.75 GB) (Free:2.24 GB) NTFS ==>[system with boot components (obtained from reading drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: 12C84575)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=914.7 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=16.7 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Nedanstående skript kommer även att tömma papperskorgar och alla mappar för tillfälliga filer.

 

Starta programmet Anteckningar.

Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKU\S-1-5-21-388272467-1481227621-719459162-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
U3 ab6bec23; C:\Windows\System32\Drivers\ab6bec23.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U3 affpbg5u; C:\Windows\System32\Drivers\affpbg5u.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
Task: {3C14FC3D-BC4F-498B-919B-1D2AC96B57C5} - System32\Tasks\{F335A843-65FF-4D1F-B598-633FAE6C3F4B} => pcalua.exe -a C:\Users\TOMASL~1\AppData\Local\Temp\{F49526B9-727B-4F41-B6D8-F17589467EDC}\setup.exe -d C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\28.0.1500.95
Task: {56EF1FFD-3660-4D14-BA48-2F422819B217} - System32\Tasks\{2790AAF2-406B-4DD8-B7C5-DE8D1DD9987D} => pcalua.exe -a C:\Users\TOMASL~1\AppData\Local\Temp\{47DA85FE-88DB-4DCC-817A-5E65BBAB7A37}\setup.exe -d C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\29.0.1547.66
Task: {61BA5294-67A5-415C-ABF5-4F2791A3C430} - System32\Tasks\{E7DEDE0B-84C8-463E-AF81-293ED03BA6A9} => pcalua.exe -a C:\Users\TOMASL~1\AppData\Local\Temp\{F025D12B-F696-47D8-825A-BE990837680D}\setup.exe -d C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\28.0.1500.95
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
EmptyTemp:
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Stäng av alla program.

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Om datorn inte startas om automatiskt så gör det själv.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application

C:\AdwCleaner\Quarantine\C\Users\TOMASL~1\AppData\Local\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe.vir Win32/Toolbar.Babylon potentially unwanted application

C:\AdwCleaner\Quarantine\C\Users\TomasåLena\AppData\Local\Babylon\Setup\Setup.exe.vir Win32/Toolbar.Babylon potentially unwanted application

C:\Users\TomasåLena\AppData\Local\Temp\ASK3038.tmp a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application

C:\Users\TomasåLena\AppData\Local\Temp\tbVuze.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application

C:\Users\TomasåLena\AppData\Local\Temp\5359476.Uninstall\Uninstall.exe a variant of Win32/InstallCore.Q potentially unwanted application

C:\Users\TomasåLena\AppData\Local\Temp\71CA2E59-BAB0-7891-9C5A-895F16438CDF\MyBabylonTB.exe Win32/Toolbar.Babylon potentially unwanted application

C:\Users\TomasåLena\AppData\Local\Temp\71CA2E59-BAB0-7891-9C5A-895F16438CDF\Setup.exe Win32/Toolbar.Babylon potentially unwanted application

C:\Users\TomasåLena\AppData\Local\Temp\9A60C555-BAB0-7891-8D4D-BC057F976F08\MyBabylonTB.exe Win32/Toolbar.Babylon potentially unwanted application

C:\Users\TomasåLena\AppData\Local\Temp\9A60C555-BAB0-7891-8D4D-BC057F976F08\Setup.exe Win32/Toolbar.Babylon potentially unwanted application

C:\Users\TomasåLena\AppData\Local\Temp\CDBurnerXP-updates\cdbxp_setup_4.4.2.3442.exe Win32/OpenCandy potentially unsafe application

C:\Users\TomasåLena\AppData\Local\Temp\CDBurnerXP-updates\cdbxp_setup_4.5.0.3717.exe Win32/OpenCandy potentially unsafe application

C:\Users\TomasåLena\AppData\Local\Temp\is1293846689\MyBabylonTB.exe Win32/Toolbar.Babylon potentially unwanted application

C:\Users\TomasåLena\Downloads\ADLSoft_UnCompressor.exe a variant of Win32/InstallCore.Q potentially unwanted application

C:\Users\TomasåLena\Downloads\cdbxp_setup_4.4.0.3018.exe Win32/OpenCandy potentially unsafe application

C:\Users\TomasåLena\Downloads\Indiana.Jones.And.The.Raiders.Of.The.Lost.Ark.1981.SWESUB.DVDRip.exe a variant of Win32/Techsnab.A potentially unwanted application

C:\Users\TomasåLena\Downloads\Indiana.Jones.The.Temple.Of.Doom.1984.SWESUB.DVDRip.XviD-Bambi90_secure.exe Win32/TopMedia.B potentially unwanted application

C:\Users\TomasåLena\Downloads\installer_daemon_tools.exe Win32/Toggle potentially unwanted application

C:\Users\TomasåLena\Downloads\IZArc4.1.6.exe Win32/OpenCandy potentially unsafe application

C:\Users\TomasåLena\Downloads\Shockwave_Installer_Slim (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

C:\Users\TomasåLena\Downloads\SoftonicDownloader_for_sega-rally-revo.exe Win32/SoftonicDownloader.E potentially unwanted application

C:\Users\TomasåLena\Downloads\SoftonicDownloader_for_vuze.exe Win32/SoftonicDownloader.A potentially unwanted application

C:\Users\TomasåLena\Downloads\Alcatraz\setup.exe Win32/Adware.Bundlore application

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01

Ran by TomasåLena at 2015-01-26 21:51:36 Run:1

Running from C:\Users\TomasåLena\Desktop

Loaded Profiles: TomasåLena (Available profiles: TomasåLena)

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

CreateRestorePoint:

CloseProcesses:

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

Toolbar: HKU\S-1-5-21-388272467-1481227621-719459162-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

U3 ab6bec23; C:\Windows\System32\Drivers\ab6bec23.sys [0

] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)

U3 affpbg5u; C:\Windows\System32\Drivers\affpbg5u.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)

Task: {3C14FC3D-BC4F-498B-919B-1D2AC96B57C5} - System32\Tasks\{F335A843-65FF-4D1F-B598-633FAE6C3F4B} => pcalua.exe -a C:\Users\TOMASL~1\AppData\Local\Temp\{F49526B9-727B-4F41-B6D8-F17589467EDC}\setup.exe -d C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\28.0.1500.95

Task: {56EF1FFD-3660-4D14-BA48-2F422819B217} - System32\Tasks\{2790AAF2-406B-4DD8-B7C5-DE8D1DD9987D} => pcalua.exe -a C:\Users\TOMASL~1\AppData\Local\Temp\{47DA85FE-88DB-4DCC-817A-5E65BBAB7A37}\setup.exe -d C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\29.0.1547.66

Task: {61BA5294-67A5-415C-ABF5-4F2791A3C430} - System32\Tasks\{E7DEDE0B-84C8-463E-AF81-293ED03BA6A9} => pcalua.exe -a C:\Users\TOMASL~1\AppData\Local\Temp\{F025D12B-F696-47D8-825A-BE990837680D}\setup.exe -d

C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\28.0.1500.95

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

EmptyTemp:

 

*****************

 

Restore point was successfully created.

Processes closed successfully.

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.

HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.

HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.

HKU\S-1-5-21-388272467-1481227621-719459162-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.

HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found. 

ab6bec23 => Service deleted successfully.

] (Microsoft Corporation) <==== ATTENTION (zero size file/folder) => Error: No automatic fix found for this entry.

affpbg5u => Service deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C14FC3D-BC4F-498B-919B-1D2AC96B57C5}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C14FC3D-BC4F-498B-919B-1D2AC96B57C5}" => Key deleted successfully.

C:\Windows\System32\Tasks\{F335A843-65FF-4D1F-B598-633FAE6C3F4B} => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F335A843-65FF-4D1F-B598-633FAE6C3F4B}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56EF1FFD-3660-4D14-BA48-2F422819B217}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56EF1FFD-3660-4D14-BA48-2F422819B217}" => Key deleted successfully.

C:\Windows\System32\Tasks\{2790AAF2-406B-4DD8-B7C5-DE8D1DD9987D} => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2790AAF2-406B-4DD8-B7C5-DE8D1DD9987D}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61BA5294-67A5-415C-ABF5-4F2791A3C430}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61BA5294-67A5-415C-ABF5-4F2791A3C430}" => Key deleted successfully.

C:\Windows\System32\Tasks\{E7DEDE0B-84C8-463E-AF81-293ED03BA6A9} => Moved successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E7DEDE0B-84C8-463E-AF81-293ED03BA6A9}" => Key deleted successfully.

"C:\Users\TomasåLena\AppData\Local\Google\Chrome\Application\28.0.1500.95" => File/Directory not found.

C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.

EmptyTemp: => Removed 5 GB temporary data.

 

 

The system needed a reboot. 

 

==== End of Fixlog 21:54:08 ====

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Det är några grejer som lagt av. Jag har ett spamprogram, Spamfighterm, kopplat till Outlook som typ försvunnit. Och än så länge är inte problemet löst. Igår kväll, efter den sista instruktionen, var jag inne på aftonbladet.se. Nästan vid varje klick på länk kom det upp en extra flik med skitreklam och nån varning om att man inte kan lämna sidan.

Vad är det vi gör?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

C:\Users\TomasåLena\Downloads\ADLSoft_UnCompressor.exe a variant of Win32/InstallCore.Q potentially unwanted application

C:\Users\TomasåLena\Downloads\cdbxp_setup_4.4.0.3018.exe Win32/OpenCandy potentially unsafe application

C:\Users\TomasåLena\Downloads\Indiana.Jones.And.The.Raiders.Of.The.Lost.Ark.1981.SWESUB.DVDRip.exe a variant of Win32/Techsnab.A potentially unwanted application

C:\Users\TomasåLena\Downloads\Indiana.Jones.The.Temple.Of.Doom.1984.SWESUB.DVDRip.XviD-Bambi90_secure.exe Win32/TopMedia.B potentially unwanted application

C:\Users\TomasåLena\Downloads\installer_daemon_tools.exe Win32/Toggle potentially unwanted application

C:\Users\TomasåLena\Downloads\IZArc4.1.6.exe Win32/OpenCandy potentially unsafe application

C:\Users\TomasåLena\Downloads\Shockwave_Installer_Slim (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

C:\Users\TomasåLena\Downloads\SoftonicDownloader_for_sega-rally-revo.exe Win32/SoftonicDownloader.E potentially unwanted application

C:\Users\TomasåLena\Downloads\SoftonicDownloader_for_vuze.exe Win32/SoftonicDownloader.A potentially unwanted application

C:\Users\TomasåLena\Downloads\Alcatraz\setup.exe Win32/Adware.Bundlore application

Ovanstående är installationsfiler som ligger i mappen "Hämtade filer". Du vill kanske rensa lite där.

 

 

En del som hör till Spamfighter kan ha åkt med i någon rensning eftersom Spamfighter rätt ofta installeras utan att man velat det.

https://www.mywot.com/en/scorecard/spamfighter.com

Kan du ominstallera det?

 

 

Har du en router, vilken modell i så fall?

Är flera datorer eller liknande anslutna till den?

Har de också samma problem med annonser?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Router, ja. Telias modell "technicolor TG799TSvn v2"

En bärbar dator utan problem som de här. plus en Denverplatta och våra telefoner som tar del av nätet där oxå.

 

Jag rensar ovanstående filer och försöker installera Spamfighter igen.

 

Ska jag köra nån scanning enl föregående instruktion sen?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

När inte den andra datorn har samma problem så lär inte routern vara hackad.

 

1. Spara ComboFix på Skrivbordet: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram, men lämna brandväggen på.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

Kör ComboFix och följ anvisningarna som visas.

Om det kommer upp en fråga om du vill installera återställningskonsolen så svara Ja.

Mer detaljerad vägledning finns på http://www.bleepingcomputer.com/combofix/se/hur-combofix-ska-anvandas

 

Om det kommer upp något meddelande, t ex att ett rootkit har hittats, från ComboFix skriv ner det och skriv det sedan i ditt svar.

 

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när det körs eftersom så det kan hänga upp sig då.

 

När ComboFix är färdig ska en logg komma upp, klistra in den i ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet.

 

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.

 

 

2. Spara RougueKiller på Skrivbordet.

För 32-bitars Windows: http://www.adlice.com/softs/roguekiller/RogueKiller.exe

För 64-bitars Windows: http://www.adlice.com/softs/roguekiller/RogueKillerX64.exe

Stäng av alla program.

Ta bort alla externa enheter, t ex USB-minnen och externa hårddiskar, utom tangentbord och mus. Låt dem vara bortkopplade medan rensningen pågår.

 

Kör RogueKiller (i Vista och Windows 7 högerklicka på programmet och välj "Kör som administratör). Om det inte går att köra så pröva flera gång, men om det fortfarande inte går så pröva med att döpa om programmet till winlogon.exe.

 

Vänta tills "Prescan" har avslutats.

Klicka på "Scan"-knappen uppe till höger.

Vänta tills skanningen är klar.

En rapport "RKreport.txt" ska då ha skapats på Skrivbordet. Klistra in innehållet i den i ditt svar.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Wow! Vilken härlig instruktion! Jag återkommer när jag försökt med detta i morgon, Tack så länge om jag inte uttryckt det än. Jag är verkligen tacksam för all den här hjälpen. Det känns som att det kommer funka.

Hörs snart!

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
ComboFix 15-01-27.01 - TomasåLena 2015-01-28  10:22:54.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.46.1053.18.3959.2491 [GMT 1:00]

Körs från: c:\users\TomasÕLena\Desktop\ComboFix.exe

AV: Datorskydd *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}

SP: Datorskydd *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Thumbs.db

c:\windows\Fonts\tt0604m_.ttf

c:\windows\msdownld.tmp

.

.

((((((((((((((((((((((((   Filer skapade från 2014-12-28 till 2015-01-28  ))))))))))))))))))))))))))))))

.

.

2015-01-28 09:53 . 2015-01-28 09:53 -------- d-----w- c:\users\Default\AppData\Local\temp

2015-01-27 22:02 . 2015-01-27 22:02 -------- d-----w- c:\program files (x86)\Common Files\Java

2015-01-27 22:02 . 2015-01-27 22:01 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2015-01-27 13:07 . 2015-01-27 13:07 -------- d-----w- c:\program files (x86)\Fighters

2015-01-25 11:30 . 2015-01-27 13:08 -------- d-----w- c:\users\TomasåLena\AppData\Roaming\Fighters

2015-01-23 00:00 . 2015-01-25 11:28 -------- d-----w- C:\AdwCleaner

2015-01-22 10:06 . 2015-01-26 20:54 -------- d-----w- C:\FRST

2015-01-21 16:54 . 2015-01-21 16:54 -------- d-----w- c:\program files (x86)\EA GAMES

2015-01-21 16:54 . 2004-08-18 08:34 442368 ----a-r- c:\windows\SysWow64\vp6vfw.dll

2015-01-14 17:47 . 2014-12-11 17:47 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe

2015-01-14 17:47 . 2014-12-19 03:06 210432 ----a-w- c:\windows\system32\profsvc.dll

2015-01-14 17:47 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll

2015-01-14 17:47 . 2014-12-06 03:50 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll

2015-01-14 17:47 . 2014-12-06 03:50 156672 ----a-w- c:\windows\SysWow64\ncsi.dll

2015-01-14 17:47 . 2014-12-19 01:46 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys

2015-01-14 17:46 . 2014-12-12 05:35 5553592 ----a-w- c:\windows\system32\ntoskrnl.exe

2015-01-14 17:46 . 2014-12-12 05:11 3971512 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2015-01-14 17:46 . 2014-12-12 05:11 3916728 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2015-01-14 17:46 . 2014-12-12 05:31 503808 ----a-w- c:\windows\system32\srcore.dll

2015-01-14 17:46 . 2014-12-12 05:31 50176 ----a-w- c:\windows\system32\srclient.dll

2015-01-14 17:46 . 2014-12-12 05:31 296960 ----a-w- c:\windows\system32\rstrui.exe

2015-01-14 17:46 . 2014-12-12 05:07 43008 ----a-w- c:\windows\SysWow64\srclient.dll

2015-01-12 22:44 . 2015-01-12 22:44 -------- d-----w- c:\windows\Sun

2015-01-05 11:15 . 2015-01-05 11:15 -------- d---a-w- c:\programdata\Reprise

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2015-01-26 17:42 . 2012-04-19 13:05 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2015-01-26 17:42 . 2011-11-10 15:33 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2015-01-14 21:15 . 2011-10-28 14:33 113365784 ----a-w- c:\windows\system32\MRT.exe

2014-12-13 05:09 . 2014-12-18 20:26 144384 ----a-w- c:\windows\system32\ieUnatt.exe

2014-12-13 03:33 . 2014-12-18 20:26 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2014-12-04 02:50 . 2014-12-09 20:22 413184 ----a-w- c:\windows\system32\generaltel.dll

2014-12-04 02:50 . 2014-12-09 20:22 741376 ----a-w- c:\windows\system32\invagent.dll

2014-12-04 02:50 . 2014-12-09 20:22 396800 ----a-w- c:\windows\system32\devinv.dll

2014-12-04 02:50 . 2014-12-09 20:22 830976 ----a-w- c:\windows\system32\appraiser.dll

2014-12-04 02:50 . 2014-12-09 20:22 192000 ----a-w- c:\windows\system32\aepic.dll

2014-12-04 02:50 . 2014-12-09 20:22 227328 ----a-w- c:\windows\system32\aepdu.dll

2014-12-04 02:44 . 2014-12-09 20:22 1083392 ----a-w- c:\windows\system32\aeinv.dll

2014-12-02 15:52 . 2014-12-02 15:52 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2014-12-01 23:28 . 2014-12-09 20:22 1232040 ----a-w- c:\windows\system32\aitstatic.exe

2014-11-27 01:43 . 2014-12-09 20:21 389296 ----a-w- c:\windows\system32\iedkcs32.dll

2014-11-22 03:13 . 2014-12-09 20:20 25059840 ----a-w- c:\windows\system32\mshtml.dll

2014-11-22 03:06 . 2014-12-09 20:21 2724864 ----a-w- c:\windows\system32\mshtml.tlb

2014-11-22 03:06 . 2014-12-09 20:21 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll

2014-11-22 02:50 . 2014-12-09 20:20 66560 ----a-w- c:\windows\system32\iesetup.dll

2014-11-22 02:50 . 2014-12-09 20:20 580096 ----a-w- c:\windows\system32\vbscript.dll

2014-11-22 02:49 . 2014-12-09 20:21 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll

2014-11-22 02:49 . 2014-12-09 20:20 2885120 ----a-w- c:\windows\system32\iertutil.dll

2014-11-22 02:48 . 2014-12-09 20:20 88064 ----a-w- c:\windows\system32\MshtmlDac.dll

2014-11-22 02:41 . 2014-12-09 20:20 54784 ----a-w- c:\windows\system32\jsproxy.dll

2014-11-22 02:40 . 2014-12-09 20:21 34304 ----a-w- c:\windows\system32\iernonce.dll

2014-11-22 02:37 . 2014-12-09 20:20 633856 ----a-w- c:\windows\system32\ieui.dll

2014-11-22 02:35 . 2014-12-09 20:21 114688 ----a-w- c:\windows\system32\ieetwcollector.exe

2014-11-22 02:34 . 2014-12-09 20:20 814080 ----a-w- c:\windows\system32\jscript9diag.dll

2014-11-22 02:34 . 2014-12-09 20:20 6039552 ----a-w- c:\windows\system32\jscript9.dll

2014-11-22 02:26 . 2014-12-09 20:21 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

2014-11-22 02:22 . 2014-12-09 20:20 490496 ----a-w- c:\windows\system32\dxtmsft.dll

2014-11-22 02:20 . 2014-12-09 20:21 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb

2014-11-22 02:14 . 2014-12-09 20:21 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll

2014-11-22 02:09 . 2014-12-09 20:20 199680 ----a-w- c:\windows\system32\msrating.dll

2014-11-22 02:08 . 2014-12-09 20:20 92160 ----a-w- c:\windows\system32\mshtmled.dll

2014-11-22 02:07 . 2014-12-09 20:20 501248 ----a-w- c:\windows\SysWow64\vbscript.dll

2014-11-22 02:07 . 2014-12-09 20:21 62464 ----a-w- c:\windows\SysWow64\iesetup.dll

2014-11-22 02:06 . 2014-12-09 20:21 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll

2014-11-22 02:05 . 2014-12-09 20:20 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll

2014-11-22 02:05 . 2014-12-09 20:21 316928 ----a-w- c:\windows\system32\dxtrans.dll

2014-11-22 01:54 . 2014-12-09 20:21 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll

2014-11-22 01:49 . 2014-12-09 20:21 718848 ----a-w- c:\windows\system32\ie4uinit.exe

2014-11-22 01:49 . 2014-12-09 20:21 800768 ----a-w- c:\windows\system32\msfeeds.dll

2014-11-22 01:47 . 2014-12-09 20:20 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll

2014-11-22 01:46 . 2014-12-09 20:20 2125312 ----a-w- c:\windows\system32\inetcpl.cpl

2014-11-22 01:43 . 2014-12-09 20:20 14412800 ----a-w- c:\windows\system32\ieframe.dll

2014-11-22 01:40 . 2014-12-09 20:21 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll

2014-11-22 01:29 . 2014-12-09 20:20 4299264 ----a-w- c:\windows\SysWow64\jscript9.dll

2014-11-22 01:28 . 2014-12-09 20:20 2358272 ----a-w- c:\windows\system32\wininet.dll

2014-11-22 01:22 . 2014-12-09 20:21 2052096 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2014-11-22 01:21 . 2014-12-09 20:20 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll

2014-11-22 01:15 . 2014-12-09 20:21 1548288 ----a-w- c:\windows\system32\urlmon.dll

2014-11-22 01:03 . 2014-12-09 20:20 800768 ----a-w- c:\windows\system32\ieapfltr.dll

2014-11-22 01:00 . 2014-12-09 20:20 1888256 ----a-w- c:\windows\SysWow64\wininet.dll

2014-11-18 13:56 . 2014-11-18 13:56 1202848 ----a-w- c:\windows\SysWow64\FM20.DLL

2014-11-11 03:09 . 2014-12-09 20:21 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll

2014-11-11 03:08 . 2014-11-18 18:12 241152 ----a-w- c:\windows\system32\pku2u.dll

2014-11-11 03:08 . 2014-11-18 18:12 728064 ----a-w- c:\windows\system32\kerberos.dll

2014-11-11 02:44 . 2014-12-09 20:21 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll

2014-11-11 02:44 . 2014-11-18 18:12 186880 ----a-w- c:\windows\SysWow64\pku2u.dll

2014-11-11 02:44 . 2014-11-18 18:12 550912 ----a-w- c:\windows\SysWow64\kerberos.dll

2014-11-11 01:46 . 2014-12-09 20:21 119296 ----a-w- c:\windows\system32\drivers\tdx.sys

2014-11-08 03:16 . 2014-12-09 20:17 2048 ----a-w- c:\windows\system32\tzres.dll

2014-11-08 02:45 . 2014-12-09 20:17 2048 ----a-w- c:\windows\SysWow64\tzres.dll

.

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* tomma poster & legitima standardposter visas inte. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Akamai NetSession Interface"="c:\users\TomasåLena\AppData\Local\Akamai\netsession_win.exe" [2014-10-29 4673432]

"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]

"F5889464CCDFB1854FE254BA487C979F167DEC1F._service_run"="c:\users\TomasåLena\AppData\Local\Google\Chrome\Application\chrome.exe" [2015-01-25 843592]

"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-04-26 3111744]

"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-11-23 393216]

"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-10-17 43816]

"iCloudDrive"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe" [2014-10-20 43816]

"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2014-11-21 43816]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]

"Telia"="c:\program files (x86)\Telia\Supportassistenten\bin\sprtcmd.exe" [2010-11-11 206120]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"Net iD"="c:\program files (x86)\Net iD\iid.exe" [2011-03-21 87352]

"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]

"PaperPort PTD"="c:\program files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [2008-07-09 29984]

"IndexSearch"="c:\program files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [2008-07-09 46368]

"PPort11reminder"="c:\program files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]

"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]

"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]

"F-Secure Hoster (28332)"="c:\program files (x86)\Telia\Telias sakerhetstjanster\fshoster32.exe" [2013-01-18 188400]

"F-Secure Manager"="c:\program files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSM32.EXE" [2013-01-03 311432]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-09-15 767200]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-11-20 1021128]

"CommonToolkitTray"="c:\program files (x86)\Fighters\Tray\FightersTray.exe" [2014-03-24 1681952]

"sfagent"="c:\program files (x86)\Fighters\SPAMfighter\sfagent.exe" [2014-04-29 1051168]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Snapfish PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe -det [2010-9-28 1040952]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]

"EnableShellExecuteHooks"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]

"Userinit"="c:\windows\system32\userinit.exe"

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]

R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]

R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]

R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]

R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]

R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]

R3 GamesAppIntegrationService;GamesAppIntegrationService;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]

R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]

R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]

R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]

R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]

R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]

R3 Tdsshbecr;Handelsbanken card reader;c:\windows\system32\DRIVERS\shbecr.sys;c:\windows\SYSNATIVE\DRIVERS\shbecr.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys;c:\windows\SYSNATIVE\Drivers\fsbts.sys [x]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]

S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\HIPS\drivers\fshs.sys;c:\program files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\HIPS\drivers\fshs.sys [x]

S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys;c:\program files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [x]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]

S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]

S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\Telia\Telias sakerhetstjanster\fshoster32.exe;c:\program files (x86)\Telia\Telias sakerhetstjanster\fshoster32.exe [x]

S2 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Telia\Telias sakerhetstjanster\apps\CCF_Reputation\fsorsp.exe;c:\program files (x86)\Telia\Telias sakerhetstjanster\apps\CCF_Reputation\fsorsp.exe [x]

S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]

S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 MSSQL$VISMA;SQL Server (VISMA);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]

S2 SPAMfighter Update Service;SPAMfighter Update Service;c:\program files (x86)\Fighters\SPAMfighter\sfus.exe;c:\program files (x86)\Fighters\SPAMfighter\sfus.exe [x]

S2 sprtsvc_teliada;SupportSoft Sprocket Service (teliada);c:\program files (x86)\Telia\Supportassistenten\bin\sprtsvc.exe;c:\program files (x86)\Telia\Supportassistenten\bin\sprtsvc.exe [x]

S2 Suite Service;Suite Service;c:\program files (x86)\Fighters\FighterSuiteService.exe;c:\program files (x86)\Fighters\FighterSuiteService.exe [x]

S2 tgsrvc_teliada;SupportSoft Repair Service (teliada);c:\program files (x86)\Telia\Supportassistenten\bin\tgsrvc.exe;c:\program files (x86)\Telia\Supportassistenten\bin\tgsrvc.exe [x]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]

S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys;c:\program files (x86)\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [x]

S3 fsni;fsni;c:\program files (x86)\Telia\Telias sakerhetstjanster\apps\CCF_Scanning\bin\fsni64.sys;c:\program files (x86)\Telia\Telias sakerhetstjanster\apps\CCF_Scanning\bin\fsni64.sys [x]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

.

.

Innehåll i mappen 'Schemalagda aktiviteter':

.

2015-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-19 17:42]

.

2015-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-03 16:18]

.

2015-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-03 16:18]

.

2015-01-26 c:\windows\Tasks\HPCeeScheduleForTOMASÅLENA-HP$.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]

.

2015-01-25 c:\windows\Tasks\HPCeeScheduleForTomasåLena.job

- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-05-25 00:36 164016 ----a-w- c:\users\TomasåLena\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]

"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]

"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-12-16 21720]

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.google.se/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <local>

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

.

- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

.

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

AddRemove-Shockwave - c:\windows\System32\Macromed\SHOCKW~2\UNWISE.EXE

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fshoster]

"ImagePath"="\"c:\program files (x86)\Telia\Telias sakerhetstjanster\fshoster32.exe\" -hosterid:0"

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_296_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]

@Denied: (A 2) (Everyone)

@="IFlashBroker6"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_296_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.16"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_296.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]

@Denied: (A 2) (Everyone)

@="IFlashBroker6"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\F-Secure\My Services Agent\Protected]

@Denied: ) (Everyone)

"AgentIdentifier"="429fce06-06a4-475c-9d87-6167abb27ee2"

"AuthorizationCode"=""

"28332_AgentIdentifier"="429fce06-06a4-475c-9d87-6167abb27ee2"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Sluttid: 2015-01-28  10:54:45

ComboFix-quarantined-files.txt  2015-01-28 09:54

.

Före genomsökningen: 698 596 618 240 byte ledigt

Efter genomsökningen: 698 189 856 768 byte ledigt

.

- - End Of File - - 9A688225508C0EDAE27FA3529920297B

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Jag har kört RogueKiller men en RKreport.txt skapades inte. Jag gjorde enl instr men stängde oxå av mitt antivirus och kopplade ifrån nätet. Var det fel?

En RKreport...log skapades men inte på skrivbordet. Här är den rapporten:

 

RogueKiller V10.2.0.0 (x64) [Jan 19 2015] by Adlice Software
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : TomasåLena [Administrator]
Mode : Scan -- Date : 01/28/2015  11:05:49
 
¤¤¤ Processes : 0 ¤¤¤
 
¤¤¤ Registry : 19 ¤¤¤
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BridgeMP (system32\DRIVERS\bridge.sys) -> Found
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme (\??\C:\ComboFix\catchme.sys) -> Found
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome  -> Found
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome  -> Found
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome  -> Found
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome  -> Found
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> Found
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-388272467-1481227621-719459162-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-388272467-1481227621-719459162-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> Found
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{75C27093-77AD-4589-A88A-464B698E497A} | DhcpNameServer : 172.20.10.1  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{75C27093-77AD-4589-A88A-464B698E497A} | DhcpNameServer : 172.20.10.1  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{75C27093-77AD-4589-A88A-464B698E497A} | DhcpNameServer : 172.20.10.1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1       localhost
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721010CLA332 +++++
--- User ---
[MBR] 67abd6669b109ea5868ca9d0b549273a
[bSP] 1967fb46690ece3fd5d9f27c9887308f : Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [unknown Bootstrap | Unknown Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206911 | Size: 936619 MB [unknown Bootstrap | Unknown Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1918402560 | Size: 17148 MB [unknown Bootstrap | Unknown Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: Multi Flash Reader USB Device +++++
Error reading User MBR! ([15] Enheten är inte klar. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Begäran stöds inte. )
 
"Error" känns fel...
Och i programmet ber RK mig gå in och ta bort grejer från 'Registry' och 'AntiRootkit'. Bör jag radera föreslagna filer? Jag låter RK stå på så länge.
Redigerad av ShorTee

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

1. 2015-01-05 11:15 . 2015-01-05 11:15 -------- d---a-w- c:\programdata\Reprise

Vad är det för program?

När började detta reklamproblem?

 

2. Var hittade du rapporten från RogueKiller?

Eftersom de verkar ha ändrat vad programmet gör så är det bra om jag kan ändra mina anvisningar.

 

3. "Error" verkar gälla antingen minneskortläsaren eller ett USB-minne så inget att bry sig om.

 

4. Är det en märkesdator eller finns det två operativsystem i den (dual-boot)?

 

5. Kör RogueKiller med nätverksanslutningen igång och se om rapporten blir annorlunda.

 

 

6. Spara TDSSKiller på Skrivbordet:

http://support.kaspersky.com/downloads/utils/tdsskiller.exe

 

Stäng av dina vanliga program, men du kan lämna antivirusprogram och liknande igång.

Kör programmet TDSSKiller.exe.

 

Klicka på Start Scan.

 

Om några malicious hittas så välj Cure och klicka på Continue. Om inte Cure finns så välj Skip. Om några suspicious hittas så välj Skip och klicka på Continue. Välj INTE Quarantine eller Delete. Eventuellt behöver datorn startas om.

 

Klistra in innehållet i loggen som du hittar i C:\ med namnet TDSSKiller följt av version och tidpunkt.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

1. Programmet vet jag inte vad det är.

problemen har funnits här i tre-fyra-fem veckor känns det som. Osäker. Kanske sen 5e januari??

 

2. Rapporten kom från knappen "report" som jag klickade på på hö sida i programrutan.

 

3. -

 

4. Märkes-. HP-G5384 sc. Två-tre år gammal, kanske mer.

 

5. OK, jag kör. Jag rapporterar igen och sen oxå TDSSKiller. Den ser lite klurigare ut.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

En grej till. Nu när jag klickade på 'skicka' svaret nyss kom en flik upp med namnet TeliaSonera bla bla... Det är precis såna flika som kommer upp typ varannan gång jag klickar på länkar eller knappar.

Hur skickar jag med en bilaga? Jag har skärmdumpat fliken och sparat i Word.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



×