Hjälp med loggar

[cybertears]

Hej!

 

Min syster hade en del problem med att nätet kopplades ifrån, började scanna med FRST och kollade igenom loggarna och sen körde jag Malwarebytes och där hittades grejer. 

La allt skit i karantän och starta om datorn, sen så tömde jag även det som låg i karantänen. Generera nya loggar efter men skulle behöva lite hjälp med o se över om det är mer som behöver ses över. 

Advance PC-Care t.ex verkar ligga kvar i den senaste loggen även om Mbam borde ha tagit väck allt. 

 

Bifogar föreloggar och efter loggar. 

 

Malwarebytes www.malwarebytes.com -Logginformation- Datum för genomsökningen: 2019-01-17 Tid för genomsökningen: 23:52 Loggfil: a23b743a-1aaa-11e9-8583-309c233619d8.json -Programvaruinformation- Version: 3.6.1.2711 Komponentversion: 1.0.519 Uppdatera paketversionen: 1.0.8840 Licens: Testversion -Systeminformation- OS: Windows 10 (Build 17134.523) CPU: x64 Filsystem: NTFS Användare: DESKTOP-AJQLU7R\GGM -Sammanfattning av genomsökning- Typ av genomsökning: Anpassad genomsökning Genomsökning startades av: Manuellt Resultat: Slutförd Genomsökta objekt: 347133 Upptäckta hot: 96 Objekt satta i karantän: 96 Tid som gått: 11 tim, 48 min, 22 sek -Alternativ för genomsökning- Minne: Aktiverat Start: Aktiverat Filsystem: Aktiverat Arkiv: Aktiverat Spökprogram: Aktiverat Heuristik: Aktiverat Potentiellt oönskat program: Hitta Potentiellt oönskad ändring: Hitta -Information om genomsökning- Process: 0 (Inga skadliga objekts har upptäckts) Modul: 0 (Inga skadliga objekts har upptäckts) Registernyckel: 8 PUP.Optional.AdvancePCCare, HKU\S-1-5-21-1549267440-4050527236-303262978-1001\SOFTWARE\EFIXMYPC.COM\Advance PC-Care, I karantän, [1035], [478153],1.0.8840 PUP.Optional.PCVARK, HKLM\SOFTWARE\ZWZpeG15cGMuY29t, I karantän, [441], [556569],1.0.8840 PUP.Optional.AdvancePCCare, HKLM\SOFTWARE\EFIXMYPC.COM\Advance PC-Care, I karantän, [1035], [478154],1.0.8840 PUP.Optional.AdvancePCCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A384D33B-E6D2-4E58-B6A2-E932ED4369A7}, I karantän, [1035], [510043],1.0.8840 PUP.Optional.AdvancePCCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{A384D33B-E6D2-4E58-B6A2-E932ED4369A7}, I karantän, [1035], [510043],1.0.8840 PUP.Optional.AdvancePCCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Advance PC-Care_Logon, I karantän, [1035], [510043],1.0.8840 PUP.Optional.AdvancePCCare, HKLM\SOFTWARE\PCV-VAR, I karantän, [1035], [478156],1.0.8840 Adware.PCVARK, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\8AB14857-1A45-4CEA-99DD-981290C87F06_is1, I karantän, [440], [525249],1.0.8840 Registervärde: 3 PUP.Optional.AdvancePCCare, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{A384D33B-E6D2-4E58-B6A2-E932ED4369A7}|PATH, I karantän, [1035], [510044],1.0.8840 PUP.Optional.AdvancePCCare, HKLM\SOFTWARE\PCV-VAR|PHONE, I karantän, [1035], [478156],1.0.8840 PUP.Optional.ASK.Generic, HKU\S-1-5-21-1549267440-4050527236-303262978-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|eocnnoackodjagdbaoddhjbkpjabimed, I karantän, [1995], [570839],1.0.8840 Registerdata: 0 (Inga skadliga objekts har upptäckts) Dataflöde: 0 (Inga skadliga objekts har upptäckts) Mapp: 22 PUP.Optional.AdvancePCCare, C:\ProgramData\efixmypc.com\Advance PC-Care, I karantän, [1035], [478149],1.0.8840 PUP.Optional.AdvancePCCare, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advance PC-Care, I karantän, [1035], [478150],1.0.8840 PUP.Optional.AdvancePCCare, C:\Users\GGM\AppData\Roaming\efixmypc.com\Advance PC-Care\smico, I karantän, [1035], [478149],1.0.8840 PUP.Optional.AdvancePCCare, C:\Users\GGM\AppData\Roaming\efixmypc.com\Advance PC-Care, I karantän, [1035], [478149],1.0.8840 PUP.Optional.ASK.Generic, C:\USERS\GGM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Local Extension Settings\eocnnoackodjagdbaoddhjbkpjabimed, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\es_419, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\pt_br, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\pt_pt, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\de, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\en, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\es, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\fr, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\it, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\ja, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_metadata, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\config, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\icons, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\libs, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\USERS\GGM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EOCNNOACKODJAGDBAODDHJBKPJABIMED, I karantän, [1995], [570839],1.0.8840 Fil: 63 PUP.Optional.AdvancePCCare, C:\WINDOWS\SYSTEM32\TASKS\ADVANCE PC-CARE_LOGON, I karantän, [1035], [510043],1.0.8840 Adware.PCVARK, C:\PROGRAM FILES\ADVANCE PC-CARE\INTEROP.IWSHRUNTIMELIBRARY.DLL, I karantän, [440], [525249],1.0.8840 Adware.PCVARK, C:\PROGRAM FILES\ADVANCE PC-CARE\MICROSOFT.WIN32.TASKSCHEDULER.DLL, I karantän, [440], [525249],1.0.8840 Adware.PCVARK, C:\PROGRAM FILES\ADVANCE PC-CARE\UNINS000.EXE, I karantän, [440], [525249],1.0.8840 Adware.PCVARK, C:\PROGRAM FILES\ADVANCE PC-CARE\HTMLRENDERER.DLL, I karantän, [440], [525249],1.0.8840 Adware.PCVARK, C:\PROGRAM FILES\ADVANCE PC-CARE\TAFACTORY.ICONPACK.DLL, I karantän, [440], [525249],1.0.8840 Adware.PCVARK, C:\PROGRAM FILES\ADVANCE PC-CARE\HTMLRENDERER.WINFORMS.DLL, I karantän, [440], [525249],1.0.8840 Adware.PCVARK, C:\PROGRAM FILES\ADVANCE PC-CARE\TASKSCHEDULER.DLL, I karantän, [440], [525249],1.0.8840 Adware.PCVARK, C:\PROGRAM FILES\ADVANCE PC-CARE\APCENG.DLL, I karantän, [440], [525249],1.0.8840 Adware.PCVARK, C:\PROGRAM FILES\ADVANCE PC-CARE\NAUDIO.DLL, I karantän, [440], [525249],1.0.8840 Adware.PCVARK, C:\PROGRAM FILES\ADVANCE PC-CARE\APPRES.DLL, I karantän, [440], [525249],1.0.8840 Adware.PCVARK, C:\PROGRAM FILES\ADVANCE PC-CARE\SYSTEM.DATA.SQLITE.DLL, I karantän, [440], [525249],1.0.8840 PUP.Optional.AdvancePCCare, C:\ProgramData\efixmypc.com\Advance PC-Care\apc.db, I karantän, [1035], [478149],1.0.8840 PUP.Optional.AdvancePCCare, C:\ProgramData\efixmypc.com\Advance PC-Care\apcstartrepair_en.mp3, I karantän, [1035], [478149],1.0.8840 PUP.Optional.AdvancePCCare, C:\ProgramData\efixmypc.com\Advance PC-Care\apcstartrepair_sv.mp3, I karantän, [1035], [478149],1.0.8840 PUP.Optional.AdvancePCCare, C:\ProgramData\efixmypc.com\Advance PC-Care\voice.ini, I karantän, [1035], [478149],1.0.8840 PUP.Optional.AdvancePCCare, C:\Users\GGM\AppData\Roaming\efixmypc.com\Advance PC-Care\Errorlog.txt, I karantän, [1035], [478149],1.0.8840 PUP.Optional.AdvancePCCare, C:\Users\GGM\AppData\Roaming\efixmypc.com\Advance PC-Care\exlist.bin, I karantän, [1035], [478149],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eocnnoackodjagdbaoddhjbkpjabimed\000003.log, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eocnnoackodjagdbaoddhjbkpjabimed\CURRENT, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eocnnoackodjagdbaoddhjbkpjabimed\LOCK, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eocnnoackodjagdbaoddhjbkpjabimed\LOG, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eocnnoackodjagdbaoddhjbkpjabimed\LOG.old, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\eocnnoackodjagdbaoddhjbkpjabimed\MANIFEST-000001, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\USERS\GGM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Ersatt, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\USERS\GGM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Ersatt, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\USERS\GGM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\EOCNNOACKODJAGDBAODDHJBKPJABIMED\50.139.13.64978_0\MANIFEST.JSON, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\config\config.json, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\icons\icon128.png, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\icons\icon16.png, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\icons\icon19disabled.png, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\icons\icon19on.png, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\icons\icon48.png, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\ajax.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\background.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\chrome.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\content_script.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\dlp.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\dlpHelper.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\extension_detect.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\index.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\internationalSearchUtils.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\logger.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\settingsOverridesUtils.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\storageUtils.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\templateParser.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\ul.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\urlUtils.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\js\util.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\libs\PartnerId.js, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\de\messages.json, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\en\messages.json, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\es\messages.json, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\es_419\messages.json, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\fr\messages.json, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\it\messages.json, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\ja\messages.json, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\pt_br\messages.json, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_locales\pt_pt\messages.json, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_metadata\computed_hashes.json, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ASK.Generic, C:\Users\GGM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocnnoackodjagdbaoddhjbkpjabimed\50.139.13.64978_0\_metadata\verified_contents.json, I karantän, [1995], [570839],1.0.8840 PUP.Optional.ByteFence, C:\USERS\GGM\APPDATA\LOCAL\TEMP\~NSUA.TMP\UN_A.EXE, I karantän, [5938], [389016],1.0.8840 PUP.Optional.ByteFence, C:\WINDOWS\TEMP\~UN0CE0AFC63\I0D0E60584.EXE, I karantän, [5938], [530173],1.0.8840 Fysisk sektor: 0 (Inga skadliga objekts har upptäckts) WMI: 0 (Inga skadliga objekts har upptäckts) (end)

 

Addition_old.txt

FRST.old.txt

Addition_senaste.txt

FRST_Senaste.txt

[Cecilia]

Inte mycket kvar så det kan du fixa själv utan hjälp av FRST.

 

Skapa en systemåterställningspunkt.

 

Ta bort mapparna:

C:\ProgramData\ByteFence

C:\ProgramData\NortonInstaller
C:\Program Files\Advance PC-Care
C:\Users\GGM\AppData\Roaming\efixmypc.com
C:\ProgramData\efixmypc.com

 

Starta Anteckningar och inifrån programmet öppna dessa två filer:

C:\Users\GGM\AppData\Roaming\DMGR_0D1F2W1G1I1F1T1Q0A1B2Z1C1F1V0P0P0CtJ1V0H0S0StB1V0M1F1Q1P1I.txt
C:\Users\GGM\AppData\Roaming\DMGR_0D1F2W1G1I1F1T1Q0A1B2Z1C1F1V0P0P0CtJ1V0W1L1G2T1L1EtCzy.txt

Om det inte är textfiler, ta bort dem.

Om det inte verkar vara bra textfiler, ta bort dem.

De två skapades strax efter att mapparna som ska bort skapades.

 

Används detta program?

Lenovo App Explorer (HKU\S-1-5-21-1549267440-4050527236-303262978-1001\...\Host App Service) (Version: 0.273.2.977 - SweetLabs for Lenovo)

Program från SweetLabs vill man normalt inte ha i datorn.

 

 

[cybertears]

Okej :) 

 

Tack :) då tas de bort manuellt.

 

Nej sweetlabs används inte.