Qvo6.com HJÄLP

1 2 3

Skriv svar

2013-05-15 12:34

Permalänk

Elibork

Medlem

Registrerad: Maj 2013

●

Tack för hjälpen!

Skrivet av CeciliaB:

removeonline är inte en pålitligt sida se https://www.mywot.com/en/scorecard/removeonline.com?utm_sourc...
Oxpsconverter.exe är normalt en Windows-file, se http://support.microsoft.com/kb/2732059
Men visst kan du ladda upp din fil på https://www.virustotal.com om du vill vara säker.

1. Ta bort den AdwCleaner du har utifall att den senaste versionen har förbättrats.
Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outil...

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Search-knappen.
Vänta tills sökningen är klar.

Klicka på Delete-knappen.
Tryck på OK.

Datorn kommer att startas om.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[S1].txt

2. Gå igenom alla inställningar i Internet Explorer med hjälp av denna guide och ändra där något olämpligt/konstigt dyker upp:
http://translate.googleusercontent.com/translate_c?act=url&de...

3. Motsvarande för Firefox: http://translate.googleusercontent.com/translate_c?act=url&de...

4. Och för Chrome: http://translate.googleusercontent.com/translate_c?act=url&de...

5. Högerklicka på alla genvägar du har till de olika webbläsarna, på skrivbordet, i aktivitetsfältet och i start-menyn och välj Egenskaper. Kolla på fliken Genväg om det står något olämpligt/konstigt efter själva webbläsarfilen i rutan "Mål". Ta bort i så fall.

Säg till om det är något som är obegripligt på de översatta sidorna.

Starta slutligen om datorn.

Hur fungerar det nu?

Gå till inlägget

Du är en ängel, jag fick bort den!

Rapportera Redigera

Citera flera Citera

2013-05-15 13:10

Permalänk

CeciliaB

Medlem

Plats: Stockholm
Registrerad: Nov 2011

●

Vad bra och roligt att du registrerade dig bara för att skriva det, Elibork!

Rapportera Redigera

Citera flera Citera

2013-05-25 00:30

Permalänk

sm4wit

Medlem

Plats: Garpenberg
Registrerad: Nov 2010

●

Systemåterställning funkade för mig

Rapportera Redigera

Citera flera Citera

2013-05-25 05:00

Permalänk

ggustavsson

Medlem ★

Plats: Skokloster
Registrerad: Dec 2006

●

Som förebyggande mot div elände som hijackar webbläsare kör jag denna lilla programvara http://www.browserprotect.org/ kör man firefox finns den som enbart tillägg också.
Den stoppar även en uppsjö av "toolbars" osv

Visa signatur

Acer Predator Helios 300

Rapportera Redigera

Citera flera Citera

2013-06-08 18:45

Permalänk

lonic

Medlem

Plats: Lidköping
Registrerad: Nov 2010

●

Skrivet av CeciliaB:

1. Ta bort den AdwCleaner du har utifall att den senaste versionen har förbättrats.
Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outil...

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Search-knappen.
Vänta tills sökningen är klar.

Klicka på Delete-knappen.
Tryck på OK.

Datorn kommer att startas om.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[S1].txt

2. Gå igenom alla inställningar i Internet Explorer med hjälp av denna guide och ändra där något olämpligt/konstigt dyker upp:
http://translate.googleusercontent.com/translate_c?act=url&de...

3. Motsvarande för Firefox: http://translate.googleusercontent.com/translate_c?act=url&de...

4. Och för Chrome: http://translate.googleusercontent.com/translate_c?act=url&de...

Säg till om det är något som är obegripligt på de översatta sidorna.

Starta slutligen om datorn.

Hur fungerar det nu?

Gå till inlägget

Vill ochså tacka, har försökt att fixa detta i timmar nu, och löste detta med hjälp av dig!

Visa signatur

Rapportera Redigera

Citera flera Citera

2013-06-08 20:20

Permalänk

CeciliaB

Medlem

Plats: Stockholm
Registrerad: Nov 2011

●

Skrivet av lonic:

Vill ochså tacka, har försökt att fixa detta i timmar nu, och löste detta med hjälp av dig!

Gå till inlägget

Vad roligt!

Rapportera Redigera

Citera flera Citera

2013-06-16 20:13

Permalänk

sorkin

Medlem

Plats: Stockholm
Registrerad: Mar 2010

●

Här kommer ett tack till, hittade tråden när jag googlade på problemet och blev av med skiten.

Visa signatur

ii7 2600K @ 4500 mhz, P8Z68-V Pro, 16 GB Vengeance LP @ 1600 mhz, Samsung 830 256 GB (system), X25-M 160 GB, Chieftec 650W PSU, GTX 660 2GB, CM ATCS 840, NH-D14, WIN 8 pro. Sidekick - Acer TimelineX 3820TG.

Rapportera Redigera

Citera flera Citera

2013-06-17 00:35

Permalänk

CeciliaB

Medlem

Plats: Stockholm
Registrerad: Nov 2011

●

Skrivet av sorkin:

Här kommer ett tack till, hittade tråden när jag googlade på problemet och blev av med skiten.

Gå till inlägget

Vad bra

Rapportera Redigera

Citera flera Citera

2013-06-17 00:44

Permalänk

freppa91

Medlem

Plats: Malmö
Registrerad: Nov 2011

●

Fick med Qvo6.com problemet i förra veckan men var ändå tid för att installera om windows så gjorde det när jag fick det, så löste sig det problemet ^^ haha

Visa signatur

Bygge nr:1 http://www.sweclockers.com/galleri/8257-uppdatering
Bygge nr:2 http://www.sweclockers.com/galleri/12105-tuf-going-mini

Rapportera Redigera

Citera flera Citera

2013-06-17 00:51

Permalänk

Silcan

Medlem

Registrerad: Maj 2012

●

Hur smittas man? Nån sida eller program ni tankat ner?

Rapportera Redigera

Citera flera Citera

2013-06-17 08:51

Permalänk

sorkin

Medlem

Plats: Stockholm
Registrerad: Mar 2010

●

Jag hämtade ett par gratis tuningprogram, Coretemp och CPU-Z, där någon stans måste jag klickat på fel länk.

Visa signatur

Rapportera Redigera

Citera flera Citera

2013-06-17 13:08

Permalänk

CeciliaB

Medlem

Plats: Stockholm
Registrerad: Nov 2011

●

Skrivet av sorkin:

Jag hämtade ett par gratis tuningprogram, Coretemp och CPU-Z, där någon stans måste jag klickat på fel länk.

Gå till inlägget

Qvo6.com är väl en av de möjligheter som finns för den som skriver program att få in lite pengar, så de kan mycket väl ha följt med något av de gratisprogrammen. Det är viktigt att läsa meddelandena som visas under installationen. Om fler betalade/donerade för programmen de använder skulle problemen med alla dessa onödiga tillägg vara mindre.

Rapportera Redigera

Citera flera Citera

2013-06-28 13:36

Permalänk

zodiakonline

Medlem

Registrerad: Sep 2006

●

JDownloader smittar dig med qvo6

Rapportera Redigera

Citera flera Citera

2013-06-29 02:43

Permalänk

jorgen69

Medlem

Registrerad: Nov 2004

●

Tackar för att tråden finns...blev precis av med skräpet.

Visa signatur

13900K - NH D15 - Maximus Z790 Hero - 32gb G-Skill 7200Mhz - Intel 900P 480Gb -Kingston Renegade 2Tb -Samsung 980 PRO 2TB - Samsung 980 PRO 1TB - Gigabyte RTX 4090 GAMING OC - AX 1600i - Phanteks P600s -Alienware AW3423DW - Beyerdynamic T5 MK III - Creative Sound Blaster GC7 - ROG Strix SCAR 16 (2023) - G634JZ-NM015W.

Rapportera Redigera

Citera flera Citera

2013-07-02 15:54

Permalänk

TheReapzter

Medlem

Registrerad: Apr 2013

●

efter att ha följt denna tråden så är ni väldigt mycket för mig. jag har fixat IE så att google kommer som startsida men vad ska jag göra nu för att få bort det helt?

ska jag ladda ner adwcleaner som ceciliaB rekomenderar?

just nu scannar jag med mitt virusskyd, panda antivirus pro 2013

Visa signatur

CPU: i7 3770k @4.0Ghz. GPU: EVGA GTX 980. Ram: Corsair vengeance 1600Mhz 20GB, 8x2, 2x2. SSD: Kingston 120GB. HDD: Seagate Barracuda 1TB. 3DMark Score: http://www.3dmark.com/fs/4093687

Rapportera Redigera

Citera flera Citera

2013-07-19 08:43

Permalänk

Lt.Bells

Medlem

Registrerad: Jul 2013

●

Enkelt sätt att bli kvitt Qvo6

För så många andra så blev min IE Explorer och Chrome hijacked av Qvo6. Jag gjorde följande för att bli av med eländet på ca 20 minuter.

1. I Kontrollpanelen avinstallerade jag alla program som innehöll namnen Qvo6, Desk 365 och Browser Protect.

2. Därefter följde jag dessa instruktioner:

För Internet Explorer:
•Öppna IE och gå till ”Tools” – ”Hantera tillägg.
•Välj ”Verktygsfält och tillägg” och avinstallera allt som har med Qvo6 att göra från listan.
•Välj ”sökleverantörer” – Välj den sökmotor du använt tidigare och gör det din standardsökleverantör. Dessutom, välj ”Web Search”, klicka på ”Inaktivera förslag”.
•Gå ”Verktyg” – ”Internetalternativ” och välj ”Allmänt” tab. klick ”Standard” eller ange ditt egen webbplatsnamn, google.com eller andra. Slutligen, klicka på ‘OK’ för att spara ändringarna.

För Mozilla Firefox:
•Öppna Mozilla Firefox, gå till ”Verktyg” – ”Tillägg”.
•Välj ”Förlängning” – Qvo6 och klicka på ”Avinstallera”.
•Gå ”Verktyg” – ”Alternativ”. Slutligen återställa start hemsida eller ändra den till google.com.

För Google Chrome:
•Klicka på ikonen ”Anpassa och kontroll Google Chrome”, välj ”Alternativ”.
•Välj alternativ för ”Grundläggande” och ändra Google Chromes
hemsida till google.com eller någon annan webbläsare och klicka sedan på knappen ”Hantera sökmotorer…”.
•Välj ”Google” och gör det till din standardsökmotor.

Fortfarande fanns dock rester av dessa program (genom registret) så

3. Slutligen valde jag Systemåterställning och valde förslaget av dag (några dagar före eländet):

A.
Öppna Systemåterställning genom att klicka på Start Bild av Start-knappen. Skriv Systemåterställning i sökrutan och klicka på Systemåterställning i listan med resultat. Administratörsbehörighet krävs Ange administratörslösenord eller bekräfta informationen om du blir ombedd att göra det.

B.
Välj en återställningspunkt och återställ datorn genom att följa stegen i guiden.

Resultat: Helt borta!

Rapportera Redigera

Citera flera Citera

2013-07-20 02:04

Permalänk

CeciliaB

Medlem

Plats: Stockholm
Registrerad: Nov 2011

●

Skrivet av Lt.Bells:

För så många andra så blev min IE Explorer och Chrome hijacked av Qvo6. Jag gjorde följande för att bli av med eländet på ca 20 minuter.

1. I Kontrollpanelen avinstallerade jag alla program som innehöll namnen Qvo6, Desk 365 och Browser Protect.

2. Därefter följde jag dessa instruktioner:

Fortfarande fanns dock rester av dessa program (genom registret) så

3. Slutligen valde jag Systemåterställning och valde förslaget av dag (några dagar före eländet):

B.
Välj en återställningspunkt och återställ datorn genom att följa stegen i guiden.

Resultat: Helt borta!

Gå till inlägget

Då verkar det vara mycket mycket enklare att köra AdwCleaner.

Rapportera Redigera

Citera flera Citera (1)

2013-07-20 12:27

Permalänk

Airikr

Medlem ★

Plats: Värmland
Registrerad: Jan 2004

●

Skrivet av CeciliaB:

Då verkar det vara mycket mycket enklare att köra AdwCleaner.

Gå till inlägget

Väldigt mycket enklare! Ladda hem AdwCleaner, kör igång skannern, läs rapporten, välj "Delete", starta om datorn, läs rapporten igen - klart! ^^ Äntligen är skiten helt borta från min dator.

Visa signatur

Citera mig om du vill att jag ska hitta till ditt svar.
airikr.me /device:desktop. Andra projekt: Keizai, Koroth & Serenum.

Rapportera Redigera

Citera flera Citera

2013-07-23 10:51

Permalänk

JohaStin

Medlem

Registrerad: Jul 2013

●

Hej! Jag min dumma nöt har lyckats ladda ner och installera nåt som gav mig både qvo6, desk 365, omiga, winzipper, HDvideo codec och vem vet vad mer.
Jag skulle bara titta på en film på Dreamfilm.se och kom till en sida där jag skulle ladda ner nån HDvideo codec och sagt och gjort, Norton sa att det var lugnt så jag chansade.

Jag har prövat Ccleaner för att avinstallera men utan att få bort HDvideo och Winzipper. Desk 365 och Omiga hittade den inte ens.
SpyBot Search & Destroy hittade ca 35 st malware av olika slag men lyckades inte få bort allihop.
Norton säger fortfarande att allt är okej...

Jag provade CeciliaB's råd om att använda AdwCleaner och den fick bort Qvo6 och enligt loggen fick den också bort lite annat skit, men Omiga består...

Omiga har ändrat mitt skrivbord och lagt till list högst upp och flyttat runt mina ikoner bland annat. Låter kanske harmlöst men jag vill ha väck det.
Jag såg när datorn hade startats om att det blinkade förbi sådana där installationsrutor och jag hann precis se att det stod omiga..

Ska jag köra en återställning eller vet någon hur jag ska få bort Omiga?

Tack så jättemycket på förhand

# AdwCleaner v2.306 - Logfile created 07/23/2013 at 10:05:30
# Updated 19/07/2013 by Xplode
# Operating system : Windows 8 Pro (64 bits)
# User : Stina - KRISTALLEN
# Boot Mode : Normal
# Running from : C:\Users\Stina\Downloads\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\Omiga Plus
File Deleted : C:\Users\Stina\Desktop\HDVidCodec.lnk
File Disinfected : C:\Users\Stina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
File Disinfected : C:\Users\Stina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
File Disinfected : C:\Users\Stina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
File Disinfected : C:\Users\Stina\Desktop\chrome.lnk
Folder Deleted : C:\Program Files (x86)\HDvidCodec.com
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Omiga Plus
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Stina\AppData\Local\Temp\Desk365
Folder Deleted : C:\Users\Stina\AppData\Roaming\337
Folder Deleted : C:\Users\Stina\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\Stina\AppData\Roaming\iWin
Folder Deleted : C:\Users\Stina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Folder Deleted : C:\Users\Stina\AppData\Roaming\Omiga Plus

***** [Registry] *****

Data Deleted : HKLM\...\StartMenuInternet\Google Chrome [(Default)] = "C:\Users\Stina\AppData\Local\Google\Chrome\Application\chrome.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid...
Data Deleted : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid...
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\Software\qvo6Software
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid... --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid... --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid... --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid... --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid... --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid... --> hxxp://www.google.com

-\\ Google Chrome v28.0.1500.72

File : C:\Users\Stina\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.594] : urls_to_restore_on_startup = [ "hxxp://www.anti-spyware-101.com/se/qvo6-virus" ]

*************************

AdwCleaner[R1].txt - [5657 octets] - [23/07/2013 10:03:50]
AdwCleaner[R2].txt - [5717 octets] - [23/07/2013 10:05:08]
AdwCleaner[S1].txt - [4947 octets] - [23/07/2013 10:05:30]

########## EOF - C:\AdwCleaner[S1].txt - [5007 octets] ##########

Rapportera Redigera

Citera flera Citera

2013-07-23 19:52

Permalänk

Wazpen

Medlem

Registrerad: Okt 2012

●

Tack som fan! Min första post och den är du värd så de skriker om det! Har fortfarande en mapp dock i ProgramData som heter Browser Manager som inte går att få bort, är denna farlig på nått vis eller kan den få vara kvar?

Tack!!!

Rapportera Redigera

Citera flera Citera

2013-07-24 00:15

Permalänk

CeciliaB

Medlem

Plats: Stockholm
Registrerad: Nov 2011

●

Skrivet av JohaStin:

Ska jag köra en återställning eller vet någon hur jag ska få bort Omiga?

Tack så jättemycket på förhand

Gå till inlägget

Vi kan se vad DDS visar till att börja med. Spara DDS på Skrivbordet.
http://download.bleepingcomputer.com/sUBs/dds.scr

Starta programmet genom att dubbelklicka på det.
Tryck Yes/Ja om frågan om Optional Scan dyker upp.
I ditt svar klistrar du in loggen DSS.txt.

Rapportera Redigera

Citera flera Citera

2013-07-24 00:19

Permalänk

CeciliaB

Medlem

Plats: Stockholm
Registrerad: Nov 2011

●

Skrivet av Wazpen:

Tack!!!

Gå till inlägget

Den mappen brukar höra ihop med olämpliga tillägg till webbläsaren.
Har du kollat om det finns något Browser Manager att avinstallera i Kontrollpanelen och/eller i webbläsarnas funktion för att hantera tillägg?

Rapportera Redigera

Citera flera Citera

2013-07-24 22:35

Permalänk

JohaStin

Medlem

Registrerad: Jul 2013

●

Tack så mycket för att du tar dig tid
Jag har läst lite om Omiga Plus och enligt de engelska sidor jag läst så är det ett envist och jobbigt virus som kräver rätt mycket tekniska skills för att få bort. Men vi får se vad du hittar. Jag har blivit lite paranoid och litar bara på svenska sidor och då främst denna

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.25.2
Run by Stina at 22:24:59 on 2013-07-24
Microsoft Windows 8 Pro 6.2.9200.0.1252.46.1053.18.3767.1906 [GMT 2:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe
C:\Program Files (x86)\WinZipper\winzipersvc.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\lxebcoms.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\WINDOWS\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\WINDOWS\System32\dwm.exe
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Windows\System32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Personal\bin\Personal.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
C:\WINDOWS\splwow64.exe
C:\Users\Stina\Downloads\adwcleaner.exe
C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE
C:\WINDOWS\splwow64.exe
C:\Users\Stina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
uURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [Google Update] "C:\Users\Stina\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\KYNNIS~1\Programs\StartUp\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe
IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Ski&cka till OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{9E1E84A5-2ABF-4777-B348-7BFEC72C70B1} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B69DEC03-B8C7-4DDB-85C6-81D3583C811F} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettings
x64-mStart Page = hxxp://www.google.com
x64-mDefault_Page_URL = hxxp://www.google.com
x64-BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe"
x64-Run: [lxebmon.exe] "C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe"
x64-Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
x64-Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\WINDOWS\System32\Drivers\NISx64\1309010.00E\symds64.sys [2013-2-6 451192]
R0 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\System32\Drivers\NISx64\1309010.00E\symefa64.sys [2013-2-6 1129120]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [2013-7-17 1393240]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\WINDOWS\System32\Drivers\NISx64\1309010.00E\ccsetx64.sys [2013-2-6 167072]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130723.001\IDSviA64.sys [2013-7-24 513184]
R1 mwlPSDFilter;mwlPSDFilter;C:\WINDOWS\System32\Drivers\mwlPSDFilter.sys [2012-3-16 22648]
R1 mwlPSDNServ;mwlPSDNServ;C:\WINDOWS\System32\Drivers\mwlPSDNserv.sys [2012-3-16 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\WINDOWS\System32\Drivers\mwlPSDVDisk.sys [2012-3-16 62776]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\Drivers\NISx64\1309010.00E\ironx64.sys [2013-2-6 190072]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\Drivers\NISx64\1309010.00E\symnets.sys [2013-2-6 405624]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-10-14 353360]
R2 ePowerSvc;ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2012-3-16 872552]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-5-30 36456]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-14 13336]
R2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-10-14 244624]
R2 lxeb_device;lxeb_device;C:\WINDOWS\System32\lxebcoms.exe -service --> C:\WINDOWS\System32\lxebcoms.exe -service [?]
R2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2012-9-25 231752]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-2-6 138272]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-4-24 256832]
R2 omigaplussvc;Omiga plus service;C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe [2013-7-20 424104]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-7-20 1153368]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-10-14 2320920]
R2 winzipersvc;WinZiper service;C:\Program Files (x86)\WinZipper\winzipersvc.exe [2013-7-20 424104]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-11 138912]
R3 ETD;ELAN PS/2 Port Input Device;C:\WINDOWS\System32\Drivers\ETD.sys [2011-10-14 142632]
R3 HECIx64;Intel(R) Management Engine Interface;C:\WINDOWS\System32\Drivers\HECIx64.sys [2011-10-14 56344]
R3 Impcd;Impcd;C:\WINDOWS\System32\Drivers\Impcd.sys [2011-10-14 158976]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\WINDOWS\System32\Drivers\k57nd60a.sys [2012-6-2 425472]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\WINDOWS\System32\Drivers\rdpvideominiport.sys [2012-11-17 27880]
R3 Sftfs;Sftfs;C:\WINDOWS\System32\Drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\WINDOWS\System32\Drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\WINDOWS\System32\Drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\WINDOWS\System32\Drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 lxebCATSCustConnectService;lxebCATSCustConnectService;C:\WINDOWS\System32\spool\drivers\x64\3\lxebserv.exe [2012-5-30 45736]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-6-21 173424]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\Drivers\RtsUStor.sys [2011-10-14 243712]
S3 Tdsshbecr;Handelsbanken card reader;C:\WINDOWS\System32\Drivers\shbecr.sys [2008-9-23 50176]
S3 vmbusr;Bussprovider för virtuell dator;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-26 117248]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\Drivers\WSDScan.sys [2012-11-17 23552]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-07-24 20:14:39 656048 ----a-w- C:\ProgramData\uninstall879122.exe
2013-07-23 08:15:01 -------- d-----w- C:\Users\Stina\AppData\Roaming\Omiga Plus
2013-07-23 08:05:43 101 ----a-w- C:\WINDOWS\DeleteOnReboot.bat
2013-07-21 20:16:01 -------- d-----w- C:\WINDOWS\System32\MRT
2013-07-21 20:10:14 -------- d-----w- C:\Program Files (x86)\ESET
2013-07-21 19:46:37 -------- d-----w- C:\WINDOWS\System32\appmgmt
2013-07-21 11:27:49 252080 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10210.bin
2013-07-20 21:50:41 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-07-20 21:50:41 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2013-07-20 21:37:37 -------- d-----w- C:\Program Files (x86)\Omiga Plus
2013-07-20 21:37:34 -------- d-----w- C:\Users\Stina\AppData\Roaming\WinZipper
2013-07-20 21:37:34 -------- d-----w- C:\Program Files (x86)\WinZipper
2013-07-17 19:28:21 997632 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2013-07-17 19:28:07 2219520 ----a-w- C:\WINDOWS\System32\dwmcore.dll
2013-07-17 19:28:06 6987008 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2013-07-17 19:28:06 2391280 ----a-w- C:\WINDOWS\explorer.exe
2013-07-17 19:28:06 2106176 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2013-07-17 19:28:06 1842176 ----a-w- C:\WINDOWS\SysWow64\dwmcore.dll
2013-07-17 19:28:03 729600 ----a-w- C:\WINDOWS\System32\samsrv.dll
2013-07-17 19:28:03 2233600 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2013-07-17 19:28:02 1527808 ----a-w- C:\WINDOWS\System32\mfcore.dll
2013-07-15 21:13:57 144384 ----a-w- C:\WINDOWS\System32\tssdisai.dll
2013-07-12 06:56:17 -------- d-----w- C:\ProgramData\EA Core
2013-07-12 06:44:53 447752 ----a-w- C:\WINDOWS\SysWow64\vp6vfw.dll
2013-07-12 06:43:24 3977496 ----a-w- C:\WINDOWS\System32\d3dx9_31.dll
2013-07-12 06:43:24 2414360 ----a-w- C:\WINDOWS\SysWow64\d3dx9_31.dll
2013-07-11 17:56:06 -------- d-----w- C:\Users\Stina\AppData\Roaming\Origin
2013-07-11 17:56:05 -------- d-----w- C:\Program Files (x86)\Origin Games
2013-07-11 17:56:00 -------- d-----w- C:\Users\Stina\AppData\Local\Origin
2013-07-11 17:54:26 -------- d-----w- C:\ProgramData\Origin
2013-07-11 17:54:26 -------- d-----w- C:\ProgramData\Electronic Arts
2013-07-11 17:54:11 -------- d-----w- C:\Program Files (x86)\Origin
2013-07-10 18:12:15 2035200 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-07-10 18:12:15 1617920 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-10 18:12:15 1306112 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-10 18:12:15 1272320 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 18:12:14 1413632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-07-10 18:12:14 1318912 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-10 18:12:14 1029632 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-07-10 18:11:41 4036096 ----a-w- C:\WINDOWS\System32\win32k.sys
2013-07-10 18:11:25 595968 ----a-w- C:\WINDOWS\System32\qedit.dll
2013-07-10 18:11:23 496640 ----a-w- C:\WINDOWS\SysWow64\qedit.dll
2013-07-10 18:11:21 19187712 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-10 18:11:20 18523648 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-10 18:11:06 1838080 ----a-w- C:\WINDOWS\System32\DWrite.dll
2013-07-10 18:11:06 1421312 ----a-w- C:\WINDOWS\SysWow64\DWrite.dll
2013-07-05 13:23:20 -------- d-----w- C:\Users\Stina\AppData\Roaming\2monkeys
2013-07-02 20:43:29 -------- d-----w- C:\Users\Stina\AppData\Roaming\Jigsaws Galore
2013-07-01 19:52:24 -------- d-----w- C:\Users\Stina\AppData\Roaming\PopCap Games
2013-07-01 19:50:08 466456 ----a-w- C:\WINDOWS\System32\wrap_oal.dll
2013-07-01 19:50:08 444952 ----a-w- C:\WINDOWS\SysWow64\wrap_oal.dll
2013-07-01 19:50:08 122904 ----a-w- C:\WINDOWS\System32\OpenAL32.dll
2013-07-01 19:50:08 109080 ----a-w- C:\WINDOWS\SysWow64\OpenAL32.dll
2013-07-01 19:50:08 -------- d-----w- C:\Program Files (x86)\OpenAL
2013-07-01 14:49:36 -------- d-----w- C:\ProgramData\Meridian93
2013-07-01 14:49:12 -------- d-----w- C:\Users\Stina\AppData\Roaming\Meridian93
2013-06-30 18:49:04 -------- d-----w- C:\Users\Stina\AppData\Local\Big Fish
2013-06-29 19:13:58 -------- d-----w- C:\Users\Stina\AppData\Roaming\Big Fish Games
2013-06-28 19:48:35 -------- d-----w- C:\Users\Stina\AppData\Roaming\AlawarEntertainment
2013-06-28 06:35:04 -------- d-----w- C:\ProgramData\Big Fish
2013-06-28 06:26:24 -------- d-----w- C:\Users\Stina\AppData\Roaming\Nitreal Games
2013-06-27 19:39:04 -------- d-----w- C:\ProgramData\Playrix Entertainment
2013-06-27 12:52:05 -------- d-----w- C:\Users\Stina\AppData\Roaming\HipSoft
2013-06-27 11:45:24 -------- d-----w- C:\ProgramData\Melesta
2013-06-27 11:34:32 -------- d-----w- C:\ProgramData\Big Fish Games
2013-06-27 11:32:42 -------- d-----w- C:\BigFishGamesCache
2013-06-25 07:37:23 96168 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M ====================
.
2013-06-27 22:04:51 78200 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04:51 693112 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2013-06-25 07:37:09 867240 ----a-w- C:\WINDOWS\SysWow64\npDeployJava1.dll
2013-06-25 07:37:09 789416 ----a-w- C:\WINDOWS\SysWow64\deployJava1.dll
2013-06-12 08:03:11 9089416 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
2013-06-11 23:43:37 1767936 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\WINDOWS\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\WINDOWS\System32\jscript9.dll
2013-06-01 11:54:16 194816 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys
2013-06-01 11:54:10 125184 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys
2013-06-01 11:29:35 337152 ----a-w- C:\WINDOWS\System32\drivers\USBXHCI.SYS
2013-06-01 11:29:35 213248 ----a-w- C:\WINDOWS\System32\drivers\UCX01000.SYS
2013-06-01 11:26:33 327936 ----a-w- C:\WINDOWS\System32\drivers\volsnap.sys
2013-06-01 09:25:52 364544 ----a-w- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
2013-06-01 09:25:05 67584 ----a-w- C:\WINDOWS\SysWow64\samlib.dll
2013-06-01 09:24:19 493056 ----a-w- C:\WINDOWS\SysWow64\mscms.dll
2013-06-01 09:24:09 850944 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
2013-06-01 09:24:09 1453568 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2013-06-01 09:23:06 680960 ----a-w- C:\WINDOWS\System32\vds.exe
2013-06-01 09:22:47 80896 ----a-w- C:\WINDOWS\System32\MbaeParserTask.exe
2013-06-01 09:22:33 523264 ----a-w- C:\WINDOWS\System32\XpsGdiConverter.dll
2013-06-01 09:22:33 446976 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2013-06-01 09:22:09 190976 ----a-w- C:\WINDOWS\System32\vdsutil.dll
2013-06-01 09:21:39 106496 ----a-w- C:\WINDOWS\System32\samlib.dll
2013-06-01 09:20:45 583168 ----a-w- C:\WINDOWS\System32\mscms.dll
2013-06-01 09:20:34 1048576 ----a-w- C:\WINDOWS\System32\mfasfsrcsnk.dll
2013-06-01 09:19:58 207872 ----a-w- C:\WINDOWS\System32\DeviceSetupManager.dll
2013-06-01 09:19:42 785408 ----a-w- C:\WINDOWS\System32\audiosrv.dll
2013-06-01 03:08:57 37632 ----a-w- C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
2013-05-24 22:09:20 1403296 ----a-w- C:\WINDOWS\System32\winload.efi
2013-05-24 22:09:20 1271584 ----a-w- C:\WINDOWS\System32\winload.exe
2013-05-24 22:09:20 1217352 ----a-w- C:\WINDOWS\System32\winresume.efi
2013-05-24 22:09:20 1093904 ----a-w- C:\WINDOWS\System32\winresume.exe
2013-05-23 23:01:46 1300992 ----a-w- C:\WINDOWS\System32\gdi32.dll
2013-05-23 22:27:05 1022464 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2013-05-15 22:37:03 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll
2013-05-15 22:35:49 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll
2013-05-15 02:25:59 888320 ----a-w- C:\WINDOWS\System32\autochk.exe
2013-05-15 02:25:44 542208 ----a-w- C:\WINDOWS\System32\untfs.dll
2013-05-15 02:24:10 793088 ----a-w- C:\WINDOWS\SysWow64\autochk.exe
2013-05-15 02:24:01 482816 ----a-w- C:\WINDOWS\SysWow64\untfs.dll
2013-05-14 13:14:01 2706432 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2013-05-14 09:23:31 2706432 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2013-05-09 16:17:55 96784 ----a-w- C:\WINDOWS\SysWow64\packet.dll
2013-05-09 16:17:55 369168 ----a-w- C:\WINDOWS\System32\wpcap.dll
2013-05-09 16:17:55 35344 ----a-w- C:\WINDOWS\System32\drivers\npf.sys
2013-05-09 16:17:55 281104 ----a-w- C:\WINDOWS\SysWow64\wpcap.dll
2013-05-09 16:17:55 106000 ----a-w- C:\WINDOWS\System32\packet.dll
2013-05-04 07:58:17 120736 ----a-w- C:\WINDOWS\System32\AuthHost.exe
2013-05-04 07:34:17 446720 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2013-05-04 07:34:15 284416 ----a-w- C:\WINDOWS\System32\drivers\spaceport.sys
2013-05-04 06:59:56 39424 ----a-w- C:\WINDOWS\System32\wuapp.exe
2013-05-04 06:59:51 1483776 ----a-w- C:\WINDOWS\System32\VSSVC.exe
2013-05-04 06:59:36 812544 ----a-w- C:\WINDOWS\System32\Magnify.exe
2013-05-04 06:59:25 98304 ----a-w- C:\WINDOWS\System32\wudriver.dll
2013-05-04 06:59:25 251904 ----a-w- C:\WINDOWS\System32\WUSettingsProvider.dll
2013-05-04 06:59:25 141824 ----a-w- C:\WINDOWS\System32\wuwebv.dll
2013-05-04 06:59:24 1619968 ----a-w- C:\WINDOWS\System32\wucltux.dll
2013-05-04 06:59:21 2842112 ----a-w- C:\WINDOWS\System32\WMVDECOD.DLL
2013-05-04 06:59:08 13644288 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2013-05-04 06:58:54 328192 ----a-w- C:\WINDOWS\System32\ubpm.dll
2013-05-04 06:58:54 10116096 ----a-w- C:\WINDOWS\System32\twinui.dll
2013-05-04 06:58:49 173568 ----a-w- C:\WINDOWS\System32\storewuauth.dll
2013-05-04 06:58:49 1332736 ----a-w- C:\WINDOWS\System32\sysmain.dll
2013-05-04 06:58:48 330240 ----a-w- C:\WINDOWS\System32\stobject.dll
2013-05-04 06:58:28 93696 ----a-w- C:\WINDOWS\System32\psmsrv.dll
2013-05-04 06:58:02 470528 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll
2013-05-04 06:58:02 151552 ----a-w- C:\WINDOWS\System32\netprofm.dll
2013-05-04 06:58:01 169984 ----a-w- C:\WINDOWS\System32\netplwiz.dll
2013-05-04 06:57:59 17408 ----a-w- C:\WINDOWS\System32\muifontsetup.dll
2013-05-04 06:57:46 560640 ----a-w- C:\WINDOWS\System32\mfmp4srcsnk.dll
2013-05-04 06:57:31 820736 ----a-w- C:\WINDOWS\System32\gpprefcl.dll
2013-05-04 06:57:15 501760 ----a-w- C:\WINDOWS\System32\DevicePairing.dll
2013-05-04 06:57:05 179712 ----a-w- C:\WINDOWS\System32\bisrv.dll
2013-05-04 06:57:05 122368 ----a-w- C:\WINDOWS\System32\biwinrt.dll
2013-05-04 06:57:04 389120 ----a-w- C:\WINDOWS\System32\BCP47Langs.dll
2013-05-04 06:57:04 2305024 ----a-w- C:\WINDOWS\System32\authui.dll
2013-05-04 06:57:00 708096 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2013-05-04 06:57:00 1131520 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2013-05-04 06:56:53 419840 ----a-w- C:\WINDOWS\System32\intl.cpl
2013-05-04 04:58:34 34304 ----a-w- C:\WINDOWS\SysWow64\wuapp.exe
2013-05-04 04:58:14 758784 ----a-w- C:\WINDOWS\SysWow64\Magnify.exe
2013-05-04 04:58:02 83968 ----a-w- C:\WINDOWS\SysWow64\wudriver.dll
2013-05-04 04:58:02 125952 ----a-w- C:\WINDOWS\SysWow64\wuwebv.dll
2013-05-04 04:57:58 2620928 ----a-w- C:\WINDOWS\SysWow64\WMVDECOD.DLL
2013-05-04 04:57:49 10788864 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2013-05-04 04:57:39 8857088 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2013-05-04 04:57:39 247296 ----a-w- C:\WINDOWS\SysWow64\ubpm.dll
2013-05-04 04:57:35 303616 ----a-w- C:\WINDOWS\SysWow64\stobject.dll
2013-05-04 04:57:16 18432 ----a-w- C:\WINDOWS\SysWow64\npmproxy.dll
2013-05-04 04:57:04 151040 ----a-w- C:\WINDOWS\SysWow64\netplwiz.dll
2013-05-04 04:57:04 115712 ----a-w- C:\WINDOWS\SysWow64\netprofm.dll
2013-05-04 04:57:02 14336 ----a-w- C:\WINDOWS\SysWow64\muifontsetup.dll
2013-05-04 04:56:48 411136 ----a-w- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
2013-05-04 04:56:35 582144 ----a-w- C:\WINDOWS\SysWow64\gpprefcl.dll
2013-05-04 04:56:14 449536 ----a-w- C:\WINDOWS\SysWow64\DevicePairing.dll
2013-05-04 04:56:06 92160 ----a-w- C:\WINDOWS\SysWow64\biwinrt.dll
2013-05-04 04:56:05 309760 ----a-w- C:\WINDOWS\SysWow64\BCP47Langs.dll
2013-05-04 04:56:05 2035712 ----a-w- C:\WINDOWS\SysWow64\authui.dll
.
============= FINISH: 22:25:37,76 ===============

Dold text

Rapportera Redigera

Citera flera Citera

2013-07-25 00:31

Permalänk

CeciliaB

Medlem

Plats: Stockholm
Registrerad: Nov 2011

●

Skrivet av JohaStin:

Gå till inlägget

Det finns många konstiga sidor man kan få upp om man googlar på ett skadligt program och de kan föreslå saker som inte alls har någon nytta.

Spara ComboFix på Skrivbordet: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram, men lämna brandväggen på.
Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html
Kör ComboFix och följ anvisningarna som visas.
Om det kommer upp en fråga om du vill installera återställningskonsolen så svara Ja.
Mer detaljerad vägledning finns på http://www.bleepingcomputer.com/combofix/se/hur-combofix-ska-...

Om det kommer upp något meddelande, t ex att ett rootkit har hittats, från ComboFix skriv ner det och skriv det sedan i ditt svar.

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när det körs eftersom så det kan hänga upp sig då.

När ComboFix är färdig ska en logg komma upp, klistra in den i ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet.

Om du får problem med att komma ut på internet:
Kontrollpanelen - Nätverksanslutningar
högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.

Rapportera Redigera

Citera flera Citera

2013-07-25 13:09

Permalänk

JohaStin

Medlem

Registrerad: Jul 2013

●

Här kommer loggen från ComboFix. Var lite klurigt att stänga av Norton men jag tror att jag lyckades.
Mvh Stina

ComboFix 13-07-24.03 - Stina 2013-07-25 12:41:11.1.4 - x64
Microsoft Windows 8 Pro 6.2.9200.0.1252.46.1053.18.3767.2533 [GMT 2:00]
Körs från: c:\users\Stina\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Skapade en ny återställningspunkt
.
.
((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivrutiner/Tjänster )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
(((((((((((((((((((((((( Filer skapade från 2013-06-25 till 2013-07-25 ))))))))))))))))))))))))))))))
.
.
2013-07-23 08:05 . 2013-07-24 20:36 202 ----a-w- c:\windows\DeleteOnReboot.bat
2013-07-21 20:16 . 2013-07-21 20:20 -------- d-----w- c:\windows\system32\MRT
2013-07-21 20:10 . 2013-07-21 20:10 -------- d-----w- c:\program files (x86)\ESET
2013-07-21 19:46 . 2013-07-21 19:46 -------- d-----w- c:\windows\system32\appmgmt
2013-07-21 11:27 . 2013-07-21 11:27 252080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10210.bin
2013-07-20 21:50 . 2013-07-20 22:13 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-07-20 21:50 . 2013-07-20 21:50 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2013-07-20 21:37 . 2013-07-25 10:49 -------- d-----w- c:\program files (x86)\Omiga Plus
2013-07-20 21:37 . 2013-07-25 10:49 -------- d-----w- c:\program files (x86)\WinZipper
2013-07-20 21:37 . 2013-07-20 21:37 -------- d-----w- c:\users\Stina\AppData\Roaming\WinZipper
2013-07-17 19:28 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-07-17 19:28 . 2013-06-01 09:20 2219520 ----a-w- c:\windows\system32\dwmcore.dll
2013-07-17 19:28 . 2013-06-01 11:34 2391280 ----a-w- c:\windows\explorer.exe
2013-07-17 19:28 . 2013-06-01 11:26 6987008 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-17 19:28 . 2013-06-01 10:24 2106176 ----a-w- c:\windows\SysWow64\explorer.exe
2013-07-17 19:28 . 2013-06-01 09:23 1842176 ----a-w- c:\windows\SysWow64\dwmcore.dll
2013-07-17 19:28 . 2013-06-01 11:33 2233600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-17 19:28 . 2013-06-01 09:21 729600 ----a-w- c:\windows\system32\samsrv.dll
2013-07-17 19:28 . 2013-06-01 09:20 1527808 ----a-w- c:\windows\system32\mfcore.dll
2013-07-15 21:13 . 2013-05-15 22:35 144384 ----a-w- c:\windows\system32\tssdisai.dll
2013-07-12 07:30 . 2013-07-12 07:30 -------- d--h--r- c:\users\Stina\AppData\Roaming\SecuROM
2013-07-12 06:56 . 2013-07-12 06:56 -------- d-----w- c:\programdata\EA Core
2013-07-12 06:44 . 2013-07-12 06:41 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2013-07-12 06:43 . 2006-09-28 14:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll
2013-07-12 06:43 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2013-07-11 17:56 . 2013-07-15 07:10 -------- d-----w- c:\users\Stina\AppData\Roaming\Origin
2013-07-11 17:56 . 2013-07-11 17:58 -------- d-----w- c:\program files (x86)\Origin Games
2013-07-11 17:56 . 2013-07-11 17:56 -------- d-----w- c:\users\Stina\AppData\Local\Origin
2013-07-11 17:54 . 2013-07-11 17:57 -------- d-----w- c:\programdata\Origin
2013-07-11 17:54 . 2013-07-11 17:54 -------- d-----w- c:\programdata\Electronic Arts
2013-07-11 17:54 . 2013-07-19 17:45 -------- d-----w- c:\program files (x86)\Origin
2013-07-10 18:12 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-10 18:12 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-07-10 18:12 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-10 18:12 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 18:12 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-07-10 18:12 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-07-10 18:12 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-10 18:11 . 2013-05-30 23:14 4036096 ----a-w- c:\windows\system32\win32k.sys
2013-07-10 18:11 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2013-07-10 18:11 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-10 18:11 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-10 18:11 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-10 18:11 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-10 18:11 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2013-07-10 18:11 . 2013-06-11 23:25 19238912 ----a-w- c:\windows\system32\mshtml.dll
2013-07-05 13:23 . 2013-07-05 13:23 -------- d-----w- c:\users\Stina\AppData\Roaming\2monkeys
2013-07-02 20:43 . 2013-07-02 20:43 -------- d-----w- c:\users\Stina\AppData\Roaming\Jigsaws Galore
2013-07-01 19:52 . 2013-07-01 19:52 -------- d-----w- c:\users\Stina\AppData\Roaming\PopCap Games
2013-07-01 19:50 . 2013-07-01 19:50 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-07-01 19:50 . 2013-07-01 19:50 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-07-01 19:50 . 2013-07-01 19:50 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-07-01 19:50 . 2013-07-01 19:50 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-07-01 19:50 . 2013-07-01 19:50 -------- d-----w- c:\program files (x86)\OpenAL
2013-07-01 14:49 . 2013-07-01 14:49 -------- d-----w- c:\programdata\Meridian93
2013-07-01 14:49 . 2013-07-01 14:49 -------- d-----w- c:\users\Stina\AppData\Roaming\Meridian93
2013-06-30 18:49 . 2013-06-30 18:49 -------- d-----w- c:\users\Stina\AppData\Local\Big Fish
2013-06-29 19:13 . 2013-07-03 21:21 -------- d-----w- c:\users\Stina\AppData\Roaming\Big Fish Games
2013-06-28 19:48 . 2013-06-28 19:48 -------- d-----w- c:\users\Stina\AppData\Roaming\AlawarEntertainment
2013-06-28 06:35 . 2013-06-28 06:35 -------- d-----w- c:\programdata\Big Fish
2013-06-28 06:26 . 2013-06-28 06:26 -------- d-----w- c:\users\Stina\AppData\Roaming\Nitreal Games
2013-06-27 19:39 . 2013-06-28 07:26 -------- d-----w- c:\programdata\Playrix Entertainment
2013-06-27 12:52 . 2013-06-27 12:52 -------- d-----w- c:\users\Stina\AppData\Roaming\HipSoft
2013-06-27 11:45 . 2013-06-27 11:45 -------- d-----w- c:\programdata\Melesta
2013-06-27 11:34 . 2013-07-24 20:14 -------- d-----w- c:\programdata\Big Fish Games
2013-06-27 11:32 . 2013-07-24 20:14 -------- d-----w- C:\BigFishGamesCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-27 22:04 . 2012-10-29 15:53 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04 . 2012-10-29 15:53 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-25 07:37 . 2013-06-25 07:37 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-25 07:37 . 2012-05-23 20:01 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-25 07:37 . 2012-05-23 20:01 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-23 22:57 . 2012-05-26 14:25 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-16 12:00 . 2013-03-14 00:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-06-12 08:03 . 2013-05-14 18:09 9089416 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-31 08:00 . 2012-10-29 15:00 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-05-30 23:24 . 2013-06-13 20:57 1257472 ----a-w- c:\windows\system32\kernel32.dll
2013-05-23 23:01 . 2013-06-13 20:57 1300992 ----a-w- c:\windows\system32\gdi32.dll
2013-05-23 22:27 . 2013-06-13 20:57 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-05-15 22:37 . 2013-06-14 18:15 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-05-15 22:35 . 2013-06-14 18:15 53760 ----a-w- c:\windows\system32\UXInit.dll
2013-05-15 02:25 . 2013-06-13 20:57 888320 ----a-w- c:\windows\system32\autochk.exe
2013-05-15 02:25 . 2013-06-13 20:57 542208 ----a-w- c:\windows\system32\untfs.dll
2013-05-15 02:24 . 2013-06-13 20:57 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2013-05-15 02:24 . 2013-06-13 20:57 482816 ----a-w- c:\windows\SysWow64\untfs.dll
2013-05-14 13:14 . 2013-06-14 18:15 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-14 09:23 . 2013-06-14 18:15 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-11 01:01 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-09 16:17 . 2013-05-09 16:17 369168 ----a-w- c:\windows\system32\wpcap.dll
2013-05-09 16:17 . 2013-05-09 16:17 35344 ----a-w- c:\windows\system32\drivers\npf.sys
2013-05-09 16:17 . 2013-05-09 16:17 106000 ----a-w- c:\windows\system32\packet.dll
2013-05-04 07:58 . 2013-06-13 20:57 120736 ----a-w- c:\windows\system32\AuthHost.exe
2013-05-04 07:34 . 2013-06-13 20:57 446720 ----a-w- c:\windows\system32\drivers\USBHUB3.SYS
2013-05-04 07:34 . 2013-06-13 20:57 284416 ----a-w- c:\windows\system32\drivers\spaceport.sys
2013-05-04 07:30 . 2013-06-13 20:57 58312 ----a-w- c:\windows\system32\wuauclt.exe
2013-05-04 06:59 . 2013-06-13 20:57 39424 ----a-w- c:\windows\system32\wuapp.exe
2013-05-04 06:59 . 2013-06-13 20:57 1483776 ----a-w- c:\windows\system32\VSSVC.exe
2013-05-04 06:59 . 2013-06-13 20:57 812544 ----a-w- c:\windows\system32\Magnify.exe
2013-05-04 06:59 . 2013-06-13 20:57 98304 ----a-w- c:\windows\system32\wudriver.dll
2013-05-04 06:59 . 2013-06-13 20:57 251904 ----a-w- c:\windows\system32\WUSettingsProvider.dll
2013-05-04 06:59 . 2013-06-13 20:57 141824 ----a-w- c:\windows\system32\wuwebv.dll
2013-05-04 06:59 . 2013-06-13 20:57 3241472 ----a-w- c:\windows\system32\wuaueng.dll
2013-05-04 06:59 . 2013-06-13 20:57 760320 ----a-w- c:\windows\system32\wuapi.dll
2013-05-04 06:59 . 2013-06-13 20:57 1619968 ----a-w- c:\windows\system32\wucltux.dll
2013-05-04 06:59 . 2013-06-13 20:57 13644288 ----a-w- c:\windows\system32\Windows.UI.Xaml.dll
2013-05-04 06:58 . 2013-06-13 20:57 10116096 ----a-w- c:\windows\system32\twinui.dll
2013-05-04 06:58 . 2013-06-13 20:57 328192 ----a-w- c:\windows\system32\ubpm.dll
2013-05-04 06:58 . 2013-06-13 20:57 1332736 ----a-w- c:\windows\system32\sysmain.dll
2013-05-04 06:58 . 2013-06-13 20:57 173568 ----a-w- c:\windows\system32\storewuauth.dll
2013-05-04 06:58 . 2013-06-13 20:57 330240 ----a-w- c:\windows\system32\stobject.dll
2013-05-04 06:58 . 2013-06-13 20:57 93696 ----a-w- c:\windows\system32\psmsrv.dll
2013-05-04 06:58 . 2013-06-13 20:57 470528 ----a-w- c:\windows\system32\netprofmsvc.dll
2013-05-04 06:58 . 2013-06-13 20:57 151552 ----a-w- c:\windows\system32\netprofm.dll
2013-05-04 06:58 . 2013-06-13 20:57 169984 ----a-w- c:\windows\system32\netplwiz.dll
2013-05-04 06:57 . 2013-06-13 20:57 17408 ----a-w- c:\windows\system32\muifontsetup.dll
2013-05-04 06:57 . 2013-06-13 20:57 560640 ----a-w- c:\windows\system32\mfmp4srcsnk.dll
2013-05-04 06:57 . 2013-06-13 20:57 820736 ----a-w- c:\windows\system32\gpprefcl.dll
2013-05-04 06:57 . 2013-06-13 20:57 501760 ----a-w- c:\windows\system32\DevicePairing.dll
2013-05-04 06:57 . 2013-06-13 20:57 179712 ----a-w- c:\windows\system32\bisrv.dll
2013-05-04 06:57 . 2013-06-13 20:57 122368 ----a-w- c:\windows\system32\biwinrt.dll
2013-05-04 06:57 . 2013-06-13 20:57 2305024 ----a-w- c:\windows\system32\authui.dll
2013-05-04 06:57 . 2013-06-13 20:57 389120 ----a-w- c:\windows\system32\BCP47Langs.dll
2013-05-04 06:57 . 2013-06-13 20:57 1131520 ----a-w- c:\windows\system32\AppXDeploymentServer.dll
2013-05-04 06:57 . 2013-06-13 20:57 708096 ----a-w- c:\windows\system32\AppXDeploymentExtensions.dll
2013-05-04 06:56 . 2013-06-13 20:57 419840 ----a-w- c:\windows\system32\intl.cpl
2013-05-04 04:58 . 2013-06-13 20:57 34304 ----a-w- c:\windows\SysWow64\wuapp.exe
2013-05-04 04:58 . 2013-06-13 20:57 758784 ----a-w- c:\windows\SysWow64\Magnify.exe
2013-05-04 04:58 . 2013-06-13 20:57 83968 ----a-w- c:\windows\SysWow64\wudriver.dll
2013-05-04 04:58 . 2013-06-13 20:57 125952 ----a-w- c:\windows\SysWow64\wuwebv.dll
2013-05-04 04:58 . 2013-06-13 20:57 621056 ----a-w- c:\windows\SysWow64\wuapi.dll
2013-05-04 04:57 . 2013-06-13 20:57 10788864 ----a-w- c:\windows\SysWow64\Windows.UI.Xaml.dll
2013-05-04 04:57 . 2013-06-13 20:57 8857088 ----a-w- c:\windows\SysWow64\twinui.dll
2013-05-04 04:57 . 2013-06-13 20:57 247296 ----a-w- c:\windows\SysWow64\ubpm.dll
2013-05-04 04:57 . 2013-06-13 20:57 303616 ----a-w- c:\windows\SysWow64\stobject.dll
2013-05-04 04:57 . 2013-06-13 20:57 18432 ----a-w- c:\windows\SysWow64\npmproxy.dll
2013-05-04 04:57 . 2013-06-13 20:57 151040 ----a-w- c:\windows\SysWow64\netplwiz.dll
2013-05-04 04:57 . 2013-06-13 20:57 115712 ----a-w- c:\windows\SysWow64\netprofm.dll
2013-05-04 04:57 . 2013-06-13 20:57 14336 ----a-w- c:\windows\SysWow64\muifontsetup.dll
2013-05-04 04:56 . 2013-06-13 20:57 411136 ----a-w- c:\windows\SysWow64\mfmp4srcsnk.dll
2013-05-04 04:56 . 2013-06-13 20:57 582144 ----a-w- c:\windows\SysWow64\gpprefcl.dll
2013-05-04 04:56 . 2013-06-13 20:57 449536 ----a-w- c:\windows\SysWow64\DevicePairing.dll
2013-05-04 04:56 . 2013-06-13 20:57 92160 ----a-w- c:\windows\SysWow64\biwinrt.dll
2013-05-04 04:56 . 2013-06-13 20:57 2035712 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-04 04:56 . 2013-06-13 20:57 309760 ----a-w- c:\windows\SysWow64\BCP47Langs.dll
2013-05-04 04:55 . 2013-06-13 20:57 389632 ----a-w- c:\windows\SysWow64\intl.cpl
2013-05-04 04:51 . 2013-06-13 20:57 14848 ----a-w- c:\windows\system32\rars.rs
2013-05-04 04:47 . 2013-06-13 20:57 427520 ----a-w- c:\windows\system32\drivers\rdbss.sys
2013-05-04 04:10 . 2013-06-13 20:57 14848 ----a-w- c:\windows\SysWow64\rars.rs
2013-04-28 22:28 . 2013-06-14 18:15 915968 ----a-w- c:\windows\system32\uxtheme.dll
2013-04-27 05:20 . 2013-06-13 19:44 733184 ----a-w- c:\windows\system32\win32spl.dll
.
.
(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* tomma poster & legitima standardposter visas inte.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-10-09 580096]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-10-11 842680]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-10-11 966072]
"NETGEARGenie"="c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" [2012-10-16 1041736]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-10-11 309688]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
BankID säkerhetsprogram.lnk - c:\program files (x86)\Personal\bin\Personal.exe [2012-4-17 1333144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 lxebCATSCustConnectService;lxebCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxebserv.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 Tdsshbecr;Handelsbanken card reader;c:\windows\system32\DRIVERS\shbecr.sys;c:\windows\SYSNATIVE\DRIVERS\shbecr.sys [x]
R3 WSDScan;WSD Scan Support;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130724.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130724.001\IDSvia64.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1309010.00E\SYMNETS.SYS [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 lxeb_device;lxeb_device;c:\windows\system32\lxebcoms.exe;c:\windows\SYSNATIVE\lxebcoms.exe [x]
S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe;c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 omigaplussvc;Omiga plus service;c:\program files (x86)\Omiga Plus\omigaplusSvc.exe;c:\program files (x86)\Omiga Plus\omigaplusSvc.exe [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 winzipersvc;WinZiper service;c:\program files (x86)\WinZipper\winzipersvc.exe;c:\program files (x86)\WinZipper\winzipersvc.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\System32\drivers\ETD.sys;c:\windows\SYSNATIVE\drivers\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\System32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\System32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-05-11 10:37 215264 ----a-w- c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Innehåll i mappen 'Schemalagda aktiviteter':
.
2013-07-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-04 08:03]
.
2013-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-17 16:21]
.
2013-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-17 16:21]
.
2013-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-9998689-2401158250-43692078-1000Core.job
- c:\users\Stina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-22 09:45]
.
2013-07-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-9998689-2401158250-43692078-1000UA.job
- c:\users\Stina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-22 09:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-18 11779176]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 3933496]
"EzPrint"="c:\program files (x86)\Lexmark Pro200-S500 Series\ezprint.exe" [2011-01-23 148280]
"lxebmon.exe"="c:\program files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe" [2011-01-23 770728]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-09-14 168480]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-09-14 393248]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-09-14 417824]
.
------- Extra genomsökning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportera till Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Ski&cka till OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -
.
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
.
--------------------- LÅSTA REGISTERNYCKLAR ---------------------
.
[HKEY_USERS\S-1-5-21-9998689-2401158250-43692078-1000CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC]
@Denied: (C D) (Everyone)
.
[HKEY_USERS\S-1-5-21-9998689-2401158250-43692078-1000CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\License information*]
"datasecu"=hex:83,07,9e,54,f0,f8,37,b7,9d,bf,39,99,d8,14,2c,0b,20,08,0b,8d,e7,
75,d5,30,06,01,27,81,60,2d,b6,99,d4,73,2e,67,c1,1e,c5,8c,d5,a1,ff,0e,46,1e,\
"rkeysecu"=hex:f3,96,13,1d,71,4b,a8,80,1f,ff,9b,c0,57,ae,c5,df
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_UserSession2_2860"="{512E0033-A753-4705-B845-3F7FF29D3012}"
"ccSvcHst_UserSession2_2300"="{B20E91EE-FAB1-4B7E-B35C-92A793BCBF08}"
"ccSvcHst_UserSession_8272"="{159BA749-8812-4F99-9FDB-A1F54B9C8C22}"
"ccSvcHst_UserSession_5808"="{03EE76CC-6031-42A0-A66F-0CFFB570782C}"
"ccSvcHst_UserSession2_3680"="{E0CCA081-4887-4503-9B6B-46B79AA6E3B9}"
"g_coVistaProxyChannel"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"{A1B48937-0778-4e7c-885B-271F65B485D2}"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccSvcHst_UserSession2_3264"="{F1E28039-94D5-419A-9290-509A70FED62A}"
"ccSvcHst_UserSession_2304"="{5CB942D9-21C6-4320-8F58-5F6F51351CCA}"
"ccSvcHst_UserSession_6248"="{63E0B374-D31F-4BEF-838C-2183B668B4E7}"
"ccSvcHst_UserSession_4800"="{DD7BE8E8-CBA7-4B88-850E-49C5261A0637}"
"ccSvcHst_UserSession2_808"="{EC30FDD3-3D89-43B0-8DDC-5A5A1A96C04A}"
"ccSvcHst_UserSession_5960"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"AvProdSession_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"AvProdSession_Options_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"AvProdSession_MessageCenter_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"AvProdSession_Scanless_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"AvProdSession_IPUA_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"AvProdSession_CanIRun_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"CO_PS_{55DBA8A2-CF13-4600-8FC8-C7B989ABF841}_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"SDKCHANNEL13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"ToasterNotify\\SessionID_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"_IPCChannel_PerformAutoLogin_13_"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"ccSvcHst_UserSession2_1108"="{A347D0CE-2305-4E32-A8FE-67368A812D2A}"
"ccSvcHst_UserSession_1156"="{FB6E5DA2-67FF-441B-90F1-32BB6A2849F0}"
"ccSvcHst_UserSession_4992"="{EAF706E6-CBE4-4D8B-9818-C5BB60CCC38B}"
"ccSvcHst_UserSession_5096"="{E63FCD4F-7C10-4412-8B37-FBC115A92CD0}"
"ccSvcHst_UserSession_6880"="{9E8F16DB-1912-4C31-870E-6738CB904179}"
"ccSvcHst_NIS"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"DING_{4467AB8F-68C8-4ab5-9B48-B3E6EB65F6A1}"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccGenericEvent_Global_EM"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccGenericEvent_Global_LM"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccGenericLog_Manager"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"SymRedirSvcRequestChannel"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"SNDServiceRequestChannel"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"{A2DE0E79-877C-485b-B604-78B170313E9E}_IronIPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"SNDLocationChannel"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"NortonNetServiceIPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"NetMapServiceIPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_isDataPrComm_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ncw_performance_IPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_NCWSvcComm_NortonCommunityWatchConfiguration"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_ProcessDetection_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_AvProdSvcComm_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ipcChannel_ShastaServer"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"isError_Service_IPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"QuickStart{4302D82E-BA29-4be2-A0EF-72589D61BCD3}"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"BashIPCChannel"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_ISPOCClient_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_IDataStoreMgr_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_NortonOnlineCommFeatureRequest_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_HSPlayerCommand_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"{C4A09495-F6BC-4166-B717-F3F3250462BB}"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"FWAlert"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"IPS_COMMAND_CHANNEL"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_ReputationSvcComm_ReputationPublisher"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ncw_reputation_scan_server_IPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccSvcHst_UserSession_4876"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}2"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"{9BBA000F-092F-432f-B9DF-9D64FD1C2978}"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"AvProdSession_Options_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"AvProdSession_MessageCenter_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"AvProdSession_Scanless_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"clt::AlertChannel2_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"AvProdSession_IPUA_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"AvProdSession_CanIRun_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"CO_PS_{55DBA8A2-CF13-4600-8FC8-C7B989ABF841}_2"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"g_coUserCommandChannel_S-1-5-21-9998689-2401158250-43692078-1000"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}2"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"TRUSTCHANNEL"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"SDKCHANNEL2"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"ToasterNotify\\SessionID_2"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"_IPCChannel_PerformAutoLogin_2_"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}2"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"ccSvcHst_UserSession_4284"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}1"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_Options_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_MessageCenter_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_Scanless_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_IPUA_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_CanIRun_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"CO_PS_{55DBA8A2-CF13-4600-8FC8-C7B989ABF841}_1"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"clt::AlertChannel2_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}1"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"SDKCHANNEL1"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"ToasterNotify\\SessionID_1"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"_IPCChannel_PerformAutoLogin_1_"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)
"{512E0033-A753-4705-B845-3F7FF29D3012}"=""
"{C865F4DF-6850-4188-ABE0-5B6A50D19DB1}"=""
"{0F59C7FC-D551-4CF2-8DF3-AF24D51EC955}"=""
"{B20E91EE-FAB1-4B7E-B35C-92A793BCBF08}"=""
"{DBF84F69-8378-4FD1-9678-D74B4E713483}"=""
"{6537787B-A3F2-4DE0-BB61-7DDC03FF5B2E}"=""
"{8441BE06-46B1-40D6-ABD3-6EBADEF82E7E}"=""
"{84808FB8-DFD7-4A3B-82A8-F7BBB00E077A}"=""
"{29C6060C-8DC7-4B4D-859A-4E119F7ED0C2}"=""
"{342BF881-E34A-4C49-B114-0E01247440FB}"=""
"{5624B748-8CF3-4F44-9EC2-DD32A300D75B}"=""
"{AFB829E5-9D6B-4195-B0FD-A2A1B6331175}"=""
"{31A03321-E865-4511-8162-05571E37DC9C}"=""
"{F33707FB-3F24-4FF3-94D5-140C59F02A72}"=""
"{09807054-A8E8-45DA-85FC-ADFFAEC2A308}"=""
"{926D7DC8-380A-41CE-B45F-5DD73284F1C0}"=""
"{D6000DE4-FD2B-4AED-8E58-E5C43E2CDF6B}"=""
"{C724A724-9B83-44BC-BFD4-9489997EC54F}"=""
"{159BA749-8812-4F99-9FDB-A1F54B9C8C22}"=""
"{B8EAFF5D-F110-4C49-BB69-C18E7819BABF}"=""
"{DCA51C2A-5BA7-413E-9EE3-E6067B2EAFA6}"=""
"{FBB0459E-C360-4F5C-9E24-7C9CB0122D02}"=""
"{A95D244F-F2C1-463F-AFE8-D2389BC465FC}"=""
"{82CF4887-0E64-4175-BE99-187FE3650CDC}"=""
"{B02C59AA-9258-404C-97F9-945CC4919ADE}"=""
"{EBE3680B-E9B7-439F-A1E8-6A8F8755FB8D}"=""
"{529922AB-DE6A-4C11-92EF-357E6EE4D0FC}"=""
"{ACDF0D4C-46F4-4896-9BE6-87823613CA77}"=""
"{03EE76CC-6031-42A0-A66F-0CFFB570782C}"=""
"{4348CF7E-8A76-458D-B95A-C220E25D6716}"=""
"{AC24510C-926C-42BC-93E2-8389524869CD}"=""
"{250E0AF3-2333-4BDC-BFE1-2A8DBBFB77AE}"=""
"{06831D51-5C3C-4AFB-975A-1969E59EED38}"=""
"{F7CB7FD4-CDCE-455D-A712-7EC75086B6DB}"=""
"{12B6C64F-6ECD-4BE3-8388-3F391752121D}"=""
"{DB203133-4721-4833-BB72-90C944C7569F}"=""
"{3A52E856-A81D-41F0-9837-D0962B8D2346}"=""
"{4E2B15F8-7832-4582-A8B7-98C0539B54F5}"=""
"{55EFEC88-CC38-4D75-92EF-9F2E708D9A8C}"=""
"{039AD581-25AF-49E7-876C-8A9E801DDD7D}"=""
"{88BBFB69-51B6-4EA6-87D7-7585398C680E}"=""
"{57BBE574-BC5B-4ED0-B960-26791795246D}"=""
"{35FA03F8-2956-4190-BD37-F1F5229D952C}"=""
"{E9C6545E-4296-4681-A02E-D81D4A1FF76A}"=""
"{556D19D8-322C-46D7-A059-F22FA053A58F}"=""
"{90145BB6-2086-4B97-9121-6E11F35EC0CF}"=""
"{2F4000F8-9C3B-4832-A8D4-130DFE68491C}"=""
"{BF35B05D-44FA-4905-B20C-CCFD1C1F70AC}"=""
"{E229A65B-782A-427C-B116-DB52ED1317EB}"=""
"{9309B661-71E3-45A4-93E4-BAFC64AAB203}"=""
"{DBDBF464-5DE0-43F6-8181-42BE0779CC0D}"=""
"{0BA509E6-7878-4062-A185-295573C4A6D1}"=""
"{82F592A4-6D1A-4309-9443-A53633775B7F}"=""
"{5D1BD71D-6D97-4B38-A8A3-20A76665FC44}"=""
"{A9ABCFA1-D48B-4B4A-945F-A909BDACCA73}"=""
"{2C40513D-A934-488C-85BC-1695D6E1D5DB}"=""
"{C2FCACC6-43EF-4E0B-BC83-CA025F026C8B}"=""
"{71E89BB4-ADB0-4A27-9405-FF0F014F83CA}"=""
"{7A6864EE-1BDF-42EC-B39F-211F1AF6FD78}"=""
"{625301CA-A07F-45CF-9C4C-A58A218FC4A8}"=""
"{E2F0E9B4-5A17-4673-AE00-4CF8C4BB298C}"=""
"{E0CCA081-4887-4503-9B6B-46B79AA6E3B9}"=""
"{E8D605E1-3384-409A-B032-2A57D377363A}"=""
"{CE1B9679-BACF-4C21-8B51-C2D243D6C7EC}"=""
"{08CE4712-9934-49F8-8C67-3F63FAB06C67}"=""
"{4AA4CBA0-9565-470E-8923-C845D32A9EC7}"=""
"{0E6D3A63-8617-469E-8778-4EF4F74BC8C0}"=""
"{8EE16D3B-075B-474C-BE82-660AB5B230FB}"=""
"{B32FB630-70A4-4448-8935-83F44A0273DE}"=""
"{42A99A9A-DACC-4962-8F58-160EA37A4AC7}"=""
"{89D9766F-6DED-4254-BD88-0FDED6953D2C}"=""
"{F3EF7489-2FC6-46B3-B385-B1BFE72E2526}"=""
"{7879CF24-90EB-4B9D-8AEC-FFAC6FE67019}"=""
"{285ECA4A-3C89-45A1-9188-123E4F41DB83}"=""
"{81DD8CF4-4B4C-4367-93EA-E86367126238}"=""
"{C2838D59-6E10-409C-B3B6-06E99A8F5B71}"=""
"{AD169805-398A-4BB8-96FF-BE7F8BD266AE}"=""
"{D01A008A-50A8-4B85-A69C-A7CBA80EC224}"=""
"{5DBF8329-6F4B-498F-ABA5-E8FBCD83CC7A}"=""
"{FB004C0A-4B05-49DE-B5EE-A3B55A9225B4}"=""
"{B298E26C-71A8-4965-B4A1-C305975F196D}"=""
"{99B18BA3-4181-42A5-9AE7-E6419DAE3CCE}"=""
"{65C0045C-6235-4E37-80A7-04CDA3BC9F7E}"=""
"{C25E4185-23EC-49A1-B8A2-D81DDF5E875A}"=""
"{F10F331B-F1B1-45F7-93CC-EF873C33145E}"=""
"{AA0BDDC2-F61A-45C1-8C8F-3ACE4546C571}"=""
"{8BB40DEC-2685-4679-81D1-6A14545C905E}"=""
"{706848F6-7249-401B-ACF9-B1886FD65B8C}"=""
"{7C35786B-9511-4652-AB5C-CB8D82F2DBCB}"=""
"{BA45E228-080B-4D18-B098-5E10E41A0291}"=""
"{DB85533C-6C54-489F-9CFC-C40FA5D8DB95}"=""
"{07910B20-4DBA-4649-B626-32CAC429A690}"=""
"{3EC16032-E063-4DDA-9776-7A9B5DB0213E}"=""
"{E6F00C4C-BEDA-4C8C-B8D8-7CF7BA1FCFC7}"=""
"{34FC9F2B-356C-4AD7-A7FA-F9D9D009D352}"=""
"{EB6BFD0D-CB8B-4A20-8E50-3E1B2DD82A0C}"=""
"{3980B9EB-81B0-4655-9C3C-D1808F20E4AC}"=""
"{2EDFB60F-6D9A-41F5-B413-1F64C00F7A4C}"=""
"{D238AA51-70DA-4998-BEE4-AD113FD88243}"=""
"{BC2F6E87-51D5-4A31-AE7E-CD56FFB7B58B}"=""
"{5B1FD984-7064-47BA-875F-BCDFEC3588D5}"=""
"{881DAB6A-B578-4E8C-8E13-263FD5C2A287}"=""
"{712B5924-D9C3-4A98-85E0-4864EF1ABC11}"=""
"{78F00D65-A920-4DDE-869F-23160775AB18}"=""
"{B167F69D-8BBD-41E1-8A9B-0CC207E94603}"=""
"{68D0D7D8-132D-4FBD-B445-5BC37EBFC4DE}"=""
"{F2416E49-6AC9-4A66-9A61-CDD72507EC7D}"=""
"{268DEE1A-38FB-4832-85B8-975E8AF59942}"=""
"{F30228DD-B7C3-410A-9D59-19561148B9CE}"=""
"{4C00AB85-EF2F-4FE6-8E6C-F34B932142C1}"=""
"{1158AD62-9EF9-45E1-BB8C-0D92013E9CB6}"=""
"{8C010619-1826-45AD-953B-61CF0F7DC886}"=""
"{BBEC930A-0726-4D7B-A780-86BB7C5B78AD}"=""
"{62C97226-DB37-4AAF-831B-32910FD85D2E}"=""
"{DA0E0449-D62D-4A1E-B4ED-52A6155BF281}"=""
"{5FC9F176-19D1-4965-A507-0BE2588A058D}"=""
"{64F42642-56EA-4487-B163-BC84BF3E3827}"=""
"{02BECBEC-9037-45EA-B86E-88F299C35FD1}"=""
"{9528E0CF-DAC5-4AAB-B8A0-003DC021577E}"=""
"{CCB77659-0BC0-49A9-A3A9-81D0CD3394F8}"=""
"{9D3EAE83-8F7B-49B9-9C1A-D20372F3534E}"=""
"{AA06D3FD-95EF-4355-9678-B105C0E1BD8E}"=""
"{C113681F-8378-454A-B9B4-2AED0F7A7CD3}"=""
"{1830C7FF-C77E-42DB-9966-B79667CB2D25}"=""
"{7F5B1F86-A10E-4622-9EDC-E234985BC639}"=""
"{9D85B4DA-7027-4678-A8BA-050B5EEFCA50}"=""
"{5ABADE88-C254-4E3C-B2FB-B886CDC6D600}"=""
"{905F24C3-BE80-4434-80A7-DD9B45366F76}"=""
"{8956EEA9-4B4D-4B35-A734-0B97BEAC210C}"=""
"{8A37D12D-4769-4082-AFA7-B35E8A316FB4}"=""
"{7391783E-0316-4199-8181-08E602FAB161}"=""
"{2F7C9011-B765-42A5-8ABE-8C6E8F73AA10}"=""
"{51001A92-64D9-49B7-BC90-63D45716E726}"=""
"{D6516016-E739-43AF-A1B8-B7B25ECC1E7C}"=""
"{9386F2AC-C8F0-41D8-A82A-4C8C83641E61}"=""
"{EAECF97C-E4B0-4FED-8E2E-21C5C1D3B0B3}"=""
"{4CD8A829-FB3B-43F8-A6B5-2E2188E06F24}"=""
"{A8214C4F-FE24-4F1E-8C56-D1DB38B2DFBF}"=""
"{A6194F2C-0F8B-452A-8649-794AB0682A10}"=""
"{6A84042F-012C-4717-94BC-DAFDA25886D0}"=""
"{AE2AC827-52FE-41AD-909F-3E36AA668CB2}"=""
"{88B563E0-9A03-4743-93E5-32132B26D0AC}"=""
"{8FABAB62-9E8F-4AE2-88E5-53015651D291}"=""
"{177595F7-3486-4130-9931-E6691062E831}"=""
"{EDD01D95-7BF1-45F5-A711-183324ED61F0}"=""
"{72141F04-A1EA-4867-A5E7-BE76DBCFCD49}"=""
"{FC95D434-724E-4556-86C4-BDC3B6111537}"=""
"{40966C75-38F5-4B6A-86D4-76AEDDD09396}"=""
"{467EC152-C97E-43B2-B9A1-3B08F90517B1}"=""
"{C890408A-9F56-4049-BE7F-4C2864DD006C}"=""
"{58EDF79D-EE24-473A-A931-E88BFD0BA984}"=""
"{ADFF238B-B0D5-49F0-9FA6-A0B0027949F1}"=""
"{F54897A9-79C7-4CB1-935B-F669698E0B9C}"=""
"{1903B144-9AA5-4C49-A48A-5FEDDF96CE6C}"=""
"{FA8B5445-02BE-4AB3-889D-0AC7240BB091}"=""
"{32EBB589-C1C9-4E07-9BD6-EC1CA279333A}"=""
"{8E3575F4-C2BC-4C41-87D6-4FB758CC103E}"=""
"{E51E6140-1655-46A5-9A1C-20B9646DBF2D}"=""
"{3D9654F4-91CE-4157-8BF7-3D0C2C18BBAE}"=""
"{AAF45141-2602-49B5-BC18-99FD6617F736}"=""
"{13D0011C-E815-4995-9A43-5095F9C3E469}"=""
"{C45AB437-171F-4B3A-9AA4-E39BD4A2DDC4}"=""
"{B70C8E0A-81F4-427A-83D4-1DD13CCF4227}"=""
"{AEE6A3ED-B631-4EB3-BBF9-B2220868D521}"=""
"{88D2503C-8E6D-4FD8-BCAF-EB2736CE093D}"=""
"{AB4040C4-E425-4E28-94AF-8E4333892637}"=""
"{E6DFA036-75B1-418F-B149-75231F8FE1B6}"=""
"{5C357ADF-9FBE-43F4-8246-D7C703D2811A}"=""
"{EE222CC4-0849-4AC1-A7F9-3B84E7638922}"=""
"{378CBC8A-033C-4222-997D-9005800E9EB1}"=""
"{562604EF-8F7D-4C37-8CD1-5FC3E2ADBF7A}"=""
"{323DC1A5-F268-48A0-ACED-C01572B0DD15}"=""
"{986DB4A9-E372-46C4-B1F0-656055A070F2}"=""
"{87D483EF-31A3-42D0-A62E-B00E96EF626B}"=""
"{132B755A-D172-4EF3-8E09-3C4603FCDE0E}"=""
"{F53E953B-6CAE-42C8-8718-26CD3EA28041}"=""
"{708B09BD-5565-4D62-9B53-6C24407909AD}"=""
"{5ED090DE-54F3-4566-9B55-DB2C4A90A2DB}"=""
"{66EA0B6A-7551-4701-A7D5-BC5D000EBC16}"=""
"{AFF77CCD-D758-4177-BCA9-1121A37B94E2}"=""
"{66E32C0D-1D36-4F82-BFD8-0C3BB57718A0}"=""
"{D4D44AB6-86F3-4B13-ABB2-8B2C09F0B9E2}"=""
"{8DCEABFB-DBB0-4AC6-B345-81C6D8B1ACDA}"=""
"{F1E28039-94D5-419A-9290-509A70FED62A}"=""
"{0FE1D7EF-5921-45C0-B31B-AEA445B9230F}"=""
"{F9FB29A6-D0C1-4096-83EF-8F28973108BC}"=""
"{AEACC29E-7E31-4F5E-A967-84AB39290BEE}"=""
"{1CF5A9DC-A201-45D3-A2B6-47F6A865D9C3}"=""
"{9AA80EA5-34FD-4688-B631-F597BA635467}"=""
"{3E4CF441-F5CF-4688-8C96-398F0739CF76}"=""
"{FAF2B8F3-210D-4E02-B797-91C9FA6C702D}"=""
"{1AEA5673-F3C0-4349-B4C2-46D4A8BD5C44}"=""
"{B44BE6F7-0852-4437-9AB8-887223B1165C}"=""
"{ECF5A6CE-6711-4F29-AF5C-48F4F0638A69}"=""
"{3FFA445E-8111-4D89-ACEF-5871A1F83B8C}"=""
"{2CBC0877-BD41-4373-B4B0-70A6F2F729BF}"=""
"{5CB942D9-21C6-4320-8F58-5F6F51351CCA}"=""
"{63E0B374-D31F-4BEF-838C-2183B668B4E7}"=""
"{6D10DD2F-FDC1-4BBE-AEB2-F4E4CFC605B2}"=""
"{81A5F666-BF37-43FA-8A3C-90DFE4FFB812}"=""
"{B025C490-D2D6-4DE0-B060-3EECF806DFA1}"=""
"{B64DE2D0-A767-43E3-B8B2-C0B584F26D50}"=""
"{2E742DD8-1FD9-4C3A-863C-4265DF1DA58E}"=""
"{4F6B1D5C-11A8-4DBE-85A1-755C600C5367}"=""
"{F4091E21-082C-4AC2-92EB-85F41B052A86}"=""
"{28EBC19A-F99B-42E5-A34A-5F1D18D607DB}"=""
"{FC673D35-8E61-4700-B626-5D08DB487DFF}"=""
"{DDD05B34-4CD2-4E54-A461-C279017C752E}"=""
"{919DEB8D-608F-4C10-888C-4C636EF0ED60}"=""
"{D3168999-2185-485C-B223-7C06D6FA53F5}"=""
"{C8DB63B8-0155-4A24-BC6C-96DEAFF989D9}"=""
"{DD7BE8E8-CBA7-4B88-850E-49C5261A0637}"=""
"{C99C7016-9E62-439E-A64C-8F87B4AD9DBB}"=""
"{EC30FDD3-3D89-43B0-8DDC-5A5A1A96C04A}"=""
"{014707FB-E0E9-4C14-A3D0-3B1CE20481BA}"=""
"{7BEF2B46-D7A5-40B2-9DF4-63501257C6B1}"=""
"{9506622B-0307-4E08-9FDA-739411A31AD6}"=""
"{75055FBC-233F-42B7-AE61-B38DFDAF19A8}"=""
"{5513DFFD-08CF-430A-86DA-601E71F385DF}"=""
"{EA259A71-F7A2-43BA-B82B-2025D69DFCB9}"=""
"{AB548D1C-8858-4946-898E-289255C291A3}"=""
"{07348652-ABF3-4704-946A-6AD8F4035577}"=""
"{1A665DFD-15A8-450E-A06B-A7243CA3E012}"=""
"{9653789D-C016-4B64-A0F6-204B1D8373E2}"=""
"{857C6C8E-1232-4CFE-95F7-CC76DB081F5B}"=""
"{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"=""
"{95E99936-A2E8-49F7-9B2D-054E8279E43E}"=""
"{A347D0CE-2305-4E32-A8FE-67368A812D2A}"=""
"{FB6E5DA2-67FF-441B-90F1-32BB6A2849F0}"=""
"{ACE32036-BD96-470F-8841-7E5B8CE07283}"=""
"{9B837007-8D2D-4334-80C8-42A49B48656C}"=""
"{98C06CBF-1784-4997-8F12-2CE93D1B6616}"=""
"{EAF706E6-CBE4-4D8B-9818-C5BB60CCC38B}"=""
"{5C7FA91B-C385-48E5-B9B7-83D793E1D265}"=""
"{E63FCD4F-7C10-4412-8B37-FBC115A92CD0}"=""
"{9E8F16DB-1912-4C31-870E-6738CB904179}"=""
"{4879E0D8-122C-4DC4-BC7B-36F791488521}"=""
"{962CC716-5C01-45E2-B762-A55BEB7D767A}"=""
"{226D9091-CFEC-4B3C-9A15-01B2D00FC00B}"=""
"{8C97D0C6-592E-4F8D-B185-5B45AE960FFF}"=""
"{9947F44C-BD79-4CB2-B66C-B5D549397116}"=""
"{3349431E-8D1E-4124-BF63-9466116D44D2}"=""
"{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"=""
"{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Andra processer som körs ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\NETGEAR Genie\bin\genie2_tray.exe
.
**************************************************************************
.
Sluttid: 2013-07-25 12:57:11 - datorn startades om.
ComboFix-quarantined-files.txt 2013-07-25 10:57
.
Före genomsökningen: 198 681 423 872 bytes free
Efter genomsökningen: 198 370 246 656 bytes free
.
- - End Of File - - 622B20AF1D722F46540546C6549527C4
D41D8CD98F00B204E9800998ECF8427E

Dold text

Rapportera Redigera

Citera flera Citera

2013-07-25 15:47

Permalänk

CeciliaB

Medlem

Plats: Stockholm
Registrerad: Nov 2011

●

Skrivet av JohaStin:

Här kommer loggen från ComboFix. Var lite klurigt att stänga av Norton men jag tror att jag lyckades.
Mvh Stina

Gå till inlägget

1. Starta Anteckningar.
Kopiera alla rader i rutan:

Killall::
ClearJavaCache::
DDS::
R2 omigaplussvc;Omiga plus service;C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe [2013-7-20 424104]
R2 winzipersvc;WinZiper service;C:\Program Files (x86)\WinZipper\winzipersvc.exe [2013-7-20 424104]
2013-07-24 20:14:39 656048 ----a-w- C:\ProgramData\uninstall879122.exe
2013-07-23 08:15:01 -------- d-----w- C:\Users\Stina\AppData\Roaming\Omiga Plus
2013-07-20 21:37:37 -------- d-----w- C:\Program Files (x86)\Omiga Plus
2013-07-20 21:37:34 -------- d-----w- C:\Users\Stina\AppData\Roaming\WinZipper
2013-07-20 21:37:34 -------- d-----w- C:\Program Files (x86)\WinZipper

och klistra in i Anteckningar. Kontrollera att inga filnamn/sökvägar delas upp på två rader.
Spara filen på Skrivbordet med kodningen ANSI och med namnet CFScript.

Förbered datorn på samma sätt som tidigare för ComboFix.
Dra CFScript med musen och släpp den ovanpå ComboFix-ikonen på Skrivbordet så startar programmet på ett särskilt sätt.
Klistra in loggen som kommer ut.

2. Hur står det till med datorn?

Rapportera Redigera

Citera flera Citera

2013-07-27 21:58

Permalänk

JohaStin

Medlem

Registrerad: Jul 2013

●

Här kommer loggen, det verkar som att omiga och winzipper kommer tillbaka hela tiden. Envisa jäklar. Har inte vågat använda min internetbank ännu. Tur man har det på mobilen med

Kanske en dum fråga men ska jag radera mapparna med "omiga plus" och "winzipper". Jag har nämligen fått för mig att om jag raderar mapparna så kan man inte avinstallera eller att det blir svårare att få bort dem då de gömmer sig eller så.

Annars funkar datorn precis som innan, ser inga tydliga tecken på att den är infekterad men det är ju tydligen ett sånt virus som mest kollar av lösenord och vilka sidor man är inne på.

Tack igen för att du tar dig tid och försöker hjälpa mig

ComboFix 13-07-24.03 - Stina 2013-07-27 9:33.2.4 - x64
Microsoft Windows 8 Pro 6.2.9200.0.1252.46.1053.18.3767.2383 [GMT 2:00]
Körs från: c:\users\Stina\Downloads\ComboFix.exe
Kommandoväxlar som använts :: c:\users\Stina\Desktop\CFScript.txt
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Skapade en ny återställningspunkt
.
.
((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\muzapp.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((( Filer skapade från 2013-06-27 till 2013-07-27 ))))))))))))))))))))))))))))))
.
.
2013-07-27 07:44 . 2013-07-27 07:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-27 07:44 . 2013-07-27 07:44 -------- d-----w- c:\users\Default.migrated\AppData\Local\temp
2013-07-26 18:42 . 2013-07-26 18:42 289968 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10211.bin
2013-07-23 08:05 . 2013-07-24 20:36 202 ----a-w- c:\windows\DeleteOnReboot.bat
2013-07-21 20:16 . 2013-07-21 20:20 -------- d-----w- c:\windows\system32\MRT
2013-07-21 20:10 . 2013-07-21 20:10 -------- d-----w- c:\program files (x86)\ESET
2013-07-21 19:46 . 2013-07-21 19:46 -------- d-----w- c:\windows\system32\appmgmt
2013-07-20 21:50 . 2013-07-20 22:13 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-07-20 21:50 . 2013-07-20 21:50 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2013-07-20 21:37 . 2013-07-25 10:52 -------- d-----w- c:\program files (x86)\Omiga Plus
2013-07-20 21:37 . 2013-07-25 10:52 -------- d-----w- c:\program files (x86)\WinZipper
2013-07-20 21:37 . 2013-07-20 21:37 -------- d-----w- c:\users\Stina\AppData\Roaming\WinZipper
2013-07-17 19:28 . 2013-06-16 22:41 997632 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-07-17 19:28 . 2013-06-01 09:20 2219520 ----a-w- c:\windows\system32\dwmcore.dll
2013-07-17 19:28 . 2013-06-01 11:34 2391280 ----a-w- c:\windows\explorer.exe
2013-07-17 19:28 . 2013-06-01 11:26 6987008 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-17 19:28 . 2013-06-01 10:24 2106176 ----a-w- c:\windows\SysWow64\explorer.exe
2013-07-17 19:28 . 2013-06-01 09:23 1842176 ----a-w- c:\windows\SysWow64\dwmcore.dll
2013-07-17 19:28 . 2013-06-01 11:33 2233600 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-17 19:28 . 2013-06-01 09:21 729600 ----a-w- c:\windows\system32\samsrv.dll
2013-07-17 19:28 . 2013-06-01 09:20 1527808 ----a-w- c:\windows\system32\mfcore.dll
2013-07-15 21:13 . 2013-05-15 22:35 144384 ----a-w- c:\windows\system32\tssdisai.dll
2013-07-12 07:30 . 2013-07-12 07:30 -------- d--h--r- c:\users\Stina\AppData\Roaming\SecuROM
2013-07-12 06:56 . 2013-07-12 06:56 -------- d-----w- c:\programdata\EA Core
2013-07-12 06:44 . 2013-07-12 06:41 447752 ----a-w- c:\windows\SysWow64\vp6vfw.dll
2013-07-12 06:43 . 2006-09-28 14:05 3977496 ----a-w- c:\windows\system32\d3dx9_31.dll
2013-07-12 06:43 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll
2013-07-11 17:56 . 2013-07-15 07:10 -------- d-----w- c:\users\Stina\AppData\Roaming\Origin
2013-07-11 17:56 . 2013-07-11 17:58 -------- d-----w- c:\program files (x86)\Origin Games
2013-07-11 17:56 . 2013-07-11 17:56 -------- d-----w- c:\users\Stina\AppData\Local\Origin
2013-07-11 17:54 . 2013-07-11 17:57 -------- d-----w- c:\programdata\Origin
2013-07-11 17:54 . 2013-07-11 17:54 -------- d-----w- c:\programdata\Electronic Arts
2013-07-11 17:54 . 2013-07-19 17:45 -------- d-----w- c:\program files (x86)\Origin
2013-07-10 18:12 . 2013-04-10 22:35 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-10 18:12 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2013-07-10 18:12 . 2013-04-10 22:35 1306112 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-10 18:12 . 2013-04-10 22:35 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 18:12 . 2013-04-11 04:12 1029632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2013-07-10 18:12 . 2013-04-11 04:12 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2013-07-10 18:12 . 2013-04-10 22:35 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-10 18:11 . 2013-05-30 23:14 4036096 ----a-w- c:\windows\system32\win32k.sys
2013-07-10 18:11 . 2013-06-01 09:21 595968 ----a-w- c:\windows\system32\qedit.dll
2013-07-10 18:11 . 2013-06-01 09:25 496640 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-10 18:11 . 2013-06-21 05:04 19187712 ----a-w- c:\program files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-10 18:11 . 2013-06-21 04:46 18523648 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-07-10 18:11 . 2013-04-11 22:30 1421312 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-10 18:11 . 2013-04-11 22:22 1838080 ----a-w- c:\windows\system32\DWrite.dll
2013-07-10 18:11 . 2013-06-11 23:25 19238912 ----a-w- c:\windows\system32\mshtml.dll
2013-07-05 13:23 . 2013-07-05 13:23 -------- d-----w- c:\users\Stina\AppData\Roaming\2monkeys
2013-07-02 20:43 . 2013-07-02 20:43 -------- d-----w- c:\users\Stina\AppData\Roaming\Jigsaws Galore
2013-07-01 19:52 . 2013-07-01 19:52 -------- d-----w- c:\users\Stina\AppData\Roaming\PopCap Games
2013-07-01 19:50 . 2013-07-01 19:50 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-07-01 19:50 . 2013-07-01 19:50 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-07-01 19:50 . 2013-07-01 19:50 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-07-01 19:50 . 2013-07-01 19:50 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-07-01 19:50 . 2013-07-01 19:50 -------- d-----w- c:\program files (x86)\OpenAL
2013-07-01 14:49 . 2013-07-01 14:49 -------- d-----w- c:\programdata\Meridian93
2013-07-01 14:49 . 2013-07-01 14:49 -------- d-----w- c:\users\Stina\AppData\Roaming\Meridian93
2013-06-30 18:49 . 2013-06-30 18:49 -------- d-----w- c:\users\Stina\AppData\Local\Big Fish
2013-06-29 19:13 . 2013-07-03 21:21 -------- d-----w- c:\users\Stina\AppData\Roaming\Big Fish Games
2013-06-28 19:48 . 2013-06-28 19:48 -------- d-----w- c:\users\Stina\AppData\Roaming\AlawarEntertainment
2013-06-28 06:35 . 2013-06-28 06:35 -------- d-----w- c:\programdata\Big Fish
2013-06-28 06:26 . 2013-06-28 06:26 -------- d-----w- c:\users\Stina\AppData\Roaming\Nitreal Games
2013-06-27 19:39 . 2013-06-28 07:26 -------- d-----w- c:\programdata\Playrix Entertainment
2013-06-27 12:52 . 2013-06-27 12:52 -------- d-----w- c:\users\Stina\AppData\Roaming\HipSoft
2013-06-27 11:45 . 2013-06-27 11:45 -------- d-----w- c:\programdata\Melesta
2013-06-27 11:34 . 2013-07-24 20:14 -------- d-----w- c:\programdata\Big Fish Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-27 22:04 . 2012-10-29 15:53 78200 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 22:04 . 2012-10-29 15:53 693112 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-25 07:37 . 2013-06-25 07:37 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-25 07:37 . 2012-05-23 20:01 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-06-25 07:37 . 2012-05-23 20:01 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-23 22:57 . 2012-05-26 14:25 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-16 12:00 . 2013-03-14 00:00 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-06-12 08:03 . 2013-05-14 18:09 9089416 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-31 08:00 . 2012-10-29 15:00 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2013-05-30 23:24 . 2013-06-13 20:57 1257472 ----a-w- c:\windows\system32\kernel32.dll
2013-05-23 23:01 . 2013-06-13 20:57 1300992 ----a-w- c:\windows\system32\gdi32.dll
2013-05-23 22:27 . 2013-06-13 20:57 1022464 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-05-15 22:37 . 2013-06-14 18:15 44032 ----a-w- c:\windows\SysWow64\UXInit.dll
2013-05-15 22:35 . 2013-06-14 18:15 53760 ----a-w- c:\windows\system32\UXInit.dll
2013-05-15 02:25 . 2013-06-13 20:57 888320 ----a-w- c:\windows\system32\autochk.exe
2013-05-15 02:25 . 2013-06-13 20:57 542208 ----a-w- c:\windows\system32\untfs.dll
2013-05-15 02:24 . 2013-06-13 20:57 793088 ----a-w- c:\windows\SysWow64\autochk.exe
2013-05-15 02:24 . 2013-06-13 20:57 482816 ----a-w- c:\windows\SysWow64\untfs.dll
2013-05-14 13:14 . 2013-06-14 18:15 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-14 09:23 . 2013-06-14 18:15 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-05-11 01:01 . 2012-07-26 08:13 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-09 16:17 . 2013-05-09 16:17 369168 ----a-w- c:\windows\system32\wpcap.dll
2013-05-09 16:17 . 2013-05-09 16:17 35344 ----a-w- c:\windows\system32\drivers\npf.sys
2013-05-09 16:17 . 2013-05-09 16:17 106000 ----a-w- c:\windows\system32\packet.dll
2013-05-04 07:58 . 2013-06-13 20:57 120736 ----a-w- c:\windows\system32\AuthHost.exe
2013-05-04 07:34 . 2013-06-13 20:57 446720 ----a-w- c:\windows\system32\drivers\USBHUB3.SYS
2013-05-04 07:34 . 2013-06-13 20:57 284416 ----a-w- c:\windows\system32\drivers\spaceport.sys
2013-05-04 07:30 . 2013-06-13 20:57 58312 ----a-w- c:\windows\system32\wuauclt.exe
2013-05-04 06:59 . 2013-06-13 20:57 39424 ----a-w- c:\windows\system32\wuapp.exe
2013-05-04 06:59 . 2013-06-13 20:57 1483776 ----a-w- c:\windows\system32\VSSVC.exe
2013-05-04 06:59 . 2013-06-13 20:57 812544 ----a-w- c:\windows\system32\Magnify.exe
2013-05-04 06:59 . 2013-06-13 20:57 98304 ----a-w- c:\windows\system32\wudriver.dll
2013-05-04 06:59 . 2013-06-13 20:57 251904 ----a-w- c:\windows\system32\WUSettingsProvider.dll
2013-05-04 06:59 . 2013-06-13 20:57 141824 ----a-w- c:\windows\system32\wuwebv.dll
2013-05-04 06:59 . 2013-06-13 20:57 3241472 ----a-w- c:\windows\system32\wuaueng.dll
2013-05-04 06:59 . 2013-06-13 20:57 760320 ----a-w- c:\windows\system32\wuapi.dll
2013-05-04 06:59 . 2013-06-13 20:57 1619968 ----a-w- c:\windows\system32\wucltux.dll
2013-05-04 06:59 . 2013-06-13 20:57 13644288 ----a-w- c:\windows\system32\Windows.UI.Xaml.dll
2013-05-04 06:58 . 2013-06-13 20:57 10116096 ----a-w- c:\windows\system32\twinui.dll
2013-05-04 06:58 . 2013-06-13 20:57 328192 ----a-w- c:\windows\system32\ubpm.dll
2013-05-04 06:58 . 2013-06-13 20:57 1332736 ----a-w- c:\windows\system32\sysmain.dll
2013-05-04 06:58 . 2013-06-13 20:57 173568 ----a-w- c:\windows\system32\storewuauth.dll
2013-05-04 06:58 . 2013-06-13 20:57 330240 ----a-w- c:\windows\system32\stobject.dll
2013-05-04 06:58 . 2013-06-13 20:57 93696 ----a-w- c:\windows\system32\psmsrv.dll
2013-05-04 06:58 . 2013-06-13 20:57 470528 ----a-w- c:\windows\system32\netprofmsvc.dll
2013-05-04 06:58 . 2013-06-13 20:57 151552 ----a-w- c:\windows\system32\netprofm.dll
2013-05-04 06:58 . 2013-06-13 20:57 169984 ----a-w- c:\windows\system32\netplwiz.dll
2013-05-04 06:57 . 2013-06-13 20:57 17408 ----a-w- c:\windows\system32\muifontsetup.dll
2013-05-04 06:57 . 2013-06-13 20:57 560640 ----a-w- c:\windows\system32\mfmp4srcsnk.dll
2013-05-04 06:57 . 2013-06-13 20:57 820736 ----a-w- c:\windows\system32\gpprefcl.dll
2013-05-04 06:57 . 2013-06-13 20:57 501760 ----a-w- c:\windows\system32\DevicePairing.dll
2013-05-04 06:57 . 2013-06-13 20:57 179712 ----a-w- c:\windows\system32\bisrv.dll
2013-05-04 06:57 . 2013-06-13 20:57 122368 ----a-w- c:\windows\system32\biwinrt.dll
2013-05-04 06:57 . 2013-06-13 20:57 2305024 ----a-w- c:\windows\system32\authui.dll
2013-05-04 06:57 . 2013-06-13 20:57 389120 ----a-w- c:\windows\system32\BCP47Langs.dll
2013-05-04 06:57 . 2013-06-13 20:57 1131520 ----a-w- c:\windows\system32\AppXDeploymentServer.dll
2013-05-04 06:57 . 2013-06-13 20:57 708096 ----a-w- c:\windows\system32\AppXDeploymentExtensions.dll
2013-05-04 06:56 . 2013-06-13 20:57 419840 ----a-w- c:\windows\system32\intl.cpl
2013-05-04 04:58 . 2013-06-13 20:57 34304 ----a-w- c:\windows\SysWow64\wuapp.exe
2013-05-04 04:58 . 2013-06-13 20:57 758784 ----a-w- c:\windows\SysWow64\Magnify.exe
2013-05-04 04:58 . 2013-06-13 20:57 83968 ----a-w- c:\windows\SysWow64\wudriver.dll
2013-05-04 04:58 . 2013-06-13 20:57 125952 ----a-w- c:\windows\SysWow64\wuwebv.dll
2013-05-04 04:58 . 2013-06-13 20:57 621056 ----a-w- c:\windows\SysWow64\wuapi.dll
2013-05-04 04:57 . 2013-06-13 20:57 10788864 ----a-w- c:\windows\SysWow64\Windows.UI.Xaml.dll
2013-05-04 04:57 . 2013-06-13 20:57 8857088 ----a-w- c:\windows\SysWow64\twinui.dll
2013-05-04 04:57 . 2013-06-13 20:57 247296 ----a-w- c:\windows\SysWow64\ubpm.dll
2013-05-04 04:57 . 2013-06-13 20:57 303616 ----a-w- c:\windows\SysWow64\stobject.dll
2013-05-04 04:57 . 2013-06-13 20:57 18432 ----a-w- c:\windows\SysWow64\npmproxy.dll
2013-05-04 04:57 . 2013-06-13 20:57 151040 ----a-w- c:\windows\SysWow64\netplwiz.dll
2013-05-04 04:57 . 2013-06-13 20:57 115712 ----a-w- c:\windows\SysWow64\netprofm.dll
2013-05-04 04:57 . 2013-06-13 20:57 14336 ----a-w- c:\windows\SysWow64\muifontsetup.dll
2013-05-04 04:56 . 2013-06-13 20:57 411136 ----a-w- c:\windows\SysWow64\mfmp4srcsnk.dll
2013-05-04 04:56 . 2013-06-13 20:57 582144 ----a-w- c:\windows\SysWow64\gpprefcl.dll
2013-05-04 04:56 . 2013-06-13 20:57 449536 ----a-w- c:\windows\SysWow64\DevicePairing.dll
2013-05-04 04:56 . 2013-06-13 20:57 92160 ----a-w- c:\windows\SysWow64\biwinrt.dll
2013-05-04 04:56 . 2013-06-13 20:57 2035712 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-04 04:56 . 2013-06-13 20:57 309760 ----a-w- c:\windows\SysWow64\BCP47Langs.dll
2013-05-04 04:55 . 2013-06-13 20:57 389632 ----a-w- c:\windows\SysWow64\intl.cpl
2013-05-04 04:51 . 2013-06-13 20:57 14848 ----a-w- c:\windows\system32\rars.rs
2013-05-04 04:47 . 2013-06-13 20:57 427520 ----a-w- c:\windows\system32\drivers\rdbss.sys
2013-05-04 04:10 . 2013-06-13 20:57 14848 ----a-w- c:\windows\SysWow64\rars.rs
2013-04-28 22:28 . 2013-06-14 18:15 915968 ----a-w- c:\windows\system32\uxtheme.dll
.
.
(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* tomma poster & legitima standardposter visas inte.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-10-09 580096]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-10-11 842680]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-10-11 966072]
"NETGEARGenie"="c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" [2012-10-16 1041736]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-04-24 297280]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-10-11 309688]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
BankID säkerhetsprogram.lnk - c:\program files (x86)\Personal\bin\Personal.exe [2012-4-17 1333144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 lxebCATSCustConnectService;lxebCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxebserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxebserv.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 Tdsshbecr;Handelsbanken card reader;c:\windows\system32\DRIVERS\shbecr.sys;c:\windows\SYSNATIVE\DRIVERS\shbecr.sys [x]
R3 WSDScan;WSD Scan Support;c:\windows\System32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [x]
S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130726.001\IDSvia64.sys;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20130726.001\IDSvia64.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1309010.00E\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1309010.00E\SYMNETS.SYS [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 lxeb_device;lxeb_device;c:\windows\system32\lxebcoms.exe;c:\windows\SYSNATIVE\lxebcoms.exe [x]
S2 NETGEARGenieDaemon;NETGEARGenieDaemon;c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe;c:\program files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [x]
S2 omigaplussvc;Omiga plus service;c:\program files (x86)\Omiga Plus\omigaplusSvc.exe;c:\program files (x86)\Omiga Plus\omigaplusSvc.exe [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 winzipersvc;WinZiper service;c:\program files (x86)\WinZipper\winzipersvc.exe;c:\program files (x86)\WinZipper\winzipersvc.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\System32\drivers\ETD.sys;c:\windows\SYSNATIVE\drivers\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\System32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\System32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2013-05-11 10:37 215264 ----a-w- c:\program files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll
.
Innehåll i mappen 'Schemalagda aktiviteter':
.
2013-07-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-04 08:03]
.
2013-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-17 16:21]
.
2013-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-17 16:21]
.
2013-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-9998689-2401158250-43692078-1000Core.job
- c:\users\Stina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-22 09:45]
.
2013-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-9998689-2401158250-43692078-1000UA.job
- c:\users\Stina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-22 09:45]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-18 11779176]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 3933496]
"EzPrint"="c:\program files (x86)\Lexmark Pro200-S500 Series\ezprint.exe" [2011-01-23 148280]
"lxebmon.exe"="c:\program files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe" [2011-01-23 770728]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-08-02 1831016]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-09-14 168480]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-09-14 393248]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-09-14 417824]
.
------- Extra genomsökning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportera till Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Ski&cka till OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
.
--------------------- LÅSTA REGISTERNYCKLAR ---------------------
.
[HKEY_USERS\S-1-5-21-9998689-2401158250-43692078-1000CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC]
@Denied: (C D) (Everyone)
.
[HKEY_USERS\S-1-5-21-9998689-2401158250-43692078-1000CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\SecuROM\License information*]
"datasecu"=hex:83,07,9e,54,f0,f8,37,b7,9d,bf,39,99,d8,14,2c,0b,20,08,0b,8d,e7,
75,d5,30,06,01,27,81,60,2d,b6,99,d4,73,2e,67,c1,1e,c5,8c,d5,a1,ff,0e,46,1e,\
"rkeysecu"=hex:f3,96,13,1d,71,4b,a8,80,1f,ff,9b,c0,57,ae,c5,df
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_UserSession2_2860"="{512E0033-A753-4705-B845-3F7FF29D3012}"
"ccSvcHst_UserSession2_2300"="{B20E91EE-FAB1-4B7E-B35C-92A793BCBF08}"
"ccSvcHst_UserSession_8272"="{159BA749-8812-4F99-9FDB-A1F54B9C8C22}"
"ccSvcHst_UserSession_5808"="{03EE76CC-6031-42A0-A66F-0CFFB570782C}"
"ccSvcHst_UserSession2_3680"="{E0CCA081-4887-4503-9B6B-46B79AA6E3B9}"
"g_coVistaProxyChannel"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"{A1B48937-0778-4e7c-885B-271F65B485D2}"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccSvcHst_UserSession2_3264"="{F1E28039-94D5-419A-9290-509A70FED62A}"
"ccSvcHst_UserSession_2304"="{5CB942D9-21C6-4320-8F58-5F6F51351CCA}"
"ccSvcHst_UserSession_6248"="{63E0B374-D31F-4BEF-838C-2183B668B4E7}"
"ccSvcHst_UserSession_4800"="{DD7BE8E8-CBA7-4B88-850E-49C5261A0637}"
"ccSvcHst_UserSession2_808"="{EC30FDD3-3D89-43B0-8DDC-5A5A1A96C04A}"
"ccSvcHst_UserSession_5960"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"AvProdSession_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"AvProdSession_Options_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"AvProdSession_MessageCenter_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"AvProdSession_Scanless_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"AvProdSession_IPUA_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"AvProdSession_CanIRun_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"CO_PS_{55DBA8A2-CF13-4600-8FC8-C7B989ABF841}_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"SDKCHANNEL13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"ToasterNotify\\SessionID_13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"_IPCChannel_PerformAutoLogin_13_"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}13"="{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"
"ccSvcHst_UserSession2_1108"="{A347D0CE-2305-4E32-A8FE-67368A812D2A}"
"ccSvcHst_UserSession_1156"="{FB6E5DA2-67FF-441B-90F1-32BB6A2849F0}"
"ccSvcHst_UserSession_4992"="{EAF706E6-CBE4-4D8B-9818-C5BB60CCC38B}"
"ccSvcHst_UserSession_5096"="{E63FCD4F-7C10-4412-8B37-FBC115A92CD0}"
"ccSvcHst_UserSession_6880"="{9E8F16DB-1912-4C31-870E-6738CB904179}"
"ccSvcHst_NIS"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"DING_{4467AB8F-68C8-4ab5-9B48-B3E6EB65F6A1}"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccGenericEvent_Global_EM"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccGenericEvent_Global_LM"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccGenericLog_Manager"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"SymRedirSvcRequestChannel"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"SNDServiceRequestChannel"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"{A2DE0E79-877C-485b-B604-78B170313E9E}_IronIPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"SNDLocationChannel"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"NortonNetServiceIPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"NetMapServiceIPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_isDataPrComm_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ncw_performance_IPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_NCWSvcComm_NortonCommunityWatchConfiguration"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_ProcessDetection_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_AvProdSvcComm_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ipcChannel_ShastaServer"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"isError_Service_IPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"QuickStart{4302D82E-BA29-4be2-A0EF-72589D61BCD3}"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"BashIPCChannel"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_ISPOCClient_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_IDataStoreMgr_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_NortonOnlineCommFeatureRequest_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_HSPlayerCommand_"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"{C4A09495-F6BC-4166-B717-F3F3250462BB}"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"FWAlert"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"IPS_COMMAND_CHANNEL"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"_ReputationSvcComm_ReputationPublisher"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ncw_reputation_scan_server_IPC"="{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"
"ccSvcHst_UserSession_4876"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}2"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"{9BBA000F-092F-432f-B9DF-9D64FD1C2978}"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"AvProdSession_Options_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"AvProdSession_MessageCenter_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"AvProdSession_Scanless_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"clt::AlertChannel2_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"AvProdSession_IPUA_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"AvProdSession_CanIRun_02"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"CO_PS_{55DBA8A2-CF13-4600-8FC8-C7B989ABF841}_2"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"g_coUserCommandChannel_S-1-5-21-9998689-2401158250-43692078-1000"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}2"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"TRUSTCHANNEL"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"SDKCHANNEL2"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"ToasterNotify\\SessionID_2"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"_IPCChannel_PerformAutoLogin_2_"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}2"="{3349431E-8D1E-4124-BF63-9466116D44D2}"
"ccSvcHst_UserSession_4284"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}1"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_Options_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_MessageCenter_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_Scanless_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_IPUA_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"AvProdSession_CanIRun_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"CO_PS_{55DBA8A2-CF13-4600-8FC8-C7B989ABF841}_1"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"clt::AlertChannel2_01"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}1"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"SDKCHANNEL1"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"ToasterNotify\\SessionID_1"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"_IPCChannel_PerformAutoLogin_1_"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)
"{512E0033-A753-4705-B845-3F7FF29D3012}"=""
"{C865F4DF-6850-4188-ABE0-5B6A50D19DB1}"=""
"{0F59C7FC-D551-4CF2-8DF3-AF24D51EC955}"=""
"{B20E91EE-FAB1-4B7E-B35C-92A793BCBF08}"=""
"{DBF84F69-8378-4FD1-9678-D74B4E713483}"=""
"{6537787B-A3F2-4DE0-BB61-7DDC03FF5B2E}"=""
"{8441BE06-46B1-40D6-ABD3-6EBADEF82E7E}"=""
"{84808FB8-DFD7-4A3B-82A8-F7BBB00E077A}"=""
"{29C6060C-8DC7-4B4D-859A-4E119F7ED0C2}"=""
"{342BF881-E34A-4C49-B114-0E01247440FB}"=""
"{5624B748-8CF3-4F44-9EC2-DD32A300D75B}"=""
"{AFB829E5-9D6B-4195-B0FD-A2A1B6331175}"=""
"{31A03321-E865-4511-8162-05571E37DC9C}"=""
"{F33707FB-3F24-4FF3-94D5-140C59F02A72}"=""
"{09807054-A8E8-45DA-85FC-ADFFAEC2A308}"=""
"{926D7DC8-380A-41CE-B45F-5DD73284F1C0}"=""
"{D6000DE4-FD2B-4AED-8E58-E5C43E2CDF6B}"=""
"{C724A724-9B83-44BC-BFD4-9489997EC54F}"=""
"{159BA749-8812-4F99-9FDB-A1F54B9C8C22}"=""
"{B8EAFF5D-F110-4C49-BB69-C18E7819BABF}"=""
"{DCA51C2A-5BA7-413E-9EE3-E6067B2EAFA6}"=""
"{FBB0459E-C360-4F5C-9E24-7C9CB0122D02}"=""
"{A95D244F-F2C1-463F-AFE8-D2389BC465FC}"=""
"{82CF4887-0E64-4175-BE99-187FE3650CDC}"=""
"{B02C59AA-9258-404C-97F9-945CC4919ADE}"=""
"{EBE3680B-E9B7-439F-A1E8-6A8F8755FB8D}"=""
"{529922AB-DE6A-4C11-92EF-357E6EE4D0FC}"=""
"{ACDF0D4C-46F4-4896-9BE6-87823613CA77}"=""
"{03EE76CC-6031-42A0-A66F-0CFFB570782C}"=""
"{4348CF7E-8A76-458D-B95A-C220E25D6716}"=""
"{AC24510C-926C-42BC-93E2-8389524869CD}"=""
"{250E0AF3-2333-4BDC-BFE1-2A8DBBFB77AE}"=""
"{06831D51-5C3C-4AFB-975A-1969E59EED38}"=""
"{F7CB7FD4-CDCE-455D-A712-7EC75086B6DB}"=""
"{12B6C64F-6ECD-4BE3-8388-3F391752121D}"=""
"{DB203133-4721-4833-BB72-90C944C7569F}"=""
"{3A52E856-A81D-41F0-9837-D0962B8D2346}"=""
"{4E2B15F8-7832-4582-A8B7-98C0539B54F5}"=""
"{55EFEC88-CC38-4D75-92EF-9F2E708D9A8C}"=""
"{039AD581-25AF-49E7-876C-8A9E801DDD7D}"=""
"{88BBFB69-51B6-4EA6-87D7-7585398C680E}"=""
"{57BBE574-BC5B-4ED0-B960-26791795246D}"=""
"{35FA03F8-2956-4190-BD37-F1F5229D952C}"=""
"{E9C6545E-4296-4681-A02E-D81D4A1FF76A}"=""
"{556D19D8-322C-46D7-A059-F22FA053A58F}"=""
"{90145BB6-2086-4B97-9121-6E11F35EC0CF}"=""
"{2F4000F8-9C3B-4832-A8D4-130DFE68491C}"=""
"{BF35B05D-44FA-4905-B20C-CCFD1C1F70AC}"=""
"{E229A65B-782A-427C-B116-DB52ED1317EB}"=""
"{9309B661-71E3-45A4-93E4-BAFC64AAB203}"=""
"{DBDBF464-5DE0-43F6-8181-42BE0779CC0D}"=""
"{0BA509E6-7878-4062-A185-295573C4A6D1}"=""
"{82F592A4-6D1A-4309-9443-A53633775B7F}"=""
"{5D1BD71D-6D97-4B38-A8A3-20A76665FC44}"=""
"{A9ABCFA1-D48B-4B4A-945F-A909BDACCA73}"=""
"{2C40513D-A934-488C-85BC-1695D6E1D5DB}"=""
"{C2FCACC6-43EF-4E0B-BC83-CA025F026C8B}"=""
"{71E89BB4-ADB0-4A27-9405-FF0F014F83CA}"=""
"{7A6864EE-1BDF-42EC-B39F-211F1AF6FD78}"=""
"{625301CA-A07F-45CF-9C4C-A58A218FC4A8}"=""
"{E2F0E9B4-5A17-4673-AE00-4CF8C4BB298C}"=""
"{E0CCA081-4887-4503-9B6B-46B79AA6E3B9}"=""
"{E8D605E1-3384-409A-B032-2A57D377363A}"=""
"{CE1B9679-BACF-4C21-8B51-C2D243D6C7EC}"=""
"{08CE4712-9934-49F8-8C67-3F63FAB06C67}"=""
"{4AA4CBA0-9565-470E-8923-C845D32A9EC7}"=""
"{0E6D3A63-8617-469E-8778-4EF4F74BC8C0}"=""
"{8EE16D3B-075B-474C-BE82-660AB5B230FB}"=""
"{B32FB630-70A4-4448-8935-83F44A0273DE}"=""
"{42A99A9A-DACC-4962-8F58-160EA37A4AC7}"=""
"{89D9766F-6DED-4254-BD88-0FDED6953D2C}"=""
"{F3EF7489-2FC6-46B3-B385-B1BFE72E2526}"=""
"{7879CF24-90EB-4B9D-8AEC-FFAC6FE67019}"=""
"{285ECA4A-3C89-45A1-9188-123E4F41DB83}"=""
"{81DD8CF4-4B4C-4367-93EA-E86367126238}"=""
"{C2838D59-6E10-409C-B3B6-06E99A8F5B71}"=""
"{AD169805-398A-4BB8-96FF-BE7F8BD266AE}"=""
"{D01A008A-50A8-4B85-A69C-A7CBA80EC224}"=""
"{5DBF8329-6F4B-498F-ABA5-E8FBCD83CC7A}"=""
"{FB004C0A-4B05-49DE-B5EE-A3B55A9225B4}"=""
"{B298E26C-71A8-4965-B4A1-C305975F196D}"=""
"{99B18BA3-4181-42A5-9AE7-E6419DAE3CCE}"=""
"{65C0045C-6235-4E37-80A7-04CDA3BC9F7E}"=""
"{C25E4185-23EC-49A1-B8A2-D81DDF5E875A}"=""
"{F10F331B-F1B1-45F7-93CC-EF873C33145E}"=""
"{AA0BDDC2-F61A-45C1-8C8F-3ACE4546C571}"=""
"{8BB40DEC-2685-4679-81D1-6A14545C905E}"=""
"{706848F6-7249-401B-ACF9-B1886FD65B8C}"=""
"{7C35786B-9511-4652-AB5C-CB8D82F2DBCB}"=""
"{BA45E228-080B-4D18-B098-5E10E41A0291}"=""
"{DB85533C-6C54-489F-9CFC-C40FA5D8DB95}"=""
"{07910B20-4DBA-4649-B626-32CAC429A690}"=""
"{3EC16032-E063-4DDA-9776-7A9B5DB0213E}"=""
"{E6F00C4C-BEDA-4C8C-B8D8-7CF7BA1FCFC7}"=""
"{34FC9F2B-356C-4AD7-A7FA-F9D9D009D352}"=""
"{EB6BFD0D-CB8B-4A20-8E50-3E1B2DD82A0C}"=""
"{3980B9EB-81B0-4655-9C3C-D1808F20E4AC}"=""
"{2EDFB60F-6D9A-41F5-B413-1F64C00F7A4C}"=""
"{D238AA51-70DA-4998-BEE4-AD113FD88243}"=""
"{BC2F6E87-51D5-4A31-AE7E-CD56FFB7B58B}"=""
"{5B1FD984-7064-47BA-875F-BCDFEC3588D5}"=""
"{881DAB6A-B578-4E8C-8E13-263FD5C2A287}"=""
"{712B5924-D9C3-4A98-85E0-4864EF1ABC11}"=""
"{78F00D65-A920-4DDE-869F-23160775AB18}"=""
"{B167F69D-8BBD-41E1-8A9B-0CC207E94603}"=""
"{68D0D7D8-132D-4FBD-B445-5BC37EBFC4DE}"=""
"{F2416E49-6AC9-4A66-9A61-CDD72507EC7D}"=""
"{268DEE1A-38FB-4832-85B8-975E8AF59942}"=""
"{F30228DD-B7C3-410A-9D59-19561148B9CE}"=""
"{4C00AB85-EF2F-4FE6-8E6C-F34B932142C1}"=""
"{1158AD62-9EF9-45E1-BB8C-0D92013E9CB6}"=""
"{8C010619-1826-45AD-953B-61CF0F7DC886}"=""
"{BBEC930A-0726-4D7B-A780-86BB7C5B78AD}"=""
"{62C97226-DB37-4AAF-831B-32910FD85D2E}"=""
"{DA0E0449-D62D-4A1E-B4ED-52A6155BF281}"=""
"{5FC9F176-19D1-4965-A507-0BE2588A058D}"=""
"{64F42642-56EA-4487-B163-BC84BF3E3827}"=""
"{02BECBEC-9037-45EA-B86E-88F299C35FD1}"=""
"{9528E0CF-DAC5-4AAB-B8A0-003DC021577E}"=""
"{CCB77659-0BC0-49A9-A3A9-81D0CD3394F8}"=""
"{9D3EAE83-8F7B-49B9-9C1A-D20372F3534E}"=""
"{AA06D3FD-95EF-4355-9678-B105C0E1BD8E}"=""
"{C113681F-8378-454A-B9B4-2AED0F7A7CD3}"=""
"{1830C7FF-C77E-42DB-9966-B79667CB2D25}"=""
"{7F5B1F86-A10E-4622-9EDC-E234985BC639}"=""
"{9D85B4DA-7027-4678-A8BA-050B5EEFCA50}"=""
"{5ABADE88-C254-4E3C-B2FB-B886CDC6D600}"=""
"{905F24C3-BE80-4434-80A7-DD9B45366F76}"=""
"{8956EEA9-4B4D-4B35-A734-0B97BEAC210C}"=""
"{8A37D12D-4769-4082-AFA7-B35E8A316FB4}"=""
"{7391783E-0316-4199-8181-08E602FAB161}"=""
"{2F7C9011-B765-42A5-8ABE-8C6E8F73AA10}"=""
"{51001A92-64D9-49B7-BC90-63D45716E726}"=""
"{D6516016-E739-43AF-A1B8-B7B25ECC1E7C}"=""
"{9386F2AC-C8F0-41D8-A82A-4C8C83641E61}"=""
"{EAECF97C-E4B0-4FED-8E2E-21C5C1D3B0B3}"=""
"{4CD8A829-FB3B-43F8-A6B5-2E2188E06F24}"=""
"{A8214C4F-FE24-4F1E-8C56-D1DB38B2DFBF}"=""
"{A6194F2C-0F8B-452A-8649-794AB0682A10}"=""
"{6A84042F-012C-4717-94BC-DAFDA25886D0}"=""
"{AE2AC827-52FE-41AD-909F-3E36AA668CB2}"=""
"{88B563E0-9A03-4743-93E5-32132B26D0AC}"=""
"{8FABAB62-9E8F-4AE2-88E5-53015651D291}"=""
"{177595F7-3486-4130-9931-E6691062E831}"=""
"{EDD01D95-7BF1-45F5-A711-183324ED61F0}"=""
"{72141F04-A1EA-4867-A5E7-BE76DBCFCD49}"=""
"{FC95D434-724E-4556-86C4-BDC3B6111537}"=""
"{40966C75-38F5-4B6A-86D4-76AEDDD09396}"=""
"{467EC152-C97E-43B2-B9A1-3B08F90517B1}"=""
"{C890408A-9F56-4049-BE7F-4C2864DD006C}"=""
"{58EDF79D-EE24-473A-A931-E88BFD0BA984}"=""
"{ADFF238B-B0D5-49F0-9FA6-A0B0027949F1}"=""
"{F54897A9-79C7-4CB1-935B-F669698E0B9C}"=""
"{1903B144-9AA5-4C49-A48A-5FEDDF96CE6C}"=""
"{FA8B5445-02BE-4AB3-889D-0AC7240BB091}"=""
"{32EBB589-C1C9-4E07-9BD6-EC1CA279333A}"=""
"{8E3575F4-C2BC-4C41-87D6-4FB758CC103E}"=""
"{E51E6140-1655-46A5-9A1C-20B9646DBF2D}"=""
"{3D9654F4-91CE-4157-8BF7-3D0C2C18BBAE}"=""
"{AAF45141-2602-49B5-BC18-99FD6617F736}"=""
"{13D0011C-E815-4995-9A43-5095F9C3E469}"=""
"{C45AB437-171F-4B3A-9AA4-E39BD4A2DDC4}"=""
"{B70C8E0A-81F4-427A-83D4-1DD13CCF4227}"=""
"{AEE6A3ED-B631-4EB3-BBF9-B2220868D521}"=""
"{88D2503C-8E6D-4FD8-BCAF-EB2736CE093D}"=""
"{AB4040C4-E425-4E28-94AF-8E4333892637}"=""
"{E6DFA036-75B1-418F-B149-75231F8FE1B6}"=""
"{5C357ADF-9FBE-43F4-8246-D7C703D2811A}"=""
"{EE222CC4-0849-4AC1-A7F9-3B84E7638922}"=""
"{378CBC8A-033C-4222-997D-9005800E9EB1}"=""
"{562604EF-8F7D-4C37-8CD1-5FC3E2ADBF7A}"=""
"{323DC1A5-F268-48A0-ACED-C01572B0DD15}"=""
"{986DB4A9-E372-46C4-B1F0-656055A070F2}"=""
"{87D483EF-31A3-42D0-A62E-B00E96EF626B}"=""
"{132B755A-D172-4EF3-8E09-3C4603FCDE0E}"=""
"{F53E953B-6CAE-42C8-8718-26CD3EA28041}"=""
"{708B09BD-5565-4D62-9B53-6C24407909AD}"=""
"{5ED090DE-54F3-4566-9B55-DB2C4A90A2DB}"=""
"{66EA0B6A-7551-4701-A7D5-BC5D000EBC16}"=""
"{AFF77CCD-D758-4177-BCA9-1121A37B94E2}"=""
"{66E32C0D-1D36-4F82-BFD8-0C3BB57718A0}"=""
"{D4D44AB6-86F3-4B13-ABB2-8B2C09F0B9E2}"=""
"{8DCEABFB-DBB0-4AC6-B345-81C6D8B1ACDA}"=""
"{F1E28039-94D5-419A-9290-509A70FED62A}"=""
"{0FE1D7EF-5921-45C0-B31B-AEA445B9230F}"=""
"{F9FB29A6-D0C1-4096-83EF-8F28973108BC}"=""
"{AEACC29E-7E31-4F5E-A967-84AB39290BEE}"=""
"{1CF5A9DC-A201-45D3-A2B6-47F6A865D9C3}"=""
"{9AA80EA5-34FD-4688-B631-F597BA635467}"=""
"{3E4CF441-F5CF-4688-8C96-398F0739CF76}"=""
"{FAF2B8F3-210D-4E02-B797-91C9FA6C702D}"=""
"{1AEA5673-F3C0-4349-B4C2-46D4A8BD5C44}"=""
"{B44BE6F7-0852-4437-9AB8-887223B1165C}"=""
"{ECF5A6CE-6711-4F29-AF5C-48F4F0638A69}"=""
"{3FFA445E-8111-4D89-ACEF-5871A1F83B8C}"=""
"{2CBC0877-BD41-4373-B4B0-70A6F2F729BF}"=""
"{5CB942D9-21C6-4320-8F58-5F6F51351CCA}"=""
"{63E0B374-D31F-4BEF-838C-2183B668B4E7}"=""
"{6D10DD2F-FDC1-4BBE-AEB2-F4E4CFC605B2}"=""
"{81A5F666-BF37-43FA-8A3C-90DFE4FFB812}"=""
"{B025C490-D2D6-4DE0-B060-3EECF806DFA1}"=""
"{B64DE2D0-A767-43E3-B8B2-C0B584F26D50}"=""
"{2E742DD8-1FD9-4C3A-863C-4265DF1DA58E}"=""
"{4F6B1D5C-11A8-4DBE-85A1-755C600C5367}"=""
"{F4091E21-082C-4AC2-92EB-85F41B052A86}"=""
"{28EBC19A-F99B-42E5-A34A-5F1D18D607DB}"=""
"{FC673D35-8E61-4700-B626-5D08DB487DFF}"=""
"{DDD05B34-4CD2-4E54-A461-C279017C752E}"=""
"{919DEB8D-608F-4C10-888C-4C636EF0ED60}"=""
"{D3168999-2185-485C-B223-7C06D6FA53F5}"=""
"{C8DB63B8-0155-4A24-BC6C-96DEAFF989D9}"=""
"{DD7BE8E8-CBA7-4B88-850E-49C5261A0637}"=""
"{C99C7016-9E62-439E-A64C-8F87B4AD9DBB}"=""
"{EC30FDD3-3D89-43B0-8DDC-5A5A1A96C04A}"=""
"{014707FB-E0E9-4C14-A3D0-3B1CE20481BA}"=""
"{7BEF2B46-D7A5-40B2-9DF4-63501257C6B1}"=""
"{9506622B-0307-4E08-9FDA-739411A31AD6}"=""
"{75055FBC-233F-42B7-AE61-B38DFDAF19A8}"=""
"{5513DFFD-08CF-430A-86DA-601E71F385DF}"=""
"{EA259A71-F7A2-43BA-B82B-2025D69DFCB9}"=""
"{AB548D1C-8858-4946-898E-289255C291A3}"=""
"{07348652-ABF3-4704-946A-6AD8F4035577}"=""
"{1A665DFD-15A8-450E-A06B-A7243CA3E012}"=""
"{9653789D-C016-4B64-A0F6-204B1D8373E2}"=""
"{857C6C8E-1232-4CFE-95F7-CC76DB081F5B}"=""
"{55276D0C-DC3A-47EF-B8A6-06E7476D2AC1}"=""
"{95E99936-A2E8-49F7-9B2D-054E8279E43E}"=""
"{A347D0CE-2305-4E32-A8FE-67368A812D2A}"=""
"{FB6E5DA2-67FF-441B-90F1-32BB6A2849F0}"=""
"{ACE32036-BD96-470F-8841-7E5B8CE07283}"=""
"{9B837007-8D2D-4334-80C8-42A49B48656C}"=""
"{98C06CBF-1784-4997-8F12-2CE93D1B6616}"=""
"{EAF706E6-CBE4-4D8B-9818-C5BB60CCC38B}"=""
"{5C7FA91B-C385-48E5-B9B7-83D793E1D265}"=""
"{E63FCD4F-7C10-4412-8B37-FBC115A92CD0}"=""
"{9E8F16DB-1912-4C31-870E-6738CB904179}"=""
"{4879E0D8-122C-4DC4-BC7B-36F791488521}"=""
"{962CC716-5C01-45E2-B762-A55BEB7D767A}"=""
"{226D9091-CFEC-4B3C-9A15-01B2D00FC00B}"=""
"{8C97D0C6-592E-4F8D-B185-5B45AE960FFF}"=""
"{9947F44C-BD79-4CB2-B66C-B5D549397116}"=""
"{3349431E-8D1E-4124-BF63-9466116D44D2}"=""
"{DAF9B5FF-147C-4596-AF8F-8EAF3E577772}"=""
"{2FBBB593-4290-4078-8BEF-CCF39FEAA20E}"=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Sluttid: 2013-07-27 09:59:43
ComboFix-quarantined-files.txt 2013-07-27 07:59
ComboFix2.txt 2013-07-25 10:57
.
Före genomsökningen: 197 647 564 800 bytes free
Efter genomsökningen: 197 585 293 312 bytes free
.
- - End Of File - - 801E8726912A29D722F49B06338DB760
D41D8CD98F00B204E9800998ECF8427E

Dold text

Rapportera Redigera

Citera flera Citera

2013-07-28 00:01

Permalänk

CeciliaB

Medlem

Plats: Stockholm
Registrerad: Nov 2011

●

Skrivet av JohaStin:

Här kommer loggen, det verkar som att omiga och winzipper kommer tillbaka hela tiden. Envisa jäklar. Har inte vågat använda min internetbank ännu. Tur man har det på mobilen med

Annars funkar datorn precis som innan, ser inga tydliga tecken på att den är infekterad men det är ju tydligen ett sånt virus som mest kollar av lösenord och vilka sidor man är inne på.

Tack igen för att du tar dig tid och försöker hjälpa mig

Gå till inlägget

Bara trevligt att kunna hjälpa till lite. Tror inte det är något problem med att använda internetbanken med de två olämpliga programmen.

Jag tror inte att du kan radera mapparna just nu eftersom det finns program (tjänster) i dem som håller på och kör. Tjänsterna måste stoppas och inaktiveras först och det kan ComboFix göra.
Det var meningen att ComboFix skulle göra det men ComboFix har inte förstått innehållet i CFScript.txt.

Se om det går bättre om jag inte stoppar in raderna i en ruta.

Starta Anteckningar.
Kopiera nedanstående rader och klistra in i Anteckningar:

Killall::
ClearJavaCache::
DDS::
R2 omigaplussvc;Omiga plus service;C:\Program Files (x86)\Omiga Plus\omigaplusSvc.exe [2013-7-20 424104]
R2 winzipersvc;WinZiper service;C:\Program Files (x86)\WinZipper\winzipersvc.exe [2013-7-20 424104]
2013-07-24 20:14:39 656048 ----a-w- C:\ProgramData\uninstall879122.exe
2013-07-23 08:15:01 -------- d-----w- C:\Users\Stina\AppData\Roaming\Omiga Plus
2013-07-20 21:37:37 -------- d-----w- C:\Program Files (x86)\Omiga Plus
2013-07-20 21:37:34 -------- d-----w- C:\Users\Stina\AppData\Roaming\WinZipper
2013-07-20 21:37:34 -------- d-----w- C:\Program Files (x86)\WinZipper

Kontrollera att det är 10 rader.
Spara filen på Skrivbordet med kodningen ANSI och med namnet CFScript.

Rapportera Redigera

Citera flera Citera

2013-07-28 12:39

Permalänk

daft6

Medlem

Plats: STHLM
Registrerad: Aug 2010

●

Tack till CeciliaB för hjälpen!

Fick ner skiten via HDvideo fast man vet att man INTE ska installera sådant skit.

Rapportera Redigera

Citera flera Citera

2013-07-28 13:00

Permalänk

CeciliaB

Medlem

Plats: Stockholm
Registrerad: Nov 2011

●

Skrivet av daft6:

Tack till CeciliaB för hjälpen!

Fick ner skiten via HDvideo fast man vet att man INTE ska installera sådant skit.

Gå till inlägget

Bara trevligt att det hjälpte dig också

Se till att avinstallera AdwCleaner inifrån programmet också, för man ska ladda ner på det nytt om man behöver det senare för då kan det ha kommit ut en uppdaterad version.

Rapportera Redigera

Citera flera Citera

1 2 3

Skriv svar

Qvo6.com HJÄLP

Tack för hjälpen!

Enkelt sätt att bli kvitt Qvo6

Externa nyheter

Spelnyheter från FZ