Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus problems, I really need some help


  • This topic is locked This topic is locked
6 replies to this topic

#1 isildur

isildur

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 08 September 2014 - 11:29 AM

I would really appreciate if someone could take a look at my Farbar Recovery Scan Tool log and advice me about what I should do.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Johans (administrator) on JOHANS-DATOR on 08-09-2014 18:08:21
Running from C:\Users\Johans\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Svenska (Sverige)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
() C:\Program Files (x86)\Yula\updateYulasee.exe
(Commtouch, Inc.) C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Commtouch, Inc.) C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic Professional\ioloGovernor64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(BitTorrent Inc.) C:\Users\Johans\AppData\Roaming\uTorrent\uTorrent.exe
(Pay By Ads LTD) C:\Users\Johans\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
(SecMaker AB) C:\Program Files (x86)\Net iD\iid.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\ColorOnly\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
() C:\Program Files (x86)\Yula\bin\utilYulasee.exe
() C:\Program Files (x86)\Yula\bin\Yulasee.BrowserAdapter.exe
() C:\Program Files (x86)\Yula\bin\Yulasee.BrowserAdapter64.exe
() C:\Program Files (x86)\Yula\bin\Yulasee.PurBrowse64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_6.1.7600.16385_none_366f302ab7711738\msconfig.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10806816 2010-04-30] (Realtek Semiconductor)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415752 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2093064 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4195848 2009-08-13] (Logitech Inc.)
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641664 2012-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-02-20] ()
HKU\S-1-5-21-947067501-3106264662-2649473650-1001\...\Run: [uTorrent] => C:\Users\Johans\AppData\Roaming\uTorrent\uTorrent.exe [1329744 2014-07-14] (BitTorrent Inc.)
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll [4302848 2014-06-15] ()
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => c:\ProgramData\Fast And Safe\FastAndSafe.dll [4125696 2014-06-15] ()
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
BootExecute:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type=ds&ts=1402574320&from=wpm0612&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1402574320&from=wpm0612&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type=ds&ts=1402574320&from=wpm0612&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&ts=1393417642&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1402574320&from=wpm0612&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1402574320&from=wpm0612&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&ts=1393417642&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&ts=1393417642&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?type=hp&ts=1402574320&from=wpm0612&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?type=hp&ts=1402574320&from=wpm0612&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&ts=1393417642&type=default&q={searchTerms}
URLSearchHook: HKLM-x32 - uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=sc&from=wpm0226&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&ts=1393417642
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&ts=1393417642&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&ts=1393417642&type=default&q={searchTerms}
SearchScopes: HKLM - {70085145-6882-9449-DDEA-1D8B7833BEA7} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=vtt&from=vtt&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&ts=1376336613
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=400&systemid=406&v=a12349-230&apn_uid=1109416052904317&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&ts=1393417642&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {2DEF1F16-C4D6-5A99-637C-4512C374939B} URL = http://search.qvo6.com/web/?utm_source=b&utm_medium=vtt&from=vtt&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&ts=1376336613
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&ts=1393417642&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=400&systemid=406&v=a12349-230&apn_uid=1109416052904317&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - DefaultScope {3D0FC3DD-8F17-44A6-BA61-88355F43E88B} URL = http://rts.dsrlte.com/?q={searchTerms}&r=810
SearchScopes: HKCU - {05B347CA-F7F6-450D-89E4-4D750320B780} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10849
SearchScopes: HKCU - {06CEB25E-7A75-4FB3-A76F-0EBB809CB50B} URL = http://search.findwide.com/serp?guid={DEA447F7-2C3F-4460-9F6F-DD7018D25F09}&action=default_search&serpv=22&k={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?type=ds&ts=1402574320&from=wpm0612&uid=INTELXSSDSA2M080G2GC_CVPO011600XN080BGN&q={searchTerms}
SearchScopes: HKCU - {3D0FC3DD-8F17-44A6-BA61-88355F43E88B} URL = http://rts.dsrlte.com/?q={searchTerms}&r=810
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=400&systemid=406&v=a12349-230&apn_uid=1109416052904317&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
BHO: HDvid Codec V1 -> {11111111-1111-1111-1111-110311431162} -> C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bho64.dll (installdaddy)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Octh Class -> {000123B4-9B42-4900-B3F7-F4B073EFC214} -> D:\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
BHO-x32: HDvid Codec V1 -> {11111111-1111-1111-1111-110311431162} -> C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bho.dll (installdaddy)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Winsock: Catalog9 01 C:\Windows\SysWOW64\iavlsp.dll [118784] (iolo technologies, LLC)
Winsock: Catalog9 02 C:\Windows\SysWOW64\iavlsp.dll [118784] (iolo technologies, LLC)
Winsock: Catalog9 13 C:\Windows\SysWOW64\iavlsp.dll [118784] (iolo technologies, LLC)
Winsock: Catalog9-x64 01 C:\Windows\system32\iavlsp64.dll [160256] ()
Winsock: Catalog9-x64 02 C:\Windows\system32\iavlsp64.dll [160256] ()
Winsock: Catalog9-x64 13 C:\Windows\system32\iavlsp64.dll [160256] ()
Tcpip\Parameters: [DhcpNameServer] 195.54.122.198 195.54.122.199

FireFox:
========
FF ProfilePath: C:\Users\Johans\AppData\Roaming\Mozilla\Firefox\Profiles\kg4evl5r.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: Yahoo! Search
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: hxxp://rts.dsrlte.com
FF Keyword.URL: hxxp://rts.dsrlte.com/?q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @se.nexus/Personal -> C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Johans\AppData\Roaming\Mozilla\Firefox\Profiles\kg4evl5r.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npiidplg.dll (SecMaker AB)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Users\Johans\AppData\Roaming\Mozilla\Firefox\Profiles\kg4evl5r.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\Johans\AppData\Roaming\Mozilla\Firefox\Profiles\kg4evl5r.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml
FF Extension: Fast Start - C:\Users\Johans\AppData\Roaming\Mozilla\Firefox\Profiles\kg4evl5r.default\Extensions\faststartff@gmail.com [2014-07-13]
FF Extension: shortcut - C:\Users\Johans\AppData\Roaming\Mozilla\Firefox\Profiles\kg4evl5r.default\Extensions\shortcutff@gmail.com [2014-07-29]
FF Extension: Ask New Tabs - C:\Users\Johans\AppData\Roaming\Mozilla\Firefox\Profiles\kg4evl5r.default\Extensions\{AB53B28D-74A9-BCCD-53E1-DB0B176847CC} [2014-05-03]
FF Extension: Yula - C:\Users\Johans\AppData\Roaming\Mozilla\Firefox\Profiles\kg4evl5r.default\Extensions\{4bbc3b2f-4023-460e-8404-cfddb6e4477d}.xpi [2014-05-05]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-23]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Johans\AppData\Roaming\Mozilla\Firefox\Profiles\kg4evl5r.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Johans\AppData\Roaming\Mozilla\Firefox\Profiles\kg4evl5r.default\extensions\shortcutff@gmail.com

Chrome:
=======
CHR Profile: C:\Users\Johans\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Johans\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc [2012-05-04]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Johans\AppData\Local\mysearchdial-speeddial.crx [2013-11-05]
CHR HKLM-x32\...\Chrome\Extension: [dnllcmllkjofnojidnaknldfehfhehoo] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx [2013-06-30]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - \User Data\Default\Extensions\newtab.crx [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Johans\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-04-17]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Johans\AppData\Local\mysearchdial-speeddial.crx [2013-11-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asset Management Daemon; C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe [118784 2009-06-26] () [File not signed]
S4 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [69632 2009-06-26] () [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [761968 2014-06-12] (Cherished Technololgy LIMITED)
S2 ioloFileInfoList; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4492776 2014-04-30] (iolo technologies, LLC)
S2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [4492776 2014-04-30] (iolo technologies, LLC)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
R2 Update Yula; C:\Program Files (x86)\Yula\updateYulasee.exe [323352 2014-09-08] ()
R2 Util Yula; C:\Program Files (x86)\Yula\bin\utilYulasee.exe [323352 2014-09-08] ()
R2 vseamps; C:\Program Files\Common Files\Authentium\AntiVirus5\vseamps.exe [121696 2012-08-24] (Commtouch, Inc.)
R2 vsedsps; C:\Program Files\Common Files\Authentium\AntiVirus5\vsedsps.exe [119136 2012-08-24] (Commtouch, Inc.)
S3 vseqrts; C:\Program Files\Common Files\Authentium\AntiVirus5\vseqrts.exe [181600 2012-08-24] (Commtouch, Inc.)
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425104 2014-02-26] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [540304 2014-06-11] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMP; C:\Windows\system32\Drivers\amp.sys [173408 2012-08-24] (Commtouch, Inc.)
S2 AMPSE; C:\Windows\system32\Drivers\ampse.sys [1504608 2012-08-24] (Commtouch, Inc.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [31432 2012-04-17] (EldoS Corporation)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg [36216 2014-04-13] (Bandoo Media Inc)
S1 FileDisk; C:\Windows\SysWow64\Drivers\FileDisk.sys [9341 2006-07-24] (iolo technologies, LLC (based on original work by Bo Brantén)) [File not signed]
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20520 2009-05-27] (Portrait Displays, Inc.)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [62656 2003-09-06] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) [File not signed]
R3 rzjoystk; C:\Windows\System32\DRIVERS\rzjoystk.sys [19968 2011-03-24] (Razer USA Ltd)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [157184 2011-07-14] (Razer USA Ltd)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-09-06] (Protection Technology) [File not signed]
R1 {4bbc3b2f-4023-460e-8404-cfddb6e4477d}w64; C:\Windows\System32\drivers\{4bbc3b2f-4023-460e-8404-cfddb6e4477d}w64.sys [61104 2014-04-24] (StdLib)
R1 {4df60d2c-927b-478c-83f0-b7dc923bae60}w64; C:\Windows\System32\drivers\{4df60d2c-927b-478c-83f0-b7dc923bae60}w64.sys [61104 2014-07-03] (StdLib)
S3 ALSysIO; \??\C:\Users\Johans\AppData\Local\Temp\ALSysIO64.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 18:08 - 2014-09-08 18:08 - 00027257 _____ () C:\Users\Johans\Downloads\FRST.txt
2014-09-08 18:08 - 2014-09-08 18:08 - 00000000 ____D () C:\FRST
2014-09-08 18:06 - 2014-09-08 18:06 - 02105344 _____ (Farbar) C:\Users\Johans\Downloads\FRST64.exe
2014-09-08 17:39 - 2014-09-08 17:39 - 00936692 _____ (Igor Pavlov) C:\Users\Johans\Downloads\motherboard_bios_ga-p55m-ud4_f11.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 18:08 - 2014-09-08 18:08 - 00027257 _____ () C:\Users\Johans\Downloads\FRST.txt
2014-09-08 18:08 - 2014-09-08 18:08 - 00000000 ____D () C:\FRST
2014-09-08 18:08 - 2014-04-08 20:16 - 00000000 ____D () C:\Users\Johans\AppData\Roaming\uTorrent
2014-09-08 18:06 - 2014-09-08 18:06 - 02105344 _____ (Farbar) C:\Users\Johans\Downloads\FRST64.exe
2014-09-08 17:40 - 2009-07-14 06:45 - 00014832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 17:40 - 2009-07-14 06:45 - 00014832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 17:39 - 2014-09-08 17:39 - 00936692 _____ (Igor Pavlov) C:\Users\Johans\Downloads\motherboard_bios_ga-p55m-ud4_f11.exe
2014-09-08 17:35 - 2009-07-14 09:43 - 00634182 _____ () C:\Windows\system32\perfh01D.dat
2014-09-08 17:35 - 2009-07-14 09:43 - 00128434 _____ () C:\Windows\system32\perfc01D.dat
2014-09-08 17:35 - 2009-07-14 07:13 - 01493200 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-08 17:33 - 2010-05-28 17:35 - 01960037 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 17:32 - 2013-11-02 18:32 - 00001316 _____ () C:\Windows\Tasks\HDvid Codec V1-updater.job
2014-09-08 17:32 - 2013-11-02 18:32 - 00001208 _____ () C:\Windows\Tasks\HDvid Codec V1-codedownloader.job
2014-09-08 17:32 - 2013-11-02 18:32 - 00001118 _____ () C:\Windows\Tasks\HDvid Codec V1-enabler.job
2014-09-08 17:32 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-09-08 17:29 - 2014-02-14 02:06 - 00003350 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-947067501-3106264662-2649473650-1001
2014-09-08 17:29 - 2014-02-14 02:06 - 00003218 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-947067501-3106264662-2649473650-1001
2014-09-08 17:29 - 2010-05-28 18:13 - 00100514 _____ () C:\Windows\SysWOW64\DTSSL.log
2014-09-08 17:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-08 17:29 - 2009-07-14 06:51 - 00063247 _____ () C:\Windows\setupact.log
2014-09-08 17:09 - 2012-06-14 14:33 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-08 16:20 - 2013-11-05 20:20 - 00000296 _____ () C:\Windows\Tasks\MySearchDial.job
2014-09-07 21:10 - 2013-02-24 17:24 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-07 21:08 - 2014-04-08 20:21 - 00000000 ____D () C:\Users\Johans\AppData\Roaming\vlc
2014-09-07 17:22 - 2013-08-22 17:50 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-09-07 17:19 - 2014-07-23 21:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-07 17:19 - 2012-04-26 13:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-07 17:19 - 2010-05-28 18:12 - 00399482 _____ () C:\Windows\PFRO.log
2014-09-07 16:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-02 22:40 - 2013-11-02 23:29 - 00003372 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-947067501-3106264662-2649473650-1001
2014-09-02 22:40 - 2013-11-02 23:29 - 00003240 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-947067501-3106264662-2649473650-1001
2014-08-31 23:39 - 2012-12-20 18:44 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-08-25 22:40 - 2013-11-22 01:58 - 00001073 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-25 22:40 - 2012-06-05 14:43 - 00000027 _____ () C:\Program Files\plugins.dat

Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad


Some content of TEMP:
====================
C:\Users\Johans\AppData\Local\Temp\nsbDF57.exe
C:\Users\Johans\AppData\Local\Temp\nsbEB8A.exe
C:\Users\Johans\AppData\Local\Temp\nshE2D2.exe
C:\Users\Johans\AppData\Local\Temp\nsrE755.exe
C:\Users\Johans\AppData\Local\Temp\uttBBCF.tmp.exe
C:\Users\Johans\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-07 17:37

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by Johans at 2014-09-08 18:08:55
Running from C:\Users\Johans\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: System Shield (Disabled - Out of date) {3030810C-E2AC-B12D-8BB1-B1B8C0193798}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: System Shield (Disabled - Out of date) {8B5160E8-C496-BEA3-B101-8ACABB9E7D25}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30768 - BitTorrent Inc.)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.923.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5831C6D6-309D-DBB5-14F7-FEE57086CEE7}) (Version: 8.0.873.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.70405.2224 - Advanced Micro Devices, Inc.) Hidden
ATI Catalyst Registration (x32 Version: 3.00.0000 - ATI Technologies Inc.) Hidden
AVSDK5 (Version: 5.3.20 - Commtouch, Inc.) Hidden
BankID säkerhetsprogram (HKLM-x32\...\{A4765F2F-11BE-4D1B-A85F-86878673CF0F}) (Version: 4.20.1 - Technology Nexus)
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0405.2205.37728 - Ditt företagsnamn) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Core Temp 1.0 RC3 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version:  - Larian Studios)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
eMule (HKLM-x32\...\eMule) (Version:  - )
Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version:  - GTgroup) <==== ATTENTION
Free Ultra Video Editor 1.1.0.2 (HKLM-x32\...\Free Ultra Video Editor_is1) (Version:  - MediaTools.ws)
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.63.10.WIN.FullTilt.COM - )
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 4.63.10.WIN.FullTilt.EU - )
HDvid Codec V1 (HKLM-x32\...\HDvid Codec V1) (Version: 1.29.153.3 - installdaddy) <==== ATTENTION
HDVidCodec (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - hdvidcodec.com) <==== ATTENTION
HP Display Assistant (HKLM-x32\...\{17B371B7-740F-4C83-BDFE-0C3A2C585103}) (Version: 1.60.008 - Portrait Displays, Inc.)
iolo technologies' System Mechanic Professional (HKLM-x32\...\{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1) (Version: 12.7.1 - iolo technologies, LLC)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
Logitech GamePanel Software 3.03.133 (HKLM\...\{6CC95B76-D380-46B2-9022-9353938E48BA}) (Version: 3.03.133 - Logitech Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile Language Pack - SVE (HKLM\...\Microsoft .NET Framework 4 Client Profile SVE Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile SVE Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movies Toolbar for Firefox (Dist. by Bandoo Media, Inc.) (HKLM-x32\...\ilividmoviestoolbar181FF) (Version: 1.8.1.0 - IAC Search and Media) <==== ATTENTION
Mozilla Firefox 32.0 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 sv-SE)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mumble 1.2.3 (HKLM-x32\...\{1C9F128C-F465-488E-AC97-B42DCF90C9C1}) (Version: 1.2.3 - Thorvald Natvig)
Net iD 5.3 (32-bit Edition) (HKLM-x32\...\iid) (Version: 5.3.0.28 - SecMaker AB)
NVIDIA PhysX (HKLM-x32\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
Orbit Downloader (HKLM-x32\...\Orbit_is1) (Version:  - www.orbitdownloader.com)
PingPlotter Standard 3.40.2s (HKLM-x32\...\{D8A50F0B-791E-43E6-8F22-AEC2D3FBEB84}) (Version: 3.40.2.5 - Nessoft, LLC)
Pivot Software (x32 Version: 9.03.004 - Portrait Displays, Inc.) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Pokki (HKCU\...\Pokki) (Version: 0.267.1.208 - Pokki)
Razer Naga (HKLM-x32\...\{9F64A0D3-B0D2-4EE1-9A9D-452BD4459D09}) (Version: 2.03.05 - Razer USA Ltd.)
Razer Nostromo (HKLM-x32\...\{0214578F-4888-43FB-9E34-C14FCFDEDDEB}) (Version: 2.02.08 - Razer USA Ltd.)
Razer Nostromo Firmware Updater (HKLM-x32\...\{49C5BD36-F5B9-4E6A-9DC1-04818B9D55E3}) (Version: 1.02.03 - Razer USA Ltd.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6101 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Sandboxie 4.04 (64-bit) (HKLM\...\Sandboxie) (Version: 4.04 - Sandboxie Holdings, LLC)
SDK (x32 Version: 2.15.005 - Portrait Displays, Inc.) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Kingdoms (HKLM-x32\...\{D1D632A2-E249-466D-A094-B1B934D37645}_is1) (Version: 1.17 - Firefly Studios)
Stronghold Kingdoms (HKLM-x32\...\Steam App 47410) (Version:  - FireFly Studios)
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
Svenska Spels Poker (HKLM-x32\...\Svenska Spels Poker ) (Version:  - Boss Media AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Mechanic 11 Professional (x32 Version: 12.7.1 - ) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Lord of the Rings FREE Trial  (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Time of Fury (HKLM-x32\...\Time of Fury1.00) (Version: 1.00 - Slitherine)
Troy (HKLM-x32\...\{3A8CBDFD-C6BD-4F40-BF87-08CB7755DE45}) (Version: 1.00.0000 - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
uTorrentControl2 Toolbar (HKLM-x32\...\uTorrentControl2 Toolbar) (Version: 6.8.9.0 - uTorrentControl2) <==== ATTENTION
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.5 - Flagship Industries, Inc.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WW2 Time of Wrath (HKLM-x32\...\WW2 Time of Wrath1.00) (Version: 1.00 - Matrix Games)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yahoo! Search (HKCU\...\Yahoo! Search) (Version:  - Pay-By-Ads) <==== ATTENTION
Yula (HKLM\...\Yula) (Version: 2014.05.05.130739 - Yula)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

07-09-2014 15:43:58 Schemalagd kontrollpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0819AFDD-CE65-40A0-8B3E-3C8E6233DD7E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-947067501-3106264662-2649473650-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {13228A92-D6FA-4D24-AE42-203D94DE97EE} - System32\Tasks\HDvid Codec V1-updater => C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-updater.exe [2013-11-02] (installdaddy) <==== ATTENTION
Task: {13F97227-1F77-4122-9A35-3A3FECA04313} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-947067501-3106264662-2649473650-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {23991602-8C6C-44EF-AAB3-B902F6F2B11E} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-947067501-3106264662-2649473650-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {2A4E8732-E9DB-4F2B-A760-DE5C681685D4} - System32\Tasks\{F886BD7D-1C60-4DE0-964B-6A32069D1216} => C:\Program Files (x86)\Slitherine\Troy\Troy.exe
Task: {45A2B5DD-3E72-4F98-9164-4C320208B677} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-947067501-3106264662-2649473650-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {47C585E5-BD8A-42F0-B94C-1C20EDBC6913} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-947067501-3106264662-2649473650-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {47D58743-09D9-43FE-AEB9-BABC869E6474} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-947067501-3106264662-2649473650-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {60562232-7B9A-4007-8618-8C7438B74058} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
Task: {6952E967-5FED-42C1-AF6F-8AD72C90E175} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {6AE6E0A9-0850-4ADE-8A1D-AFDEF653FDD0} - System32\Tasks\MySearchDial => C:\Users\Johans\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {8FFDFD60-8F10-40B4-B1C0-DCFF658DFD0B} - System32\Tasks\{1A9CF91C-2C5E-40F6-867A-2C0E4AAB23B6} => C:\Masters of Orion 2\DVD-RW-enhet\ARUN.EXE
Task: {9C17C267-B58F-4AEE-80E0-143EA85FC3B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {9E5DFD62-B055-4497-8CAA-3428CE451F51} - System32\Tasks\{15B20A94-1E86-429E-AEA3-BB4A204A3524} => C:\Masters of Orion 2\DVD-RW-enhet\ARUN.EXE
Task: {9F5FCE07-D556-4629-AAA1-4DEB89BF805A} - System32\Tasks\HDvid Codec V1-codedownloader => C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-codedownloader.exe [2013-11-02] (installdaddy) <==== ATTENTION
Task: {B7A10448-CE59-4C94-98D9-0F9C558630B6} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic Professional\iologovernor64.exe [2014-04-30] (iolo technologies, LLC)
Task: {B8747256-6312-4922-8577-374C3F42449D} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {BE708897-A839-4409-B4B2-70ADCDB49143} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-947067501-3106264662-2649473650-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {C1DD3B2A-CB48-4E78-8820-3CE2E536A65D} - System32\Tasks\{78BF1C70-12FF-48B5-AFC6-CB4CA53B2B9A} => C:\Program Files (x86)\Dreamcatcher\Pax Romana\PaxRomana.exe
Task: {C9178F07-9DE9-447E-BFA0-3DE594867170} - System32\Tasks\{A7EECD15-B904-4627-8889-5BA340EC5256} => C:\Masters of Orion 2\DVD-RW-enhet\ARUN.EXE
Task: {D0779142-0CFA-4C43-9E49-8394F8A44FB1} - System32\Tasks\{A2B825BD-5EC8-4A70-B7D3-B5972FED3624} => E:\TEN\SETUP.EXE
Task: {D20ED3CF-C2CE-4A1C-B5E8-A27389A10E48} - System32\Tasks\Yahoo! Search => C:\Users\Johans\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe [2014-07-06] (Pay By Ads LTD)
Task: {E0D58903-9453-4847-9C34-15CE534D7708} - System32\Tasks\{E46D958F-262C-4552-9989-B8CB2290F305} => C:\Masters of Orion 2\DVD-RW-enhet\ARUN.EXE
Task: {F035E5E6-BD27-489A-A44D-1D7446DD904F} - System32\Tasks\HDvid Codec V1-enabler => C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-enabler.exe [2013-11-02] (installdaddy) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HDvid Codec V1-codedownloader.job => C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\HDvid Codec V1-enabler.job => C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\HDvid Codec V1-updater.job => C:\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\Johans\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-01-17 22:49 - 2014-04-13 10:24 - 00665088 _____ () C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll
2010-05-28 17:52 - 2009-11-19 20:25 - 00160256 _____ () C:\Windows\system32\iavlsp64.dll
2010-05-28 18:01 - 2009-06-26 12:20 - 00118784 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtsslsrv.exe
2014-05-05 15:07 - 2014-09-08 05:23 - 00323352 _____ () C:\Program Files (x86)\Yula\updateYulasee.exe
2012-04-05 22:00 - 2012-04-05 22:00 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-05-05 18:26 - 2014-09-08 17:32 - 00323352 _____ () C:\Program Files (x86)\Yula\bin\utilYulasee.exe
2014-06-15 19:04 - 2014-09-07 22:43 - 00098584 _____ () C:\Program Files (x86)\Yula\bin\Yulasee.BrowserAdapter.exe
2014-09-07 17:20 - 2014-09-07 22:43 - 00114968 _____ () C:\Program Files (x86)\Yula\bin\Yulasee.BrowserAdapter64.exe
2014-06-11 03:41 - 2014-09-07 13:43 - 00287000 _____ () C:\Program Files (x86)\Yula\bin\Yulasee.PurBrowse64.exe
2013-08-22 17:50 - 2014-02-26 14:27 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2014-01-17 22:49 - 2014-04-13 10:24 - 00490496 _____ () C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll
2010-05-28 18:00 - 2004-11-17 16:49 - 04603904 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\qt-mt332.dll
2010-05-28 18:01 - 2004-05-11 15:51 - 00155648 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\SSLEAY32.dll
2010-05-28 18:01 - 2004-05-11 15:51 - 00798720 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\LIBEAY32.dll
2014-07-06 13:02 - 2014-07-06 13:02 - 00573100 _____ () C:\Users\Johans\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\sqlite.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2014-01-17 22:49 - 2014-04-13 10:24 - 00020480 _____ () C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll
2014-07-23 21:01 - 2014-09-07 17:15 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-28 23:43 - 2014-09-07 22:43 - 00195352 _____ () C:\Program Files (x86)\Yula\bin\4df60d2c927b478c83f0.dll
2014-09-08 17:29 - 2014-09-04 15:43 - 00240128 _____ () C:\Program Files (x86)\Yula\bin\YulaseeDsp.dll
2014-07-09 16:09 - 2014-07-09 16:09 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AMP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AMPSE => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventSystem => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseamps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vsedsps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseqrts => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AMP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AMPSE => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventSystem => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vseamps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsedsps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vseqrts => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Net iD => "C:\Program Files (x86)\Net iD\iid.exe"
MSCONFIG\startupreg: Pokki => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
MSCONFIG\startupreg: Yahoo! Search => C:\Users\Johans\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe

==================== Faulty Device Manager Devices =============

Name: Active Malware Protection Support Driver
Description: Active Malware Protection Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AMPSE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2014 06:09:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: msconfig.exe, version 6.1.7600.16385, tidsstämpel 0x4a5bc3eb
, felet uppstod i modulen med namn: msvcrt.dll, version 7.0.7601.17744, tidsstämpel 0x4eeb033f
Undantagskod: 0x40000015
Felförskjutning: 0x000000000002a84e
Process-ID: 0x834
Programmets starttid: 0xmsconfig.exe0
Sökväg till program: msconfig.exe1
Sökväg till modul: msconfig.exe2
Rapport-ID: msconfig.exe3

Error: (09/08/2014 06:09:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: msconfig.exe, version 6.1.7600.16385, tidsstämpel 0x4a5bc3eb
, felet uppstod i modulen med namn: msvcrt.dll, version 7.0.7601.17744, tidsstämpel 0x4eeb033f
Undantagskod: 0x40000015
Felförskjutning: 0x000000000002a84e
Process-ID: 0x64c
Programmets starttid: 0xmsconfig.exe0
Sökväg till program: msconfig.exe1
Sökväg till modul: msconfig.exe2
Rapport-ID: msconfig.exe3

Error: (09/08/2014 06:07:54 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att läsa in registerfilen för klasser.
 INFORMATION - Det går inte att hitta filen.

Error: (09/08/2014 06:07:54 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att läsa in registerfilen för klasser.
 INFORMATION - Det går inte att hitta filen.

Error: (09/08/2014 06:07:34 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att läsa in registerfilen för klasser.
 INFORMATION - Det går inte att hitta filen.

Error: (09/08/2014 06:07:34 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att läsa in registerfilen för klasser.
 INFORMATION - Det går inte att hitta filen.

Error: (09/08/2014 05:56:08 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att läsa in registerfilen för klasser.
 INFORMATION - Det går inte att hitta filen.

Error: (09/08/2014 05:56:08 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att läsa in registerfilen för klasser.
 INFORMATION - Det går inte att hitta filen.

Error: (09/08/2014 05:52:00 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att läsa in registerfilen för klasser.
 INFORMATION - Det går inte att hitta filen.

Error: (09/08/2014 05:52:00 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att läsa in registerfilen för klasser.
 INFORMATION - Det går inte att hitta filen.


System errors:
=============
Error: (09/08/2014 05:30:16 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {71A1D2C4-D49F-426C-8352-C74A9BD1FF15}

Error: (09/08/2014 05:29:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjänsten iolo System Service avslutades oväntat. Detta har skett 1 gånger.

Error: (09/08/2014 05:29:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start:
FileDisk
prodrv06
prohlp02
prosync1
sfhlp01

Error: (09/08/2014 05:29:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten iolo FileInfoList Service kunde inte startas på grund av följande fel:
%%1083

Error: (09/08/2014 05:29:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten Active Malware Protection Support Driver kunde inte startas på grund av följande fel:
%%2

Error: (09/08/2014 05:29:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\FileDisk.SYS har hindrats från att läsas in eftersom den är inkompatibel med den här datorn. Kontakta enhetens tillverkare och fråga om en kompatibel version av drivrutinen.

Error: (09/08/2014 05:29:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\drivers\prodrv06.sys har hindrats från att läsas in eftersom den är inkompatibel med den här datorn. Kontakta enhetens tillverkare och fråga om en kompatibel version av drivrutinen.

Error: (09/07/2014 05:20:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {71A1D2C4-D49F-426C-8352-C74A9BD1FF15}

Error: (09/07/2014 05:19:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjänsten iolo System Service avslutades oväntat. Detta har skett 1 gånger.

Error: (09/07/2014 05:19:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start:
FileDisk
prodrv06
prohlp02
prosync1
sfhlp01


Microsoft Office Sessions:
=========================
Error: (09/08/2014 06:09:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: msconfig.exe6.1.7600.163854a5bc3ebmsvcrt.dll7.0.7601.177444eeb033f40000015000000000002a84e83401cfcb7f3bae21bbC:\Windows\winsxs\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_6.1.7600.16385_none_366f302ab7711738\msconfig.exeC:\Windows\system32\msvcrt.dll7a70c437-3772-11e4-aed2-00241dd3a1fb

Error: (09/08/2014 06:09:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: msconfig.exe6.1.7600.163854a5bc3ebmsvcrt.dll7.0.7601.177444eeb033f40000015000000000002a84e64c01cfcb7f0038776aC:\Windows\winsxs\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_6.1.7600.16385_none_366f302ab7711738\msconfig.exeC:\Windows\system32\msvcrt.dll719de0f4-3772-11e4-aed2-00241dd3a1fb

Error: (09/08/2014 06:07:54 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att hitta filen.

Error: (09/08/2014 06:07:54 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att hitta filen.

Error: (09/08/2014 06:07:34 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att hitta filen.

Error: (09/08/2014 06:07:34 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att hitta filen.

Error: (09/08/2014 05:56:08 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att hitta filen.

Error: (09/08/2014 05:56:08 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att hitta filen.

Error: (09/08/2014 05:52:00 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att hitta filen.

Error: (09/08/2014 05:52:00 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT instans)
Description: Det går inte att hitta filen.


CodeIntegrity Errors:
===================================
  Date: 2014-07-23 23:36:48.741
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-07-23 23:36:35.033
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-29 16:47:05.931
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-24 15:54:38.900
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-24 15:54:27.883
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-08 18:53:21.101
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-08 18:53:14.673
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-08 18:22:56.173
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-08 18:13:51.493
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-01-08 01:10:29.560
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Common Files\ATI Technologies\Multimedia\AMDMFTDecoder_64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 77%
Total physical RAM: 4091.48 MB
Available physical RAM: 901.62 MB
Total Pagefile: 8181.15 MB
Available Pagefile: 5050.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (Enhet C) (Fixed) (Total:74.53 GB) (Free:4.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:931.51 GB) (Free:4.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 6C4411CF)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F2EFEC79)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================



BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:49 AM

Posted 13 September 2014 - 09:26 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

How to Manually Remove Programs from the Add/Remove Programs List (Windows 7)
http://windows.microsoft.com/en-ca/windows/uninstall-change-program#uninstall-change-program=windows-7

Remove the following programs.

Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version: - ) <==== ATTENTION
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATTENTION
Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version: - GTgroup) <==== ATTENTION
HDvid Codec V1 (HKLM-x32\...\HDvid Codec V1) (Version: 1.29.153.3 - installdaddy) <==== ATTENTION
HDVidCodec (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - hdvidcodec.com) <==== ATTENTION
Movies Toolbar for Firefox (Dist. by Bandoo Media, Inc.) (HKLM-x32\...\ilividmoviestoolbar181FF) (Version: 1.8.1.0 - IAC Search and Media) <==== ATTENTION
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
uTorrentControl2 Toolbar (HKLM-x32\...\uTorrentControl2 Toolbar) (Version: 6.8.9.0 - uTorrentControl2) <==== ATTENTION
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
Yahoo! Search (HKCU\...\Yahoo! Search) (Version: - Pay-By-Ads) <==== ATTENTION


Restart the computer normally to reset the registry.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Please run the Farbar Recovery Scan tool one more time and post a fresh FRST log for my review.

===

How is the computer running?
Wait for further instructions.

#3 isildur

isildur
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 15 September 2014 - 01:12 PM

Hello, thank you for helping me out with this!

 

I cannot remove:

Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version: - GTgroup) <==== ATTENTION

 

When I try to it I get a popup (in swedish I'll try to translate as well as I can)

 

At the top (on the frame of the popup window it says):

RunDLL

 

Then inside the box there's the big bad X with the red background and text that says:

There was a problem starting

C:PROGRA~3\FASTAN~1\FASTAN~1.DLL

 

And at the bottom it says:

Faulty memory access (or something like that).

 

---------------------------------------------

 

I get similar popups pretty much every time I try to run any program but then at the top of the frame the message always starts with:

program name.exe  - Bad Image



#4 isildur

isildur
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:49 AM

Posted 15 September 2014 - 01:27 PM

Before we move forward with this I am considering to just clear my SSD and reinstall windows. I have a Windows 7 Home Premium 64-bit Svensk OEM license. Maybe this is a better option for me?



#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:49 AM

Posted 16 September 2014 - 07:38 AM

Remove all you can with the Add/Remove programs.

Run the AdwCleaner tool and will take it from there.

If we have difficulties in removing everything you may then consider the re-install option.

#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:49 AM

Posted 21 September 2014 - 06:36 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,242 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:49 AM

Posted 27 September 2014 - 08:54 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users