Jump to content

Koofy

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Nice Tnx for help. I do a donate to u. I dont know how muts to pay for this service. Let me know if the amout is to small pls
  2. Thanks again And thanks for helping me with the scann resluts. Here is the scann results: FRST Scann: ___________________________ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015 Ran by sidselwerner at 2015-04-01 21:11:02 Running from C:\@service fjernstyrtpchjelp Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: McAfee Anti-Virus og Anti-Spyware (Enabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Anti-Virus og Anti-Spyware (Enabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall (Enabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House) AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.11.22 - STMicroelectronics) Adlibris (HKLM-x32\...\Adlibris) (Version: 5.0.6 - CEWE COLOR AG u Co. OHG) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Apple-programvaresupport (32-bits) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) Apple-programvaresupport (64-bits) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.) Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.14.0 - Ask.com) <==== ATTENTION Ask Toolbar Updater (HKU\S-1-5-21-1040864562-2501411741-2343481827-1001\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.3.29495 - Ask.com) <==== ATTENTION Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.7.0.4 - Canon Inc.) Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.) Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.3.2.15 - Canon Inc.) Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.1.0.18 - Canon Inc.) Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.2.0.34 - Canon Inc.) Canon Utilities CameraWindow (HKLM-x32\...\CameraWindowLauncher) (Version: 7.3.0.4 - Canon Inc.) Canon Utilities CameraWindow DC (HKLM-x32\...\CameraWindowDC) (Version: 7.4.1.10 - Canon Inc.) Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.0.0.19 - Canon Inc.) Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.3.0.5 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.4.0.7 - Canon Inc.) Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.2.2.11 - Canon Inc.) Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix) CyberLink PowerDVD 9.6 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.6.1.4827 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.) Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell Musikkscene (HKLM-x32\...\{D8875B79-CF2C-4298-B67A-A3320E3AEC87}) (Version: 1.6.225.0 - Fingertapping) Dell P513w (HKLM\...\Dell P513w) (Version: - Dell, Inc.) Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft) Dell Stage (HKLM-x32\...\{DD8DA2D5-6328-48B6-B669-32304E316D4A}) (Version: 1.7.209.0 - Fingertapping) Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell) Dell Verktøylinje (HKLM-x32\...\{09B71986-2AC5-482d-B6CB-42EA34F4F85B}) (Version: 1.8.12.0 - ) Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.) Dell VideoStage (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd) DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden ImageMixer 3 SE Ver.6 Transfer Utility (HKLM-x32\...\{3A2AD071-AABD-4712-A43E-11D06BAA661D}) (Version: 6.00.018 - PIXELA) ImageMixer 3 SE Ver.6 Video Tools (HKLM-x32\...\{62CA119E-C5A7-42FC-85E8-4B55AA9E4072}) (Version: 6.00.020 - PIXELA) Intel PROSet Wireless (x32 Version: - ) Hidden Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2455 - Intel Corporation) Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{2ABA2E8D-23CF-418F-BC8F-2EC99FA51A3F}) (Version: 1.2.1.0608 - Intel Corporation) Intel® PROSet/Wireless WiFi-programvare (HKLM\...\{D61E4101-9E15-4D0E-ABD1-1ABD36B43330}) (Version: 14.03.0000 - Intel Corporation) Intel® WiDi (HKLM-x32\...\{0DD706AF-B542-438C-999E-B30C7F625C8D}) (Version: 2.1.39.0 - Intel Corporation) Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® Turbo Boost-teknologi monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel) iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware versjon 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation) McAfee Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1492 - McAfee, Inc.) McAfee Online Backup (Version: 1.16.4.0 - McAfee, Inc.) Hidden McAfee Online Backup (x32 Version: - McAfee, Inc.) Hidden McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.194 - McAfee, Inc.) McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.6.0.202 - McAfee, Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Min CEWE FOTOVERDEN (HKLM-x32\...\Min CEWE FOTOVERDEN) (Version: 5.0.6 - CEWE COLOR AG u Co. OHG) Mozilla Firefox 35.0 (x86 nb-NO) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 nb-NO)) (Version: 35.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA 3D Vision-driver 285.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 285.77 - NVIDIA Corporation) NVIDIA Grafikkdriver 285.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.77 - NVIDIA Corporation) PhotoShowExpress (x32 Version: 2.0.063 - ##COMPANY_NAME##) Hidden Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.22 - Dell Inc.) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6449 - Realtek Semiconductor Corp.) Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio) Roxio File Backup (Version: 1.3.2 - Roxio) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden Språkpakke for Microsoft Visual Studio 2010 Tools for Office Runtime (x64) – NOR (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NOR) (Version: 10.0.50903 - Microsoft Corporation) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.22.0 - Synaptics Incorporated) SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16500 - Nero AG) SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden TeamViewer 7 Host (HKLM-x32\...\TeamViewer 7 Host) (Version: 7.0.12541 - TeamViewer) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation) Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC) Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= ATTENTION: System Restore is disabled. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-03-31 07:32 - 00450771 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {13B530F0-5CDD-4E8E-9A79-F967E9E44E47} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION Task: {1DA51D2F-2D0D-48C2-ABE8-63DDF17E06E7} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6b64b6f8a099 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-15] (Google Inc.) Task: {2801DB47-5817-4271-8FA6-E6FAAEFBAE1F} - System32\Tasks\GoogleUpdateTaskMachineUA1cfff656239ddd9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-15] (Google Inc.) Task: {38882D5F-A2B7-45EF-AF4E-06695E9C4E5F} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-03-31] (Enigma Software Group USA, LLC.) Task: {392C6D1D-BC48-4BD6-A16A-1DE9F71AEAF0} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-02-03] (PC-Doctor, Inc.) Task: {3E274368-6903-42A1-A5EF-143005748686} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {436A12BA-1C8E-4759-90E4-5AC5EC2124DB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated) Task: {43E2590A-9230-4F5D-A33F-F7811CDE5F59} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {5F4DC68C-EECB-46EB-B0AE-505D06092791} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {661062F2-32D0-43BF-A3CF-60CC352AF339} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-15] (Google Inc.) Task: {6E40BB63-3088-4161-A191-F036DBFDD04C} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.) Task: {706AF888-9973-437D-8C28-429D7A13E38A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {81BFE277-0DCE-4987-89E5-97824BC2C529} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-02-03] (PC-Doctor, Inc.) Task: {911C145B-93F4-414B-88C7-17ECF95030BD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {C28B38AA-6663-4A4E-9988-953AFD348C03} - System32\Tasks\GoogleUpdateTaskMachineUA1d040c3a838c157 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-15] (Google Inc.) Task: {CAF170D0-C57A-470A-AD97-7947043AD84F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {D53F391D-3206-48A2-A9ED-A2F10EC0CA86} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6b64b6f8a099.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfff656239ddd9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d040c3a838c157.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2011-11-01 19:58 - 2011-11-01 19:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2012-08-23 12:10 - 2009-11-04 15:17 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dlebdrpp.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2012-06-27 22:36 - 2011-07-20 00:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2012-06-27 21:46 - 2010-12-17 17:25 - 00686704 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe 2011-11-01 19:58 - 2011-11-01 19:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll 2011-06-28 02:26 - 2011-06-28 02:26 - 02022976 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe 2012-08-23 12:05 - 2011-01-24 02:37 - 00770728 _____ () C:\Program Files (x86)\Dell P513w\dlebmon.exe 2012-08-23 12:05 - 2011-01-24 02:37 - 00139944 _____ () C:\Program Files (x86)\Dell P513w\ezprint.exe 2011-06-29 15:52 - 2011-06-29 15:52 - 00474176 _____ () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe 2010-11-17 17:35 - 2010-11-17 17:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe 2012-02-01 18:50 - 2012-02-01 18:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe 2012-08-23 12:08 - 2009-12-16 13:42 - 00205824 _____ () C:\Program Files\Dell\P513w\dlebmicro.dll 2012-08-23 12:08 - 2010-04-01 19:30 - 01558528 _____ () C:\Program Files\Dell\P513w\dlebdrs64.dll 2012-08-23 12:08 - 2009-11-26 10:55 - 00075264 _____ () C:\Program Files\Dell\P513w\dlebcfg64.dll 2012-08-23 12:08 - 2009-03-10 07:44 - 00015360 _____ () C:\Program Files\Dell\P513w\dlebcaps64.dll 2012-08-23 12:08 - 2009-03-05 19:55 - 00057344 _____ () C:\Program Files\Dell\P513w\dlebcnv464.dll 2012-06-27 22:03 - 2012-01-27 04:49 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE 2010-11-29 22:04 - 2010-11-29 22:04 - 00403968 _____ () C:\Program Files\Intel\TurboBoost\no\SignalIslandUi.resources.dll 2015-04-01 21:00 - 2015-04-01 20:58 - 20436568 _____ () C:\@service fjernstyrtpchjelp\RogueKillerX64.exe 2010-03-17 03:28 - 2010-03-17 03:28 - 01926144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll 2010-03-22 22:52 - 2010-03-22 22:52 - 06776832 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll 2010-03-17 03:28 - 2010-03-17 03:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll 2010-03-17 03:28 - 2010-03-17 03:28 - 00326144 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll 2011-06-25 06:20 - 2011-06-25 06:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll 2011-06-28 02:25 - 2011-06-28 02:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll 2011-06-25 06:36 - 2011-06-25 06:36 - 00322624 _____ () C:\Program Files (x86)\Dell\Stage Remote\nb-NO\UI\ManagerUI.dll 2010-03-12 02:52 - 2010-03-12 02:52 - 00028160 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll 2010-03-05 22:07 - 2010-03-05 22:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll 2010-03-05 22:07 - 2010-03-05 22:07 - 00125952 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll 2010-03-12 02:52 - 2010-03-12 02:52 - 00225280 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll 2012-08-23 12:03 - 2009-11-26 10:50 - 00086183 _____ () C:\Program Files (x86)\Dell P513w\dlebcfg.dll 2012-08-23 12:05 - 2010-04-01 19:23 - 00389120 _____ () C:\Program Files (x86)\Dell P513w\dlebscw.dll 2012-08-23 12:05 - 2009-05-27 14:16 - 00192512 _____ () C:\Program Files (x86)\Dell P513w\dlebdatr.dll 2012-08-23 12:05 - 2010-04-01 19:24 - 01159168 _____ () C:\Program Files (x86)\Dell P513w\dlebDRS.dll 2012-08-23 12:05 - 2009-03-10 07:43 - 00155648 _____ () C:\Program Files (x86)\Dell P513w\dlebcaps.dll 2012-08-23 12:05 - 2009-03-05 19:55 - 00059904 _____ () C:\Program Files (x86)\Dell P513w\dlebcnv4.dll 2012-08-23 12:01 - 2009-02-12 13:33 - 00381952 _____ () C:\Windows\system32\dlebsm.dll 2012-08-23 12:01 - 2009-04-28 09:57 - 00028672 _____ () C:\Windows\system32\dlebsmr.dll 2012-08-23 12:05 - 2009-03-30 14:40 - 00708608 _____ () C:\Program Files (x86)\Dell P513w\Epwizard.DLL 2012-08-23 12:05 - 2009-03-30 14:38 - 00159744 _____ () C:\Program Files (x86)\Dell P513w\customui.dll 2012-08-23 12:05 - 2009-03-30 14:38 - 00114688 _____ () C:\Program Files (x86)\Dell P513w\Eputil.DLL 2012-08-23 12:05 - 2009-03-30 14:37 - 00139264 _____ () C:\Program Files (x86)\Dell P513w\Imagutil.DLL 2012-08-23 12:05 - 2009-03-30 14:38 - 00061440 _____ () C:\Program Files (x86)\Dell P513w\Epfunct.DLL 2012-08-23 12:05 - 2009-06-23 13:12 - 02203648 _____ () C:\Program Files (x86)\Dell P513w\EPWizRes.dll 2012-08-23 12:05 - 2009-06-23 13:13 - 00045056 _____ () C:\Program Files (x86)\Dell P513w\epstring.dll 2012-08-23 12:05 - 2009-06-23 13:13 - 00192512 _____ () C:\Program Files (x86)\Dell P513w\EPOEMDll.dll 2012-08-23 12:05 - 2009-04-07 21:25 - 00409600 _____ () C:\Program Files (x86)\Dell P513w\iptk.dll 2012-08-23 12:06 - 2009-03-02 16:25 - 00151552 _____ () C:\Program Files (x86)\Dell P513w\dlebptp.dll 2014-07-28 14:19 - 2009-07-21 14:42 - 00364544 ____N () C:\Program Files (x86)\PIXELA\ImageMixer 3 SE Ver.6\Transfer Utility\pxl_m17n_tool.dll 2015-03-31 07:20 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-03-31 07:20 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-03-31 07:20 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2010-11-25 05:44 - 2010-11-25 05:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll 2012-02-01 18:44 - 2012-02-01 18:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll 2012-02-01 18:44 - 2012-02-01 18:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll 2015-03-31 07:20 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-03-31 07:20 - 2014-04-25 14:11 - 02972112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\NotificationSpreader.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1040864562-2501411741-2343481827-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sidselwerner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 62.65.30.10 - 212.20.193.130 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-1040864562-2501411741-2343481827-500 - Administrator - Disabled) Gjest (S-1-5-21-1040864562-2501411741-2343481827-501 - Limited - Disabled) sidselwerner (S-1-5-21-1040864562-2501411741-2343481827-1001 - Administrator - Enabled) => C:\Users\sidselwerner UpdatusUser (S-1-5-21-1040864562-2501411741-2343481827-1000 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/01/2015 11:09:39 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Programnavn med feil: pcdrcui.exe, versjon: 6.0.6584.52, tidsangivelse: 0x54cb2d14 Modulnavn med feil: KERNELBASE.dll, versjon: 6.1.7601.18409, tidsangivelse: 0x5315a05a Unntakskode: 0xe0434352 Feilforskyvning: 0x000000000000940d Feil prosess-ID: 0x838 Feil starttid for program: 0xpcdrcui.exe0 Feil programbane: pcdrcui.exe1 Feil modulbane: pcdrcui.exe2 Rapport-ID: pcdrcui.exe3 Error: (04/01/2015 11:09:39 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: pcdrcui.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: Pcd.DataStore.DatabaseError Stack: at pcd.native.AppStateDataStoreAccessor.get_Store() at pcd.native.AppStateDataStoreAccessor.Contains(System.String) at PCDoctor.DataStore.DataStore.GetValue(System.String) at PCDoctor.DataStore.Settings.GetBoolValue(System.String, Boolean) at pcd.controllers.MainController.LoadProxySettings() at pcd.controllers.MainController.BackgroundStartThread() at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (04/01/2015 05:53:20 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 90080108 Error: (04/01/2015 04:50:14 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (03/31/2015 07:39:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/31/2015 07:39:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Programnavn med feil: stage_primary.exe, versjon: 1.7.209.0, tidsangivelse: 0x4f286f8c Modulnavn med feil: MSVCR90.dll, versjon: 9.0.30729.6161, tidsangivelse: 0x4dace5b9 Unntakskode: 0x40000015 Feilforskyvning: 0x0005beae Feil prosess-ID: 0xf0c Feil starttid for program: 0xstage_primary.exe0 Feil programbane: stage_primary.exe1 Feil modulbane: stage_primary.exe2 Rapport-ID: stage_primary.exe3 Error: (03/31/2015 07:35:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Programnavn med feil: pcdrcui.exe, versjon: 6.0.6584.52, tidsangivelse: 0x54cb2d14 Modulnavn med feil: KERNELBASE.dll, versjon: 6.1.7601.18409, tidsangivelse: 0x5315a05a Unntakskode: 0xe0434352 Feilforskyvning: 0x000000000000940d Feil prosess-ID: 0x1f6c Feil starttid for program: 0xpcdrcui.exe0 Feil programbane: pcdrcui.exe1 Feil modulbane: pcdrcui.exe2 Rapport-ID: pcdrcui.exe3 Error: (03/31/2015 07:35:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: pcdrcui.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: Pcd.DataStore.DatabaseError Stack: at pcd.native.AppStateDataStoreAccessor.get_Store() at pcd.native.AppStateDataStoreAccessor.Contains(System.String) at PCDoctor.DataStore.DataStore.GetValue(System.String) at PCDoctor.DataStore.Settings.GetBoolValue(System.String, Boolean) at pcd.controllers.MainController.LoadProxySettings() at pcd.controllers.MainController.BackgroundStartThread() at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (03/31/2015 00:33:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 90080108 Error: (03/31/2015 00:28:34 PM) (Source: VSS) (EventID: 13) (User: ) Description: Informasjon fra Volume Shadow Copy-tjenesten: Kan ikke starte COM-serveren med CLSIDen {e579ab5f-1cc4-44b4-bed9-de0991ff0623} og navnet Coordinator. [0x80070005, Ingen tilgang. ] System errors: ============= Error: (04/01/2015 09:03:01 PM) (Source: volsnap) (EventID: 16) (User: ) Description: Skyggekopien for volum D: ble avbrutt fordi volum D:, som inneholder et skyggekopilager for denne skyggekopien, ble tvungent demontert. Error: (03/31/2015 07:41:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Tjenesten 1% kan ikke starte på grunn av følgende feil: %%2 Error: (03/31/2015 07:39:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Tjenesten Dell SupportAssist Agent kan ikke starte på grunn av følgende feil: %%1053 Error: (03/31/2015 07:39:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Dell SupportAssist Agent skal koble til. Error: (03/31/2015 07:38:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Tjenesten Spybot-S&D 2 Security Center Service avhenger av tjenesten Security Center som ikke kan starte på grunn av følgende feil: %%1058 Error: (03/31/2015 07:38:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Tjenesten Spybot-S&D 2 Scanner Service kan ikke starte på grunn av følgende feil: %%1053 Error: (03/31/2015 07:38:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Det oppstod et tidsavbrudd (30000 millisekunder) under venting på at tjenesten Spybot-S&D 2 Scanner Service skal koble til. Error: (03/31/2015 00:28:34 PM) (Source: DCOM) (EventID: 10016) (User: sidselwerner-PC) Description: programspesifikkLokalAktivering{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}{56BE716B-2F76-4DFA-8702-67AE10044F0B}sidselwerner-PCsidselwernerS-1-5-21-1040864562-2501411741-2343481827-1001LocalHost (bruker LRPC) Error: (03/31/2015 07:50:01 AM) (Source: Schannel) (EventID: 4120) (User: NT-MYNDIGHET) Description: Følgende kritiske varsel er generert: 10. Intern feiltilstand er 10. Error: (03/31/2015 07:50:01 AM) (Source: Schannel) (EventID: 4120) (User: NT-MYNDIGHET) Description: Følgende kritiske varsel er generert: 10. Intern feiltilstand er 10. Microsoft Office Sessions: ========================= Error: (04/01/2015 11:09:39 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: pcdrcui.exe6.0.6584.5254cb2d14KERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d83801d06c5b909fa627C:\Program Files\Dell\SupportAssist\pcdrcui.exeC:\Windows\system32\KERNELBASE.dlld2f562c1-d84e-11e4-8622-00dbdf0f0301 Error: (04/01/2015 11:09:39 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: pcdrcui.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: Pcd.DataStore.DatabaseError Stack: at pcd.native.AppStateDataStoreAccessor.get_Store() at pcd.native.AppStateDataStoreAccessor.Contains(System.String) at PCDoctor.DataStore.DataStore.GetValue(System.String) at PCDoctor.DataStore.Settings.GetBoolValue(System.String, Boolean) at pcd.controllers.MainController.LoadProxySettings() at pcd.controllers.MainController.BackgroundStartThread() at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (04/01/2015 05:53:20 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 90080108 Error: (04/01/2015 04:50:14 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (03/31/2015 07:39:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/31/2015 07:39:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: stage_primary.exe1.7.209.04f286f8cMSVCR90.dll9.0.30729.61614dace5b9400000150005beaef0c01d06bd9779c78acC:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dlld4a1eb32-d7cc-11e4-8622-00dbdf0f0301 Error: (03/31/2015 07:35:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: pcdrcui.exe6.0.6584.5254cb2d14KERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940d1f6c01d06b9f469bc96fC:\Program Files\Dell\SupportAssist\pcdrcui.exeC:\Windows\system32\KERNELBASE.dll509ded85-d7cc-11e4-9c28-00dbdf0f0301 Error: (03/31/2015 07:35:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: pcdrcui.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: Pcd.DataStore.DatabaseError Stack: at pcd.native.AppStateDataStoreAccessor.get_Store() at pcd.native.AppStateDataStoreAccessor.Contains(System.String) at PCDoctor.DataStore.DataStore.GetValue(System.String) at PCDoctor.DataStore.Settings.GetBoolValue(System.String, Boolean) at pcd.controllers.MainController.LoadProxySettings() at pcd.controllers.MainController.BackgroundStartThread() at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) at System.Threading.ThreadHelper.ThreadStart() Error: (03/31/2015 00:33:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 90080108 Error: (03/31/2015 00:28:34 PM) (Source: VSS) (EventID: 13) (User: ) Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}Coordinator0x80070005, Ingen tilgang. ==================== Memory info =========================== Processor: Intel® Core i7-2670QM CPU @ 2.20GHz Percentage of memory in use: 75% Total physical RAM: 8086.17 MB Available physical RAM: 1997.25 MB Total Pagefile: 16170.52 MB Available Pagefile: 10122.45 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:446.13 GB) (Free:265.54 GB) NTFS Drive d: () (Fixed) (Total:465.76 GB) (Free:0 GB) NTFS Drive f: () (Fixed) (Total:0.1 GB) (Free:0.02 GB) FAT ==================== MBR & Partition Table ================== ==================== End Of Log ============================ Rougekiller scann: ___________________________________________________________________________________- RogueKiller V10.5.8.0 (x64) [Mar 30 2015] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : sidselwerner [Administrator] Started from : C:\@service fjernstyrtpchjelp\RogueKillerX64.exe Mode : Scan -- Date : 04/01/2015 21:10:50 ¤¤¤ Processes : 0 ¤¤¤ ¤¤¤ Registry : 13 ¤¤¤ [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} -> Found [PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | ApnUpdater : "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 62.65.30.10 212.20.193.130 188.126.192.140 [NORWAY (NO)][NORWAY (NO)][NORWAY (NO)] -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 62.65.30.10 212.20.193.130 188.126.192.140 [NORWAY (NO)][NORWAY (NO)][NORWAY (NO)] -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 62.65.30.10 212.20.193.130 188.126.192.140 [NORWAY (NO)][NORWAY (NO)][NORWAY (NO)] -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{78EFA4C1-D383-4D7D-9C55-39877F189146} | DhcpNameServer : 62.65.30.10 212.20.193.130 188.126.192.140 [NORWAY (NO)][NORWAY (NO)][NORWAY (NO)] -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{78EFA4C1-D383-4D7D-9C55-39877F189146} | DhcpNameServer : 62.65.30.10 212.20.193.130 188.126.192.140 [NORWAY (NO)][NORWAY (NO)][NORWAY (NO)] -> Found [PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{78EFA4C1-D383-4D7D-9C55-39877F189146} | DhcpNameServer : 62.65.30.10 212.20.193.130 188.126.192.140 [NORWAY (NO)][NORWAY (NO)][NORWAY (NO)] -> Found [PUM.Desktop] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore | DisableSR : 1 -> Found [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found ¤¤¤ Tasks : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ Hosts File : 0 [Too big!] ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤ ¤¤¤ Web browsers : 1 ¤¤¤ [PUP][FIREFX:Addon] jl6axed5.default : MapsGalaxy [39ffxtbr@MapsGalaxy_39.com] -> Found ¤¤¤ MBR Check : ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS727550A9E364 +++++ --- User --- [MBR] fec42edfff775e9b5a27d91630f35255 [bSP] dea9defa67a18cc486b8c709b2ee22f0 : HP MBR Code Partition table: 0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 63 | Size: 101 MB 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 212992 | Size: 20000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 41172992 | Size: 456835 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Hitachi HTS727550A9E364 +++++ --- User --- [MBR] e5937aba60712c4e0cb562c1c8228034 [bSP] 399df0c455aabd3e6b8ddf487d890c19 : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader] User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive2: Dell USB Mass Storage USB Device +++++ Error reading User MBR! ([15] Enheten er ikke klar. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] Forespørselen støttes ikke. ) ______END OF LOG______________________________________________________________- Including attached file: Additon.txt. Thank you in advance Regards Rolf Addition.txt
  3. Thanks again. But can i be sure that all the scann I wrote about in my last post have removed the virus/malware? ( I have runn Malwarebytes, spyhunter, Spybot-S&D and Norton Power Eraser. Malwarebutes and Spyhunter removed some ransomware virus so I guess CryptoWall is gone. ) ( but for sure I guess u only can answerd abot the Malewarebytes scann Of course you cant know it for sure, but will the virus/maleware normally be delited and done with full Malwarebytes Scann? Regards Rolf
  4. Thanks for anwerd I have runn Malwarebytes, spyhunter, Spybot-S&D and Norton Power Eraser. Malwarebutes and Spyhunter removed some ransomware virus so I guess CryptoWall is gone. But, as you write: "but your files are most likely gone." : Is there no way to get my files back/decryptering the files? And, with the scann I write about above: Can i be sure the virus/malware is gone or do I have to do some manual removing in registry and so? ( Do a new updated Malwarebytes remove the virus? ) Regards Rolf
  5. The folder "documents and settings" and all files in the whole computer ( c: d: and f: )is encrypted by virus It tells me to go to http://7oqnsnzwwnm6zb7y.icepaytor.com/10giv5Rand pay for decypting my files. For sure I will not do that! I think this is a brand new sort of virus/malicious software. ( At least in Norway ) Any idea how to remove this virus/malicious software? Will Malwarebytes do it? ( I try a scann now ) I attach 1 files I get from this blackmailing "provider" I hope for a good and fast anwer Regards Rolf
  6. how to install malwarebytes when I not have administrator user account on my PC? Can somebody help me? I need to install/run malwarebytes as standard user. ( not administrator )
  7. Anybody know it is poosible no run malwarebytes from a bootcd? In norway we now have attac working that way that computer been locked and the user have to pay a bill because off illegal porn sufing and download. The user have to pay a ticket to "police" for get a code to unlock computer. Computer can not be started in safemode and is totally locked. Therefore I need a tools that can clean computer for the infected problems. Maybye malewarebytes not will find this problem anyway...but someboody out there have any tips about this problem? ...and sorry my bad english :-) Regards Koofy
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.