Infisert Acer-PC

9 innlegg i emnet

Skrevet

Jeg har en Acer PC. Den ser nå ut til å ha blitt infisert av en eller annen type Malware. Hvis jeg kjører en scan med Malwarebytes anti-malware, så får jeg hver gang opp 2-3 trusler, som må settes i karantene. Og dersom jeg umiddelbart kjører en ny scan, uten å ha gjort noe annet på pc'en, så er det på nytt 2-3 trusler som må settes i karantene. I tillegg ser det ut til å ha skjedd noe med hvordan tastaturet reagerer. Det kommer inn haugevis med ekstra tegn når jeg skriver inn noe. Nrk.no kan f.eks. bli N6rjjjjk...nooo. Det blir med andre ord umulig å søke etter noe. Dette skjer også når jeg f.eks. skriver noe inn på Wordpad. Hva kan det være, og hvordan kan jeg bli kvitt det?

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Høres ut som et skikkelig morro-virus du har fått på maskinen.

Hva heter disse truslene (skjermkopi)?

Har du prøvd å scanne etter virus når Windows er i sikkerhetsmodus?

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Malwarebytes
www.malwarebytes.com

-Loggdetaljer-
Skannedato: 02.02.2018
Skanneklokkeslett: 17.23
Loggfil: 668351ca-0835-11e8-9f3c-b888e30823d0.json
Administrator: Ja

-Programvareinformasjon-
Versjon: 3.2.2.2029
Komponentversjon: 1.0.212
Oppdater pakkeversjon: 1.0.3853
Lisens: Gratis

-Systeminformasjon-
OS: Windows 10 (Build 16299.192)
CPU: x64
Filsystem: NTFS
Bruker: Benthe-PC\Benthe

-Skanneoppsummering-
Skannetype: Skanning av trusler
Resultat: Fullført
Skannede objekter: 344203
Registrerte trusler: 2
Trusler satt i karantene: 2
Forløpt tid: 8 min, 11 sek

-Skannealternativer-
Minne: Aktivert
Oppstart: Aktivert
Filsystem: Aktivert
Arkiver: Aktivert
Rootkits: Deaktivert
Heurestikk: Aktivert
PUP: Advar
PUM: Oppdag

-Skannedetaljer-
Prosess: 0
(Ingen skadelig programvare registrert)

Modul: 0
(Ingen skadelig programvare registrert)

Registernøkkel: 0
(Ingen skadelig programvare registrert)

Registerverdi: 0
(Ingen skadelig programvare registrert)

Registerdata: 0
(Ingen skadelig programvare registrert)

Dataflyt: 0
(Ingen skadelig programvare registrert)

Mappe: 0
(Ingen skadelig programvare registrert)

Fil: 2
PUP.Optional.Linkury, C:\USERS\BENTHE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Erstattet, [281], [455237],1.0.3853
PUP.Optional.Linkury, C:\USERS\BENTHE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Erstattet, [281], [455237],1.0.3853

Fysisk sektor: 0
(Ingen skadelig programvare registrert)


(end)

Høres ut som et skikkelig morro-virus du har fått på maskinen.

Hva heter disse truslene (skjermkopi)?

Har du prøvd å scanne etter virus når Windows er i sikkerhetsmodus?

Nå har jeg postet loggen fra Malwarebytes. Jeg vet ikke om den sier deg noe?

Hvordan gjør jeg en virus-scan i sikkerhetsmodus?

Ok. Nå fant jeg ut det med sikkerhetsmodus. Prøver nå. 

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Jeg prøvde sikkermodus nå, men fikk beskjed om at ingen viruser ble funnet (AVG antivirus). Jeg stusset imidlertid litt på at internett og alt var på selv om jeg klikket 4 for sikkermodus. Kan maskinen ha blitt forhindret fra å gå inn i sikkermodus?

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Da fikk jeg til og aktivere sikkermodus, men jeg fikk ikke startet antivirus eller malwarebytes i sikkermodus (se vedlegg). 

Jeg drar på hytta nå, og er tilbake igjen på søndag. Ser mer på dette da. Takknemlig for tips og råd i mellomtiden. 

pc 2.jpg

Pc1.jpg

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Kan du velge sikkermodus med nett?

Se åssen det går og søke på nettet da + skriv litt i wordpad og se åssen det går.

Mulig du må koble deg til modem / ruter med kabel for å få nett.

Det gikk fint å søke med antivirus i sikkermodus tidligere, men det kan hende det er avhengig av så mye nå for tiden. Kan være at det hjelper å komme seg på nett i safe.

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Her er logg fra Hijack This: 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:02:50, on 04.02.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
CHROME: 1.5.1693.0

Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Users\Benthe\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Benthe\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Users\Benthe\AppData\Local\Temp\scoped_dir6304_31894\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={8DC780F7-7155-41B4-BA63-B9F192DA4EF7}&mid=6f0e65569d7347ccb6a61151c31cc0a9-72f853efbebb0ab3f7d3a956ea8e431fceb583ed&lang=en&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-25 16:14:09&v=4.3.2.18&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [Javafri løsning] "C:\Program Files (x86)\Buypass\Javafri løsning\Buypass.SCProxy.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Google Update] C:\Users\Benthe\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Benthe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify] C:\Users\Benthe\AppData\Roaming\Spotify\Spotify.exe --autostart
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Benthe\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: @oem7.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc.  - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google-oppdatering-tjenesten (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google-oppdatering-tjenesten (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.3.8 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 15893 bytes

 

Logg fra DDS:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume2
Install Date: 23.12.2017 16:04:03
System Uptime: 04.02.2018 20:30:59 (1 hours ago)
.
Motherboard: Acer |  | VA50_HC_HR
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz | U3E1 | 2100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 681 GiB total, 546,6 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP2: 03.01.2018 20:04:25 - Planlagt kontrollpunkt
RP3: 09.01.2018 22:47:51 - Windows Update
RP4: 17.01.2018 20:34:52 - Windows Update
RP5: 20.01.2018 20:43:46 - Windows Update
RP6: 02.02.2018 16:37:50 - Windows Update
RP7: 02.02.2018 16:39:22 - Windows Update
.
==== Installed Programs ======================
.
 clear.fi SDK- Movie 2
 clear.fi SDK - MVP 2
???? ??? Windows Live
???? Windows Live
????? Windows Live
?????? ??????? ?? Windows Live
???????? ?????????? Windows Live
?????????? Windows Live
??????????? ?? Windows Live
Acer Backup Manager
Acer Crystal Eye Webcam
Acer ePower Management
Acer eRecovery Management
Acer Games
Acer Instant Update Service
Acer ScreenSaver
Acer Updater
Adobe AIR
Adobe Reader X (10.1.16) MUI
Adobe Refresh Manager
Agatha Christie - Death on the Nile
Amazon 1Button App
AVG AntiVirus FREE
AVG Web TuneUp
Backup Manager V3
Bejeweled 3
Bing Bar
Broadcom Card Reader Driver Installer
Broadcom NetLink Controller
Broadcom Wireless Utility
CCleaner
ChromecastApp
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Citrix Authentication Manager
Citrix Endpoint Analysis Plugin
Citrix Receiver
Citrix Receiver (HDX Flash Redirection)
Citrix Receiver Inside
Citrix Receiver Updater
Citrix Receiver(Aero)
Citrix Receiver(DV)
Citrix Receiver(USB)
clear.fi Media
clear.fi Photo
CyberLink MediaEspresso
D3DX10
Dolby Home Theater v4
ELAN Touchpad 11.15.0.18_X64
Evernote v. 4.5.2
FATE
Final Drive: Nitro
FMW 1
Fooz Kids
Fooz Kids Platform
Fotogalerija Windows Live
Galeria de Fotografias do Windows Live
Galeria fotografii uslugi Windows Live
Galeria fotogràfica del Windows Live
Galerie de photos Windows Live
Galerie foto Windows Live
Galería fotográfica de Windows Live
Google Toolbar for Internet Explorer
Google Update Helper
Heroes of Might and Magic IV: Winds of War
Heroes of Might and Magic® III Complete
Identity Card
Insaniquarium Deluxe
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) OpenCL CPU Runtime
Intel(R) Processor Graphics
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
Java 8 Update 161
Java Auto Updater
Javafri løsning
Jewel Match 3
Jewel Quest Mysteries: The Seventh Gate Collector's Edition
John Deere Drive Green
Junk Mail filter update
Launch Manager
LibreOffice 4.1.3.2
Malwarebytes versjon 3.2.2.2029
Mesh Runtime
Microsoft .NET Framework 4.5.2
Microsoft .NET Framework 4.5.2 (NOR)
Microsoft Application Error Reporting
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64)
Microsoft lagre som PDF-tillegg for 2007 Microsoft Office-programmer
Microsoft Office 2010
Microsoft OneDrive
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
MSVCRT
MSVCRT_amd64
MyWinLocker
MyWinLocker 4
MyWinLocker Suite
newsXpresso
NTI Media Maker 9
Online Plug-in
Opera Stable 50.0.2762.67
Penguins!
Plants vs. Zombies - Game of the Year
Poczta uslugi Windows Live
Podstawowe programy Windows Live
Polar Bowler
Pošta Windows Live
Raccolta foto di Windows Live
Realtek High Definition Audio Driver
Roblox Player for Benthe
ROBLOX Studio for Benthe
S?????? f?t???af??? t?? Windows Live
School of Dragons
Self-service Plug-in
Shredder
Skype™ 7.13
Slingo Deluxe
Spotify
Star Stable
Torchlight
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player
Wedding Dash
Welcome Center
WIDCOMM Bluetooth Software
WildTangent Games App
Windows Live
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotótár
Windows Live Fotogalerie
Windows Live Fotogalleri
Windows Live Fotogaléria
Windows Live Fotograf Galerisi
Windows Live Galeria de Fotos
Windows Live Galerija fotografija
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Temel Parçalar
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
Windows Media Player Firefox Plugin
Zuma Deluxe
.
==== End Of File ===========================

 

Logg fra DDS igjen:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.16299.15  BrowserJavaVersion: 11.161.2
Run by Benthe at 20:59:27 on 2018-02-04
Microsoft Windows 10 Home  10.0.16299.0.1252.47.1044.18.5980.3463 [GMT 1:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Antivirus *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\system32\BtwRSupportService.exe
C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\Program Files\Elantech\ETDService.exe
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\mqsvc.exe
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\Explorer.EXE
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\WINDOWS\system32\igfxext.exe
C:\Windows\System32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
C:\Users\Benthe\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Users\Benthe\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Buypass\Javafri løsning\Buypass.SCProxy.exe
C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://mysearch.avg.com/?cid={8DC780F7-7155-41B4-BA63-B9F192DA4EF7}&mid=6f0e65569d7347ccb6a61151c31cc0a9-72f853efbebb0ab3f7d3a956ea8e431fceb583ed&lang=en&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-25 16:14:09&v=4.3.2.18&pid=wtu&sg=&sap=hp
uLocal Page = c:\windows\system32\blank.htm
uSearch Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
uSearchAssistant = hxxp://www.google.com
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files (x86)\java\jre1.8.0_161\bin\ssv.dll
BHO: AVG Web TuneUp: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files (x86)\avg web tuneup\4.3.9.605\AVG Web TuneUp.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - 
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files (x86)\java\jre1.8.0_161\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll
uRun: [CCleaner Monitoring] "c:\program files\ccleaner\CCleaner64.exe" /MONITOR
uRun: [Google Update] c:\users\benthe\appdata\local\google\update\1.3.33.7\GoogleUpdateCore.exe
uRun: [OneDrive] "c:\users\benthe\appdata\local\microsoft\onedrive\OneDrive.exe" /background
uRun: [Spotify] c:\users\benthe\appdata\roaming\spotify\Spotify.exe --autostart
uRun: [Spotify Web Helper] c:\users\benthe\appdata\roaming\spotify\SpotifyWebHelper.exe --autostart
mRun: [SuiteTray] "c:\program files (x86)\egistec mywinlockersuite\x86\SuiteTray.exe"
mRun: [BackupManagerTray] "c:\program files (x86)\nti\acer backup manager\BackupManagerTray.exe" -h -k
mRun: [LManager] c:\program files (x86)\launch manager\LManager.exe
mRun: [USB3MON] "c:\program files (x86)\intel\intel(r) usb 3.0 extensible host controller driver\application\iusb3mon.exe"
mRun: [ConnectionCenter] "c:\program files (x86)\citrix\ica client\concentr.exe" /startup
mRun: [AvgUi] "c:\program files (x86)\avg\framework\common\avguirna.exe" /lps=fmw
mRun: [vProt] "c:\program files (x86)\avg web tuneup\vprot.exe"
mRun: [Javafri løsning] "c:\program files (x86)\buypass\javafri løsning\Buypass.SCProxy.exe"
mRun: [SunJavaUpdateSched] "c:\program files (x86)\common files\java\java update\jusched.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - c:\program files (x86)\evernote\evernote\EvernoteIE.dll/204
Trusted Zone: amazon.com
TCP: NameServer = 192.168.0.1 0.0.0.0
TCP: Interfaces\{3f1e0f7f-004c-4705-b102-467fc9599e1e} : DHCPNameServer = 192.168.0.1 0.0.0.0
TCP: Interfaces\{5ce55775-922e-45bb-9c05-a63520b58fe3} : DHCPNameServer = 192.168.0.1 0.0.0.0
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - c:\windows\syswow64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - c:\windows\syswow64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files (x86)\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages =  scecli c:\program files\widcomm\bluetooth software\BtwProximityCP.dll
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - c:\windows\system32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avgbidsh;avgbidsh;c:\windows\system32\drivers\avgbidsha.sys [2017-12-23 193096]
R0 avgblog;avgblog;c:\windows\system32\drivers\avgbloga.sys [2017-12-23 337408]
R0 avgbuniv;avgbuniv;c:\windows\system32\drivers\avgbuniva.sys [2017-12-23 51336]
R0 avgRvrt;avgRvrt;c:\windows\system32\drivers\avgRvrt.sys [2017-12-23 76832]
R0 avgVmm;avgVmm;c:\windows\system32\drivers\avgVmm.sys [2017-12-23 351128]
R0 intelpep;Intel(R)-plugin-drivermodul for strømmotor;c:\windows\system32\drivers\intelpep.sys [2017-9-29 130640]
R0 iorate;Filterdriver for I/U-hastighet for disk;c:\windows\system32\drivers\iorate.sys [2017-9-29 56728]
R0 iusb3hcs;Driver for Intel(R) USB 3.0 vertskontrollerbryter;c:\windows\system32\drivers\iusb3hcs.sys [2012-3-26 16152]
R0 volume;Volumdriver;c:\windows\system32\drivers\volume.sys [2017-9-29 15392]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;c:\windows\system32\drivers\WindowsTrustedRT.sys [2017-9-29 71248]
R0 WindowsTrustedRTProxy;Sikker tjeneste for klarert kjøretid fra Microsoft Windows;c:\windows\system32\drivers\WindowsTrustedRTProxy.sys [2017-9-29 18000]
R0 Wof;Windows Overlay File System Filter Driver;c:\windows\system32\drivers\wof.sys [2017-9-29 209304]
R1 ahcache;Application Compatibility Cache;c:\windows\system32\drivers\ahcache.sys [2017-9-29 240640]
R1 avgArPot;avgArPot;c:\windows\system32\drivers\avgArPot.sys [2018-1-9 177536]
R1 avgbdisk;avgbdisk;c:\windows\system32\drivers\avgbdiska.sys [2017-12-23 166624]
R1 avgbidsdriver;avgbidsdriver;c:\windows\system32\drivers\avgbidsdrivera.sys [2017-12-23 315152]
R1 avgRdr;avgRdr;c:\windows\system32\drivers\avgRdr2.sys [2017-12-23 102792]
R1 avgSnx;avgSnx;c:\windows\system32\drivers\avgSnx.sys [2017-12-23 1017624]
R1 avgSP;avgSP;c:\windows\system32\drivers\avgSP.sys [2017-12-23 450360]
R1 bam;Background Activity Moderator Driver;c:\windows\system32\drivers\bam.sys [2018-1-9 59800]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2012-4-25 93272]
R1 FileCrypt;FileCrypt;c:\windows\system32\drivers\filecrypt.sys [2017-9-29 55808]
R1 GpuEnergyDrv;GPU Energy Driver;c:\windows\system32\drivers\gpuenergydrv.sys [2017-9-29 8192]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [2012-3-26 22648]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [2012-3-26 20520]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [2012-3-26 62776]
R2 AVG Antivirus;AVG Antivirus;c:\program files (x86)\avg\antivirus\AVGSvc.exe [2018-1-9 301720]
R2 avgMonFlt;avgMonFlt;c:\windows\system32\drivers\avgMonFlt.sys [2017-12-23 139112]
R2 avgStm;avgStm;c:\windows\system32\drivers\avgStm.sys [2017-12-23 196904]
R2 avgsvc;AVG Service;c:\program files (x86)\avg\framework\common\avgsvca.exe [2018-1-25 1428264]
R2 BBUpdate;BBUpdate;c:\program files (x86)\microsoft\bingbar\SeaPort.EXE [2011-5-13 249648]
R2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe [2015-3-27 2251992]
R2 CDPSvc;Plattformtjeneste for tilkoblede enheter;c:\windows\system32\svchost.exe -k LocalService -p [2017-9-29 48688]
R2 CDPUserSvc_47607;Plattformbrukertjeneste for tilkoblede enheter_47607;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 CldFlt;Windows Cloud Files Filter Driver;c:\windows\system32\drivers\cldflt.sys [2018-1-9 385024]
R2 CoreMessagingRegistrar;CoreMessaging;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork -p [2017-9-29 48688]
R2 DiagTrack;Connected User Experiences and Telemetry;c:\windows\system32\svchost.exe -k utcsvc -p [2017-9-29 48688]
R2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\launch manager\dsiwmis.exe [2012-4-16 355920]
R2 DusmSvc;Databruk;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R2 ePowerSvc;ePower Service;c:\program files\acer\acer epower management\ePowerSvc.exe [2012-6-6 871296]
R2 ETDService;Elan Service;c:\program files\elantech\ETDService.exe [2015-10-13 144072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\intel\icls client\HeciServer.exe [2012-2-3 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\intel\intel(r) management engine components\dal\Jhi_service.exe [2012-6-6 161560]
R2 Live Updater Service;Live Updater Service;c:\program files\acer\acer updater\UpdaterService.exe [2012-3-26 255376]
R2 MBAMService;Malwarebytes Service;c:\program files\malwarebytes\anti-malware\MBAMService.exe [2017-10-8 6058960]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\nti\acer backup manager\IScheduleSvc.exe [2012-1-5 256536]
R2 OneSyncSvc_47607;Synkroniseringsvert_47607;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 SecurityHealthService;Tjenesten Windows Defender Sikkerhetssenter;c:\windows\system32\SecurityHealthService.exe [2018-1-9 519152]
R2 storqosflt;Storage QoS Filter Driver;c:\windows\system32\drivers\storqosflt.sys [2017-9-29 79872]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\intel\intel(r) management engine components\uns\UNS.exe [2012-6-6 363800]
R2 UserManager;User Manager;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 vToolbarUpdater40.3.8;vToolbarUpdater40.3.8;c:\program files (x86)\common files\avg secure search\vtoolbarupdater\40.3.8\ToolbarUpdater.exe [2017-6-16 1365064]
R2 wcifs;Windows Container Isolation;c:\windows\system32\drivers\wcifs.sys [2018-1-9 147864]
R2 WpnService;Systemtjenesten Windows Push Notification;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 WpnUserService_47607;Brukertjenesten Windows Push Notifications_47607;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 WtuSystemSupport;WtuSystemSupport;c:\program files (x86)\avg web tuneup\WtuSystemSupport.exe [2016-7-25 981576]
R3 avgbIDSAgent;avgbIDSAgent;c:\program files (x86)\avg\antivirus\x64\aswidsagenta.exe [2018-1-9 7589200]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\drivers\b57xdbd.sys [2011-11-4 68648]
R3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\drivers\b57xdmp.sys [2011-11-4 19496]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2015-3-27 173312]
R3 bScsiMSa;bScsiMSa;c:\windows\system32\drivers\bScsiMSa.sys [2011-9-2 51752]
R3 bScsiSDa;bScsiSDa;c:\windows\system32\drivers\bScsiSDa.sys [2012-5-4 81928]
R3 BthA2DP;Bluetooth-stereo;c:\windows\system32\drivers\BthA2DP.sys [2017-9-29 191488]
R3 bthl2cap;Støttedriver for Microsoft Bluetooth Protocol;c:\windows\system32\drivers\bthl2cap.sys [2017-9-29 83968]
R3 BthLEEnum;Driver for Bluetooth Low Energy;c:\windows\system32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-9-29 78848]
R3 CAD;Charge Arbitration Driver;c:\windows\system32\drivers\CAD.sys [2017-9-29 60312]
R3 ETD;ELAN Input Device;c:\windows\system32\drivers\ETD.sys [2015-10-13 525512]
R3 IntcDAud;Intel(R) Skjermlyd;c:\windows\system32\drivers\IntcDAud.sys [2012-5-14 331264]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60a.sys [2017-9-29 446464]
R3 lfsvc;Geolocation Service;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2017-10-8 252232]
R3 NcbService;Network Connection Broker;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
R3 NdisVirtualBus;Adapternummerering for Microsoft virtuelt nettverk;c:\windows\system32\drivers\NdisVirtualBus.sys [2017-9-29 21504]
R3 StateRepository;State Repository Service;c:\windows\system32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 TimeBrokerSvc;Time Broker;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R3 TokenBroker;Nettkontoadministrator;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S2 MapsBroker;Downloaded Maps Manager;c:\windows\system32\svchost.exe -k NetworkService -p [2017-9-29 48688]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\skype\updater\Updater.exe [2015-7-9 327296]
S3 AcpiDev;ACPI-enhetsdriver;c:\windows\system32\drivers\AcpiDev.sys [2017-9-29 20480]
S3 ADP80XX;ADP80XX;c:\windows\system32\drivers\adp80xx.sys [2017-9-29 1135512]
S3 AJRouter;AllJoyn Router Service;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 applockerfltr;Smartlocker Filter Driver;c:\windows\system32\drivers\applockerfltr.sys [2017-9-29 18432]
S3 AppReadiness;App Readiness;c:\windows\system32\svchost.exe -k AppReadiness -p [2017-9-29 48688]
S3 AppXSvc;AppX Deployment Service (AppXSVC);c:\windows\system32\svchost.exe -k wsappx -p [2017-9-29 48688]
S3 avgHwid;avgHwid;c:\windows\system32\drivers\avgHwid.sys [2017-12-23 39424]
S3 BBSvc;Bing Bar Update Service;c:\program files (x86)\microsoft\bingbar\BBSvc.EXE [2011-6-7 191752]
S3 bcmfn2;bcmfn2 Service;c:\windows\system32\drivers\bcmfn2.sys [2017-9-29 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2017-9-29 48688]
S3 bttflt;VHDPMEM BTT-filter for Microsoft Hyper-V;c:\windows\system32\drivers\bttflt.sys [2017-9-29 37784]
S3 btwampfl;btwampfl;c:\windows\system32\drivers\btwampfl.sys [2015-3-27 188160]
S3 buttonconverter;Tjeneste for enheter for kontroll av bærbar enhet;c:\windows\system32\drivers\buttonconverter.sys [2017-9-29 39424]
S3 camsvc;Administrasjonstjeneste for funksjonstilgang;c:\windows\system32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 CapImg;HID-driver for CapImg-berøringsskjerm;c:\windows\system32\drivers\capimg.sys [2017-9-29 122368]
S3 cht4iscsi;cht4iscsi;c:\windows\system32\drivers\cht4sx64.sys [2017-9-29 357272]
S3 cht4vbd;Chelsio virtuell bussdriver;c:\windows\system32\drivers\cht4vx64.sys [2017-9-29 1723288]
S3 ClipSVC;Client License Service (ClipSVC);c:\windows\system32\svchost.exe -k wsappx -p [2017-9-29 48688]
S3 DevicesFlowUserSvc_47607;DevicesFlow_47607;c:\windows\system32\svchost.exe -k DevicesFlow [2017-9-29 48688]
S3 DevQueryBroker;DevQuery Background Discovery Broker;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2017-5-18 131984]
S3 diagnosticshub.standardcollector.service;Standard Collector-tjeneste for Microsoft (R) diagnose-hub;c:\windows\system32\diagsvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-9-29 85504]
S3 diagsvc;Diagnostic Execution Service;c:\windows\system32\svchost.exe -k diagnostics [2017-9-29 48688]
S3 DmEnrollmentSvc;Tjenesten for administrasjon av registrering av enheten;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 dmwappushservice;dmwappushsvc;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 DoSvc;Delivery Optimization;c:\windows\system32\svchost.exe -k NetworkService -p [2017-9-29 48688]
S3 DsSvc;Data Sharing Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\common files\egistec\services\EgisTicketService.exe [2011-6-21 173424]
S3 embeddedmode;Innebygd modus;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 EntAppSvc;Enterprise App Management Service;c:\windows\system32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 FrameServer;Server for Windows Kamera-bilder;c:\windows\system32\svchost.exe -k Camera [2017-9-29 48688]
S3 GamesAppService;GamesAppService;c:\program files (x86)\wildtangent games\app\GamesAppService.exe [2010-10-12 206072]
S3 genericusbfn;Generell USB-funksjonsklasse;c:\windows\system32\drivers\genericusbfn.sys [2017-9-29 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;c:\windows\system32\svchost.exe -k GraphicsPerfSvcGroup [2017-9-29 48688]
S3 hidinterrupt;Felles driver for HID-knapper implementert med avbrudd;c:\windows\system32\drivers\hidinterrupt.sys [2017-9-29 50584]
S3 HvHost;HV Host Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;c:\windows\system32\drivers\mshwnclx.sys [2017-9-29 27136]
S3 iagpio;Driver for GPIO-kontroller for Intel Serial IO;c:\windows\system32\drivers\iagpio.sys [2017-9-29 36864]
S3 iai2c;Intel(R) Serial IO I2C-vertskontroller;c:\windows\system32\drivers\iai2c.sys [2017-9-29 91648]
S3 iaLPSS2i_GPIO2;GPIO-driver v2 for Intel(R) Serial IO;c:\windows\system32\drivers\iaLPSS2i_GPIO2.sys [2017-9-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;GPIO-driver v2 for Intel(R) Serial IO;c:\windows\system32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-9-29 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C-driver v2;c:\windows\system32\drivers\iaLPSS2i_I2C.sys [2017-9-29 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C-driver v2;c:\windows\system32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-9-29 174592]
S3 iaLPSSi_GPIO;Intel(R) GPIO-kontrollerdriver for seriell I/U;c:\windows\system32\drivers\iaLPSSi_GPIO.sys [2017-9-29 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C-kontrollerdriver;c:\windows\system32\drivers\iaLPSSi_I2C.sys [2017-9-29 113152]
S3 iaStorAV;Intel(R) SATA RAID-kontroller Windows;c:\windows\system32\drivers\iaStorAV.sys [2017-9-29 674200]
S3 ibbus;Mellanox InfiniBand buss/AL (filterdriver);c:\windows\system32\drivers\ibbus.sys [2017-9-29 526232]
S3 icssvc;Tjeneste for mobil trådløssone for Windows;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 IndirectKmd;Kjernemodusdriver for Indirect Displays;c:\windows\system32\drivers\IndirectKmd.sys [2017-9-29 39424]
S3 InstallService;Installasjonstjeneste for Windows Store;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 invdimm;Driver for Microsoft iNVDIMM-enhet;c:\windows\system32\drivers\invdimm.sys [2017-9-29 38912]
S3 IPT;IPT;c:\windows\system32\drivers\ipt.sys [2017-9-29 26112]
S3 IpxlatCfgSvc;Tjeneste for konfigurasjon av IT-oversetting;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 LicenseManager;Windows License Manager Service;c:\windows\system32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 LSI_SAS2i;LSI_SAS2i;c:\windows\system32\drivers\lsi_sas2i.sys [2017-9-29 123800]
S3 LSI_SAS3i;LSI_SAS3i;c:\windows\system32\drivers\lsi_sas3i.sys [2017-9-29 103320]
S3 mausbhost;Vertskontrollerdriver for MA-USB;c:\windows\system32\drivers\mausbhost.sys [2017-9-29 505240]
S3 mausbip;IP-filterdriver for MA-USB;c:\windows\system32\drivers\mausbip.sys [2017-9-29 55840]
S3 megasas2i;megasas2i;c:\windows\system32\drivers\MegaSas2i.sys [2017-9-29 63520]
S3 MessagingService_47607;MessagingService_47607;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 mlx4_bus;Mellanox ConnectX bussnummerering;c:\windows\system32\drivers\mlx4_bus.sys [2017-9-29 842648]
S3 NaturalAuthentication;Natural Authentication;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 ndfltr;NetworkDirect-tjenesten;c:\windows\system32\drivers\ndfltr.sys [2017-9-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;c:\windows\system32\drivers\NetAdapterCx.sys [2017-9-29 132608]
S3 NetSetupSvc;Network Setup Service;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 netvsc;netvsc;c:\windows\system32\drivers\netvsc.sys [2018-1-9 192512]
S3 NgcCtnrSvc;Microsoft Passport Container;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 NgcSvc;Microsoft Passport;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 nvdimmn;Driver for Microsoft NVDIMM-N-enhet;c:\windows\system32\drivers\nvdimmn.sys [2017-9-29 88576]
S3 percsas2i;percsas2i;c:\windows\system32\drivers\percsas2i.sys [2017-9-29 58776]
S3 percsas3i;percsas3i;c:\windows\system32\drivers\percsas3i.sys [2017-9-29 61848]
S3 PhoneSvc;Phone Service;c:\windows\system32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 PimIndexMaintenanceSvc_47607;Contact Data_47607;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 PNPMEM;Microsoft Memory Module Driver;c:\windows\system32\drivers\pnpmem.sys [2017-9-29 16896]
S3 PrintWorkflowUserSvc_47607;PrintWorkflow_47607;c:\windows\system32\svchost.exe -k PrintWorkflow [2017-9-29 48688]
S3 PushToInstall;Windows PushToInstall-tjeneste;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 Ramdisk;Windows RAM Disk Driver;c:\windows\system32\drivers\ramdisk.sys [2017-9-29 39832]
S3 ReFS;ReFS;c:\windows\system32\drivers\refs.sys [2017-9-29 1849752]
S3 ReFSv1;ReFSv1;c:\windows\system32\drivers\refsv1.sys [2017-9-29 936856]
S3 RetailDemo;Tjenesten for forhandlerdemo;c:\windows\system32\svchost.exe -k rdxgroup [2017-9-29 48688]
S3 rhproxy;Proxy-driver for ressurs-hub;c:\windows\system32\drivers\rhproxy.sys [2017-9-29 103936]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2017-9-29 48688]
S3 scmbus;Minnebussdriver for Microsoft-lagringsklasse;c:\windows\system32\drivers\scmbus.sys [2017-9-29 118168]
S3 SDFRd;SDF-reflektor;c:\windows\system32\drivers\SDFRd.sys [2017-9-29 33176]
S3 SEMgrSvc;Betalinger og NFC/SE-behandling;c:\windows\system32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 SensorDataService;Sensor Data Service;c:\windows\system32\SensorDataService.exe [2017-9-29 1288704]
S3 SensorService;Sensor Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SerCx2;Serial UART Support Library;c:\windows\system32\drivers\SerCx2.sys [2017-9-29 154520]
S3 SharedRealitySvc;Romlig datatjeneste;c:\windows\system32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 smphost;Microsoft Storage Spaces SMP;c:\windows\system32\svchost.exe -k smphost [2017-9-29 48688]
S3 SmsRouter;SMS-rutertjeneste for Microsoft Windows;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;c:\windows\system32\drivers\SpatialGraphFilter.sys [2017-9-29 56216]
S3 spectrum;Windows Perception Service;c:\windows\system32\Spectrum.exe [2018-1-9 956416]
S3 stornvme;Microsoft Standard NVM Express-driver;c:\windows\system32\drivers\stornvme.sys [2018-1-9 103320]
S3 storufs;Driver for Microsoft Universal Flash Storage (UFS);c:\windows\system32\drivers\storufs.sys [2017-12-23 45464]
S3 TieringEngineService;Storage Tiers Management;c:\windows\system32\TieringEngineService.exe [2017-9-29 302592]
S3 tiledatamodelsvc;Tile Data model server;c:\windows\system32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;c:\windows\system32\drivers\UcmCx.sys [2017-12-23 114688]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;c:\windows\system32\drivers\UcmTcpciCx.sys [2017-9-29 146944]
S3 UcmUcsi;UCSI-klient for USB-tilkoblingsbehandling;c:\windows\system32\drivers\UcmUcsi.sys [2017-12-23 57344]
S3 UdeCx;USB Device Emulation Support Library;c:\windows\system32\drivers\Udecx.sys [2017-9-29 45056]
S3 UEFI;Microsoft UEFI-driver;c:\windows\system32\drivers\uefi.sys [2017-9-29 28568]
S3 Ufx01000;USB Function Class Extension;c:\windows\system32\drivers\ufx01000.sys [2017-9-29 266648]
S3 UfxChipidea;USB Chipidea-kontroller;c:\windows\system32\drivers\UfxChipidea.sys [2017-9-29 97312]
S3 ufxsynopsys;USB Synopsys-kontroller;c:\windows\system32\drivers\ufxsynopsys.sys [2017-9-29 140696]
S3 UnistoreSvc_47607;User Data Storage_47607;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 UrsChipidea;Chipidea USB Role-Switch-driver;c:\windows\system32\drivers\urschipidea.sys [2017-9-29 28568]
S3 UrsCx01000;USB Role-Switch Support Library;c:\windows\system32\drivers\urscx01000.sys [2017-12-23 60824]
S3 UrsSynopsys;Synopsys USB Role-Switch-driver;c:\windows\system32\drivers\urssynopsys.sys [2017-9-29 27544]
S3 UserDataSvc_47607;User Data Access_47607;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 UsoSvc;Update Orchestrator Service;c:\windows\system32\svchost.exe -k netsvcs [2017-9-29 48688]
S3 vhf;VHF-driver (Virtual HID Framework);c:\windows\system32\drivers\vhf.sys [2017-9-29 34816]
S3 vmgid;Driver for Microsoft Hyper-V-gjesteinfrastruktur;c:\windows\system32\drivers\vmgid.sys [2017-9-29 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vnvdimm;Driver for virtuell Microsoft NVDIMM-enhet;c:\windows\system32\drivers\vnvdimm.sys [2017-9-29 43008]
S3 w3logsvc;W3C-loggingstjeneste;c:\windows\system32\svchost.exe -k apphost [2017-9-29 48688]
S3 WalletService;WalletService;c:\windows\system32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 WarpJITSvc;WarpJITSvc;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted [2017-9-29 48688]
S3 wcnfs;Windows Container Name Virtualization;c:\windows\system32\drivers\wcnfs.sys [2017-9-29 76288]
S3 wdiwifi;WDI Driver Framework;c:\windows\system32\drivers\WdiWiFi.sys [2017-12-23 770048]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;c:\windows\system32\drivers\WdNisDrv.sys [2017-9-29 119192]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;c:\program files\windows defender\NisSrv.exe [2017-9-29 355304]
S3 wdnsfltr;Windows Defender Network Stream Filter Driver;c:\windows\system32\drivers\wdnsfltr.sys [2017-9-29 33792]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;c:\windows\system32\svchost.exe -k WepHostSvcGroup [2017-9-29 48688]
S3 WFDSConMgrSvc;Tjeneste for tilkoblingsbehandling for Wi-Fi Direct Services;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 WinMad;WinMad-tjenesten;c:\windows\system32\drivers\winmad.sys [2017-9-29 32152]
S3 WinNat;Windows NAT Driver;c:\windows\system32\drivers\winnat.sys [2018-1-9 225792]
S3 WinVerbs;WinVerbs-tjenesten;c:\windows\system32\drivers\winverbs.sys [2017-9-29 64920]
S3 wisvc;Windows Insider-tjeneste;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 wlpasvc;Assistenttjeneste for lokal profil;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 workfolderssvc;Work Folders;c:\windows\system32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\drivers\WUDFRd.sys [2017-9-29 259584]
S3 xbgm;Xbox Game Monitoring;c:\windows\system32\xbgmsvc.exe [2017-9-29 59512]
S3 XblAuthManager;Xbox Live godkjenningsbehandling;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XblGameSave;Xbox Live spillagring;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xboxgip;Protokolldriver for Xbox-spillinndata;c:\windows\system32\drivers\xboxgip.sys [2017-9-29 281600]
S3 XboxGipSvc;Xbox Accessory Management Service;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XboxNetApiSvc;Xbox Live nettverkstjeneste;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xinputhid;XINPUT HID-filterdriver;c:\windows\system32\drivers\xinputhid.sys [2017-9-29 46592]
S4 shpamsvc;Shared PC Account Manager;c:\windows\system32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S4 tzautoupdate;Automatisk oppdatering for tidssone;c:\windows\system32\svchost.exe -k LocalService -p [2017-9-29 48688]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: opera.exe: open="c:\program files\opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2018-01-09 22:40:59 982528 ----a-w- c:\windows\syswow64\AudioSes.dll
2018-01-09 22:40:59 5615968 ----a-w- c:\windows\syswow64\d3d10warp.dll
2018-01-09 22:40:59 2465280 ----a-w- c:\windows\syswow64\dwmcore.dll
2018-01-09 22:40:58 2869760 ----a-w- c:\windows\syswow64\wininet.dll
2018-01-09 22:40:44 4644912 ----a-w- c:\windows\syswow64\mfcore.dll
2018-01-09 22:40:21 3485392 ----a-w- c:\windows\syswow64\explorer.exe
2018-01-09 22:40:21 123512 ----a-w- c:\windows\syswow64\sspicli.dll
2018-01-09 22:40:19 3904808 ----a-w- c:\windows\explorer.exe
2018-01-09 22:40:16 6092152 ----a-w- c:\windows\syswow64\windows.storage.dll
2018-01-09 22:40:02 450048 ----a-w- c:\windows\syswow64\TileDataRepository.dll
2018-01-07 05:12:47 -------- d-s---w- c:\windows\syswow64\Microsoft
.
==================== Find3M  ====================
.
2018-02-02 15:32:35 97344 ----a-w- c:\windows\syswow64\WindowsAccessBridge-32.dll
2018-01-09 22:44:39 106496 ----a-w- c:\windows\syswow64\Chakradiag.dll
2018-01-01 12:06:49 311192 ----a-w- c:\windows\syswow64\atmfd.dll
2018-01-01 12:03:39 650328 ----a-w- c:\windows\syswow64\fontdrvhost.exe
2018-01-01 12:03:38 777904 ----a-w- c:\windows\syswow64\rpcrt4.dll
2018-01-01 12:03:36 566664 ----a-w- c:\windows\syswow64\CoreMessaging.dll
2018-01-01 11:53:43 1615712 ----a-w- c:\windows\syswow64\ntdll.dll
2018-01-01 11:49:35 258808 ----a-w- c:\windows\syswow64\wscapi.dll
2018-01-01 11:49:11 481464 ----a-w- c:\windows\syswow64\advapi32.dll
2018-01-01 11:46:57 289816 ----a-w- c:\windows\syswow64\Windows.Storage.ApplicationData.dll
2018-01-01 11:45:26 450928 ----a-w- c:\windows\syswow64\WWanAPI.dll
2018-01-01 11:42:47 386424 ----a-w- c:\windows\syswow64\AUDIOKSE.dll
2018-01-01 11:42:40 6479552 ----a-w- c:\windows\syswow64\Windows.Media.Protection.PlayReady.dll
2018-01-01 11:42:33 1246432 ----a-w- c:\windows\syswow64\AudioEng.dll
2018-01-01 11:42:32 74992 ----a-w- c:\windows\syswow64\remoteaudioendpoint.dll
2018-01-01 11:42:32 129184 ----a-w- c:\windows\syswow64\mfps.dll
2018-01-01 11:42:32 1003152 ----a-w- c:\windows\syswow64\ole32.dll
2018-01-01 11:34:48 703568 ----a-w- c:\windows\syswow64\winhttp.dll
2018-01-01 11:25:41 1008640 ----a-w- c:\windows\syswow64\InstallService.dll
2018-01-01 11:25:29 2905600 ----a-w- c:\windows\syswow64\win32kfull.sys
2018-01-01 11:25:01 344576 ----a-w- c:\windows\syswow64\edgeIso.dll
2018-01-01 11:24:59 38912 ----a-w- c:\windows\syswow64\atmlib.dll
2018-01-01 11:24:56 202240 ----a-w- c:\windows\syswow64\AppxAllUserStore.dll
2018-01-01 11:24:55 96256 ----a-w- c:\windows\syswow64\fontsub.dll
2018-01-01 11:21:09 97280 ----a-w- c:\windows\syswow64\WcnApi.dll
2018-01-01 11:21:03 233984 ----a-w- c:\windows\syswow64\AppLockerCSP.dll
2018-01-01 11:20:47 18917888 ----a-w- c:\windows\syswow64\edgehtml.dll
2018-01-01 11:20:38 35328 ----a-w- c:\windows\syswow64\nshhttp.dll
2018-01-01 11:20:14 175616 ----a-w- c:\windows\syswow64\fwpolicyiomgr.dll
2018-01-01 11:20:13 459776 ----a-w- c:\windows\syswow64\webplatstorageserver.dll
2018-01-01 11:19:57 366080 ----a-w- c:\windows\syswow64\daxexec.dll
2018-01-01 11:19:45 340480 ----a-w- c:\windows\syswow64\html.iec
2018-01-01 11:19:38 97792 ----a-w- c:\windows\syswow64\msoert2.dll
2018-01-01 11:19:38 149504 ----a-w- c:\windows\syswow64\container.dll
2018-01-01 11:19:36 430080 ----a-w- c:\windows\syswow64\Windows.Internal.Bluetooth.dll
2018-01-01 11:19:30 369152 ----a-w- c:\windows\syswow64\msIso.dll
2018-01-01 11:19:20 63488 ----a-w- c:\windows\syswow64\nlaapi.dll
2018-01-01 11:19:14 365568 ----a-w- c:\windows\syswow64\ieproxy.dll
2018-01-01 11:19:05 174592 ----a-w- c:\windows\syswow64\P2P.dll
2018-01-01 11:18:54 261632 ----a-w- c:\windows\syswow64\actxprxy.dll
2018-01-01 11:18:50 374784 ----a-w- c:\windows\syswow64\FirewallAPI.dll
2018-01-01 11:18:35 380928 ----a-w- c:\windows\syswow64\EncDec.dll
2018-01-01 11:18:33 699904 ----a-w- c:\windows\syswow64\CPFilters.dll
2018-01-01 11:17:53 559104 ----a-w- c:\windows\syswow64\jscript9diag.dll
2018-01-01 11:17:50 1485312 ----a-w- c:\windows\syswow64\rdpserverbase.dll
2018-01-01 11:17:21 6564864 ----a-w- c:\windows\syswow64\Windows.Data.Pdf.dll
2018-01-01 11:17:00 594432 ----a-w- c:\windows\syswow64\Windows.Security.Authentication.Web.Core.dll
2018-01-01 11:16:53 3676672 ----a-w- c:\windows\syswow64\jscript9.dll
2018-01-01 11:16:37 463360 ----a-w- c:\windows\syswow64\vbscript.dll
2018-01-01 11:16:35 966656 ----a-w- c:\windows\syswow64\Unistore.dll
2018-01-01 11:16:27 76288 ----a-w- c:\windows\syswow64\cldapi.dll
2018-01-01 11:16:13 4839424 ----a-w- c:\windows\syswow64\dbgeng.dll
2018-01-01 11:16:08 956928 ----a-w- c:\windows\syswow64\rdpbase.dll
2018-01-01 11:15:50 6029312 ----a-w- c:\windows\syswow64\Chakra.dll
2018-01-01 11:15:33 2349568 ----a-w- c:\windows\syswow64\InputService.dll
2018-01-01 11:14:10 917504 ----a-w- c:\windows\syswow64\TokenBroker.dll
2018-01-01 11:13:44 897024 ----a-w- c:\windows\syswow64\inetcomm.dll
2018-01-01 11:13:34 2013184 ----a-w- c:\windows\syswow64\inetcpl.cpl
2018-01-01 11:12:37 464384 ----a-w- c:\windows\syswow64\Windows.UI.Core.TextInput.dll
2018-01-01 11:10:01 12800 ----a-w- c:\windows\syswow64\wscproxystub.dll
2017-12-23 11:05:51 791960 ----a-w- c:\windows\syswow64\WWAHost.exe
2017-12-23 10:47:13 778936 ----a-w- c:\windows\syswow64\PresentationNative_v0300.dll
2017-12-23 10:47:12 35456 ----a-w- c:\windows\syswow64\TsWpfWrp.exe
2017-12-23 10:47:11 103120 ----a-w- c:\windows\syswow64\PresentationCFFRasterizerNative_v0300.dll
2017-12-23 10:44:45 5484032 ----a-w- c:\windows\syswow64\NlsData0009.dll
2017-12-23 10:44:45 2629120 ----a-w- c:\windows\syswow64\NlsLexicons0009.dll
2017-12-22 13:45:56 835576 ----a-w- c:\windows\syswow64\FlashPlayerApp.exe
2017-12-22 13:45:56 177648 ----a-w- c:\windows\syswow64\FlashPlayerCPLApp.cpl
.
============= FINISH: 21:00:29,55 ===============

 

Her er Malwarebytes-loggen:

Malwarebytes
www.malwarebytes.com

-Loggdetaljer-
Skannedato: 04.02.2018
Skanneklokkeslett: 21.10
Loggfil: 67bdf6b8-09e7-11e8-80ff-b888e30823d0.json
Administrator: Ja

-Programvareinformasjon-
Versjon: 3.2.2.2029
Komponentversjon: 1.0.212
Oppdater pakkeversjon: 1.0.3866
Lisens: Gratis

-Systeminformasjon-
OS: Windows 10 (Build 16299.192)
CPU: x64
Filsystem: NTFS
Bruker: Benthe-PC\Benthe

-Skanneoppsummering-
Skannetype: Skanning av trusler
Resultat: Fullført
Skannede objekter: 344141
Registrerte trusler: 2
Trusler satt i karantene: 2
Forløpt tid: 8 min, 22 sek

-Skannealternativer-
Minne: Aktivert
Oppstart: Aktivert
Filsystem: Aktivert
Arkiver: Aktivert
Rootkits: Deaktivert
Heurestikk: Aktivert
PUP: Advar
PUM: Oppdag

-Skannedetaljer-
Prosess: 0
(Ingen skadelig programvare registrert)

Modul: 0
(Ingen skadelig programvare registrert)

Registernøkkel: 0
(Ingen skadelig programvare registrert)

Registerverdi: 0
(Ingen skadelig programvare registrert)

Registerdata: 0
(Ingen skadelig programvare registrert)

Dataflyt: 0
(Ingen skadelig programvare registrert)

Mappe: 0
(Ingen skadelig programvare registrert)

Fil: 2
PUP.Optional.Linkury, C:\USERS\BENTHE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Erstattet, [284], [455237],1.0.3866
PUP.Optional.Linkury, C:\USERS\BENTHE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\Web Data, Erstattet, [284], [455237],1.0.3866

Fysisk sektor: 0
(Ingen skadelig programvare registrert)


(end)

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet (endret)

Kan du velge sikkermodus med nett?

Se åssen det går og søke på nettet da + skriv litt i wordpad og se åssen det går.

Mulig du må koble deg til modem / ruter med kabel for å få nett.

Det gikk fint å søke med antivirus i sikkermodus tidligere, men det kan hende det er avhengig av så mye nå for tiden. Kan være at det hjelper å komme seg på nett i safe.

Nei, jeg får ikke til å virus-scanne i sikkermodus. Selv ikke med internett tilkoblet. Av en eller annen grunn får jeg ikke lenger opp feiltastingene. Men Malwarebytes-loggen viser fremdeles trusler. Har postet noen logger i innlegget over.

Endret av pijano
Slått sammen med nystartet tråd. Husk å holde deg til samme tråd når det gjelder samme sak.
0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!


Start en konto

Logg inn

Har du allerede en konto? Logg inn her.


Logg inn nå

  • Hvem er aktive   0 medlemmer

    Ingen innloggede medlemmer aktive