Ok! Shall I upload the file for a check next time it shows up? How about "setting.dat"?
I will re-run Malware-bytes on a full scan next time this hidden temp-file shows itself.
This file was written first time(again) at 00.42 AM yesterday, just before I logged out
according to WinPatr. But detected by WinPatrol first next morning!
I.e from log: Explorer.exe is using a lot of processor-power:
StartTime 2014-02-03T17:09:20.648Z
NameLength 45
Name \Device\HarddiskVolume2\Windows\explorer.exe
FriendlyNameLength 12
FriendlyName Utforskaren
VersionLength 39
Version 6.0.6000.16386 (vista_rtm.061101-2205)
ThreadTime 514
BlockedTime 132
PercentTime 25.6636566332435
PathLength 24
Path C:\Windows\explorer.exe
ProductNameLength 37
ProductName Operativsystemet Microsoft® Windows®
CompanyNameLength 22
CompanyName Microsoft Corporation
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-02-2014
Ran by Ägaren (administrator) on ÄGAREN-DATOR on 07-02-2014 00:34:47
Running from C:\Users\Ägaren\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Swedish
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version:
https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version:
https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\Program Files\Secunia\PSI\SUA\68d2b284c4010857fde66c83af3c82be0e2fdd2a\JavaJRE_7u51_32-bit_PSIonlySPS.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(NGO Science Center "RightMark") C:\Program Files\RMClock\RMClock.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4468736 2007-05-10] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKU\S-1-5-21-2935924495-2357685730-2340671949-1000\...\Run: [WinPatrol] - C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [455744 2013-12-10] (BillP Studios)
HKU\S-1-5-21-2935924495-2357685730-2340671949-1000\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [543432 2014-01-17] (Sandboxie Holdings, LLC)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}
http://quickscan.bitdefender.com/qsax/qsax.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 83.255.245.11 193.150.193.150
FireFox:
========
FF ProfilePath: C:\Users\Ägaren\AppData\Roaming\Mozilla\Firefox\Profiles\zmugow3t.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 - C:\Program Files\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nitropdf.com/NitroPDF - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml
FF Extension: WOT - C:\Users\Ägaren\AppData\Roaming\Mozilla\Firefox\Profiles\zmugow3t.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-12]
FF Extension: NoScript - C:\Users\Ägaren\AppData\Roaming\Mozilla\Firefox\Profiles\zmugow3t.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-08]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
Chrome:
=======
CHR Extension: (Google Dokument) - C:\Users\Ägaren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-30]
CHR Extension: (Google Drive) - C:\Users\Ägaren\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-30]
CHR Extension: (YouTube) - C:\Users\Ägaren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-30]
CHR Extension: (Sök på Google) - C:\Users\Ägaren\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-30]
CHR Extension: (Google Wallet) - C:\Users\Ägaren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-30]
CHR Extension: (Gmail) - C:\Users\Ägaren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-30]
========================== Services (Whitelisted) =================
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2013-03-26] (Nitro PDF Software)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [131272 2014-01-17] (Sandboxie Holdings, LLC)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
==================== Drivers (Whitelisted) ====================
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [46592 2007-01-08] (Windows (R) Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 nhcDriverDevice; C:\Windows\system32\drivers\nhcDriver.sys [22528 2014-01-06] (pBUS-167 Software -
http://www.pbus-167.com)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
R3 RTCore32; C:\Program Files\RMClock\RTCore32.sys [4608 2005-05-25] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [161888 2014-01-17] (Sandboxie Holdings, LLC)
R0 Si3531; C:\Windows\System32\DRIVERS\Si3531.sys [212520 2009-02-05] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [17064 2009-02-05] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [12200 2009-02-05] (Silicon Image, Inc.)
U3 TrueSight; C:\Windows\system32\TrueSight.sys [26624 2014-01-27] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-07 00:34 - 2014-02-07 00:35 - 00008673 _____ () C:\Users\Ägaren\Desktop\FRST.txt
2014-02-07 00:34 - 2014-02-07 00:34 - 01037530 _____ (Thisisu) C:\Users\Ägaren\Desktop\JRT.exe
2014-02-07 00:34 - 2014-02-07 00:34 - 00000000 ____D () C:\FRST
2014-02-07 00:33 - 2014-02-07 00:33 - 01166132 _____ () C:\Users\Ägaren\Desktop\AdwCleaner.exe
2014-02-07 00:33 - 2014-02-07 00:33 - 01136640 _____ (Farbar) C:\Users\Ägaren\Desktop\FRST.exe
2014-02-07 00:20 - 2014-02-07 00:20 - 00000846 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-07 00:12 - 2014-02-07 00:13 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-07 00:08 - 2014-02-07 00:08 - 00000000 ____D () C:\Users\Ägaren\AppData\Local\Secunia PSI
2014-02-07 00:07 - 2014-02-07 00:07 - 00000000 ____D () C:\Program Files\Secunia
2014-02-06 23:53 - 2014-02-06 23:53 - 05329480 _____ (Secunia) C:\Users\Ägaren\Downloads\PSISetup.exe
2014-02-06 00:43 - 2014-02-06 00:43 - 00000000 ____D () C:\Users\Ägaren\AppData\Roaming\Nitro
2014-02-06 00:42 - 2014-02-06 00:42 - 00001868 _____ () C:\Users\Public\Desktop\Nitro Reader.lnk
2014-02-06 00:42 - 2014-02-06 00:42 - 00000000 ____D () C:\ProgramData\Nitro
2014-02-06 00:42 - 2014-02-06 00:42 - 00000000 ____D () C:\Program Files\Nitro
2014-02-06 00:42 - 2014-02-06 00:42 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2014-02-06 00:41 - 2014-02-06 00:41 - 00000000 ____D () C:\Users\Ägaren\AppData\Roaming\Downloaded Installations
2014-02-05 13:03 - 2014-02-05 13:03 - 342469326 _____ () C:\Users\Ägaren\Documents\Datorregister_före_borttag_yxan-bibliotek.reg
2014-02-05 12:19 - 2014-02-05 12:19 - 00014088 _____ (Sysinternals -
www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP141.SYS
2014-02-05 00:40 - 2014-02-05 00:40 - 00000000 ____D () C:\Users\Ägaren\AppData\Roaming\abelhadigital.com
2014-02-05 00:40 - 2014-02-05 00:40 - 00000000 ____D () C:\Users\Public\Documents\HostsMan Backups
2014-02-05 00:40 - 2014-02-05 00:40 - 00000000 ____D () C:\ProgramData\abelhadigital.com
2014-02-05 00:40 - 2014-02-05 00:40 - 00000000 ____D () C:\Program Files\HostsMan
2014-02-05 00:37 - 2014-02-05 00:37 - 00000000 ____D () C:\Users\Ägaren\Downloads\rcsetup149
2014-02-04 21:37 - 2014-02-04 21:37 - 02814070 _____ () C:\Users\Ägaren\Downloads\HostsMan_4.3.98_installer.zip
2014-01-31 04:29 - 2014-01-31 04:29 - 00012638 _____ () C:\Users\Ägaren\Desktop\runscanner2.log
2014-01-30 14:52 - 2014-02-07 00:04 - 00000982 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-30 14:52 - 2014-02-06 23:59 - 00000978 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-30 14:52 - 2014-02-04 10:09 - 00001967 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-30 14:51 - 2014-01-30 14:52 - 00000000 ____D () C:\Users\Ägaren\AppData\Local\Google
2014-01-30 14:51 - 2014-01-30 14:52 - 00000000 ____D () C:\Program Files\Google
2014-01-30 14:50 - 2014-01-30 14:50 - 00819184 _____ (Google Inc.) C:\Users\Ägaren\Downloads\ChromeSetup.exe
2014-01-30 14:23 - 2014-01-30 14:23 - 00448512 _____ (OldTimer Tools) C:\Users\Ägaren\Desktop\TFC.exe
2014-01-30 14:06 - 2014-01-30 14:06 - 00000000 ____D () C:\Program Files\BankID
2014-01-30 13:27 - 2014-01-30 15:03 - 00000000 ____D () C:\Users\Ägaren\AppData\Roaming\BankID
2014-01-30 13:25 - 2014-01-30 14:04 - 07039632 _____ () C:\Users\Ägaren\Downloads\BankID_installation_5_0_2.exe
2014-01-30 12:53 - 2014-01-31 19:04 - 00001422 _____ () C:\Windows\Sandboxie.ini
2014-01-30 12:53 - 2014-01-30 12:52 - 00000860 _____ () C:\Users\Ägaren\Desktop\Sandlådad Webbläsare.lnk
2014-01-30 12:52 - 2014-01-30 12:52 - 00000000 ____D () C:\Program Files\Sandboxie
2014-01-29 02:06 - 2014-01-29 02:06 - 00006034 _____ () C:\Users\Ägaren\Documents\cc_20140129_020615.reg
2014-01-28 23:33 - 2014-01-28 23:33 - 00000000 ____D () C:\_OTL
2014-01-28 23:29 - 2014-01-28 23:29 - 00054386 _____ () C:\Users\Ägaren\Desktop\OTL.Txt
2014-01-28 01:51 - 2014-01-28 01:51 - 00017782 _____ () C:\Users\Ägaren\Desktop\Extras.Txt
2014-01-28 01:25 - 2014-01-28 01:25 - 00001376 _____ () C:\Users\Ägaren\Desktop\JRT.txt
2014-01-28 01:01 - 2014-01-28 01:01 - 00000000 ____D () C:\Windows\ERUNT
2014-01-27 21:42 - 2014-01-30 17:57 - 00000510 _____ () C:\Windows\WORDPAD.INI
2014-01-27 20:30 - 2014-01-27 20:30 - 00118858 _____ () C:\ComboFix.txt
2014-01-27 01:59 - 2014-01-27 02:10 - 00000000 ____D () C:\Program Files\mbar
2014-01-27 00:45 - 2014-01-27 01:34 - 00026624 _____ () C:\Windows\system32\TrueSight.sys
2014-01-26 17:53 - 2014-01-26 18:00 - 00004225 _____ () C:\Users\Ägaren\Desktop\attach.txt
2014-01-26 17:53 - 2014-01-26 17:59 - 00009873 _____ () C:\Users\Ägaren\Desktop\dds.txt
2014-01-26 17:08 - 2014-01-26 17:08 - 00000000 ___HD () C:\Windows\PIF
2014-01-21 16:20 - 2014-01-21 16:20 - 00000000 ____D () C:\Windows\CheckSur
2014-01-21 16:17 - 2014-01-21 16:18 - 147445671 _____ () C:\Users\Ägaren\Downloads\Windows6.0-KB947821-v32-x86.msu
2014-01-20 00:29 - 2014-01-20 00:29 - 00013990 _____ () C:\Users\Ägaren\Desktop\runscanner.log
2014-01-19 23:15 - 2014-01-19 23:15 - 00018322 _____ () C:\Users\Ägaren\Documents\cc_20140119_231442_efterSFC_reparation.reg
2014-01-18 13:50 - 2014-01-18 13:50 - 00000000 ___RD () C:\Sandbox
2014-01-16 00:28 - 2014-01-16 00:30 - 98906072 _____ () C:\Windows\MEMORY.DMP
2014-01-10 00:30 - 2014-01-10 00:30 - 00000512 _____ () C:\Users\Ägaren\Desktop\MBR.dat
2014-01-09 23:42 - 2014-01-09 23:42 - 00000114 _____ () C:\local.conf
2014-01-09 23:03 - 2014-01-09 23:03 - 00104664 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys.bak
2014-01-09 22:45 - 2014-01-09 23:20 - 00000000 ____D () C:\mbar
2014-01-09 21:42 - 2014-01-27 01:59 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-08 01:32 - 2014-01-30 22:26 - 00053910 _____ () C:\Windows\PFRO.log
==================== One Month Modified Files and Folders =======
2014-02-07 00:35 - 2014-02-07 00:34 - 00008673 _____ () C:\Users\Ägaren\Desktop\FRST.txt
2014-02-07 00:34 - 2014-02-07 00:34 - 01037530 _____ (Thisisu) C:\Users\Ägaren\Desktop\JRT.exe
2014-02-07 00:34 - 2014-02-07 00:34 - 00000000 ____D () C:\FRST
2014-02-07 00:33 - 2014-02-07 00:33 - 01166132 _____ () C:\Users\Ägaren\Desktop\AdwCleaner.exe
2014-02-07 00:33 - 2014-02-07 00:33 - 01136640 _____ (Farbar) C:\Users\Ägaren\Desktop\FRST.exe
2014-02-07 00:25 - 2008-01-21 02:35 - 01694665 _____ () C:\Windows\WindowsUpdate.log
2014-02-07 00:20 - 2014-02-07 00:20 - 00000846 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-07 00:20 - 2013-12-29 16:07 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-07 00:20 - 2013-12-29 16:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-07 00:13 - 2014-02-07 00:12 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-07 00:13 - 2013-10-24 10:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-07 00:13 - 2013-10-24 10:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-07 00:08 - 2014-02-07 00:08 - 00000000 ____D () C:\Users\Ägaren\AppData\Local\Secunia PSI
2014-02-07 00:07 - 2014-02-07 00:07 - 00000000 ____D () C:\Program Files\Secunia
2014-02-07 00:04 - 2014-01-30 14:52 - 00000982 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 23:59 - 2014-01-30 14:52 - 00000978 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 23:59 - 2013-10-21 11:58 - 00001356 _____ () C:\Users\Ägaren\AppData\Local\d3d9caps.dat
2014-02-06 23:59 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 23:59 - 2006-11-02 13:47 - 00004576 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 23:59 - 2006-11-02 13:47 - 00004576 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 23:58 - 2006-11-02 14:01 - 00032522 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-06 23:53 - 2014-02-06 23:53 - 05329480 _____ (Secunia) C:\Users\Ägaren\Downloads\PSISetup.exe
2014-02-06 12:43 - 2013-11-10 06:14 - 00000000 ____D () C:\Users\Ägaren\AppData\Roaming\Nitro PDF
2014-02-06 00:43 - 2014-02-06 00:43 - 00000000 ____D () C:\Users\Ägaren\AppData\Roaming\Nitro
2014-02-06 00:42 - 2014-02-06 00:42 - 00001868 _____ () C:\Users\Public\Desktop\Nitro Reader.lnk
2014-02-06 00:42 - 2014-02-06 00:42 - 00000000 ____D () C:\ProgramData\Nitro
2014-02-06 00:42 - 2014-02-06 00:42 - 00000000 ____D () C:\Program Files\Nitro
2014-02-06 00:42 - 2014-02-06 00:42 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2014-02-06 00:41 - 2014-02-06 00:41 - 00000000 ____D () C:\Users\Ägaren\AppData\Roaming\Downloaded Installations
2014-02-05 13:03 - 2014-02-05 13:03 - 342469326 _____ () C:\Users\Ägaren\Documents\Datorregister_före_borttag_yxan-bibliotek.reg
2014-02-05 12:19 - 2014-02-05 12:19 - 00014088 _____ (Sysinternals -
www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP141.SYS
2014-02-05 12:12 - 2013-12-28 00:28 - 00000000 ____D () C:\Program Files\SysInternals
2014-02-05 01:20 - 2006-11-02 11:23 - 00569258 _____ () C:\Windows\system32\Drivers\etc\HOSTS.bak
2014-02-05 00:58 - 2013-11-12 13:15 - 00000000 ____D () C:\Users\Ägaren\Desktop\gäster
2014-02-05 00:40 - 2014-02-05 00:40 - 00000000 ____D () C:\Users\Ägaren\AppData\Roaming\abelhadigital.com
2014-02-05 00:40 - 2014-02-05 00:40 - 00000000 ____D () C:\Users\Public\Documents\HostsMan Backups
2014-02-05 00:40 - 2014-02-05 00:40 - 00000000 ____D () C:\ProgramData\abelhadigital.com
2014-02-05 00:40 - 2014-02-05 00:40 - 00000000 ____D () C:\Program Files\HostsMan
2014-02-05 00:37 - 2014-02-05 00:37 - 00000000 ____D () C:\Users\Ägaren\Downloads\rcsetup149
2014-02-04 21:37 - 2014-02-04 21:37 - 02814070 _____ () C:\Users\Ägaren\Downloads\HostsMan_4.3.98_installer.zip
2014-02-04 19:30 - 2013-10-23 22:53 - 00000000 ____D () C:\Users\Ägaren\Documents\NSS
2014-02-04 10:09 - 2014-01-30 14:52 - 00001967 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-03 13:04 - 2008-01-21 07:21 - 01530984 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-03 13:04 - 2008-01-21 07:21 - 00631342 _____ () C:\Windows\system32\perfh01D.dat
2014-02-03 13:04 - 2008-01-21 07:21 - 00134628 _____ () C:\Windows\system32\perfc01D.dat
2014-01-31 19:04 - 2014-01-30 12:53 - 00001422 _____ () C:\Windows\Sandboxie.ini
2014-01-31 04:29 - 2014-01-31 04:29 - 00012638 _____ () C:\Users\Ägaren\Desktop\runscanner2.log
2014-01-31 02:50 - 2013-10-27 00:47 - 00000000 ____D () C:\Users\Ägaren\AppData\Local\NVIDIA Corporation
2014-01-31 02:31 - 2013-10-22 09:10 - 00000000 ____D () C:\Users\Ägaren\AppData\Roaming\Adobe
2014-01-30 22:26 - 2014-01-08 01:32 - 00053910 _____ () C:\Windows\PFRO.log
2014-01-30 17:57 - 2014-01-27 21:42 - 00000510 _____ () C:\Windows\WORDPAD.INI
2014-01-30 15:03 - 2014-01-30 13:27 - 00000000 ____D () C:\Users\Ägaren\AppData\Roaming\BankID
2014-01-30 14:52 - 2014-01-30 14:51 - 00000000 ____D () C:\Users\Ägaren\AppData\Local\Google
2014-01-30 14:52 - 2014-01-30 14:51 - 00000000 ____D () C:\Program Files\Google
2014-01-30 14:50 - 2014-01-30 14:50 - 00819184 _____ (Google Inc.) C:\Users\Ägaren\Downloads\ChromeSetup.exe
2014-01-30 14:23 - 2014-01-30 14:23 - 00448512 _____ (OldTimer Tools) C:\Users\Ägaren\Desktop\TFC.exe
2014-01-30 14:06 - 2014-01-30 14:06 - 00000000 ____D () C:\Program Files\BankID
2014-01-30 14:04 - 2014-01-30 13:25 - 07039632 _____ () C:\Users\Ägaren\Downloads\BankID_installation_5_0_2.exe
2014-01-30 12:52 - 2014-01-30 12:53 - 00000860 _____ () C:\Users\Ägaren\Desktop\Sandlådad Webbläsare.lnk
2014-01-30 12:52 - 2014-01-30 12:52 - 00000000 ____D () C:\Program Files\Sandboxie
2014-01-29 12:37 - 2013-11-10 01:19 - 00000000 ____D () C:\Users\Ägaren\Desktop\Säkerhetloggar
2014-01-29 02:06 - 2014-01-29 02:06 - 00006034 _____ () C:\Users\Ägaren\Documents\cc_20140129_020615.reg
2014-01-28 23:33 - 2014-01-28 23:33 - 00000000 ____D () C:\_OTL
2014-01-28 23:29 - 2014-01-28 23:29 - 00054386 _____ () C:\Users\Ägaren\Desktop\OTL.Txt
2014-01-28 01:51 - 2014-01-28 01:51 - 00017782 _____ () C:\Users\Ägaren\Desktop\Extras.Txt
2014-01-28 01:25 - 2014-01-28 01:25 - 00001376 _____ () C:\Users\Ägaren\Desktop\JRT.txt
2014-01-28 01:01 - 2014-01-28 01:01 - 00000000 ____D () C:\Windows\ERUNT
2014-01-27 23:53 - 2013-12-28 16:23 - 01543208 _____ (BillP Studios) C:\Users\Ägaren\Downloads\wpsetup.exe
2014-01-27 20:30 - 2014-01-27 20:30 - 00118858 _____ () C:\ComboFix.txt
2014-01-27 20:30 - 2013-11-10 00:40 - 00000000 ____D () C:\Qoobox
2014-01-27 20:26 - 2013-11-10 00:40 - 00000000 ____D () C:\Windows\erdnt
2014-01-27 20:26 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2014-01-27 02:10 - 2014-01-27 01:59 - 00000000 ____D () C:\Program Files\mbar
2014-01-27 02:10 - 2013-10-27 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-27 01:59 - 2014-01-09 21:42 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-27 01:34 - 2014-01-27 00:45 - 00026624 _____ () C:\Windows\system32\TrueSight.sys
2014-01-26 18:00 - 2014-01-26 17:53 - 00004225 _____ () C:\Users\Ägaren\Desktop\attach.txt
2014-01-26 17:59 - 2014-01-26 17:53 - 00009873 _____ () C:\Users\Ägaren\Desktop\dds.txt
2014-01-26 17:08 - 2014-01-26 17:08 - 00000000 ___HD () C:\Windows\PIF
2014-01-21 16:20 - 2014-01-21 16:20 - 00000000 ____D () C:\Windows\CheckSur
2014-01-21 16:18 - 2014-01-21 16:17 - 147445671 _____ () C:\Users\Ägaren\Downloads\Windows6.0-KB947821-v32-x86.msu
2014-01-20 00:29 - 2014-01-20 00:29 - 00013990 _____ () C:\Users\Ägaren\Desktop\runscanner.log
2014-01-20 00:05 - 2013-11-10 05:04 - 00000000 ____D () C:\Users\Ägaren\Downloads\tdsskiller
2014-01-19 23:15 - 2014-01-19 23:15 - 00018322 _____ () C:\Users\Ägaren\Documents\cc_20140119_231442_efterSFC_reparation.reg
2014-01-19 08:32 - 2013-10-21 17:01 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-18 13:50 - 2014-01-18 13:50 - 00000000 ___RD () C:\Sandbox
2014-01-16 00:30 - 2014-01-16 00:28 - 98906072 _____ () C:\Windows\MEMORY.DMP
2014-01-15 17:17 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-01-15 12:00 - 2013-10-21 14:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 11:57 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-10 00:30 - 2014-01-10 00:30 - 00000512 _____ () C:\Users\Ägaren\Desktop\MBR.dat
2014-01-09 23:42 - 2014-01-09 23:42 - 00000114 _____ () C:\local.conf
2014-01-09 23:20 - 2014-01-09 22:45 - 00000000 ____D () C:\mbar
2014-01-09 23:03 - 2014-01-09 23:03 - 00104664 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys.bak
2014-01-09 09:05 - 2013-11-19 08:35 - 00000000 ____D () C:\d15589df13cecc159ee0
2014-01-09 00:02 - 2013-12-14 19:18 - 00000000 ____D () C:\Program Files\Lavasoft
2014-01-08 02:08 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-01-08 02:03 - 2006-11-01 13:07 - 00334720 _____ (Sysinternals -
www.sysinternals.com) C:\Program Files\RootkitRevealer.exe
2014-01-08 02:03 - 2006-07-28 08:32 - 00007005 _____ () C:\Program Files\Eula.txt
2014-01-08 02:03 - 2005-12-07 14:19 - 00102160 _____ () C:\Program Files\RootkitRevealer.chm
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-07 00:05
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-02-2014
Ran by Ägaren at 2014-02-07 00:35:51
Running from C:\Users\Ägaren\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated) <==== ATTENTION
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated) <==== ATTENTION
BankID säkerhetsprogram (Version: 5.0.2.10 - Finansiell ID-Teknik BID AB) <==== ATTENTION
Belarc Advisor 8.4 (Version: 8.4.0.0 - Belarc Inc.) <==== ATTENTION
CCleaner (Version: 4.04 - Piriform) <==== ATTENTION
Exterminate It! (Version: 2.12.11.11 - CURIOLAB S.M.B.A.) <==== ATTENTION
Google Chrome (Version: 32.0.1700.107 - Google Inc.) <==== ATTENTION
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden <==== ATTENTION
HostsMan 4.3.98 (Version: 4.3.98.0 - abelhadigital.com) <==== ATTENTION
Intel(R) Matrix Storage Manager (Version: - ) <==== ATTENTION
Java 7 Update 45 (Version: 7.0.450 - Oracle) <==== ATTENTION
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden <==== ATTENTION
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation) <==== ATTENTION
Microsoft .NET Framework 3.5 Language Pack SP1 - sve (Version: 3.5.30729 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation) <==== ATTENTION
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft .NET Framework 4.5.1 (SVE) (Version: 4.5.50938 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft .NET Framework 4.5.1 (svenska) (Version: 4.5.50938 - Microsoft Corporation) <==== ATTENTION
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden <==== ATTENTION
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation) <==== ATTENTION
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) <==== ATTENTION
Motorola SM56 Speakerphone Modem (Version: 6.12.25.06 - Motorola Inc) <==== ATTENTION
Mozilla Firefox 27.0 (x86 sv-SE) (Version: 27.0 - Mozilla) <==== ATTENTION
Mozilla Maintenance Service (Version: 27.0 - Mozilla) <==== ATTENTION
NirSoft BlueScreenView (Version: - ) <==== ATTENTION
Nitro Reader 3 (Version: 3.5.2.10 - Nitro) <==== ATTENTION
Notebook Hardware Control 2.0 Pre-Release-06 Bugfix (Version: 2.0 Pre-Release-06 Bugfix - Manfred Jaider) <==== ATTENTION
NVIDIA Drivers (Version: 1.10 - NVIDIA Corporation) <==== ATTENTION
OpenOffice 4.0.1 (Version: 4.01.9714 - Apache Software Foundation) <==== ATTENTION
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden <==== ATTENTION
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000 - Realtek) <==== ATTENTION
Realtek High Definition Audio Driver (Version: 6.0.1.5413 - Realtek Semiconductor Corp.) <==== ATTENTION
Revo Uninstaller 1.95 (Version: 1.95 - VS Revo Group) <==== ATTENTION
Sandboxie 4.08 (32-bit) (Version: 4.08 - Sandboxie Holdings, LLC) <==== ATTENTION
Secunia PSI (3.0.0.9016) (Version: 3.0.0.9016 - Secunia) <==== ATTENTION
Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve (Version: - Microsoft Corporation) <==== ATTENTION
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation) <==== ATTENTION
WinPatrol (Version: 29.2.2013 - BillP Studios) <==== ATTENTION
==================== Restore Points =========================
08-01-2014 11:47:32 Windows Update
09-01-2014 07:57:39 Före körning av RoqueKiller och borttag av Recycle(19).Bin26/11
12-01-2014 16:20:08 Windows Update
12-01-2014 17:43:38 Revo Uninstaller's restore point - Prevx
15-01-2014 10:57:23 Windows Update
19-01-2014 13:48:43 Windows Update
20-01-2014 16:08:53 Windows Update
21-01-2014 13:13:33 Schemalagd kontrollpunkt
21-01-2014 14:08:27 Installationsprogram för Windows-moduler
21-01-2014 14:46:55 Före fix av Windows-funktioner
21-01-2014 15:19:47 Windows Update
24-01-2014 17:23:24 Schemalagd kontrollpunkt
24-01-2014 18:58:36 Windows Update
27-01-2014 00:54:38 Före MBAR Root-kit
27-01-2014 22:28:40 Windows Update
29-01-2014 02:54:38 Schemalagd kontrollpunkt
30-01-2014 11:26:27 Revo Uninstaller's restore point - Sandboxie 4.06 (32-bit)
30-01-2014 12:27:09 Installerad BankID säkerhetsprogram.
30-01-2014 12:57:32 Revo Uninstaller's restore point - BankID säkerhetsprogram
30-01-2014 12:57:45 Borttagen BankID säkerhetsprogram.
30-01-2014 12:59:30 Revo Uninstaller's restore point - BankID säkerhetsprogram
30-01-2014 12:59:49 Borttagen BankID säkerhetsprogram.
30-01-2014 13:05:51 Installerad BankID säkerhetsprogram.
31-01-2014 01:44:53 Borttagning av diverse Yxan filer samt Iconcache rebuild
31-01-2014 10:45:03 Windows Update
01-02-2014 13:07:12 Schemalagd kontrollpunkt
03-02-2014 16:07:14 Windows Update
04-02-2014 22:57:15 Före borttag av dir Yxan och kopiering av register
05-02-2014 23:42:05 Installed Nitro Reader 3
06-02-2014 23:11:19 Windows Update
==================== Hosts content: ==========================
2006-11-02 11:23 - 2014-02-05 10:06 - 00569258 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1
www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 csh.actiondesk.com
127.0.0.1
www.activemeter.com #[Tracking.Cookie]
127.0.0.1 ads.activepower.net
127.0.0.1 app.activetrail.com
127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
127.0.0.1 cms.ad2click.nl
127.0.0.1 ad2games.com
127.0.0.1 ads.ad2games.com
127.0.0.1 content.ad20.net
127.0.0.1 core.ad20.net
127.0.0.1 banner.ad.nu
127.0.0.1 cl21.v4.adaction.se
127.0.0.1 adadvisor.net
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {4224992F-B5C2-43C9-9AA7-C2A6EEB73FDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {5A67B50A-6DE3-4F7E-B6EA-96286A244AB8} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {B4EEDE00-AD51-4C9F-B202-7DA125875F30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {CC05A601-FA82-49B7-A30F-C84CEE8B10E1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-07] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {F9ECD9AC-D1CB-496E-9A59-593AFA1C9296} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-12-28 18:03 - 2013-07-15 18:29 - 00620718 ____N () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/06/2014 00:40:37 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Den beroende sammansättningen Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.
Error: (02/06/2014 00:40:37 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Den beroende sammansättningen Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.
Error: (02/06/2014 00:40:37 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Den beroende sammansättningen Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.
Error: (02/06/2014 00:40:37 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Den beroende sammansättningen Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.
Error: (02/06/2014 00:40:37 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Den beroende sammansättningen Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.
Error: (02/06/2014 00:40:36 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Den beroende sammansättningen Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.
Error: (02/06/2014 00:40:36 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Den beroende sammansättningen Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.
Error: (02/06/2014 00:40:36 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Den beroende sammansättningen Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.
Error: (02/06/2014 00:40:36 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Den beroende sammansättningen Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.
Error: (02/06/2014 00:40:35 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Den beroende sammansättningen Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.
System errors:
=============
Error: (02/07/2014 00:01:23 AM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing ServiceUPnP Device Host%%1058
Error: (02/07/2014 00:01:23 AM) (Source: Service Control Manager) (User: )
Description: Internet Connection Sharing (ICS)Remote Access Connection Manager%%1058
Error: (02/07/2014 00:01:23 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (02/06/2014 11:46:06 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing ServiceUPnP Device Host%%1058
Error: (02/06/2014 05:04:36 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing ServiceUPnP Device Host%%1058
Error: (02/06/2014 05:04:36 PM) (Source: Service Control Manager) (User: )
Description: Internet Connection Sharing (ICS)Remote Access Connection Manager%%1058
Error: (02/06/2014 05:04:36 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (02/06/2014 05:03:12 PM) (Source: DCOM) (User: )
Description: C:\Windows\System32\mobsync.exe -Embedding2{6295DF2D-35EE-11D1-8707-00C04FD93327}
Error: (02/06/2014 10:43:41 AM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing ServiceUPnP Device Host%%1058
Error: (02/06/2014 10:43:41 AM) (Source: Service Control Manager) (User: )
Description: Internet Connection Sharing (ICS)Remote Access Connection Manager%%1058
Microsoft Office Sessions:
=========================
Error: (02/06/2014 00:40:37 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (02/06/2014 00:40:37 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (02/06/2014 00:40:37 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (02/06/2014 00:40:37 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (02/06/2014 00:40:37 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (02/06/2014 00:40:36 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (02/06/2014 00:40:36 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (02/06/2014 00:40:36 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (02/06/2014 00:40:36 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
Error: (02/06/2014 00:40:35 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
CodeIntegrity Errors:
===================================
Date: 2014-02-07 00:35:45.431
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-07 00:35:45.306
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-07 00:35:45.181
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-07 00:35:44.916
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-07 00:35:44.698
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-07 00:35:44.588
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-07 00:35:44.401
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-07 00:35:44.292
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-06 11:10:57.188
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-06 11:10:57.078
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 44%
Total physical RAM: 2045.7 MB
Available physical RAM: 1138.23 MB
Total Pagefile: 4328.41 MB
Available Pagefile: 3503.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.29 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:195.31 GB) (Free:140.48 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Ny volym) (Fixed) (Total:37.57 GB) (Free:37.48 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: C92722F4)
Partition 1: (Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=38 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 514 MB) (Disk ID: 61F6E521)
Partition 1: (Not Active) - (Size=513 MB) - (Type=0B)
==================== End Of Log ============================
The meaning of "Attention" in log?
I disabled quite a few services; Errors on log:
1. Remote Access Connection Mgr (do not use VPN)
2. UPnP-service for the moment disabled
3. Parallel-port driver?(no idea! error at every boot)
4. Mobsync.exe file renamed (until problems solved)
5. Maybe I should re-install Malware-bytes(mbamchameleon.sys)?
(Code Integrity Error)
6. MS Office Session-problem!( have no idea)MFC80U.DLL
Strange! I don´t use MS Office. I use Open Office!