Ännu en med Sweet page i datorn

13 februari, 2014

Är huvudet dumt så får datorn lida - i brådskan att hinna se en streamad fotbollsmatch installerade jag en spelare vars nedladdning kom komplett med Stink page.

Nu får jag inte väck skiten. Har försökt kolla runt lite för att se hur man gör men mina datorkunskaper brister så jag hoppades på lite hjälp här.

Med vänligaste hälsningar

Henrik

Nedan har jag klistrat DDS-loggen och bifogat finns attach.txt

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16526 BrowserJavaVersion: 10.51.2
Run by Henrik at 12:55:43 on 2014-02-13
Microsoft Windows 7 Professional   6.1.7601.1.1252.46.1053.18.8075.4196 [GMT 1:00]
.
AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\ProgramData\IePluginService\PluginService.exe
C:\ProgramData\WPM\wprotectmanager.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe
C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
C:\Windows\system32\CxAudMsg64.exe
C:\ProgramData\DatacardService\DCService.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\SysWOW64\SAsrv.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
C:\Program Files (x86)\Securepoint SSL VPN\SPOpenVPNService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Henrik.CEMENT\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Henrik.CEMENT\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Personal\bin\Personal.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Users\Henrik.CEMENT\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files\Lenovo\Client Security Solution\password_manager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Lenovo\Client Security Solution\password_manager.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\mobsync.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Windows\explorer.exe
C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.se/
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe
BHO: IETabPage Class: {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\IPS\ipsbho.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coieplg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: IePasswordManagerHelper Class: {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coieplg.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coieplg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [spotify Web Helper] "C:\Users\Henrik.CEMENT\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Google Update] "C:\Users\Henrik.CEMENT\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
uRun: [AdobeBridge] <no file>
mRun: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [search Protection] C:\ProgramData\Search Protection\SearchProtection.exe
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
StartupFolder: C:\Users\HENRIK~1.CEM\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Henrik.CEMENT\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\HENRIK~1.CEM\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PHONEM~1.LNK - C:\Program Files (x86)\Avaya\IP Office\Phone Manager\PhoneManager.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: RunStartupScriptSync = dword:1
mPolicies-System: DisableCAD = dword:1
IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Ski&cka till OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001045-0002-0045-ABCDEFFEDCBC} - <orphaned>
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
Trusted Zone: click-clean.com
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
TCP: NameServer = 192.168.32.10
TCP: Interfaces\{394CE077-BEE1-4724-982A-8D9375123F56} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{394CE077-BEE1-4724-982A-8D9375123F56}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{394CE077-BEE1-4724-982A-8D9375123F56}\77164756273797374756D637 : DHCPNameServer = 172.16.0.2
TCP: Interfaces\{394CE077-BEE1-4724-982A-8D9375123F56}\E4546533 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{E536509A-13FC-47CD-B475-6BD50A0882EE} : DHCPNameServer = 192.168.32.10
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs=   ,C:\Windows\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli ACGina C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
IFEO: bitguard.exe - tasklist.exe
IFEO: bprotect.exe - tasklist.exe
IFEO: bpsvc.exe - tasklist.exe
IFEO: browsemngr.exe - tasklist.exe
IFEO: browserdefender.exe - tasklist.exe
x64-mStart Page = hxxp://www.google.com
x64-mSearch Page = hxxp://www.google.com
x64-mDefault_Page_URL = hxxp://www.google.com
x64-mDefault_Search_URL = hxxp://www.google.com
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coieplg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coieplg.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [TpShocks] TpShocks.exe
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
x64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe
x64-Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
x64-Run: [ALCKRESI.EXE] C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
x64-Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: psfus - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
x64-SSODL: WebCheck - <orphaned>
x64-IFEO: bitguard.exe - tasklist.exe
x64-IFEO: bprotect.exe - tasklist.exe
x64-IFEO: bpsvc.exe - tasklist.exe
x64-IFEO: browsemngr.exe - tasklist.exe
x64-IFEO: browserdefender.exe - tasklist.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\
FF - prefs.js: browser.search.selectedEngine - SecureSearch
FF - prefs.js: browser.startup.homepage - hxxps://www.google.se/
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\OverTheEdge\Unity\WebPlayer\loader\npUnityWeb32.dll
FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl.dll
FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl64.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Henrik.CEMENT\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Users\Henrik.CEMENT\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
.
============= SERVICES / DRIVERS ===============
.
R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2011-10-31 31344]
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2014-2-11 30496]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-4-24 55024]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NAVx64\1501000.012\SymDS64.sys [2013-11-15 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NAVx64\1501000.012\SymEFA64.sys [2013-11-15 1147480]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2011-3-29 23664]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [2014-1-22 1526488]
R1 ccSet_NAV;NAV Settings Manager;C:\Windows\System32\drivers\NAVx64\1501000.012\ccSetx64.sys [2013-11-15 162392]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\drivers\NSTx64\7DE06000.01B\ccsetx64.sys [2013-10-17 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140212.001\IDSviA64.sys [2014-2-13 521944]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2011-8-17 15472]
R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2014-2-11 284448]
R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2011-7-8 32104]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NAVx64\1501000.012\Ironx64.sys [2013-11-15 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NAVx64\1501000.012\symnets.sys [2013-11-15 590936]
R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-2-13 770528]
R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984]
R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2011-10-31 198784]
R2 DCService.exe;DCService.exe;C:\ProgramData\DatacardService\DCService.exe [2010-8-19 229376]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-2-4 2222416]
R2 IePluginService;IePlugin Service;C:\ProgramData\IePluginService\PluginService.exe -service --> C:\ProgramData\IePluginService\PluginService.exe -service [?]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2012-5-7 43584]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2013-9-12 127072]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2012-5-7 62016]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2011-8-17 133992]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-2-4 377616]
R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe [2013-11-15 262288]
R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\nst.exe [2013-10-17 129424]
R2 risdxc;risdxc;C:\Windows\System32\drivers\risdxc64.sys [2011-10-31 101376]
R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SAsrv.exe --> C:\Windows\System32\SAsrv.exe [?]
R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-2 14088]
R2 Securepoint VPN;Securepoint VPN;C:\Program Files (x86)\Securepoint SSL VPN\SPOpenVPNService.exe [2013-9-26 142216]
R2 SROSVC;Screen Reading Optimizer Service Program;C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [2012-5-9 446800]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-28 383776]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-7-16 2673064]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2013-9-12 126456]
R2 TPHKSVC;Visa på skärmen;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2013-9-12 125504]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-31 2656280]
R2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2012-12-2 81552]
R2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode [?]
R2 Wpm;Wpm Service;C:\ProgramData\WPM\wprotectmanager.exe -service --> C:\ProgramData\WPM\wprotectmanager.exe -service [?]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-2-8 3386608]
R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2011-10-31 166016]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuellt kort;C:\Windows\System32\drivers\AmpPal.sys [2013-2-13 163808]
R3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2011-10-31 598808]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-9-12 39976]
R3 ecnssndis; Mobile Broadband Driver;C:\Windows\System32\drivers\wwuss64.sys [2011-10-31 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter;C:\Windows\System32\drivers\wwussf64.sys [2011-10-31 30248]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-22 137648]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2013-3-22 86016]
R3 l36wgps; Mobile Broadband GPS Port;C:\Windows\System32\drivers\l36wgps64.sys [2012-5-7 101416]
R3 Mbm3CBus;F5521gw Mobile Broadband Device (WDM);C:\Windows\System32\drivers\Mbm3CBus.sys [2011-10-31 419400]
R3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM);C:\Windows\System32\drivers\Mbm3DevMt.sys [2011-10-31 430664]
R3 Mbm3mdfl; Mobile Broadband Modem Port Filter;C:\Windows\System32\drivers\Mbm3mdfl.sys [2011-10-31 19528]
R3 Mbm3Mdm; Mobile Broadband Modem Port Driver;C:\Windows\System32\drivers\Mbm3Mdm.sys [2011-10-31 483400]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]
R3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2011-5-30 40248]
R3 WwanUsbServ;Mobile Broadband Driver;C:\Windows\System32\drivers\WwanUsbMp64.sys [2012-5-7 268840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-11-18 144448]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed-protokoll;C:\Windows\System32\drivers\AmpPal.sys [2013-2-13 163808]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2011-10-31 478056]
S3 DraftSight API Service;DraftSight API Service;C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-1-24 78336]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2013-3-22 117248]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2013-3-22 256000]
S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-12-2 37344]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial;C:\Windows\System32\drivers\ewusbmdm.sys [2013-3-22 121600]
S3 LSCWinService;LSCWinService;C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2013-9-25 1674720]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-2-8 273136]
S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2011-10-31 87400]
S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2011-10-31 173416]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);C:\Windows\System32\drivers\s1018bus.sys [2009-3-25 113704]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;C:\Windows\System32\drivers\s1018mdfl.sys [2009-3-25 19496]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;C:\Windows\System32\drivers\s1018mdm.sys [2009-3-25 153128]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);C:\Windows\System32\drivers\s1018mgmt.sys [2009-3-25 133160]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);C:\Windows\System32\drivers\s1018nd5.sys [2009-3-25 34856]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;C:\Windows\System32\drivers\s1018obex.sys [2009-3-25 128552]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);C:\Windows\System32\drivers\s1018unic.sys [2009-3-25 146472]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2014-02-13 09:20:50   --------   d-----w-   C:\FRST
2014-02-12 13:06:14   --------   d-----w-   C:\Users\Henrik.CEMENT\AppData\Roaming\NVIDIA
2014-02-12 08:03:35   2048   ----a-w-   C:\Windows\SysWow64\msxml3r.dll
2014-02-12 08:03:35   2048   ----a-w-   C:\Windows\System32\msxml3r.dll
2014-02-12 08:03:35   1882112   ----a-w-   C:\Windows\System32\msxml3.dll
2014-02-12 08:03:35   1237504   ----a-w-   C:\Windows\SysWow64\msxml3.dll
2014-02-09 16:27:44   --------   d-----w-   C:\Users\Henrik.CEMENT\AppData\Local\LogMeIn Hamachi
2014-02-09 16:27:44   --------   d-----w-   C:\Users\Henrik.CEMENT\AppData\Local\LogMeIn
2014-02-09 16:27:44   --------   d-----w-   C:\ProgramData\LogMeIn
2014-02-09 16:26:02   --------   d-----w-   C:\Program Files (x86)\LogMeIn Hamachi
2014-02-08 11:17:55   --------   d-----w-   C:\Users\Henrik.CEMENT\AppData\Roaming\LavasoftStatistics
2014-02-08 09:34:14   --------   d-----w-   C:\Users\Henrik.CEMENT\AppData\Roaming\SecureSearch
2014-02-08 09:34:07   --------   d-----w-   C:\Program Files (x86)\Lavasoft
2014-02-05 22:17:29   --------   d-----w-   C:\ProgramData\IePluginService
2014-02-05 22:17:29   --------   d-----w-   C:\Program Files (x86)\SupTab
2014-02-05 22:17:27   --------   d-----w-   C:\ProgramData\WPM
2014-02-01 09:39:11   --------   d-----w-   C:\Users\Henrik.CEMENT\AppData\Local\Unity
2014-02-01 09:37:05   --------   d-----w-   C:\Program Files (x86)\OverTheEdge
2014-01-22 07:52:10   206080   ----a-w-   C:\Windows\System32\drivers\ssudmdm.sys
2014-01-22 07:52:10   108800   ----a-w-   C:\Windows\System32\drivers\ssudbus.sys
2014-01-17 07:19:00   821824   ----a-w-   C:\Windows\SysWow64\dgderapi.dll
2014-01-15 07:06:30   99840   ----a-w-   C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 07:06:30   7808   ----a-w-   C:\Windows\System32\drivers\usbd.sys
2014-01-15 07:06:30   53248   ----a-w-   C:\Windows\System32\drivers\usbehci.sys
2014-01-15 07:06:30   343040   ----a-w-   C:\Windows\System32\drivers\usbhub.sys
2014-01-15 07:06:30   325120   ----a-w-   C:\Windows\System32\drivers\usbport.sys
2014-01-15 07:06:30   30720   ----a-w-   C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 07:06:30   25600   ----a-w-   C:\Windows\System32\drivers\usbohci.sys
2014-01-15 07:06:28   3156480   ----a-w-   C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2014-02-06 06:11:07   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-06 06:11:07   692616   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-18 20:09:39   96168   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-15 20:16:32   177752   ----a-w-   C:\Windows\System32\drivers\SYMEVENT64x86.SYS
.
============= FINISH: 12:55:55,46 ===============

attach.txt

13 februari, 2014

Hej!

1. Avinstallera SupTab om det går.

2. Ladda ner Malwarebytes Anti-Malware Free (MBAM) från http://www.malwarebytes.org/
Dubbelklicka på mbam-setup för att installera programmet.

Se till i slutet av installationen att det är bockar för:
Uppdatera Malwarebytes' Anti-Malware
Starta Malwarebytes' Anti-Malware
Klicka på Slutför
Om det finns någon uppdatering så kommer den att laddas ner och installeras.

När programmet startar så välj Utför fullständig skanning och klicka på Skanna.
Skanningen tar ett tag.
När den är klar så klicka på OK och sedan Visa resultat.
Bocka för allt och tryck sedan Ta bort markerade.
När borttagningen är klar så öppnar Anteckningar med en logg.

Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det.
Om det blir ett felmeddelande Error loading... efter omstarten så starta om datorn än en gång.
Om programmet inte kommer igång efter omstarten så starta det.

Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på fliken Loggar i MBAM.
Kopiera loggen och klistra in den i ditt svar.

3. Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på Report-knappen.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt

13 februari, 2014

Hej Cecilia och tack,

Det verkar som om det funkade att avinstallera SupTab (tog bort katalogen manuellt efter avinstallation - låg en dll-fil kvar)

Malwarebytes logg:

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

Databasversion: v2014.02.13.08

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Henrik :: HENRIK-THINK-12 [administratör]

2014-02-13 18:28:03

mbam-log-2014-02-13 (18-28-03).txt

Skanningstyp: Fullständig skanning (C:\|Q:\|)

Inaktiverade skanningsalternativ: P2P

Antal skannade objekt: 479302

Förfluten tid: 24 minut(er), 21 sekund(er)

Upptäckta minnesprocesser: 2

C:\ProgramData\IePluginService\PluginService.exe (PUP.Optional.IePluginService.A) -> 1840 -> Ta bort vid nästa datorstart.

C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> 1876 -> Ta bort vid nästa datorstart.

Upptäckta minnesmoduler: 0

(Inga skadliga poster hittades)

Upptäckta registernycklar: 9

HKLM\SYSTEM\CurrentControlSet\Services\IePluginService (PUP.Optional.IePluginService.A) -> Sattes i karantän och togs bort.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins (PUP.Optional.IePluginService.A) -> Sattes i karantän och togs bort.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Sattes i karantän och togs bort.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Sattes i karantän och togs bort.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} (PUP.Optional.SupTab.A) -> Sattes i karantän och togs bort.

HKLM\SYSTEM\CurrentControlSet\Services\Wpm (PUP.Optional.WpManager.A) -> Sattes i karantän och togs bort.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WPM (PUP.Optional.WpManager.A) -> Sattes i karantän och togs bort.

HKLM\SOFTWARE\sweet-pageSoftware (PUP.Optional.SweetPage.A) -> Sattes i karantän och togs bort.

HKLM\SOFTWARE\Google\Chrome\Extensions\pkndmigholgfjlniaohblojbhgjbkakn (PUP.Optional.NewTab.A) -> Sattes i karantän och togs bort.

Upptäckta registervärden: 3

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Search Protection (PUP.Optional.SearchProtection.A) -> Data: C:\ProgramData\Search Protection\SearchProtection.exe -> Sattes i karantän och togs bort.

HKLM\SOFTWARE\Mozilla\Firefox\Extensions|lightningnewtab@gmail.com (PUP.Optional.Lightning.A) -> Data: C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\lightningnewtab@gmail.com.xpi -> Sattes i karantän och togs bort.

HKLM\SYSTEM\CurrentControlSet\Services\Wpm|ImagePath (PUP.Optional.WpManager.A) -> Data: C:\ProgramData\WPM\wprotectmanager.exe -service -> Sattes i karantän och togs bort.

Upptäckta registerdataposter: 0

(Inga skadliga poster hittades)

Upptäckta mappar: 3

C:\ProgramData\Datamngr (PUP.Optional.Datamngr.A) -> Sattes i karantän och togs bort.

C:\ProgramData\IePluginService (PUP.Optional.IePluginService.A) -> Ta bort vid nästa datorstart.

C:\ProgramData\IePluginService\update (PUP.Optional.IePluginService.A) -> Sattes i karantän och togs bort.

Upptäckta filer: 44

C:\ProgramData\IePluginService\PluginService.exe (PUP.Optional.IePluginService.A) -> Ta bort vid nästa datorstart.

C:\$Recycle.Bin\S-1-5-21-1930276774-2984886965-450592802-1155\$R8FBX53.exe (PUP.Optional.CoolApp) -> Sattes i karantän och togs bort.

C:\$Recycle.Bin\S-1-5-21-1930276774-2984886965-450592802-1155\$R56BVBU\SupTab.dll (PUP.Optional.SupTab.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000180 (PUP.Optional.CoolApp) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Local\Mozilla\Firefox\Profiles\7zhtpabx.default\Cache\F\3F\4F3B0d01 (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Local\Temp\fullpackage_temp1391638608\package1.zip (PUP.Optional.SkyTech.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Local\Temp\fullpackage_temp1391638608\tmp\SupTab.exe (PUP.Optional.SupTab.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF10.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF11.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF12.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF13.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF14.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF15.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF16.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF17.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF18.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF19.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF2.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF20.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF21.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF22.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF23.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF24.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF25.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF26.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF4.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF5.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF6.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF7.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF8.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25}\components\DatamngrHlpFF9.dll (PUP.Optional.Bandoo.A) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\Downloads\Minecraft ModLoader (1).exe (PUP.Optional.Firseria) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\Downloads\Minecraft ModLoader (2).exe (PUP.Optional.Firseria) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\Downloads\Minecraft ModLoader.exe (PUP.Optional.Firseria) -> Sattes i karantän och togs bort.

C:\Users\Henrik.CEMENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx (PUP.Optional.NewTab.A) -> Sattes i karantän och togs bort.

C:\ProgramData\Wincert\win32cert.dll (PUP.Optional.Datamngr.A) -> Sattes i karantän och togs bort.

C:\ProgramData\Wincert\win64cert.dll (PUP.Optional.Datamngr.A) -> Sattes i karantän och togs bort.

C:\ProgramData\Wincert\win32prop.dll (PUP.Optional.Datamngr.A) -> Sattes i karantän och togs bort.

C:\ProgramData\Wincert\win64prop.dll (PUP.Optional.Datamngr.A) -> Sattes i karantän och togs bort.

C:\ProgramData\Datamngr\coordinator.cfg (PUP.Optional.Datamngr.A) -> Sattes i karantän och togs bort.

C:\ProgramData\Datamngr\general.cfg (PUP.Optional.Datamngr.A) -> Sattes i karantän och togs bort.

C:\ProgramData\Datamngr\S-1-5-21-1930276774-2984886965-450592802-1155.cfg (PUP.Optional.Datamngr.A) -> Sattes i karantän och togs bort.

C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> Ta bort vid nästa datorstart.

C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml (PUP.Optional.SweetPage.A) -> Sattes i karantän och togs bort.

(klar)

Adwarecleaner report:

# AdwCleaner v3.018 - Report created 13/02/2014 at 19:06:31

# Updated 28/01/2014 by Xplode

# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

# Username : Henrik - HENRIK-THINK-12

# Running from : C:\Users\Henrik.CEMENT\Desktop\Adware Cleaner\adwcleaner.exe

# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1391638620&from=cor&uid=INTELXSSDSA2CW120G3_BTPR2096028V120LGN )

Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1391638620&from=cor&uid=INTELXSSDSA2CW120G3_BTPR2096028V120LGN )

Shortcut Found : C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1391638620&from=cor&uid=INTELXSSDSA2CW120G3_BTPR2096028V120LGN )

Shortcut Found : C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1391638620&from=cor&uid=INTELXSSDSA2CW120G3_BTPR2096028V120LGN )

Shortcut Found : C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1391638620&from=cor&uid=INTELXSSDSA2CW120G3_BTPR2096028V120LGN )

Shortcut Found : C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1391638620&from=cor&uid=INTELXSSDSA2CW120G3_BTPR2096028V120LGN )

Shortcut Found : C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1391638620&from=cor&uid=INTELXSSDSA2CW120G3_BTPR2096028V120LGN )

Shortcut Found : C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (64-bit).lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1391638620&from=cor&uid=INTELXSSDSA2CW120G3_BTPR2096028V120LGN )

Shortcut Found : C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1391638620&from=cor&uid=INTELXSSDSA2CW120G3_BTPR2096028V120LGN )

Shortcut Found : C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1391638620&from=cor&uid=INTELXSSDSA2CW120G3_BTPR2096028V120LGN )

***** [ Registry ] *****

Key Found : HKLM\Software\DataMngr

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v26.0 (sv-SE)

[ File : C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\prefs.js ]

-\\ Google Chrome v12.0.742.112

[ File : C:\Users\Henrik.CEMENT\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : urls_to_restore_on_startup

*************************

AdwCleaner[R1].txt - [3333 octets] - [13/02/2014 19:06:31]

########## EOF - H:\AdwCleaner\AdwCleaner[R1].txt - [3393 octets] ##########

14 februari, 2014

Hej!

1. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på Clean-knappen.

Tryck på OK.

Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[s0].txt

2. Spara ShortcutCleaner på skrivbordet: http://www.bleepingcomputer.com/download/shortcut-cleaner/dl/172/

Starta den nedladdade filen ss-cleaner.exe.

Vänta tills den är klar.

En rapport kommer upp, bifoga den till ditt svar.

3. Kör FRST igen och klistra in den nya FRST.txt så får vi se vad som återstår.

4. Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Avbocka alternativet Remove found threats

Bocka för Scan Archives

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

Klicka på Scan

När skanningen är klar klicka på List of threats found, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

14 februari, 2014

Du skriver kör FRST igen men FRST skriver du inget om ovan så den har jag inte kört förut...

Skall jag följa körschemat ändå?

/henrik

14 februari, 2014

Förlåt, det var visst DDS i den här tråden.

Kör DDS igen och klistra in den nya DDS.txt.

14 februari, 2014

Hehe, det finns alltså för många klantskallar med skräp i datorerna...

Adware cleaner:

# AdwCleaner v3.018 - Report created 14/02/2014 at 14:19:13

# Updated 28/01/2014 by Xplode

# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

# Username : Henrik - HENRIK-THINK-12

# Running from : C:\Users\Henrik.CEMENT\Desktop\Adware Cleaner\adwcleaner (2).exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v26.0 (sv-SE)

[ File : C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\prefs.js ]

-\\ Google Chrome v12.0.742.112

[ File : C:\Users\Henrik.CEMENT\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R1].txt - [3473 octets] - [13/02/2014 19:06:47]

AdwCleaner[R4].txt - [1041 octets] - [14/02/2014 14:19:05]

AdwCleaner[s3].txt - [966 octets] - [14/02/2014 14:19:13]

########## EOF - H:\AdwCleaner\AdwCleaner[s3].txt - [1025 octets] ##########

Shortcut Cleaner 1.2.8 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

More Information about Shortcut Cleaner can be found at this link:

http://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 7 Professional Service Pack 1

Program started at: 02/14/2014 02:26:30 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Henrik.CEMENT\Desktop

0 bad shortcuts found.

Program finished at: 02/14/2014 02:26:31 PM

Execution time: 0 hours(s), 0 minute(s), and 1 seconds(s)

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16533 BrowserJavaVersion: 10.51.2

Run by Henrik at 14:27:48 on 2014-02-14

Microsoft Windows 7 Professional 6.1.7601.1.1252.46.1053.18.8075.5972 [GMT 1:00]

.

AV: Norton AntiVirus *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton AntiVirus *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\ibmpmsvc.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe

C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe

C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe

C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe

C:\Windows\system32\CxAudMsg64.exe

C:\ProgramData\DatacardService\DCService.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe

C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe

C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe

C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe

C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe

C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Windows\SysWOW64\SAsrv.exe

C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe

C:\Program Files (x86)\Securepoint SSL VPN\SPOpenVPNService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe

C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\taskhost.exe

C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe

C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe

C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe

C:\Windows\system32\rundll32.exe

C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE

C:\Windows\system32\Dwm.exe

C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE

C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE

C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe

C:\ProgramData\DatacardService\DCSHelper.exe

C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe

C:\Windows\System32\TpShocks.exe

C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe

C:\Program Files\CONEXANT\ForteConfig\fmapp.exe

C:\Program Files\Lenovo\Client Security Solution\cssauth.exe

C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Users\Henrik.CEMENT\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\Henrik.CEMENT\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Personal\bin\Personal.exe

C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

C:\Users\Henrik.CEMENT\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Lenovo\Client Security Solution\password_manager.exe

C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe

C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Windows\system32\rundll32.exe

C:\Program Files (x86)\Lenovo\Client Security Solution\password_manager.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\explorer.exe

C:\Windows\SysWOW64\RunDll32.exe

C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe

C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe

C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Windows\system32\sppsvc.exe

C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe

C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxps://www.google.se/

uDefault_Page_URL = hxxp://www.google.com

mStart Page = hxxp://www.google.com

mSearch Page = hxxp://www.google.com

mDefault_Page_URL = hxxp://www.google.com

mDefault_Search_URL = hxxp://www.google.com

mWinlogon: Userinit = userinit.exe,

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\IPS\ipsbho.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coieplg.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: IePasswordManagerHelper Class: {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coieplg.dll

TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coieplg.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [spotify Web Helper] "C:\Users\Henrik.CEMENT\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [Google Update] "C:\Users\Henrik.CEMENT\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run

uRun: [AdobeBridge] <no file>

mRun: [seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui

mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor

mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot

mRun: [iMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

StartupFolder: C:\Users\HENRIK~1.CEM\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Henrik.CEMENT\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\HENRIK~1.CEM\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PHONEM~1.LNK - C:\Program Files (x86)\Avaya\IP Office\Phone Manager\PhoneManager.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

mPolicies-System: RunStartupScriptSync = dword:1

mPolicies-System: DisableCAD = dword:1

IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Ski&cka till OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001045-0002-0045-ABCDEFFEDCBC} - <orphaned>

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll

Trusted Zone: click-clean.com

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{394CE077-BEE1-4724-982A-8D9375123F56} : DHCPNameServer = 192.168.1.254

TCP: Interfaces\{394CE077-BEE1-4724-982A-8D9375123F56}\46C696E6B6 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{394CE077-BEE1-4724-982A-8D9375123F56}\77164756273797374756D637 : DHCPNameServer = 172.16.0.2

TCP: Interfaces\{394CE077-BEE1-4724-982A-8D9375123F56}\E4546533 : DHCPNameServer = 192.168.2.1

TCP: Interfaces\{E536509A-13FC-47CD-B475-6BD50A0882EE} : DHCPNameServer = 192.168.32.10

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

LSA: Notification Packages = scecli ACGina C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll

IFEO: bitguard.exe - tasklist.exe

IFEO: bprotect.exe - tasklist.exe

IFEO: bpsvc.exe - tasklist.exe

IFEO: browsemngr.exe - tasklist.exe

IFEO: browserdefender.exe - tasklist.exe

x64-mStart Page = hxxp://www.google.com

x64-mSearch Page = hxxp://www.google.com

x64-mDefault_Page_URL = hxxp://www.google.com

x64-mDefault_Search_URL = hxxp://www.google.com

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coieplg.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coieplg.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [TpShocks] TpShocks.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t

x64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe

x64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe

x64-Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent

x64-Run: [ALCKRESI.EXE] C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE

x64-Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-Notify: psfus - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

x64-SSODL: WebCheck - <orphaned>

x64-IFEO: bitguard.exe - tasklist.exe

x64-IFEO: bprotect.exe - tasklist.exe

x64-IFEO: bpsvc.exe - tasklist.exe

x64-IFEO: browsemngr.exe - tasklist.exe

x64-IFEO: browserdefender.exe - tasklist.exe

.

Note: multiple IFEO entries found. Please refer to Attach.txt

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\

FF - prefs.js: browser.search.selectedEngine - SecureSearch

FF - prefs.js: browser.startup.homepage - hxxps://www.google.se/

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\OverTheEdge\Unity\WebPlayer\loader\npUnityWeb32.dll

FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl.dll

FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl64.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Henrik.CEMENT\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll

FF - plugin: C:\Users\Henrik.CEMENT\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll

.

============= SERVICES / DRIVERS ===============

.

R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2011-10-31 31344]

R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2014-2-11 30496]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-4-24 55024]

R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NAVx64\1501000.012\SymDS64.sys [2013-11-15 493656]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NAVx64\1501000.012\SymEFA64.sys [2013-11-15 1147480]

R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2011-3-29 23664]

R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [2014-1-22 1526488]

R1 ccSet_NAV;NAV Settings Manager;C:\Windows\System32\drivers\NAVx64\1501000.012\ccSetx64.sys [2013-11-15 162392]

R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\Windows\System32\drivers\NSTx64\7DE06000.01B\ccsetx64.sys [2013-10-17 162392]

R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140213.002\IDSviA64.sys [2014-2-14 521944]

R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2011-8-17 15472]

R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2014-2-11 284448]

R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2011-7-8 32104]

R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NAVx64\1501000.012\Ironx64.sys [2013-11-15 264280]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NAVx64\1501000.012\symnets.sys [2013-11-15 590936]

R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312]

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-2-13 770528]

R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984]

R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2011-10-31 198784]

R2 DCService.exe;DCService.exe;C:\ProgramData\DatacardService\DCService.exe [2010-8-19 229376]

R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-2-4 2222416]

R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]

R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2012-5-7 43584]

R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2013-9-12 127072]

R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2012-5-7 62016]

R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2011-8-17 133992]

R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-2-4 377616]

R2 NAV;Norton AntiVirus;C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe [2013-11-15 262288]

R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\nst.exe [2013-10-17 129424]

R2 risdxc;risdxc;C:\Windows\System32\drivers\risdxc64.sys [2011-10-31 101376]

R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SAsrv.exe --> C:\Windows\System32\SAsrv.exe [?]

R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-2 14088]

R2 Securepoint VPN;Securepoint VPN;C:\Program Files (x86)\Securepoint SSL VPN\SPOpenVPNService.exe [2013-9-26 142216]

R2 SROSVC;Screen Reading Optimizer Service Program;C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [2012-5-9 446800]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-28 383776]

R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-7-16 2673064]

R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2013-9-12 126456]

R2 TPHKSVC;Visa på skärmen;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2013-9-12 125504]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-31 2656280]

R2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2012-12-2 81552]

R2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe servicemode [?]

R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-2-8 3386608]

R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2011-10-31 166016]

R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuellt kort;C:\Windows\System32\drivers\AmpPal.sys [2013-2-13 163808]

R3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2011-10-31 598808]

R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-9-12 39976]

R3 ecnssndis; Mobile Broadband Driver;C:\Windows\System32\drivers\wwuss64.sys [2011-10-31 26664]

R3 ecnssndisfltr; Mobile Broadband Driver Filter;C:\Windows\System32\drivers\wwussf64.sys [2011-10-31 30248]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-11-22 137648]

R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2013-3-22 86016]

R3 l36wgps; Mobile Broadband GPS Port;C:\Windows\System32\drivers\l36wgps64.sys [2012-5-7 101416]

R3 Mbm3CBus;F5521gw Mobile Broadband Device (WDM);C:\Windows\System32\drivers\Mbm3CBus.sys [2011-10-31 419400]

R3 Mbm3DevMt; Mobile Broadband Device Management Driver (WDM);C:\Windows\System32\drivers\Mbm3DevMt.sys [2011-10-31 430664]

R3 Mbm3mdfl; Mobile Broadband Modem Port Filter;C:\Windows\System32\drivers\Mbm3mdfl.sys [2011-10-31 19528]

R3 Mbm3Mdm; Mobile Broadband Modem Port Driver;C:\Windows\System32\drivers\Mbm3Mdm.sys [2011-10-31 483400]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]

R3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2011-5-30 40248]

R3 WwanUsbServ;Mobile Broadband Driver;C:\Windows\System32\drivers\WwanUsbMp64.sys [2012-5-7 268840]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-11-18 144448]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]

S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed-protokoll;C:\Windows\System32\drivers\AmpPal.sys [2013-2-13 163808]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-1-22 108800]

S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]

S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2011-10-31 478056]

S3 DraftSight API Service;DraftSight API Service;C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-1-24 78336]

S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2013-3-22 117248]

S3 ewusbnet;HUAWEI USB-NDIS miniport;C:\Windows\System32\drivers\ewusbnet.sys [2013-3-22 256000]

S3 FsUsbExDisk;FsUsbExDisk;C:\Windows\SysWOW64\FsUsbExDisk.Sys [2013-12-2 37344]

S3 hwdatacard;Huawei DataCard USB Modem and USB Serial;C:\Windows\System32\drivers\ewusbmdm.sys [2013-3-22 121600]

S3 LSCWinService;LSCWinService;C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2013-9-25 1674720]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-2-8 273136]

S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2011-10-31 87400]

S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2011-10-31 173416]

S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);C:\Windows\System32\drivers\s1018bus.sys [2009-3-25 113704]

S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;C:\Windows\System32\drivers\s1018mdfl.sys [2009-3-25 19496]

S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;C:\Windows\System32\drivers\s1018mdm.sys [2009-3-25 153128]

S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);C:\Windows\System32\drivers\s1018mgmt.sys [2009-3-25 133160]

S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);C:\Windows\System32\drivers\s1018nd5.sys [2009-3-25 34856]

S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;C:\Windows\System32\drivers\s1018obex.sys [2009-3-25 128552]

S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);C:\Windows\System32\drivers\s1018unic.sys [2009-3-25 146472]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-1-22 206080]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

.

=============== Created Last 30 ================

.

2014-02-14 08:04:17 -------- d-----w- C:\Program Files (x86)\ESET

2014-02-13 17:27:05 -------- d-----w- C:\Users\Henrik.CEMENT\AppData\Roaming\Malwarebytes

2014-02-13 17:26:48 -------- d-----w- C:\ProgramData\Malwarebytes

2014-02-13 17:26:47 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-02-13 17:26:47 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-13 09:20:50 -------- d-----w- C:\FRST

2014-02-12 13:06:14 -------- d-----w- C:\Users\Henrik.CEMENT\AppData\Roaming\NVIDIA

2014-02-12 08:03:35 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll

2014-02-12 08:03:35 2048 ----a-w- C:\Windows\System32\msxml3r.dll

2014-02-12 08:03:35 1882112 ----a-w- C:\Windows\System32\msxml3.dll

2014-02-12 08:03:35 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll

2014-02-09 16:27:44 -------- d-----w- C:\Users\Henrik.CEMENT\AppData\Local\LogMeIn Hamachi

2014-02-09 16:27:44 -------- d-----w- C:\Users\Henrik.CEMENT\AppData\Local\LogMeIn

2014-02-09 16:27:44 -------- d-----w- C:\ProgramData\LogMeIn

2014-02-09 16:26:02 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi

2014-02-08 11:17:55 -------- d-----w- C:\Users\Henrik.CEMENT\AppData\Roaming\LavasoftStatistics

2014-02-08 09:34:14 -------- d-----w- C:\Users\Henrik.CEMENT\AppData\Roaming\SecureSearch

2014-02-08 09:34:07 -------- d-----w- C:\Program Files (x86)\Lavasoft

2014-02-05 22:17:27 -------- d-----w- C:\ProgramData\WPM

2014-02-01 09:39:11 -------- d-----w- C:\Users\Henrik.CEMENT\AppData\Local\Unity

2014-02-01 09:37:05 -------- d-----w- C:\Program Files (x86)\OverTheEdge

2014-01-22 07:52:10 206080 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys

2014-01-22 07:52:10 108800 ----a-w- C:\Windows\System32\drivers\ssudbus.sys

2014-01-17 07:19:00 821824 ----a-w- C:\Windows\SysWow64\dgderapi.dll

.

==================== Find3M ====================

.

2014-02-06 06:11:07 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-02-06 06:11:07 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2014-02-05 10:00:21 2334720 ----a-w- C:\Windows\System32\jscript9.dll

2014-02-05 09:54:06 1392128 ----a-w- C:\Windows\System32\wininet.dll

2014-02-05 09:52:51 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-02-05 09:51:59 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-02-05 09:51:52 599040 ----a-w- C:\Windows\System32\vbscript.dll

2014-02-05 09:50:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2014-02-05 08:56:17 1806848 ----a-w- C:\Windows\SysWow64\jscript9.dll

2014-02-05 08:50:39 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2014-02-05 08:49:56 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2014-02-05 08:48:40 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2014-02-05 08:48:27 421376 ----a-w- C:\Windows\SysWow64\vbscript.dll

2014-02-05 08:47:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-12-18 20:09:39 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-11-27 01:41:37 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-11-27 01:41:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-11-27 01:41:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-11-27 01:41:11 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-11-27 01:41:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-11-27 01:41:06 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-11-27 01:41:03 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-11-26 10:32:56 3156480 ----a-w- C:\Windows\System32\win32k.sys

.

============= FINISH: 14:28:02,02 ===============

ESET

C:\Users\Henrik.CEMENT\AppData\Local\Temp\42bdfe30-48e5-4368-a9fc-ad1b2cccce86.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application

C:\Users\Henrik.CEMENT\AppData\Local\Temp\fullpackage_temp1391638608\tmp\wpm.exe a variant of Win32/ELEX.Y potentially unwanted application

C:\Users\Henrik.CEMENT\AppData\Local\Temp\is1315000151\1455308_stp.EXE a variant of Win32/InstallCore.ES potentially unwanted application

C:\Users\Henrik.CEMENT\Downloads\ccsetup402.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

Attach_2.txt

14 februari, 2014

Nja, klantskallar vill jag inte kalla några men det har varit många med denna typ av skadliga tillägg de senaste två veckorna.

1. Trusted Zone: click-clean.com

Känner du till ovanstående webbplats och litar du på den väldigt mycket?

2. Avinstallera "Java 7 Update 45 (64-bit)" eftersom det är en gammal version med kända säkerhetshål som gör det lätt att infektera datorn från en webbsida. De flesta behöver inte ha Java installerat över huvud taget, men om du måste är det väldigt viktigt att alltid ha den senaste versionen.

3. FRST behövs även här.

Ladda ner Farbar Recovery Scan Tool (FRST) och spara på skrivbordet: http://download.bleepingcomputer.com/farbar/FRST64.exe

Starta FRST.

Läs villkoren för programmet.

Klicka på Yes för att acceptera.

Klicka på Scan-knappen.

När det är klart kommer det att ha skapats två loggar FRST.txt och Addition.txt på skrivbordet.

Klistra in innehållet i FRST.txt direkt i ditt svar och bifoga Addition.txt.

14 februari, 2014

1. Ja, Click+Clean är ett verktyg vi använder i jobbet och jag träffade distributören senast i fredags.

2. Fixat.

3:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01

Ran by Henrik (administrator) on HENRIK-THINK-12 on 14-02-2014 18:32:36

Running from C:\Users\Henrik.CEMENT\Desktop

Windows 7 Professional Service Pack 1 (X64) OS Language: Swedish

Internet Explorer Version 9

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\system32\ibmpmsvc.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe

(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe

(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe

(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe

() C:\ProgramData\DatacardService\DCService.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe

(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe

(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe

(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Conexant Systems, Inc.) C:\Windows\SysWOW64\SAsrv.exe

(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe

() C:\Program Files (x86)\Securepoint SSL VPN\SPOpenVPNService.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe

(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe

(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe

(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe

(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe

(Lenovo.) C:\Windows\System32\TpShocks.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe

() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\cssauth.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Spotify Ltd) C:\Users\Henrik.CEMENT\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(Google Inc.) C:\Users\Henrik.CEMENT\AppData\Local\Google\Update\GoogleUpdate.exe

(Technology Nexus AB) C:\Program Files (x86)\Personal\bin\Personal.exe

(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

(Dropbox, Inc.) C:\Users\Henrik.CEMENT\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Lenovo Group Limited) C:\Program Files\Lenovo\Client Security Solution\password_manager.exe

(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe

(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe

(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Client Security Solution\password_manager.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Axentra Corporation) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe

(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe

(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE

(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\Bluetooth Headset Helper.exe

(Microsoft Corporation) C:\Windows\System32\mobsync.exe

(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe

(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe

(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

() C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe

(Microsoft Corporation) C:\Windows\system32\msiexec.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [TpShocks] - C:\Windows\SYSTEM32\TpShocks.exe [380776 2011-03-29] (Lenovo.)

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2868496 2011-12-23] (Synaptics Incorporated)

HKLM\...\Run: [smartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)

HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [44096 2012-01-16] (Lenovo Group Limited)

HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()

HKLM\...\Run: [cssauth] - C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [5990200 2011-06-10] (Lenovo Group Limited)

HKLM\...\Run: [ALCKRESI.EXE] - C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [386408 2011-09-27] (Lenovo Group Limited)

HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [33344 2011-10-20] (Lenovo)

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [seagate Dashboard] - C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe [79112 2011-06-02] ()

HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)

HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)

HKLM-x32\...\Run: [PWMTRV] - rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor

HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)

HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-14] (Lenovo, Inc.)

HKLM-x32\...\Run: [iMSS] - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-17] (Intel Corporation)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3813712 2014-02-04] (LogMeIn Inc.)

Winlogon\Notify\igfxcui: C:\Windows\SYSTEM32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)

HKU\S-1-5-21-1930276774-2984886965-450592802-1155\...\Run: [spotify Web Helper] - C:\Users\Henrik.CEMENT\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-02-14] (Spotify Ltd)

HKU\S-1-5-21-1930276774-2984886965-450592802-1155\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)

HKU\S-1-5-21-1930276774-2984886965-450592802-1155\...\Run: [Google Update] - C:\Users\Henrik.CEMENT\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-19] (Google Inc.)

HKU\S-1-5-21-1930276774-2984886965-450592802-1155\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)

HKU\S-1-5-21-1930276774-2984886965-450592802-1155\...\Run: [AdobeBridge] - [X]

HKU\S-1-5-21-1930276774-2984886965-450592802-1155\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

HKU\S-1-5-21-1930276774-2984886965-450592802-1155\...\MountPoints2: {5810a980-9286-11e2-b6ee-60d819d76468} - E:\AutoRun.exe

HKU\S-1-5-21-1930276774-2984886965-450592802-1155\...\MountPoints2: {75f0f6b7-a59d-11e1-9679-60d819d76468} - D:\AutoRun.exe

HKU\S-1-5-21-1930276774-2984886965-450592802-1155\...\MountPoints2: {75f0f6c8-a59d-11e1-9679-60d819d76468} - E:\AutoRun.exe

HKU\S-1-5-21-1930276774-2984886965-450592802-1155\...\MountPoints2: {95a067c4-89bc-11e1-b119-806e6f6e6963} - Q:\LenovoQDrive.exe

HKU\S-1-5-21-1930276774-2984886965-450592802-1155\...\MountPoints2: {bf134581-3792-11e2-8252-60d819d76468} - E:\MotoCastSetup.exe -a

AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-10-29] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-10-29] (NVIDIA Corporation)

IFEO\bitguard.exe: [Debugger] tasklist.exe

IFEO\bprotect.exe: [Debugger] tasklist.exe

IFEO\bpsvc.exe: [Debugger] tasklist.exe

IFEO\browsemngr.exe: [Debugger] tasklist.exe

IFEO\browserdefender.exe: [Debugger] tasklist.exe

IFEO\browsermngr.exe: [Debugger] tasklist.exe

IFEO\browserprotect.exe: [Debugger] tasklist.exe

IFEO\browsersafeguard.exe: [Debugger] tasklist.exe

IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe

IFEO\cltmngsvc.exe: [Debugger] tasklist.exe

IFEO\delta babylon.exe: [Debugger] tasklist.exe

IFEO\delta tb.exe: [Debugger] tasklist.exe

IFEO\delta2.exe: [Debugger] tasklist.exe

IFEO\deltainstaller.exe: [Debugger] tasklist.exe

IFEO\deltasetup.exe: [Debugger] tasklist.exe

IFEO\deltatb.exe: [Debugger] tasklist.exe

IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe

IFEO\iminentsetup.exe: [Debugger] tasklist.exe

IFEO\protectedsearch.exe: [Debugger] tasklist.exe

IFEO\rjatydimofu.exe: [Debugger] tasklist.exe

IFEO\snapdo.exe: [Debugger] tasklist.exe

IFEO\stinst32.exe: [Debugger] tasklist.exe

IFEO\stinst64.exe: [Debugger] tasklist.exe

IFEO\sweetimsetup.exe: [Debugger] tasklist.exe

IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe

Lsa: [Notification Packages] scecli ACGina C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll

Startup: C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Henrik.CEMENT\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PhoneManager.lnk

ShortcutTarget: PhoneManager.lnk -> C:\Program Files (x86)\Avaya\IP Office\Phone Manager\PhoneManager.exe (Avaya Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.se/

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_svSE480

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: IePasswordManagerHelper Class - {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} - C:\Program Files (x86)\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)

BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)

DPF: HKLM {444785F1-DE89-4295-863A-D46C3A781394} http://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab

DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:

========

FF ProfilePath: C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default

FF DefaultSearchEngine: SecureSearch

FF SelectedSearchEngine: SecureSearch

FF Homepage: https://www.google.se/

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @otee.dk/UnityWebPlayer - C:\Program Files (x86)\OverTheEdge\Unity\WebPlayer\loader\npUnityWeb32.dll (OverTheEdge I/S)

FF Plugin-x32: @se.nexus/Personal - C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Henrik.CEMENT\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Henrik.CEMENT\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Henrik.CEMENT\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\adawaretb.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml

FF Extension: New tab - C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\Extensions\{42BA5B64-9D40-5524-BA08-32E2FE81AE25} [2013-12-18]

FF Extension: Extension_Protected - C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack.xpi [2014-02-05]

FF Extension: Lightning Speed Dial - C:\Users\Henrik.CEMENT\AppData\Roaming\Mozilla\Firefox\Profiles\7zhtpabx.default\Extensions\lightningnewtab@gmail.com.xpi [2014-02-05]

FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\

FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []

FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\

FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []

FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\

FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ []

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2013-11-16]

FF HKCU\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Client Security Solution\PWM Firefox Extension\2.0b12

FF Extension: ThinkVantage Password Manager - C:\Program Files (x86)\Lenovo\Client Security Solution\PWM Firefox Extension\2.0b12 [2012-05-02]

Chrome:

=======

CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-02-08&ent=hp&u=A1EA6086834563E2AEC83552F5FA10C3

CHR RestoreOnStartup: "hxxp://www.google.com"

CHR DefaultSearchProvider: sweet-page

CHR DefaultSearchURL: http://www.google.com

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\gcswf32.dll ()

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\12.0.742.112\pdf.dll ()

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\Personal\bin\np_prsnl.dll (Technology Nexus AB)

CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File

CHR Plugin: (Default Plug-in) - default_plugin No File

CHR Extension: (Movies Toolbar) - C:\Users\Henrik.CEMENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob [2013-09-10]

CHR Extension: (Lavasoft NewTab) - C:\Users\Henrik.CEMENT\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2014-02-08]

CHR HKLM-x32\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\Henrik.CEMENT\AppData\Local\ilividmoviestoolbardla\GC\toolbar.crx [2014-02-08]

CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-01-22]

CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2014-01-22]

==================== Services (Whitelisted) =================

R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] ()

S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2011-08-31] (Lenovo.)

S3 DraftSight API Service; C:\Program Files (x86)\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [78336 2012-01-24] (Dassault Systèmes)

R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-04] (LogMeIn, Inc.)

S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] ()

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-02-08] ()

R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe [262288 2013-10-08] (Symantec Corporation)

R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)

R2 Securepoint VPN; C:\Program Files (x86)\Securepoint SSL VPN\SPOpenVPNService.exe [142216 2010-11-22] ()

R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2011-09-01] (Lenovo Group Limited)

S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22888 2013-09-17] ()

R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited)

S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1492280 2011-08-18] (Lenovo Group Limited)

R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [81552 2012-12-02] (Symantec Corporation)

R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB)

R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386608 2013-02-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)

R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)

R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)

R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-02-24] (Ericsson AB)

R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-02-24] (Ericsson AB)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-21] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-21] (Symantec Corporation)

S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)

S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-10-30] ()

R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140213.002\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)

R3 l36wgps; C:\Windows\System32\DRIVERS\l36wgps64.sys [101416 2011-07-01] (Ericsson AB)

R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2011-04-13] (MCCI Corporation)

R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [430664 2011-04-13] (MCCI Corporation)

R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2011-04-13] (MCCI Corporation)

R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [483400 2011-04-13] (MCCI Corporation)

R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140213.033\ENG64.SYS [126040 2014-01-29] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140213.033\EX64.SYS [2099288 2014-01-29] (Symantec Corporation)

R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-10-29] (NVIDIA Corporation)

S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)

S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)

S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)

S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)

S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)

S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)

S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)

R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NAVx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)

R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-15] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)

R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Product(ShenZhen China) Inc.)

R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [268840 2011-08-12] (Ericsson AB)

S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

S2 smihlp; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-14 18:28 - 2014-02-14 18:32 - 00033240 _____ () C:\Users\Henrik.CEMENT\Desktop\FRST.txt

2014-02-14 14:28 - 2014-02-14 14:28 - 00013048 _____ () C:\Users\Henrik.CEMENT\Desktop\Attach_2.txt

2014-02-14 14:26 - 2014-02-14 14:25 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Henrik.CEMENT\Desktop\sc-cleaner.exe

2014-02-14 14:25 - 2014-02-14 14:25 - 00000154 _____ () C:\Users\Henrik.CEMENT\Desktop\Shortcutcleaner.url

2014-02-14 14:16 - 2014-02-14 14:27 - 00001325 _____ () C:\Users\Henrik.CEMENT\Desktop\Instruktioner.txt

2014-02-14 13:47 - 2014-02-14 13:47 - 00090112 _____ () C:\Users\Henrik.CEMENT\Downloads\Export_1392382060.xls

2014-02-14 10:34 - 2014-02-14 18:26 - 02152960 _____ (Farbar) C:\Users\Henrik.CEMENT\Desktop\FRST64.exe

2014-02-14 10:28 - 2014-02-14 18:32 - 00000000 ____D () C:\Users\Henrik.CEMENT\Desktop\FRST

2014-02-14 09:04 - 2014-02-14 09:04 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-02-14 09:03 - 2014-02-14 15:49 - 00000000 ____D () C:\Users\Henrik.CEMENT\Desktop\Eset scan

2014-02-14 09:01 - 2014-02-14 14:26 - 00001844 _____ () C:\sc-cleaner.txt

2014-02-14 08:57 - 2014-02-14 08:57 - 00000143 _____ () C:\Users\Henrik.CEMENT\Desktop\Eset scan.url

2014-02-14 08:57 - 2014-02-14 08:56 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Henrik.CEMENT\Desktop\Shortcut cleaner.exe

2014-02-14 08:55 - 2014-02-14 18:26 - 00000103 _____ () C:\Users\Henrik.CEMENT\Desktop\Svarstext.txt

2014-02-13 18:32 - 2014-02-14 08:50 - 00000000 ____D () C:\Users\Henrik.CEMENT\Desktop\Adware Cleaner

2014-02-13 18:27 - 2014-02-13 18:27 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Roaming\Malwarebytes

2014-02-13 18:26 - 2014-02-13 18:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Henrik.CEMENT\Desktop\mbam-setup-1.75.0.1300.exe

2014-02-13 18:26 - 2014-02-13 18:26 - 00001080 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-13 18:26 - 2014-02-13 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-13 18:26 - 2014-02-13 18:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-13 18:26 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-02-13 13:08 - 2014-02-05 11:19 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-02-13 13:08 - 2014-02-05 11:02 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-02-13 13:08 - 2014-02-05 11:00 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-02-13 13:08 - 2014-02-05 10:54 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-02-13 13:08 - 2014-02-05 10:54 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-02-13 13:08 - 2014-02-05 10:52 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-02-13 13:08 - 2014-02-05 10:52 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-02-13 13:08 - 2014-02-05 10:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-02-13 13:08 - 2014-02-05 10:51 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-02-13 13:08 - 2014-02-05 10:51 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-02-13 13:08 - 2014-02-05 10:51 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-02-13 13:08 - 2014-02-05 10:51 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-02-13 13:08 - 2014-02-05 10:51 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-02-13 13:08 - 2014-02-05 10:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-02-13 13:08 - 2014-02-05 10:50 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-02-13 13:08 - 2014-02-05 10:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-02-13 13:08 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-02-13 13:08 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-02-13 13:08 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-02-13 13:08 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-02-13 13:08 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-02-13 13:08 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-02-13 13:08 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2014-02-13 13:08 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-02-13 13:08 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2014-02-13 13:08 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-02-13 13:08 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-02-13 13:08 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-02-13 13:08 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-02-13 13:08 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-02-13 13:08 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-02-13 13:08 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-02-13 13:07 - 2014-02-13 13:08 - 00000160 _____ () C:\Users\Henrik.CEMENT\Desktop\Sweet page - PC för alla.url

2014-02-13 12:56 - 2014-02-14 14:28 - 00033406 _____ () C:\Users\Henrik.CEMENT\Desktop\dds.txt

2014-02-13 12:56 - 2014-02-14 14:28 - 00013048 _____ () C:\Users\Henrik.CEMENT\Desktop\attach.txt

2014-02-13 11:00 - 2014-02-13 11:00 - 00000000 ____D () C:\Windows\ERDNT

2014-02-13 10:59 - 2014-02-13 10:59 - 00000895 _____ () C:\Users\UpdatusUser\Desktop\NTREGOPT.lnk

2014-02-13 10:59 - 2014-02-13 10:59 - 00000895 _____ () C:\Users\petermickelsson\Desktop\NTREGOPT.lnk

2014-02-13 10:59 - 2014-02-13 10:59 - 00000895 _____ () C:\Users\Henrik\Desktop\NTREGOPT.lnk

2014-02-13 10:59 - 2014-02-13 10:59 - 00000895 _____ () C:\Users\Henrik.CEMENT\Desktop\NTREGOPT.lnk

2014-02-13 10:59 - 2014-02-13 10:59 - 00000876 _____ () C:\Users\UpdatusUser\Desktop\ERUNT.lnk

2014-02-13 10:59 - 2014-02-13 10:59 - 00000876 _____ () C:\Users\petermickelsson\Desktop\ERUNT.lnk

2014-02-13 10:59 - 2014-02-13 10:59 - 00000876 _____ () C:\Users\Henrik\Desktop\ERUNT.lnk

2014-02-13 10:59 - 2014-02-13 10:59 - 00000876 _____ () C:\Users\Henrik.CEMENT\Desktop\ERUNT.lnk

2014-02-13 10:59 - 2014-02-13 10:59 - 00000000 ____D () C:\Program Files (x86)\ERUNT

2014-02-13 10:58 - 2014-02-13 10:58 - 00791393 _____ (Lars Hederer ) C:\Users\Henrik.CEMENT\Desktop\erunt-setup.exe

2014-02-13 10:52 - 2014-02-13 10:52 - 00688992 ____R (Swearware) C:\Users\Henrik.CEMENT\Desktop\dds.scr

2014-02-13 10:20 - 2014-02-14 18:32 - 00000000 ____D () C:\FRST

2014-02-13 10:19 - 2014-02-13 10:19 - 01166132 _____ () C:\Users\Henrik.CEMENT\Downloads\adwcleaner (1).exe

2014-02-13 10:13 - 2014-02-13 10:13 - 02152448 _____ (Farbar) C:\Users\Henrik.CEMENT\Downloads\FRST64.exe

2014-02-13 10:13 - 2014-02-13 10:13 - 01166132 _____ () C:\Users\Henrik.CEMENT\Downloads\adwcleaner.exe

2014-02-12 14:06 - 2014-02-12 14:06 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Roaming\NVIDIA

2014-02-12 09:03 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-02-12 09:03 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-02-12 09:03 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-02-12 09:03 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 26940704 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 20461344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 12641480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 11137824 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2014-02-11 15:47 - 2013-10-29 08:17 - 09393856 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 07935352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 07566624 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 06264144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 02907936 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 02723616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 02511312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 02346784 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 01987360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 01814304 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6431269.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6431269.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 00961192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 00284448 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys

2014-02-11 15:47 - 2013-10-29 08:17 - 00245872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 00201576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2014-02-11 15:47 - 2013-10-29 08:17 - 00030496 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys

2014-02-11 15:47 - 2013-02-25 09:57 - 00194848 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2014-02-11 15:47 - 2013-02-25 09:57 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2014-02-11 15:47 - 2013-01-29 13:05 - 01510176 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll

2014-02-09 18:27 - 2014-02-09 18:32 - 00000000 ____D () C:\Users\Henrik.CEMENT\Desktop\Minecraft server

2014-02-09 18:27 - 2014-02-09 18:30 - 00000000 ____D () C:\Users\Henrik.CEMENT\Desktop\world

2014-02-09 17:27 - 2014-02-14 14:22 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Local\LogMeIn Hamachi

2014-02-09 17:27 - 2014-02-09 17:27 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Local\LogMeIn

2014-02-09 17:27 - 2014-02-09 17:27 - 00000000 ____D () C:\ProgramData\LogMeIn

2014-02-09 17:26 - 2014-02-09 17:26 - 00000897 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk

2014-02-09 17:26 - 2014-02-09 17:26 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi

2014-02-09 17:25 - 2014-02-09 17:25 - 00000000 ____D () C:\Users\Henrik.CEMENT\Desktop\Hamachi

2014-02-08 16:55 - 2014-02-13 18:58 - 00023252 _____ () C:\Windows\PFRO.log

2014-02-08 12:17 - 2014-02-08 12:17 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Roaming\LavasoftStatistics

2014-02-08 10:34 - 2014-02-08 12:17 - 00000000 ____D () C:\Program Files (x86)\Lavasoft

2014-02-08 10:34 - 2014-02-08 10:34 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Roaming\SecureSearch

2014-02-08 10:31 - 2014-02-08 10:31 - 00000000 ____D () C:\ProgramData\Lavasoft

2014-02-08 10:30 - 2014-02-08 10:30 - 01727624 _____ () C:\Users\Henrik.CEMENT\Downloads\Adaware_Installer.exe

2014-02-08 10:30 - 2014-02-08 10:30 - 01727624 _____ () C:\Users\Henrik.CEMENT\Downloads\Adaware_Installer (1).exe

2014-02-06 07:01 - 2014-02-14 14:20 - 00010407 _____ () C:\Windows\setupact.log

2014-02-06 07:01 - 2014-02-06 07:01 - 00000000 _____ () C:\Windows\setuperr.log

2014-02-05 23:17 - 2014-02-13 18:58 - 00000000 ____D () C:\ProgramData\WPM

2014-02-03 10:39 - 2014-01-30 17:00 - 09622528 _____ () C:\Users\Henrik.CEMENT\Desktop\Kopia 140203 10.40 Infohäfte_20s.pub

2014-02-01 10:39 - 2014-02-01 10:39 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Local\Unity

2014-02-01 10:37 - 2014-02-01 10:37 - 00000000 ____D () C:\Program Files (x86)\OverTheEdge

2014-01-22 08:52 - 2014-01-22 08:52 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys

2014-01-22 08:52 - 2014-01-22 08:52 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys

2014-01-20 06:44 - 2014-01-20 06:44 - 00005305 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-17 08:19 - 2013-10-30 12:06 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\SysWOW64\dgderapi.dll

2014-01-15 08:06 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-01-15 08:06 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-01-15 08:06 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-01-15 08:06 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-01-15 08:06 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-01-15 08:06 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2014-01-15 08:06 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-01-15 08:06 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

2014-02-14 18:32 - 2014-02-14 18:28 - 00033240 _____ () C:\Users\Henrik.CEMENT\Desktop\FRST.txt

2014-02-14 18:32 - 2014-02-14 10:28 - 00000000 ____D () C:\Users\Henrik.CEMENT\Desktop\FRST

2014-02-14 18:32 - 2014-02-13 10:20 - 00000000 ____D () C:\FRST

2014-02-14 18:32 - 2012-04-18 16:15 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

2014-02-14 18:26 - 2014-02-14 10:34 - 02152960 _____ (Farbar) C:\Users\Henrik.CEMENT\Desktop\FRST64.exe

2014-02-14 18:26 - 2014-02-14 08:55 - 00000103 _____ () C:\Users\Henrik.CEMENT\Desktop\Svarstext.txt

2014-02-14 18:26 - 2012-04-18 16:15 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job

2014-02-14 18:21 - 2012-04-18 16:14 - 01898121 _____ () C:\Windows\WindowsUpdate.log

2014-02-14 18:19 - 2012-10-05 16:26 - 00001022 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1930276774-2984886965-450592802-1155UA.job

2014-02-14 18:19 - 2011-10-31 23:57 - 00001008 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-14 18:11 - 2012-10-31 14:51 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-14 15:49 - 2014-02-14 09:03 - 00000000 ____D () C:\Users\Henrik.CEMENT\Desktop\Eset scan

2014-02-14 14:28 - 2014-02-14 14:28 - 00013048 _____ () C:\Users\Henrik.CEMENT\Desktop\Attach_2.txt

2014-02-14 14:28 - 2014-02-13 12:56 - 00033406 _____ () C:\Users\Henrik.CEMENT\Desktop\dds.txt

2014-02-14 14:28 - 2014-02-13 12:56 - 00013048 _____ () C:\Users\Henrik.CEMENT\Desktop\attach.txt

2014-02-14 14:27 - 2014-02-14 14:16 - 00001325 _____ () C:\Users\Henrik.CEMENT\Desktop\Instruktioner.txt

2014-02-14 14:27 - 2009-07-14 05:45 - 00031072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-14 14:27 - 2009-07-14 05:45 - 00031072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-14 14:26 - 2014-02-14 09:01 - 00001844 _____ () C:\sc-cleaner.txt

2014-02-14 14:25 - 2014-02-14 14:26 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Henrik.CEMENT\Desktop\sc-cleaner.exe

2014-02-14 14:25 - 2014-02-14 14:25 - 00000154 _____ () C:\Users\Henrik.CEMENT\Desktop\Shortcutcleaner.url

2014-02-14 14:24 - 2011-10-31 23:13 - 00664850 _____ () C:\Windows\system32\perfh01D.dat

2014-02-14 14:24 - 2011-10-31 23:13 - 00142920 _____ () C:\Windows\system32\perfc01D.dat

2014-02-14 14:24 - 2009-07-14 06:13 - 01582372 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-02-14 14:22 - 2014-02-09 17:27 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Local\LogMeIn Hamachi

2014-02-14 14:22 - 2013-11-20 15:13 - 00000000 ___RD () C:\Users\Henrik.CEMENT\Desktop\Dropbox

2014-02-14 14:22 - 2013-11-20 15:06 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Roaming\Dropbox

2014-02-14 14:22 - 2012-04-20 10:39 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Roaming\Skype

2014-02-14 14:21 - 2011-10-31 23:57 - 00001004 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-14 14:20 - 2014-02-06 07:01 - 00010407 _____ () C:\Windows\setupact.log

2014-02-14 14:20 - 2011-10-31 23:50 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-02-14 14:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-14 14:19 - 2012-10-05 16:26 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1930276774-2984886965-450592802-1155Core.job

2014-02-14 13:47 - 2014-02-14 13:47 - 00090112 _____ () C:\Users\Henrik.CEMENT\Downloads\Export_1392382060.xls

2014-02-14 13:45 - 2013-05-27 05:46 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Local\CrashDumps

2014-02-14 13:33 - 2013-08-03 21:26 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Roaming\Spotify

2014-02-14 12:19 - 2012-04-19 09:21 - 00000120 _____ () C:\Windows\system32\config\netlogon.ftl

2014-02-14 11:39 - 2013-08-03 21:28 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Local\Spotify

2014-02-14 11:39 - 2012-04-23 07:51 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Roaming\Winamp

2014-02-14 10:02 - 2013-09-06 09:35 - 00003920 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{912A2F75-59F9-40DE-8D54-318D02E92FB1}

2014-02-14 09:04 - 2014-02-14 09:04 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-02-14 08:57 - 2014-02-14 08:57 - 00000143 _____ () C:\Users\Henrik.CEMENT\Desktop\Eset scan.url

2014-02-14 08:56 - 2014-02-14 08:57 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Henrik.CEMENT\Desktop\Shortcut cleaner.exe

2014-02-14 08:52 - 2012-04-19 09:29 - 00000980 _____ () C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

2014-02-14 08:52 - 2012-04-19 09:28 - 00001123 _____ () C:\Users\Henrik.CEMENT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-02-14 08:50 - 2014-02-13 18:32 - 00000000 ____D () C:\Users\Henrik.CEMENT\Desktop\Adware Cleaner

2014-02-14 02:00 - 2012-04-22 18:13 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Local\Adobe

2014-02-13 18:58 - 2014-02-08 16:55 - 00023252 _____ () C:\Windows\PFRO.log

2014-02-13 18:58 - 2014-02-05 23:17 - 00000000 ____D () C:\ProgramData\WPM

2014-02-13 18:54 - 2013-09-08 11:24 - 00000000 ____D () C:\ProgramData\Wincert

2014-02-13 18:27 - 2014-02-13 18:27 - 00000000 ____D () C:\Users\Henrik.CEMENT\AppData\Roaming\Malwarebytes

2014-02-13 18:26 - 2014-02-13 18:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Henrik.CEMENT\Desktop\mbam-setup-1.75.0.1300.exe

2014-02-13 18:26 - 2014-02-13 18:26 - 00001080 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-13 18:26 - 2014-02-13 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-13 18:26 - 2014-02-13 18:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-13 13:08 - 2014-02-13 13:07 - 00000160 _____ () C:\Users\Henrik.CEMENT\Desktop\Sweet page - PC för alla.url