Just nu i M3-nätverket
Gå till innehåll
Eforum är stängt för nya inlägg och svar sedan 20 juni 2022. Klicka för att läsa vad som hände och om alternativ.

Awesomehp...

VeronicaM

Startad av VeronicaM,
i Virus, skadliga program & botemedel

Rekommendera Poster

VeronicaM

VeronicaM

Postad
Postad

Hej!

 

Jag har också fått awesomehp-viruset, jag är väldigt kass på datorer och teknik öht men jag hoppas att jag kan få hjälp här.

 

Någon som vet hur man får bort det? :) har gjort norton-sökning men den hittar ingenting...

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Hej!

 

1. Ladda ner Malwarebytes Anti-Malware Free (MBAM) från http://www.malwarebytes.org/
Dubbelklicka på mbam-setup för att installera programmet.

Se till i slutet av installationen att det är bockar för:
Uppdatera Malwarebytes' Anti-Malware
Starta Malwarebytes' Anti-Malware
Klicka på Slutför
Om det finns någon uppdatering så kommer den att laddas ner och installeras.

När programmet startar så välj Utför fullständig skanning och klicka på Skanna.
Skanningen tar ett tag.
När den är klar så klicka på OK och sedan Visa resultat.
Bocka för allt och tryck sedan Ta bort markerade.
När borttagningen är klar så öppnar Anteckningar med en logg.

Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det.
Om det blir ett felmeddelande Error loading... efter omstarten så starta om datorn än en gång.
Om programmet inte kommer igång efter omstarten så starta det.

Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på fliken Loggar i MBAM.
Kopiera loggen och klistra in den i ditt svar.

 

2. Spara ShortcutCleaner på skrivbordet: http://www.bleepingcomputer.com/download/shortcut-cleaner/dl/172/
Starta den nedladdade filen ss-cleaner.exe.
Vänta tills den är klar.
En rapport kommer upp, bifoga den till ditt svar.

 

3. Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på Report-knappen.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt

4. Ladda ner Farbar Recovery Scan Tool (FRST) och spara på skrivbordet.
För 64-bitars Windows: http://download.bleepingcomputer.com/farbar/FRST64.exe
För 32-bitars Windows: http://download.bleepingcomputer.com/farbar/FRST.exe

Starta FRST.
Läs villkoren för programmet.
Klicka på Yes för att acceptera.
Klicka på Scan-knappen.
När det är klart kommer det att ha skapats två loggar FRST.txt och Addition.txt på skrivbordet.
Klistra in innehållet i FRST.txt direkt i ditt svar och bifoga Addition.txt.

 

Obs! Om du använder Internet Explorer 11, får du bifoga loggarna till ditt svar i stället för att klistra in dem.
Klicka på Använd fullständig editor för att se hur du bifogar filer.

Länk till kommentar
Dela på andra webbplatser
VeronicaM

VeronicaM

Postad
  • Trådskapare
Postad
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02

Ran by Veronica (administrator) on VERONICA-DATOR on 27-02-2014 21:31:10

Running from C:\Users\Veronica\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: Swedish

Internet Explorer Version 11

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe

(Microsoft Corporation) C:\windows\system32\WLANExt.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

() C:\Program Files (x86)\Emotum\Stay Connected\Service.exe

(Telenor Sweden) C:\Program Files (x86)\Telenor Sweden\ESUS_TNS\ESUS_TNS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Spotify Ltd) C:\Users\Veronica\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(BitTorrent Inc.) C:\Program Files (x86)\BitTorrent\BitTorrent.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Dropbox, Inc.) C:\Users\Veronica\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Telenor SE) C:\Program Files (x86)\Emotum\Stay Connected\TelenorSEMobile.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MsoSync.exe

(Intel Corporation) C:\windows\system32\igfxext.exe

(Intel Corporation) C:\windows\system32\igfxsrvc.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe

(Intel Corporation) C:\windows\system32\hkcmd.exe

(Intel Corporation) C:\windows\system32\igfxpers.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe

(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

() C:\Users\Veronica\Downloads\adwcleaner.exe

(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\cltLMH.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11369576 2010-08-11] (Realtek Semiconductor)

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2581384 2010-08-31] (ELAN Microelectronics Corp.)

HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2416480 2012-01-24] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)

HKLM-x32\...\Run: [] - [X]

HKLM-x32\...\Run: [Telenor Stay Connected] - C:\Program Files (x86)\Emotum\Stay Connected\TelenorSEMobile.exe [339456 2010-08-03] (Telenor SE)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\Run: [spotify Web Helper] - C:\Users\Veronica\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-03] (Spotify Ltd)

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\Run: [spotify] - C:\Users\Veronica\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-02-03] (Spotify Ltd)

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\Run: [bitTorrent] - C:\Program Files (x86)\BitTorrent\BitTorrent.exe [882520 2013-05-22] (BitTorrent Inc.)

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: F - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {1cf1ce68-3196-11e2-8cbf-001e101f50a4} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {3c77b601-a649-11e0-b9ce-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {3c77b61a-a649-11e0-b9ce-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {65278651-cf39-11e1-bcf5-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {6527865f-cf39-11e1-bcf5-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {66eb384c-a65c-11e0-901b-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {6e2dd453-d732-11e0-b4aa-001bb1d7f653} - F:\PcOptions.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {76fd430f-a94d-11e0-9668-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {a357bb48-5d8e-11e1-a8ef-9ee21f5ed1b1} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {a357bb55-5d8e-11e1-a8ef-9ee21f5ed1b1} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {a357bb69-5d8e-11e1-a8ef-9ee21f5ed1b1} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {b327f3b7-2014-11e1-8132-001bb1d7f653} - F:\KODAK_Camera_Setup_App.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {d49e3787-b091-11e0-b35a-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {fbd5d093-fe2a-11e1-9eb9-001bb1d7f653} - F:\AutoRun.exe

AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)

Startup: C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

 

==================== Internet (Whitelisted) ====================

 


HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com/?type=hp&ts=1393257277&from=ild&uid=TOSHIBAXMK5065GSX_1132C5NZTXX1132C5NZT




URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.awesomehp.com/web/?type=ds&ts=1393257277&from=ild&uid=TOSHIBAXMK5065GSX_1132C5NZTXX1132C5NZT&q={searchTerms}


SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678

SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)

BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: W2PBrowser Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{2629C2F9-CDD3-4A7A-87E9-9A36F500794C}: [NameServer]195.54.122.211 195.54.122.221

Tcpip\..\Interfaces\{B66BF400-AE3F-4ACF-819F-36E2B1BEACFC}: [NameServer]195.54.122.211 195.54.122.221

Tcpip\..\Interfaces\{CABA990C-EDDC-49AF-9FA5-BAE2758C0B8D}: [NameServer]195.54.122.221 195.54.122.211

 

FireFox:

========

FF ProfilePath: C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\uinwu4dq.default

FF user.js: detected! => C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\uinwu4dq.default\user.js

FF DefaultSearchEngine: awesomehp

FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)

FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFF [2013-10-12]

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ []

FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4\

FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4\ []

 

Chrome: 

=======

CHR HomePage: hxxp://google.se/

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

CHR Plugin: (Java Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File

CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\Personal\bin\np_prsnl.dll No File

CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\windows\SysWOW64\npDeployJava1.dll No File

CHR Plugin: (Shockwave for Director) - C:\windows\system32\Adobe\Director\np32dsw.dll No File

CHR Extension: (Google Dokument) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-03]

CHR Extension: (Google Drive) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-03]

CHR Extension: (YouTube) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-03]

CHR Extension: (Sök på Google) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-03]

CHR Extension: (AVG Safe Search) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2013-06-03]

CHR Extension: (Norton Identity Protection) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-06-03]

CHR Extension: (Google Wallet) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

CHR Extension: (Gmail) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-03]

CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Veronica\AppData\Local\Temp\crx7EEB.tmp [2013-06-03]

CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx [2011-12-21]

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2014-02-03]

 

==================== Services (Whitelisted) =================

 

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [4433248 2011-10-12] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [192776 2011-08-02] (AVG Technologies CZ, s.r.o.)

R2 ESCSvc; C:\Program Files (x86)\Emotum\Stay Connected\Service.exe [659752 2010-08-25] ()

R2 ESUSClient_B2; C:\Program Files (x86)\Telenor Sweden\ESUS_TNS\ESUS_TNS.exe [358808 2011-03-07] (Telenor Sweden)

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()

S3 wifimansvc; C:\Program Files (x86)\Mobile Broadband\eap\wifimansvc.exe [598528 2012-02-28] ()

 

==================== Drivers (Whitelisted) ====================

 

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)

R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-28] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-28] (Symantec Corporation)

S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)

R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20140226.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)

R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140227.002\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)

R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20140227.002\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)

S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-03-31] (Windows ® 2003 DDK 3790 provider)

R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)

R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-28] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)

S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)

R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()

R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-02-24] (StdLib)

S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]

S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-02-27 21:31 - 2014-02-27 21:32 - 00025169 _____ () C:\Users\Veronica\Downloads\FRST.txt

2014-02-27 21:31 - 2014-02-27 21:31 - 00000000 ____D () C:\FRST

2014-02-27 21:30 - 2014-02-27 21:30 - 02155520 _____ (Farbar) C:\Users\Veronica\Downloads\FRST64.exe

2014-02-27 21:29 - 2014-02-27 21:29 - 00006125 _____ () C:\Users\Veronica\Desktop\AdwCleaner[R0].txt

2014-02-27 21:28 - 2014-02-27 21:29 - 00000000 ____D () C:\AdwCleaner

2014-02-27 21:27 - 2014-02-27 21:27 - 01244192 _____ () C:\Users\Veronica\Downloads\adwcleaner.exe

2014-02-27 21:26 - 2014-02-27 21:26 - 00004616 _____ () C:\Users\Veronica\Desktop\sc-cleaner.txt

2014-02-27 21:25 - 2014-02-27 21:25 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Veronica\Downloads\sc-cleaner (1).exe

2014-02-27 21:17 - 2014-02-27 21:25 - 00004616 _____ () C:\sc-cleaner.txt

2014-02-27 21:15 - 2014-02-27 21:16 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Veronica\Downloads\sc-cleaner.exe

2014-02-27 19:13 - 2014-02-27 19:13 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-27 19:13 - 2014-02-27 19:13 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Malwarebytes

2014-02-27 19:12 - 2014-02-27 19:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-27 19:12 - 2014-02-27 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-27 19:12 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys

2014-02-27 19:10 - 2014-02-27 19:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Veronica\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-27 17:51 - 2014-02-27 17:52 - 102750488 _____ (Microsoft Corporation) C:\Users\Veronica\Downloads\msert.exe

2014-02-27 13:10 - 2014-02-27 13:10 - 00046080 _____ () C:\Users\Veronica\Downloads\faco3 (1).xls

2014-02-26 14:15 - 2014-02-26 14:45 - 00043008 _____ () C:\Users\Veronica\Downloads\faco3.xls

2014-02-26 13:08 - 2014-02-26 13:08 - 00068608 _____ () C:\Users\Veronica\Downloads\Seminar 2, Carolina, Veronica, Anni.xls

2014-02-26 13:04 - 2014-02-26 14:45 - 00039424 _____ () C:\Users\Veronica\Downloads\Seminar 2.xls

2014-02-25 13:01 - 2014-02-25 13:03 - 00029184 _____ () C:\Users\Veronica\Desktop\HOLM-B-2008-01-31-2012-12-31.xls

2014-02-25 13:00 - 2014-02-25 13:00 - 00012213 _____ () C:\Users\Veronica\Desktop\HOLM-B-2008-01-31-2012-12-31.xlsx

2014-02-25 12:42 - 2014-02-25 13:00 - 00002414 _____ () C:\Users\Veronica\Downloads\HOLM-B-2008-01-31-2012-12-31.csv

2014-02-25 12:42 - 2014-02-25 12:42 - 00012587 _____ () C:\Users\Veronica\Desktop\SE0001775610-2008-01-01-2012-12-31.xlsx

2014-02-25 12:41 - 2014-02-25 13:03 - 00029184 _____ () C:\Users\Veronica\Desktop\HOLM-A-2008-01-01-2012-12-31.xls

2014-02-25 12:26 - 2014-02-25 12:41 - 00001824 _____ () C:\Users\Veronica\Downloads\HOLM-A-2008-01-01-2012-12-31.csv

2014-02-25 11:46 - 2014-02-25 13:11 - 00034816 _____ () C:\Users\Veronica\Desktop\SE0001775610-2008-01-01-2012-12-31.xls

2014-02-25 11:37 - 2014-02-25 11:46 - 00025556 _____ () C:\Users\Veronica\Downloads\SE0001775610-2008-01-01-2012-12-31.csv

2014-02-25 11:25 - 2014-02-25 11:25 - 00062325 _____ () C:\Users\Veronica\Downloads\SE0001775610-2009-02-24-2014-02-24.csv

2014-02-25 10:48 - 2014-02-25 10:48 - 00019286 _____ () C:\Users\Veronica\Downloads\Session 4 Supplement - Project Risk & Cost of Capital.xlsx

2014-02-25 10:47 - 2014-02-25 10:47 - 01549312 _____ () C:\Users\Veronica\Downloads\Session 4 - Project Risk & Cost of Capital.ppt

2014-02-25 09:56 - 2014-02-25 09:56 - 01416704 _____ () C:\Users\Veronica\Downloads\Session 2 - Estimating Project Cash Flows (1).ppt

2014-02-25 09:56 - 2014-02-25 09:56 - 00978944 _____ () C:\Users\Veronica\Downloads\Session 3 - Estimating Firm Free Cash Flow.ppt

2014-02-25 09:49 - 2014-02-25 09:49 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-enheter

2014-02-24 19:12 - 2014-02-24 19:12 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-02-24 19:12 - 2014-02-24 19:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-02-24 18:24 - 2014-02-24 18:24 - 00061112 _____ (StdLib) C:\windows\system32\Drivers\wStLibG64.sys

2014-02-24 17:26 - 2014-02-24 17:25 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe

2014-02-24 17:26 - 2014-02-24 17:25 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe

2014-02-24 17:26 - 2014-02-24 17:25 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe

2014-02-24 17:26 - 2014-02-24 17:25 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll

2014-02-24 17:22 - 2014-02-24 17:22 - 00921000 _____ (Oracle Corporation) C:\Users\Veronica\Downloads\chromeinstall-7u51.exe

2014-02-24 17:21 - 2014-02-24 17:26 - 00000000 ____D () C:\ProgramData\Oracle

2014-02-24 17:20 - 2014-02-24 17:20 - 00005911 _____ () C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-02-24 16:54 - 2014-02-27 18:12 - 00000000 ____D () C:\Program Files (x86)\GrabRez

2014-02-24 16:54 - 2014-02-24 16:54 - 16955384 _____ () C:\Users\Veronica\Downloads\Obekräftade 268770.crdownload

2014-02-24 16:50 - 2014-02-24 16:51 - 00003497 _____ () C:\Users\Veronica\Downloads\Real+Estate+Finance+and+Investments+14th+ed+By+Brueggeman%2C+Fisher.pdf.torrent

2014-02-21 19:19 - 2014-02-21 19:19 - 00000000 ____D () C:\Users\Veronica\Documents\OneNote Notebooks

2014-02-21 19:18 - 2014-02-27 21:26 - 00004994 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Veronica-Dator-Veronica Veronica-Dator

2014-02-21 19:18 - 2014-02-21 19:18 - 00002837 _____ () C:\Users\Veronica\Desktop\Word 2013.lnk

2014-02-21 19:15 - 2014-02-21 19:15 - 11380576 _____ (Microsoft Corporation) C:\Users\Veronica\Downloads\proofingtools_sv-se-x64.exe

2014-02-21 17:49 - 2014-02-27 21:28 - 00003758 _____ () C:\windows\System32\Tasks\AutoKMS

2014-02-21 17:49 - 2014-02-23 20:10 - 00000000 ____D () C:\windows\AutoKMS

2014-02-21 17:48 - 2014-02-21 17:48 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit

2014-02-21 17:43 - 2014-02-21 17:43 - 00000000 ____D () C:\Users\Veronica\Desktop\Microsoft Office 2013

2014-02-21 17:42 - 2014-02-21 17:42 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-02-21 17:41 - 2014-02-21 17:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server

2014-02-21 17:39 - 2014-02-21 17:41 - 00000000 ____D () C:\Program Files\Microsoft SQL Server

2014-02-21 17:39 - 2014-02-21 17:39 - 00000000 ____D () C:\windows\PCHEALTH

2014-02-21 17:35 - 2014-02-21 17:35 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services

2014-02-21 17:35 - 2014-02-21 17:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2014-02-21 17:34 - 2014-02-21 17:39 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-02-21 17:34 - 2014-02-21 17:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-02-21 17:32 - 2014-02-21 17:32 - 00000000 __RHD () C:\MSOCache

2014-02-21 16:09 - 2014-02-21 17:09 - 17858952 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe

2014-02-20 15:30 - 2014-02-20 15:30 - 02301440 _____ () C:\Users\Veronica\Downloads\Session 1 - Firm Objective & Investment Decision Rules (1).ppt

2014-02-20 15:30 - 2014-02-20 15:30 - 01414656 _____ () C:\Users\Veronica\Downloads\Session 2 - Estimating Project Cash Flows.ppt

2014-02-17 17:10 - 2014-02-17 17:10 - 02301440 _____ () C:\Users\Veronica\Downloads\Session 1 - Firm Objective & Investment Decision Rules.ppt

2014-02-15 15:21 - 2014-02-15 15:21 - 00014384 _____ () C:\Users\Veronica\Downloads\Welcome.To.The.Jungle.2013.SWESUB.NORSUB.DANSUB.dvdrip.x264-TF.torrent

2014-02-15 15:20 - 2014-02-15 15:20 - 00013883 _____ () C:\Users\Veronica\Downloads\Planes.2013.SWEDiSH.DVDRip.x264-LiBERTAZ.9562379.TPB.torrent

2014-02-15 15:19 - 2014-02-15 15:19 - 00000000 ____D () C:\Users\Veronica\Downloads\All.Is.Lost.2013.SWESUB.1080p.HDTV.x264

2014-02-15 15:18 - 2014-02-15 15:18 - 00018360 _____ () C:\Users\Veronica\Downloads\all.is.lost.2013.swesub.1080p.hdtv.x264.tpb.torrent.TPB.torrent

2014-02-15 15:18 - 2014-02-15 15:18 - 00014965 _____ () C:\Users\Veronica\Downloads\captain.philips.2013.swesub.webrip..x264.ac3-helge32.TPB.torrent

2014-02-15 15:18 - 2014-02-15 15:18 - 00000000 ____D () C:\Users\Veronica\Downloads\Captain.Philips.2013.SWESUB.WEBRIP..x264.AC3-helge32

2014-02-14 08:31 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-02-14 08:31 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-02-14 08:30 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-02-14 08:30 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-02-14 08:30 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-02-14 08:30 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-02-14 08:30 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-02-14 08:30 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-02-14 08:30 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-02-14 08:30 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-02-14 08:30 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-02-14 08:30 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-02-14 08:30 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-02-14 08:30 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-02-14 08:30 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-02-14 08:30 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-02-14 08:30 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-02-14 08:30 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-02-14 08:30 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-02-14 08:30 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-02-14 08:30 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-02-14 08:30 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-02-14 08:30 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-02-14 08:30 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-02-14 08:30 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-02-14 08:30 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-02-14 08:30 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-02-14 08:30 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-02-14 08:30 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-02-14 08:30 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-02-14 08:30 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-02-14 08:30 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-02-14 08:30 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-02-14 08:30 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-02-14 08:30 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-02-14 08:30 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-02-14 08:30 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-02-14 08:30 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-02-14 08:30 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-02-14 08:30 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-02-14 08:30 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-02-13 17:46 - 2014-02-13 17:46 - 00097442 _____ () C:\Users\Veronica\Desktop\Personligt brev.odt

2014-02-13 16:50 - 2014-02-13 16:50 - 01509305 _____ () C:\Users\Veronica\Downloads\FACO (FA) Session 8.pptx

2014-02-12 14:15 - 2014-02-12 14:15 - 00018596 _____ () C:\Users\Veronica\Desktop\Indirect method.odt

2014-02-12 14:08 - 2014-02-16 13:46 - 00029155 _____ () C:\Users\Veronica\Desktop\IAS.odt

2014-02-12 14:06 - 2014-02-12 14:06 - 02053558 _____ () C:\Users\Veronica\Downloads\FACO (FA) Session 5 (1).pptx

2014-02-12 11:50 - 2014-01-01 00:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls

2014-02-12 11:50 - 2014-01-01 00:04 - 00420008 _____ () C:\windows\system32\locale.nls

2014-02-12 11:50 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll

2014-02-12 11:50 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll

2014-02-12 11:50 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll

2014-02-12 11:50 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll

2014-02-12 11:50 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll

2014-02-12 11:50 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll

2014-02-12 11:50 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll

2014-02-12 11:50 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll

2014-02-12 11:50 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll

2014-02-12 11:50 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll

2014-02-12 11:50 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll

2014-02-12 11:50 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe

2014-02-12 11:50 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe

2014-02-12 11:50 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe

2014-02-12 11:50 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe

2014-02-12 11:50 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll

2014-02-12 11:50 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll

2014-02-12 11:50 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll

2014-02-12 11:50 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll

2014-02-12 11:50 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll

2014-02-12 11:50 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe

2014-02-12 11:50 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe

2014-02-12 11:50 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe

2014-02-12 11:50 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe

2014-02-12 11:50 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll

2014-02-12 11:50 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll

2014-02-12 11:46 - 2014-02-12 11:46 - 02053558 _____ () C:\Users\Veronica\Downloads\FACO (FA) Session 5.pptx

2014-02-04 12:12 - 2014-02-04 12:12 - 00714772 _____ () C:\Users\Veronica\Downloads\FACO (FA) Fall13 Session 6_Part 2.pptx

2014-02-03 21:55 - 2014-02-03 23:33 - 00097280 _____ () C:\Users\Veronica\Desktop\Seminar 2.ppt

2014-02-03 18:39 - 2014-02-03 18:39 - 00024742 _____ () C:\Users\Veronica\Downloads\faco (1).xlsx

2014-02-03 18:38 - 2014-02-03 18:38 - 00024742 _____ () C:\Users\Veronica\Downloads\faco.xlsx

2014-02-01 16:13 - 2014-02-01 16:49 - 00020481 _____ () C:\Users\Veronica\Downloads\cv-mallar.nu-cv-mall-3-europass.odt

2014-02-01 15:56 - 2014-02-01 15:56 - 00020426 _____ () C:\Users\Veronica\Downloads\CV Veronica Maltin.odt

2014-01-31 10:55 - 2014-01-31 10:55 - 00015264 _____ () C:\Users\Veronica\Downloads\Microsoft_OFFICE_2010__Pro_Plus_PRECRACKED.TPB.torrent

 

==================== One Month Modified Files and Folders =======

 

2014-02-27 21:32 - 2014-02-27 21:31 - 00025169 _____ () C:\Users\Veronica\Downloads\FRST.txt

2014-02-27 21:31 - 2014-02-27 21:31 - 00000000 ____D () C:\FRST

2014-02-27 21:31 - 2011-07-25 14:46 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\BitTorrent

2014-02-27 21:30 - 2014-02-27 21:30 - 02155520 _____ (Farbar) C:\Users\Veronica\Downloads\FRST64.exe

2014-02-27 21:29 - 2014-02-27 21:29 - 00006125 _____ () C:\Users\Veronica\Desktop\AdwCleaner[R0].txt

2014-02-27 21:29 - 2014-02-27 21:28 - 00000000 ____D () C:\AdwCleaner

2014-02-27 21:29 - 2013-06-03 18:19 - 00000998 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-27 21:28 - 2014-02-21 17:49 - 00003758 _____ () C:\windows\System32\Tasks\AutoKMS

2014-02-27 21:28 - 2010-10-27 23:40 - 01106632 _____ () C:\windows\WindowsUpdate.log

2014-02-27 21:27 - 2014-02-27 21:27 - 01244192 _____ () C:\Users\Veronica\Downloads\adwcleaner.exe

2014-02-27 21:26 - 2014-02-27 21:26 - 00004616 _____ () C:\Users\Veronica\Desktop\sc-cleaner.txt

2014-02-27 21:26 - 2014-02-21 19:18 - 00004994 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Veronica-Dator-Veronica Veronica-Dator

2014-02-27 21:25 - 2014-02-27 21:25 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Veronica\Downloads\sc-cleaner (1).exe

2014-02-27 21:25 - 2014-02-27 21:17 - 00004616 _____ () C:\sc-cleaner.txt

2014-02-27 21:24 - 2011-07-04 16:33 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Spotify

2014-02-27 21:24 - 2011-07-04 15:24 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite

2014-02-27 21:23 - 2013-06-03 18:19 - 00000994 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-27 21:23 - 2013-04-22 15:44 - 00000000 ___RD () C:\Users\Veronica\Dropbox

2014-02-27 21:23 - 2013-04-22 15:41 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Dropbox

2014-02-27 21:22 - 2010-10-27 08:55 - 00255534 _____ () C:\windows\PFRO.log

2014-02-27 21:22 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-02-27 21:22 - 2009-07-14 05:51 - 00102013 _____ () C:\windows\setupact.log

2014-02-27 21:16 - 2014-02-27 21:15 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Veronica\Downloads\sc-cleaner.exe

2014-02-27 21:09 - 2012-04-26 10:47 - 00000868 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job

2014-02-27 20:02 - 2012-01-14 14:20 - 00000000 ____D () C:\Users\Veronica\Downloads\Film

2014-02-27 20:02 - 2011-07-04 16:33 - 00000000 ____D () C:\Users\Veronica\AppData\Local\Spotify

2014-02-27 19:13 - 2014-02-27 19:13 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-27 19:13 - 2014-02-27 19:13 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Malwarebytes

2014-02-27 19:13 - 2014-02-27 19:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-27 19:12 - 2014-02-27 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-27 19:11 - 2014-02-27 19:10 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Veronica\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-27 18:19 - 2009-07-14 05:45 - 00014144 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-27 18:19 - 2009-07-14 05:45 - 00014144 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-27 18:12 - 2014-02-24 16:54 - 00000000 ____D () C:\Program Files (x86)\GrabRez

2014-02-27 18:07 - 2010-10-28 00:10 - 00664068 _____ () C:\windows\system32\perfh01D.dat

2014-02-27 18:07 - 2010-10-28 00:10 - 00142836 _____ () C:\windows\system32\perfc01D.dat

2014-02-27 18:07 - 2009-07-14 06:13 - 01600290 _____ () C:\windows\system32\PerfStringBackup.INI

2014-02-27 18:05 - 2011-07-24 16:49 - 01549128 _____ () C:\windows\SysWOW64\PerfStringBackup.INI

2014-02-27 17:52 - 2014-02-27 17:51 - 102750488 _____ (Microsoft Corporation) C:\Users\Veronica\Downloads\msert.exe

2014-02-27 17:49 - 2011-08-03 20:51 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Skype

2014-02-27 13:10 - 2014-02-27 13:10 - 00046080 _____ () C:\Users\Veronica\Downloads\faco3 (1).xls

2014-02-26 14:45 - 2014-02-26 14:15 - 00043008 _____ () C:\Users\Veronica\Downloads\faco3.xls

2014-02-26 14:45 - 2014-02-26 13:04 - 00039424 _____ () C:\Users\Veronica\Downloads\Seminar 2.xls

2014-02-26 13:08 - 2014-02-26 13:08 - 00068608 _____ () C:\Users\Veronica\Downloads\Seminar 2, Carolina, Veronica, Anni.xls

2014-02-25 13:11 - 2014-02-25 11:46 - 00034816 _____ () C:\Users\Veronica\Desktop\SE0001775610-2008-01-01-2012-12-31.xls

2014-02-25 13:03 - 2014-02-25 13:01 - 00029184 _____ () C:\Users\Veronica\Desktop\HOLM-B-2008-01-31-2012-12-31.xls

2014-02-25 13:03 - 2014-02-25 12:41 - 00029184 _____ () C:\Users\Veronica\Desktop\HOLM-A-2008-01-01-2012-12-31.xls

2014-02-25 13:00 - 2014-02-25 13:00 - 00012213 _____ () C:\Users\Veronica\Desktop\HOLM-B-2008-01-31-2012-12-31.xlsx

2014-02-25 13:00 - 2014-02-25 12:42 - 00002414 _____ () C:\Users\Veronica\Downloads\HOLM-B-2008-01-31-2012-12-31.csv

2014-02-25 12:42 - 2014-02-25 12:42 - 00012587 _____ () C:\Users\Veronica\Desktop\SE0001775610-2008-01-01-2012-12-31.xlsx

2014-02-25 12:41 - 2014-02-25 12:26 - 00001824 _____ () C:\Users\Veronica\Downloads\HOLM-A-2008-01-01-2012-12-31.csv

2014-02-25 11:46 - 2014-02-25 11:37 - 00025556 _____ () C:\Users\Veronica\Downloads\SE0001775610-2008-01-01-2012-12-31.csv

2014-02-25 11:25 - 2014-02-25 11:25 - 00062325 _____ () C:\Users\Veronica\Downloads\SE0001775610-2009-02-24-2014-02-24.csv

2014-02-25 10:48 - 2014-02-25 10:48 - 00019286 _____ () C:\Users\Veronica\Downloads\Session 4 Supplement - Project Risk & Cost of Capital.xlsx

2014-02-25 10:47 - 2014-02-25 10:47 - 01549312 _____ () C:\Users\Veronica\Downloads\Session 4 - Project Risk & Cost of Capital.ppt

2014-02-25 09:56 - 2014-02-25 09:56 - 01416704 _____ () C:\Users\Veronica\Downloads\Session 2 - Estimating Project Cash Flows (1).ppt

2014-02-25 09:56 - 2014-02-25 09:56 - 00978944 _____ () C:\Users\Veronica\Downloads\Session 3 - Estimating Firm Free Cash Flow.ppt

2014-02-25 09:49 - 2014-02-25 09:49 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-enheter

2014-02-24 19:27 - 2012-09-05 06:39 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-02-24 19:23 - 2009-07-14 03:34 - 00000513 _____ () C:\windows\win.ini

2014-02-24 19:12 - 2014-02-24 19:12 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-02-24 19:12 - 2014-02-24 19:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-02-24 18:24 - 2014-02-24 18:24 - 00061112 _____ (StdLib) C:\windows\system32\Drivers\wStLibG64.sys

2014-02-24 17:26 - 2014-02-24 17:21 - 00000000 ____D () C:\ProgramData\Oracle

2014-02-24 17:25 - 2014-02-24 17:26 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe

2014-02-24 17:25 - 2014-02-24 17:26 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe

2014-02-24 17:25 - 2014-02-24 17:26 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe

2014-02-24 17:25 - 2014-02-24 17:26 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll

2014-02-24 17:25 - 2013-06-24 11:27 - 00000000 ____D () C:\Program Files (x86)\Java

2014-02-24 17:22 - 2014-02-24 17:22 - 00921000 _____ (Oracle Corporation) C:\Users\Veronica\Downloads\chromeinstall-7u51.exe

2014-02-24 17:20 - 2014-02-24 17:20 - 00005911 _____ () C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-02-24 17:06 - 2009-07-14 06:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD

2014-02-24 16:59 - 2009-07-14 05:45 - 00472496 _____ () C:\windows\system32\FNTCACHE.DAT

2014-02-24 16:54 - 2014-02-24 16:54 - 16955384 _____ () C:\Users\Veronica\Downloads\Obekräftade 268770.crdownload

2014-02-24 16:51 - 2014-02-24 16:50 - 00003497 _____ () C:\Users\Veronica\Downloads\Real+Estate+Finance+and+Investments+14th+ed+By+Brueggeman%2C+Fisher.pdf.torrent

2014-02-24 15:57 - 2013-06-03 18:24 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-02-23 20:10 - 2014-02-21 17:49 - 00000000 ____D () C:\windows\AutoKMS

2014-02-21 19:19 - 2014-02-21 19:19 - 00000000 ____D () C:\Users\Veronica\Documents\OneNote Notebooks

2014-02-21 19:19 - 2011-07-04 15:35 - 00000000 ___RD () C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-02-21 19:18 - 2014-02-21 19:18 - 00002837 _____ () C:\Users\Veronica\Desktop\Word 2013.lnk

2014-02-21 19:18 - 2013-01-28 15:00 - 00000000 ____D () C:\Users\Veronica\Documents\CV + PB

2014-02-21 19:15 - 2014-02-21 19:15 - 11380576 _____ (Microsoft Corporation) C:\Users\Veronica\Downloads\proofingtools_sv-se-x64.exe

2014-02-21 17:48 - 2014-02-21 17:48 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit

2014-02-21 17:48 - 2011-07-04 15:25 - 00122616 _____ () C:\Users\Veronica\AppData\Local\GDIPFONTCACHEV1.DAT

2014-02-21 17:43 - 2014-02-21 17:43 - 00000000 ____D () C:\Users\Veronica\Desktop\Microsoft Office 2013

2014-02-21 17:42 - 2014-02-21 17:42 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-02-21 17:42 - 2010-10-27 23:58 - 00000000 ____D () C:\windows\ShellNew

2014-02-21 17:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-02-21 17:41 - 2014-02-21 17:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server

2014-02-21 17:41 - 2014-02-21 17:39 - 00000000 ____D () C:\Program Files\Microsoft SQL Server

2014-02-21 17:39 - 2014-02-21 17:39 - 00000000 ____D () C:\windows\PCHEALTH

2014-02-21 17:39 - 2014-02-21 17:34 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-02-21 17:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System

2014-02-21 17:35 - 2014-02-21 17:35 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services

2014-02-21 17:35 - 2014-02-21 17:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2014-02-21 17:34 - 2014-02-21 17:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-02-21 17:32 - 2014-02-21 17:32 - 00000000 __RHD () C:\MSOCache

2014-02-21 17:09 - 2014-02-21 16:09 - 17858952 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe

2014-02-21 17:09 - 2012-04-26 10:47 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe

2014-02-21 17:09 - 2012-04-26 10:47 - 00003806 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater

2014-02-21 17:09 - 2011-08-16 18:12 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-02-20 15:30 - 2014-02-20 15:30 - 02301440 _____ () C:\Users\Veronica\Downloads\Session 1 - Firm Objective & Investment Decision Rules (1).ppt

2014-02-20 15:30 - 2014-02-20 15:30 - 01414656 _____ () C:\Users\Veronica\Downloads\Session 2 - Estimating Project Cash Flows.ppt

2014-02-17 17:10 - 2014-02-17 17:10 - 02301440 _____ () C:\Users\Veronica\Downloads\Session 1 - Firm Objective & Investment Decision Rules.ppt

2014-02-16 13:46 - 2014-02-12 14:08 - 00029155 _____ () C:\Users\Veronica\Desktop\IAS.odt

2014-02-16 12:24 - 2013-06-03 18:19 - 00003994 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-02-16 12:24 - 2013-06-03 18:19 - 00003742 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-02-15 15:21 - 2014-02-15 15:21 - 00014384 _____ () C:\Users\Veronica\Downloads\Welcome.To.The.Jungle.2013.SWESUB.NORSUB.DANSUB.dvdrip.x264-TF.torrent

2014-02-15 15:20 - 2014-02-15 15:20 - 00013883 _____ () C:\Users\Veronica\Downloads\Planes.2013.SWEDiSH.DVDRip.x264-LiBERTAZ.9562379.TPB.torrent

2014-02-15 15:19 - 2014-02-15 15:19 - 00000000 ____D () C:\Users\Veronica\Downloads\All.Is.Lost.2013.SWESUB.1080p.HDTV.x264

2014-02-15 15:18 - 2014-02-15 15:18 - 00018360 _____ () C:\Users\Veronica\Downloads\all.is.lost.2013.swesub.1080p.hdtv.x264.tpb.torrent.TPB.torrent

2014-02-15 15:18 - 2014-02-15 15:18 - 00014965 _____ () C:\Users\Veronica\Downloads\captain.philips.2013.swesub.webrip..x264.ac3-helge32.TPB.torrent

2014-02-15 15:18 - 2014-02-15 15:18 - 00000000 ____D () C:\Users\Veronica\Downloads\Captain.Philips.2013.SWESUB.WEBRIP..x264.AC3-helge32

2014-02-13 17:46 - 2014-02-13 17:46 - 00097442 _____ () C:\Users\Veronica\Desktop\Personligt brev.odt

2014-02-13 16:50 - 2014-02-13 16:50 - 01509305 _____ () C:\Users\Veronica\Downloads\FACO (FA) Session 8.pptx

2014-02-12 14:15 - 2014-02-12 14:15 - 00018596 _____ () C:\Users\Veronica\Desktop\Indirect method.odt

2014-02-12 14:06 - 2014-02-12 14:06 - 02053558 _____ () C:\Users\Veronica\Downloads\FACO (FA) Session 5 (1).pptx

2014-02-12 11:46 - 2014-02-12 11:46 - 02053558 _____ () C:\Users\Veronica\Downloads\FACO (FA) Session 5.pptx

2014-02-06 13:16 - 2014-02-14 08:30 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-02-06 12:30 - 2014-02-14 08:30 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-02-06 12:30 - 2014-02-14 08:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-02-06 12:12 - 2014-02-14 08:30 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-02-06 12:07 - 2014-02-14 08:30 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-02-06 12:06 - 2014-02-14 08:30 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-02-06 11:57 - 2014-02-14 08:30 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-02-06 11:56 - 2014-02-14 08:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-02-06 11:52 - 2014-02-14 08:30 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-02-06 11:49 - 2014-02-14 08:30 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-02-06 11:48 - 2014-02-14 08:30 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-02-06 11:48 - 2014-02-14 08:30 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-02-06 11:38 - 2014-02-14 08:30 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-02-06 11:32 - 2014-02-14 08:30 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-02-06 11:20 - 2014-02-14 08:30 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-02-06 11:17 - 2014-02-14 08:30 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-02-06 11:11 - 2014-02-14 08:30 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-02-06 11:01 - 2014-02-14 08:30 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-02-06 11:00 - 2014-02-14 08:30 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-02-06 10:57 - 2014-02-14 08:30 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-02-06 10:57 - 2014-02-14 08:30 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-02-06 10:52 - 2014-02-14 08:30 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-02-06 10:52 - 2014-02-14 08:30 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-02-06 10:50 - 2014-02-14 08:30 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-02-06 10:49 - 2014-02-14 08:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-02-06 10:47 - 2014-02-14 08:30 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-02-06 10:46 - 2014-02-14 08:30 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-02-06 10:25 - 2014-02-14 08:30 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-02-06 10:25 - 2014-02-14 08:30 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-02-06 10:24 - 2014-02-14 08:30 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-02-06 10:22 - 2014-02-14 08:30 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-02-06 10:13 - 2014-02-14 08:30 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-02-06 10:09 - 2014-02-14 08:30 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-02-06 10:03 - 2014-02-14 08:30 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-02-06 09:55 - 2014-02-14 08:30 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-02-06 09:41 - 2014-02-14 08:30 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-02-06 09:40 - 2014-02-14 08:30 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-02-06 09:36 - 2014-02-14 08:30 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-02-06 09:34 - 2014-02-14 08:30 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-02-04 12:12 - 2014-02-04 12:12 - 00714772 _____ () C:\Users\Veronica\Downloads\FACO (FA) Fall13 Session 6_Part 2.pptx

2014-02-03 23:33 - 2014-02-03 21:55 - 00097280 _____ () C:\Users\Veronica\Desktop\Seminar 2.ppt

2014-02-03 18:39 - 2014-02-03 18:39 - 00024742 _____ () C:\Users\Veronica\Downloads\faco (1).xlsx

2014-02-03 18:38 - 2014-02-03 18:38 - 00024742 _____ () C:\Users\Veronica\Downloads\faco.xlsx

2014-02-01 16:49 - 2014-02-01 16:13 - 00020481 _____ () C:\Users\Veronica\Downloads\cv-mallar.nu-cv-mall-3-europass.odt

2014-02-01 15:56 - 2014-02-01 15:56 - 00020426 _____ () C:\Users\Veronica\Downloads\CV Veronica Maltin.odt

2014-01-31 10:55 - 2014-01-31 10:55 - 00015264 _____ () C:\Users\Veronica\Downloads\Microsoft_OFFICE_2010__Pro_Plus_PRECRACKED.TPB.torrent

 

Some content of TEMP:

====================

C:\Users\Veronica\AppData\Local\Temp\DataCard_Setup64.exe

C:\Users\Veronica\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\Veronica\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Veronica\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\Veronica\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Veronica\AppData\Local\Temp\ose00001.exe

C:\Users\Veronica\AppData\Local\Temp\Quarantine.exe

C:\Users\Veronica\AppData\Local\Temp\ResetDevice.exe

C:\Users\Veronica\AppData\Local\Temp\utt117F.tmp.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-02-15 17:02

 

==================== End Of Log ============================

Länk till kommentar
Dela på andra webbplatser
VeronicaM

VeronicaM

Postad
  • Trådskapare
Postad

När jag klistrar in FRST så verkar det bara som om början kommer med, eller kan du/ni se hela? 

 

Är det mer som ska fixas efter detta? :)

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Jo, det återstår ett antal steg innan det är klart.

 

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.

Klicka på Clean-knappen.
Tryck på OK.
Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[s0].txt

 

2. Eftersom AVG inte verkar fungera och inte bör köras ihop med Norton, så avinstallera först AVG på normalt sätt och kör sedan AVG Remover som tar bort alla rester efter avinstallationen av AVG: http://www.avg.com/us-en/utilities

När datorn är ren igen bör du installera senaste versionen av Norton eftersom den innehåller nya och förbättrade funktioner för att bekämpa de senaste typerna av skadliga program.

 

3. Spara SystemLook på Skrivbordet från: http://jpshortstuff.247fixes.com/SystemLook_x64.exe
Dubbelklicka på SystemLook-filen för att köra den.

Kopiera alla rader i rutan

:dir
C:\Program Files (x86)\GrabRez
:file
C:\Users\Veronica\AppData\Local\Temp\crx7EEB.tmp
och klistra in i det stora textfältet i SýstemLook.
Tryck på knappen Look för att starta sökningen.
När det är klart så kommer Anteckningar upp med en logg, och den klistrar du in här. Om loggen inte kommer upp så finns den som SystemLook.txt på Skrivbordet.

 

4. Kör FRST igen och klistra in den nya loggen så att jag kan se hur det ser ut i datorn nu efter att AdwCleaner rensat.

 

5. Skanna datorn online på http://www.eset.com/onlinescan/
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Avbocka alternativet Remove found threats
Bocka för Scan Archives

Klicka på Advanced Settings
Bocka för:
Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Scan

När skanningen är klar klicka på List of threats found, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Länk till kommentar
Dela på andra webbplatser
VeronicaM

VeronicaM

Postad
  • Trådskapare
Postad
# AdwCleaner v3.020 - Report created 28/02/2014 at 07:18:59

# Updated 27/02/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Veronica - VERONICA-DATOR

# Running from : C:\Users\Veronica\Downloads\adwcleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\Users\Veronica\AppData\Local\Babylon

Folder Deleted : C:\Users\Veronica\AppData\Local\Conduit

Folder Deleted : C:\Users\Veronica\AppData\LocalLow\BabylonToolbar

Folder Deleted : C:\Users\Veronica\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Veronica\AppData\Roaming\Babylon

Folder Deleted : C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

File Deleted : C:\windows\SysWOW64\conduitEngine.tmp

File Deleted : C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\uinwu4dq.default\user.js

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla

Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr

Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-messenger_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\StartSearch

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\Software\Conduit

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16518

 

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]

 

-\\ Mozilla Firefox v23.0 (en-US)

 

[ File : C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\uinwu4dq.default\prefs.js ]

 

Line Deleted : user_pref("browser.search.defaultenginename", "awesomehp");

 

-\\ Google Chrome v33.0.1750.117

 

[ File : C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [6125 octets] - [27/02/2014 21:28:36]

AdwCleaner[R1].txt - [6185 octets] - [28/02/2014 07:17:06]

AdwCleaner[s0].txt - [5425 octets] - [28/02/2014 07:18:59]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5485 octets] ##########

 

Länk till kommentar
Dela på andra webbplatser
VeronicaM

VeronicaM

Postad
  • Trådskapare
Postad
SystemLook 30.07.11 by jpshortstuff

Log created at 07:53 on 28/02/2014 by Veronica

Administrator - Elevation successful

 

========== dir ==========

 

C:\Program Files (x86)\GrabRez - Parameters: "(none)"

 

---Files---

None found.

 

---Folders---

None found.

 

========== file ==========

 

C:\Users\Veronica\AppData\Local\Temp\crx7EEB.tmp - Unable to find/read file.

 

-= EOF =-

Länk till kommentar
Dela på andra webbplatser
VeronicaM

VeronicaM

Postad
  • Trådskapare
Postad
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02

Ran by Veronica (administrator) on VERONICA-DATOR on 28-02-2014 07:53:44

Running from C:\Users\Veronica\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: Swedish

Internet Explorer Version 11

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe

(Microsoft Corporation) C:\windows\system32\WLANExt.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

() C:\Program Files (x86)\Emotum\Stay Connected\Service.exe

(Telenor Sweden) C:\Program Files (x86)\Telenor Sweden\ESUS_TNS\ESUS_TNS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Intel® Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe

(Intel Corporation) C:\windows\system32\igfxext.exe

(Intel Corporation) C:\windows\system32\igfxsrvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Spotify Ltd) C:\Users\Veronica\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Dropbox, Inc.) C:\Users\Veronica\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Telenor SE) C:\Program Files (x86)\Emotum\Stay Connected\TelenorSEMobile.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MsoSync.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe

(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe

(Intel Corporation) C:\windows\system32\hkcmd.exe

(Intel Corporation) C:\windows\system32\igfxpers.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe

(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.1.7\NIS.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.1.7\NIS.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11369576 2010-08-11] (Realtek Semiconductor)

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2581384 2010-08-31] (ELAN Microelectronics Corp.)

HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)

HKLM-x32\...\Run: [] - [X]

HKLM-x32\...\Run: [Telenor Stay Connected] - C:\Program Files (x86)\Emotum\Stay Connected\TelenorSEMobile.exe [339456 2010-08-03] (Telenor SE)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\Run: [spotify Web Helper] - C:\Users\Veronica\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-03] (Spotify Ltd)

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\Run: [spotify] - C:\Users\Veronica\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-02-03] (Spotify Ltd)

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\Run: [bitTorrent] - C:\Program Files (x86)\BitTorrent\BitTorrent.exe [882520 2013-05-22] (BitTorrent Inc.)

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: F - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {1cf1ce68-3196-11e2-8cbf-001e101f50a4} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {3c77b601-a649-11e0-b9ce-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {3c77b61a-a649-11e0-b9ce-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {65278651-cf39-11e1-bcf5-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {6527865f-cf39-11e1-bcf5-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {66eb384c-a65c-11e0-901b-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {6e2dd453-d732-11e0-b4aa-001bb1d7f653} - F:\PcOptions.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {76fd430f-a94d-11e0-9668-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {a357bb48-5d8e-11e1-a8ef-9ee21f5ed1b1} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {a357bb55-5d8e-11e1-a8ef-9ee21f5ed1b1} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {a357bb69-5d8e-11e1-a8ef-9ee21f5ed1b1} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {b327f3b7-2014-11e1-8132-001bb1d7f653} - F:\KODAK_Camera_Setup_App.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {d49e3787-b091-11e0-b35a-001bb1d7f653} - F:\AutoRun.exe

HKU\S-1-5-21-2131317746-4253049498-594761975-1001\...\MountPoints2: {fbd5d093-fe2a-11e1-9eb9-001bb1d7f653} - F:\AutoRun.exe

AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)

Startup: C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Veronica\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

 

==================== Internet (Whitelisted) ====================

 

URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.1.7\coIEPlg.dll (Symantec Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.1.7\coIEPlg.dll (Symantec Corporation)

BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.1.7\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: W2PBrowser Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.1.7\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.1.7\coIEPlg.dll (Symantec Corporation)

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{2629C2F9-CDD3-4A7A-87E9-9A36F500794C}: [NameServer]195.54.122.211 195.54.122.221

Tcpip\..\Interfaces\{B66BF400-AE3F-4ACF-819F-36E2B1BEACFC}: [NameServer]195.54.122.211 195.54.122.221

Tcpip\..\Interfaces\{CABA990C-EDDC-49AF-9FA5-BAE2758C0B8D}: [NameServer]195.54.122.221 195.54.122.211

 

FireFox:

========

FF ProfilePath: C:\Users\Veronica\AppData\Roaming\Mozilla\Firefox\Profiles\uinwu4dq.default

FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)

FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\coFFPlgn\

FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\coFFPlgn\ []

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.1.7\IPSFF [2014-02-28]

 

Chrome: 

=======

CHR HomePage: hxxp://google.se/

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File

CHR Plugin: (Java Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File

CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\Personal\bin\np_prsnl.dll No File

CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\windows\SysWOW64\npDeployJava1.dll No File

CHR Plugin: (Shockwave for Director) - C:\windows\system32\Adobe\Director\np32dsw.dll No File

CHR Extension: (Google Dokument) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-03]

CHR Extension: (Google Drive) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-03]

CHR Extension: (YouTube) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-03]

CHR Extension: (Sök på Google) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-03]

CHR Extension: (Norton Identity Protection) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-06-03]

CHR Extension: (Google Wallet) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

CHR Extension: (Gmail) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-03]

CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Veronica\AppData\Local\Temp\crx7EEB.tmp [2013-06-03]

CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.1.7\Exts\Chrome.crx [2014-02-28]

 

==================== Services (Whitelisted) =================

 

R2 ESCSvc; C:\Program Files (x86)\Emotum\Stay Connected\Service.exe [659752 2010-08-25] ()

R2 ESUSClient_B2; C:\Program Files (x86)\Telenor Sweden\ESUS_TNS\ESUS_TNS.exe [358808 2011-03-07] (Telenor Sweden)

R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.1.7\NIS.exe [276376 2014-02-12] (Symantec Corporation)

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()

S3 wifimansvc; C:\Program Files (x86)\Mobile Broadband\eap\wifimansvc.exe [598528 2012-02-28] ()

 

==================== Drivers (Whitelisted) ====================

 

R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2014-02-14] (Symantec Corporation)

R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501010.007\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)

S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)

R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\IPSDefs\20140227.001\IDSvia64.sys [521944 2014-02-27] (Symantec Corporation)

R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\VirusDefs\20140227.009\ENG64.SYS [126040 2014-02-27] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.1.7\Definitions\VirusDefs\20140227.009\EX64.SYS [2099288 2014-02-27] (Symantec Corporation)

S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-03-31] (Windows ® 2003 DDK 3790 provider)

R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1501010.007\SRTSP64.SYS [875736 2014-02-11] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501010.007\SRTSPX64.SYS [36952 2014-02-11] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NISx64\1501010.007\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501010.007\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)

R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-28] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501010.007\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)

R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501010.007\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)

S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)

R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()

R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-02-24] (StdLib)

S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]

S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-02-28 07:53 - 2014-02-28 07:53 - 00000776 _____ () C:\Users\Veronica\Desktop\SystemLook.txt

2014-02-28 07:51 - 2014-02-28 07:51 - 00165376 _____ () C:\Users\Veronica\Desktop\SystemLook_x64.exe

2014-02-28 07:50 - 2014-02-28 07:50 - 00000000 ____D () C:\windows\System32\Tasks\Norton Internet Security

2014-02-28 07:42 - 2014-02-28 07:51 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton

2014-02-28 07:42 - 2014-02-28 07:42 - 00001299 _____ () C:\Users\Veronica\Desktop\Nortons installationsfiler.lnk

2014-02-28 07:41 - 2014-02-28 07:41 - 01021936 _____ (Symantec Corporation) C:\Users\Veronica\Downloads\NISDownloader (1).exe

2014-02-28 07:40 - 2014-02-28 07:40 - 01021936 _____ (Symantec Corporation) C:\Users\Veronica\Downloads\NISDownloader.exe

2014-02-28 07:33 - 2014-02-28 07:36 - 00457651 _____ () C:\Users\Veronica\Downloads\avgremover.log

2014-02-28 07:33 - 2014-02-28 07:33 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Veronica\Downloads\avg_remover_stf_x64_2014_4116.exe

2014-02-28 07:29 - 2014-02-28 07:29 - 00012064 _____ () C:\windows\SysWOW64\commonpriv.log

2014-02-28 07:29 - 2014-02-28 07:29 - 00000000 _____ () C:\windows\SysWOW64\commonpriv.log.lock

2014-02-27 21:34 - 2014-02-27 21:34 - 00062246 _____ () C:\Users\Veronica\Desktop\FRST.txt

2014-02-27 21:33 - 2014-02-27 21:33 - 00047507 _____ () C:\Users\Veronica\Desktop\Addition.txt

2014-02-27 21:32 - 2014-02-27 21:33 - 00047507 _____ () C:\Users\Veronica\Downloads\Addition.txt

2014-02-27 21:31 - 2014-02-28 07:53 - 00021059 _____ () C:\Users\Veronica\Downloads\FRST.txt

2014-02-27 21:31 - 2014-02-28 07:53 - 00000000 ____D () C:\FRST

2014-02-27 21:30 - 2014-02-27 21:30 - 02155520 _____ (Farbar) C:\Users\Veronica\Downloads\FRST64.exe

2014-02-27 21:29 - 2014-02-27 21:29 - 00006125 _____ () C:\Users\Veronica\Desktop\AdwCleaner[R0].txt

2014-02-27 21:28 - 2014-02-28 07:19 - 00000000 ____D () C:\AdwCleaner

2014-02-27 21:27 - 2014-02-27 21:27 - 01244192 _____ () C:\Users\Veronica\Downloads\adwcleaner.exe

2014-02-27 21:26 - 2014-02-27 21:26 - 00004616 _____ () C:\Users\Veronica\Desktop\sc-cleaner.txt

2014-02-27 21:25 - 2014-02-27 21:25 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Veronica\Downloads\sc-cleaner (1).exe

2014-02-27 21:17 - 2014-02-27 21:25 - 00004616 _____ () C:\sc-cleaner.txt

2014-02-27 21:15 - 2014-02-27 21:16 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Veronica\Downloads\sc-cleaner.exe

2014-02-27 19:13 - 2014-02-27 19:13 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-27 19:13 - 2014-02-27 19:13 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Malwarebytes

2014-02-27 19:12 - 2014-02-27 19:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-27 19:12 - 2014-02-27 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-27 19:12 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys

2014-02-27 19:10 - 2014-02-27 19:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Veronica\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-27 17:51 - 2014-02-27 17:52 - 102750488 _____ (Microsoft Corporation) C:\Users\Veronica\Downloads\msert.exe

2014-02-27 13:10 - 2014-02-27 13:10 - 00046080 _____ () C:\Users\Veronica\Downloads\faco3 (1).xls

2014-02-26 14:15 - 2014-02-26 14:45 - 00043008 _____ () C:\Users\Veronica\Downloads\faco3.xls

2014-02-26 13:08 - 2014-02-26 13:08 - 00068608 _____ () C:\Users\Veronica\Downloads\Seminar 2, Carolina, Veronica, Anni.xls

2014-02-26 13:04 - 2014-02-26 14:45 - 00039424 _____ () C:\Users\Veronica\Downloads\Seminar 2.xls

2014-02-25 13:01 - 2014-02-25 13:03 - 00029184 _____ () C:\Users\Veronica\Desktop\HOLM-B-2008-01-31-2012-12-31.xls

2014-02-25 13:00 - 2014-02-25 13:00 - 00012213 _____ () C:\Users\Veronica\Desktop\HOLM-B-2008-01-31-2012-12-31.xlsx

2014-02-25 12:42 - 2014-02-25 13:00 - 00002414 _____ () C:\Users\Veronica\Downloads\HOLM-B-2008-01-31-2012-12-31.csv

2014-02-25 12:42 - 2014-02-25 12:42 - 00012587 _____ () C:\Users\Veronica\Desktop\SE0001775610-2008-01-01-2012-12-31.xlsx

2014-02-25 12:41 - 2014-02-25 13:03 - 00029184 _____ () C:\Users\Veronica\Desktop\HOLM-A-2008-01-01-2012-12-31.xls

2014-02-25 12:26 - 2014-02-25 12:41 - 00001824 _____ () C:\Users\Veronica\Downloads\HOLM-A-2008-01-01-2012-12-31.csv

2014-02-25 11:46 - 2014-02-25 13:11 - 00034816 _____ () C:\Users\Veronica\Desktop\SE0001775610-2008-01-01-2012-12-31.xls

2014-02-25 11:37 - 2014-02-25 11:46 - 00025556 _____ () C:\Users\Veronica\Downloads\SE0001775610-2008-01-01-2012-12-31.csv

2014-02-25 11:25 - 2014-02-25 11:25 - 00062325 _____ () C:\Users\Veronica\Downloads\SE0001775610-2009-02-24-2014-02-24.csv

2014-02-25 10:48 - 2014-02-25 10:48 - 00019286 _____ () C:\Users\Veronica\Downloads\Session 4 Supplement - Project Risk & Cost of Capital.xlsx

2014-02-25 10:47 - 2014-02-25 10:47 - 01549312 _____ () C:\Users\Veronica\Downloads\Session 4 - Project Risk & Cost of Capital.ppt

2014-02-25 09:56 - 2014-02-25 09:56 - 01416704 _____ () C:\Users\Veronica\Downloads\Session 2 - Estimating Project Cash Flows (1).ppt

2014-02-25 09:56 - 2014-02-25 09:56 - 00978944 _____ () C:\Users\Veronica\Downloads\Session 3 - Estimating Firm Free Cash Flow.ppt

2014-02-25 09:49 - 2014-02-25 09:49 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-enheter

2014-02-24 19:12 - 2014-02-24 19:12 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-02-24 19:12 - 2014-02-24 19:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-02-24 18:24 - 2014-02-24 18:24 - 00061112 _____ (StdLib) C:\windows\system32\Drivers\wStLibG64.sys

2014-02-24 17:26 - 2014-02-24 17:25 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe

2014-02-24 17:26 - 2014-02-24 17:25 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe

2014-02-24 17:26 - 2014-02-24 17:25 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe

2014-02-24 17:26 - 2014-02-24 17:25 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll

2014-02-24 17:22 - 2014-02-24 17:22 - 00921000 _____ (Oracle Corporation) C:\Users\Veronica\Downloads\chromeinstall-7u51.exe

2014-02-24 17:21 - 2014-02-24 17:26 - 00000000 ____D () C:\ProgramData\Oracle

2014-02-24 17:20 - 2014-02-24 17:20 - 00005911 _____ () C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-02-24 16:54 - 2014-02-27 18:12 - 00000000 ____D () C:\Program Files (x86)\GrabRez

2014-02-24 16:54 - 2014-02-24 16:54 - 16955384 _____ () C:\Users\Veronica\Downloads\Obekräftade 268770.crdownload

2014-02-24 16:50 - 2014-02-24 16:51 - 00003497 _____ () C:\Users\Veronica\Downloads\Real+Estate+Finance+and+Investments+14th+ed+By+Brueggeman%2C+Fisher.pdf.torrent

2014-02-21 19:19 - 2014-02-21 19:19 - 00000000 ____D () C:\Users\Veronica\Documents\OneNote Notebooks

2014-02-21 19:18 - 2014-02-28 07:42 - 00004994 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Veronica-Dator-Veronica Veronica-Dator

2014-02-21 19:18 - 2014-02-21 19:18 - 00002837 _____ () C:\Users\Veronica\Desktop\Word 2013.lnk

2014-02-21 19:15 - 2014-02-21 19:15 - 11380576 _____ (Microsoft Corporation) C:\Users\Veronica\Downloads\proofingtools_sv-se-x64.exe

2014-02-21 17:49 - 2014-02-28 07:36 - 00003754 _____ () C:\windows\System32\Tasks\AutoKMS

2014-02-21 17:49 - 2014-02-23 20:10 - 00000000 ____D () C:\windows\AutoKMS

2014-02-21 17:48 - 2014-02-21 17:48 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit

2014-02-21 17:43 - 2014-02-21 17:43 - 00000000 ____D () C:\Users\Veronica\Desktop\Microsoft Office 2013

2014-02-21 17:42 - 2014-02-21 17:42 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-02-21 17:41 - 2014-02-21 17:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server

2014-02-21 17:39 - 2014-02-21 17:41 - 00000000 ____D () C:\Program Files\Microsoft SQL Server

2014-02-21 17:39 - 2014-02-21 17:39 - 00000000 ____D () C:\windows\PCHEALTH

2014-02-21 17:35 - 2014-02-21 17:35 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services

2014-02-21 17:35 - 2014-02-21 17:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2014-02-21 17:34 - 2014-02-21 17:39 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-02-21 17:34 - 2014-02-21 17:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-02-21 17:32 - 2014-02-21 17:32 - 00000000 __RHD () C:\MSOCache

2014-02-21 16:09 - 2014-02-21 17:09 - 17858952 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe

2014-02-20 15:30 - 2014-02-20 15:30 - 02301440 _____ () C:\Users\Veronica\Downloads\Session 1 - Firm Objective & Investment Decision Rules (1).ppt

2014-02-20 15:30 - 2014-02-20 15:30 - 01414656 _____ () C:\Users\Veronica\Downloads\Session 2 - Estimating Project Cash Flows.ppt

2014-02-17 17:10 - 2014-02-17 17:10 - 02301440 _____ () C:\Users\Veronica\Downloads\Session 1 - Firm Objective & Investment Decision Rules.ppt

2014-02-15 15:21 - 2014-02-15 15:21 - 00014384 _____ () C:\Users\Veronica\Downloads\Welcome.To.The.Jungle.2013.SWESUB.NORSUB.DANSUB.dvdrip.x264-TF.torrent

2014-02-15 15:20 - 2014-02-15 15:20 - 00013883 _____ () C:\Users\Veronica\Downloads\Planes.2013.SWEDiSH.DVDRip.x264-LiBERTAZ.9562379.TPB.torrent

2014-02-15 15:19 - 2014-02-15 15:19 - 00000000 ____D () C:\Users\Veronica\Downloads\All.Is.Lost.2013.SWESUB.1080p.HDTV.x264

2014-02-15 15:18 - 2014-02-15 15:18 - 00018360 _____ () C:\Users\Veronica\Downloads\all.is.lost.2013.swesub.1080p.hdtv.x264.tpb.torrent.TPB.torrent

2014-02-15 15:18 - 2014-02-15 15:18 - 00014965 _____ () C:\Users\Veronica\Downloads\captain.philips.2013.swesub.webrip..x264.ac3-helge32.TPB.torrent

2014-02-15 15:18 - 2014-02-15 15:18 - 00000000 ____D () C:\Users\Veronica\Downloads\Captain.Philips.2013.SWESUB.WEBRIP..x264.AC3-helge32

2014-02-14 08:31 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-02-14 08:31 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-02-14 08:30 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-02-14 08:30 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-02-14 08:30 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-02-14 08:30 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-02-14 08:30 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-02-14 08:30 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-02-14 08:30 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-02-14 08:30 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-02-14 08:30 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-02-14 08:30 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-02-14 08:30 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-02-14 08:30 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-02-14 08:30 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-02-14 08:30 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-02-14 08:30 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-02-14 08:30 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-02-14 08:30 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-02-14 08:30 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-02-14 08:30 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-02-14 08:30 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-02-14 08:30 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-02-14 08:30 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-02-14 08:30 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-02-14 08:30 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-02-14 08:30 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-02-14 08:30 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-02-14 08:30 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-02-14 08:30 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-02-14 08:30 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-02-14 08:30 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-02-14 08:30 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-02-14 08:30 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-02-14 08:30 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-02-14 08:30 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-02-14 08:30 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-02-14 08:30 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-02-14 08:30 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-02-14 08:30 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-02-14 08:30 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-02-13 17:46 - 2014-02-13 17:46 - 00097442 _____ () C:\Users\Veronica\Desktop\Personligt brev.odt

2014-02-13 16:50 - 2014-02-13 16:50 - 01509305 _____ () C:\Users\Veronica\Downloads\FACO (FA) Session 8.pptx

2014-02-12 14:15 - 2014-02-12 14:15 - 00018596 _____ () C:\Users\Veronica\Desktop\Indirect method.odt

2014-02-12 14:08 - 2014-02-16 13:46 - 00029155 _____ () C:\Users\Veronica\Desktop\IAS.odt

2014-02-12 14:06 - 2014-02-12 14:06 - 02053558 _____ () C:\Users\Veronica\Downloads\FACO (FA) Session 5 (1).pptx

2014-02-12 11:50 - 2014-01-01 00:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls

2014-02-12 11:50 - 2014-01-01 00:04 - 00420008 _____ () C:\windows\system32\locale.nls

2014-02-12 11:50 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll

2014-02-12 11:50 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll

2014-02-12 11:50 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll

2014-02-12 11:50 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll

2014-02-12 11:50 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll

2014-02-12 11:50 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll

2014-02-12 11:50 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll

2014-02-12 11:50 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll

2014-02-12 11:50 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll

2014-02-12 11:50 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll

2014-02-12 11:50 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll

2014-02-12 11:50 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe

2014-02-12 11:50 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe

2014-02-12 11:50 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe

2014-02-12 11:50 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe

2014-02-12 11:50 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll

2014-02-12 11:50 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll

2014-02-12 11:50 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll

2014-02-12 11:50 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll

2014-02-12 11:50 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll

2014-02-12 11:50 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe

2014-02-12 11:50 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe

2014-02-12 11:50 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe

2014-02-12 11:50 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe

2014-02-12 11:50 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll

2014-02-12 11:50 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll

2014-02-12 11:46 - 2014-02-12 11:46 - 02053558 _____ () C:\Users\Veronica\Downloads\FACO (FA) Session 5.pptx

2014-02-04 12:12 - 2014-02-04 12:12 - 00714772 _____ () C:\Users\Veronica\Downloads\FACO (FA) Fall13 Session 6_Part 2.pptx

2014-02-03 21:55 - 2014-02-03 23:33 - 00097280 _____ () C:\Users\Veronica\Desktop\Seminar 2.ppt

2014-02-03 18:39 - 2014-02-03 18:39 - 00024742 _____ () C:\Users\Veronica\Downloads\faco (1).xlsx

2014-02-03 18:38 - 2014-02-03 18:38 - 00024742 _____ () C:\Users\Veronica\Downloads\faco.xlsx

2014-02-01 16:13 - 2014-02-01 16:49 - 00020481 _____ () C:\Users\Veronica\Downloads\cv-mallar.nu-cv-mall-3-europass.odt

2014-02-01 15:56 - 2014-02-01 15:56 - 00020426 _____ () C:\Users\Veronica\Downloads\CV Veronica Maltin.odt

2014-01-31 10:55 - 2014-01-31 10:55 - 00015264 _____ () C:\Users\Veronica\Downloads\Microsoft_OFFICE_2010__Pro_Plus_PRECRACKED.TPB.torrent

 

==================== One Month Modified Files and Folders =======

 

2014-02-28 07:53 - 2014-02-28 07:53 - 00000776 _____ () C:\Users\Veronica\Desktop\SystemLook.txt

2014-02-28 07:53 - 2014-02-27 21:31 - 00021059 _____ () C:\Users\Veronica\Downloads\FRST.txt

2014-02-28 07:53 - 2014-02-27 21:31 - 00000000 ____D () C:\FRST

2014-02-28 07:51 - 2014-02-28 07:51 - 00165376 _____ () C:\Users\Veronica\Desktop\SystemLook_x64.exe

2014-02-28 07:51 - 2014-02-28 07:42 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton

2014-02-28 07:51 - 2010-10-27 08:05 - 00000000 ____D () C:\ProgramData\Norton

2014-02-28 07:50 - 2014-02-28 07:50 - 00000000 ____D () C:\windows\System32\Tasks\Norton Internet Security

2014-02-28 07:48 - 2012-04-26 10:35 - 00003232 _____ () C:\windows\System32\Tasks\Norton WSC Integration

2014-02-28 07:48 - 2012-04-26 10:35 - 00002452 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk

2014-02-28 07:48 - 2010-10-27 08:05 - 00000000 ____D () C:\windows\system32\Drivers\NISx64

2014-02-28 07:47 - 2011-07-04 15:36 - 00177752 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT64x86.SYS

2014-02-28 07:47 - 2011-07-04 15:36 - 00008222 _____ () C:\windows\system32\Drivers\SYMEVENT64x86.CAT

2014-02-28 07:46 - 2010-10-27 08:05 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security

2014-02-28 07:42 - 2014-02-28 07:42 - 00001299 _____ () C:\Users\Veronica\Desktop\Nortons installationsfiler.lnk

2014-02-28 07:42 - 2014-02-21 19:18 - 00004994 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Veronica-Dator-Veronica Veronica-Dator

2014-02-28 07:42 - 2012-04-02 10:28 - 00000000 ____D () C:\Users\Public\Downloads\Norton

2014-02-28 07:41 - 2014-02-28 07:41 - 01021936 _____ (Symantec Corporation) C:\Users\Veronica\Downloads\NISDownloader (1).exe

2014-02-28 07:41 - 2009-07-14 05:45 - 00014144 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-28 07:41 - 2009-07-14 05:45 - 00014144 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-28 07:40 - 2014-02-28 07:40 - 01021936 _____ (Symantec Corporation) C:\Users\Veronica\Downloads\NISDownloader.exe

2014-02-28 07:39 - 2011-07-04 15:24 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite

2014-02-28 07:38 - 2011-07-25 14:46 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\BitTorrent

2014-02-28 07:37 - 2013-04-22 15:44 - 00000000 ___RD () C:\Users\Veronica\Dropbox

2014-02-28 07:37 - 2013-04-22 15:41 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Dropbox

2014-02-28 07:37 - 2011-07-04 16:33 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Spotify

2014-02-28 07:36 - 2014-02-28 07:33 - 00457651 _____ () C:\Users\Veronica\Downloads\avgremover.log

2014-02-28 07:36 - 2014-02-21 17:49 - 00003754 _____ () C:\windows\System32\Tasks\AutoKMS

2014-02-28 07:36 - 2013-06-03 18:19 - 00000994 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-28 07:35 - 2010-10-27 08:55 - 00260538 _____ () C:\windows\PFRO.log

2014-02-28 07:35 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-02-28 07:35 - 2009-07-14 05:51 - 00102181 _____ () C:\windows\setupact.log

2014-02-28 07:34 - 2010-10-27 23:40 - 01176069 _____ () C:\windows\WindowsUpdate.log

2014-02-28 07:33 - 2014-02-28 07:33 - 03386520 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Veronica\Downloads\avg_remover_stf_x64_2014_4116.exe

2014-02-28 07:29 - 2014-02-28 07:29 - 00012064 _____ () C:\windows\SysWOW64\commonpriv.log

2014-02-28 07:29 - 2014-02-28 07:29 - 00000000 _____ () C:\windows\SysWOW64\commonpriv.log.lock

2014-02-28 07:19 - 2014-02-27 21:28 - 00000000 ____D () C:\AdwCleaner

2014-02-28 07:15 - 2013-06-03 18:19 - 00000998 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-28 07:14 - 2012-04-26 10:47 - 00000868 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job

2014-02-27 21:34 - 2014-02-27 21:34 - 00062246 _____ () C:\Users\Veronica\Desktop\FRST.txt

2014-02-27 21:33 - 2014-02-27 21:33 - 00047507 _____ () C:\Users\Veronica\Desktop\Addition.txt

2014-02-27 21:33 - 2014-02-27 21:32 - 00047507 _____ () C:\Users\Veronica\Downloads\Addition.txt

2014-02-27 21:30 - 2014-02-27 21:30 - 02155520 _____ (Farbar) C:\Users\Veronica\Downloads\FRST64.exe

2014-02-27 21:29 - 2014-02-27 21:29 - 00006125 _____ () C:\Users\Veronica\Desktop\AdwCleaner[R0].txt

2014-02-27 21:27 - 2014-02-27 21:27 - 01244192 _____ () C:\Users\Veronica\Downloads\adwcleaner.exe

2014-02-27 21:26 - 2014-02-27 21:26 - 00004616 _____ () C:\Users\Veronica\Desktop\sc-cleaner.txt

2014-02-27 21:25 - 2014-02-27 21:25 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Veronica\Downloads\sc-cleaner (1).exe

2014-02-27 21:25 - 2014-02-27 21:17 - 00004616 _____ () C:\sc-cleaner.txt

2014-02-27 21:16 - 2014-02-27 21:15 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\Veronica\Downloads\sc-cleaner.exe

2014-02-27 20:02 - 2012-01-14 14:20 - 00000000 ____D () C:\Users\Veronica\Downloads\Film

2014-02-27 20:02 - 2011-07-04 16:33 - 00000000 ____D () C:\Users\Veronica\AppData\Local\Spotify

2014-02-27 19:13 - 2014-02-27 19:13 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-27 19:13 - 2014-02-27 19:13 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Malwarebytes

2014-02-27 19:13 - 2014-02-27 19:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-27 19:12 - 2014-02-27 19:12 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-27 19:11 - 2014-02-27 19:10 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Veronica\Downloads\mbam-setup-1.75.0.1300.exe

2014-02-27 18:12 - 2014-02-24 16:54 - 00000000 ____D () C:\Program Files (x86)\GrabRez

2014-02-27 18:07 - 2010-10-28 00:10 - 00664068 _____ () C:\windows\system32\perfh01D.dat

2014-02-27 18:07 - 2010-10-28 00:10 - 00142836 _____ () C:\windows\system32\perfc01D.dat

2014-02-27 18:07 - 2009-07-14 06:13 - 01600290 _____ () C:\windows\system32\PerfStringBackup.INI

2014-02-27 18:05 - 2011-07-24 16:49 - 01549128 _____ () C:\windows\SysWOW64\PerfStringBackup.INI

2014-02-27 17:52 - 2014-02-27 17:51 - 102750488 _____ (Microsoft Corporation) C:\Users\Veronica\Downloads\msert.exe

2014-02-27 17:49 - 2011-08-03 20:51 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Skype

2014-02-27 13:10 - 2014-02-27 13:10 - 00046080 _____ () C:\Users\Veronica\Downloads\faco3 (1).xls

2014-02-26 14:45 - 2014-02-26 14:15 - 00043008 _____ () C:\Users\Veronica\Downloads\faco3.xls

2014-02-26 14:45 - 2014-02-26 13:04 - 00039424 _____ () C:\Users\Veronica\Downloads\Seminar 2.xls

2014-02-26 13:08 - 2014-02-26 13:08 - 00068608 _____ () C:\Users\Veronica\Downloads\Seminar 2, Carolina, Veronica, Anni.xls

2014-02-25 13:11 - 2014-02-25 11:46 - 00034816 _____ () C:\Users\Veronica\Desktop\SE0001775610-2008-01-01-2012-12-31.xls

2014-02-25 13:03 - 2014-02-25 13:01 - 00029184 _____ () C:\Users\Veronica\Desktop\HOLM-B-2008-01-31-2012-12-31.xls

2014-02-25 13:03 - 2014-02-25 12:41 - 00029184 _____ () C:\Users\Veronica\Desktop\HOLM-A-2008-01-01-2012-12-31.xls

2014-02-25 13:00 - 2014-02-25 13:00 - 00012213 _____ () C:\Users\Veronica\Desktop\HOLM-B-2008-01-31-2012-12-31.xlsx

2014-02-25 13:00 - 2014-02-25 12:42 - 00002414 _____ () C:\Users\Veronica\Downloads\HOLM-B-2008-01-31-2012-12-31.csv

2014-02-25 12:42 - 2014-02-25 12:42 - 00012587 _____ () C:\Users\Veronica\Desktop\SE0001775610-2008-01-01-2012-12-31.xlsx

2014-02-25 12:41 - 2014-02-25 12:26 - 00001824 _____ () C:\Users\Veronica\Downloads\HOLM-A-2008-01-01-2012-12-31.csv

2014-02-25 11:46 - 2014-02-25 11:37 - 00025556 _____ () C:\Users\Veronica\Downloads\SE0001775610-2008-01-01-2012-12-31.csv

2014-02-25 11:25 - 2014-02-25 11:25 - 00062325 _____ () C:\Users\Veronica\Downloads\SE0001775610-2009-02-24-2014-02-24.csv

2014-02-25 10:48 - 2014-02-25 10:48 - 00019286 _____ () C:\Users\Veronica\Downloads\Session 4 Supplement - Project Risk & Cost of Capital.xlsx

2014-02-25 10:47 - 2014-02-25 10:47 - 01549312 _____ () C:\Users\Veronica\Downloads\Session 4 - Project Risk & Cost of Capital.ppt

2014-02-25 09:56 - 2014-02-25 09:56 - 01416704 _____ () C:\Users\Veronica\Downloads\Session 2 - Estimating Project Cash Flows (1).ppt

2014-02-25 09:56 - 2014-02-25 09:56 - 00978944 _____ () C:\Users\Veronica\Downloads\Session 3 - Estimating Firm Free Cash Flow.ppt

2014-02-25 09:49 - 2014-02-25 09:49 - 00000000 ____D () C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-enheter

2014-02-24 19:27 - 2012-09-05 06:39 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-02-24 19:23 - 2009-07-14 03:34 - 00000513 _____ () C:\windows\win.ini

2014-02-24 19:12 - 2014-02-24 19:12 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help

2014-02-24 19:12 - 2014-02-24 19:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help

2014-02-24 18:24 - 2014-02-24 18:24 - 00061112 _____ (StdLib) C:\windows\system32\Drivers\wStLibG64.sys

2014-02-24 17:26 - 2014-02-24 17:21 - 00000000 ____D () C:\ProgramData\Oracle

2014-02-24 17:25 - 2014-02-24 17:26 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe

2014-02-24 17:25 - 2014-02-24 17:26 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe

2014-02-24 17:25 - 2014-02-24 17:26 - 00174504 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe

2014-02-24 17:25 - 2014-02-24 17:26 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll

2014-02-24 17:25 - 2013-06-24 11:27 - 00000000 ____D () C:\Program Files (x86)\Java

2014-02-24 17:22 - 2014-02-24 17:22 - 00921000 _____ (Oracle Corporation) C:\Users\Veronica\Downloads\chromeinstall-7u51.exe

2014-02-24 17:20 - 2014-02-24 17:20 - 00005911 _____ () C:\windows\SysWOW64\jupdate-1.7.0_51-b13.log

2014-02-24 17:06 - 2009-07-14 06:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD

2014-02-24 16:59 - 2009-07-14 05:45 - 00472496 _____ () C:\windows\system32\FNTCACHE.DAT

2014-02-24 16:54 - 2014-02-24 16:54 - 16955384 _____ () C:\Users\Veronica\Downloads\Obekräftade 268770.crdownload

2014-02-24 16:51 - 2014-02-24 16:50 - 00003497 _____ () C:\Users\Veronica\Downloads\Real+Estate+Finance+and+Investments+14th+ed+By+Brueggeman%2C+Fisher.pdf.torrent

2014-02-24 15:57 - 2013-06-03 18:24 - 00002139 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-02-23 20:10 - 2014-02-21 17:49 - 00000000 ____D () C:\windows\AutoKMS

2014-02-21 19:19 - 2014-02-21 19:19 - 00000000 ____D () C:\Users\Veronica\Documents\OneNote Notebooks

2014-02-21 19:19 - 2011-07-04 15:35 - 00000000 ___RD () C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-02-21 19:18 - 2014-02-21 19:18 - 00002837 _____ () C:\Users\Veronica\Desktop\Word 2013.lnk

2014-02-21 19:18 - 2013-01-28 15:00 - 00000000 ____D () C:\Users\Veronica\Documents\CV + PB

2014-02-21 19:15 - 2014-02-21 19:15 - 11380576 _____ (Microsoft Corporation) C:\Users\Veronica\Downloads\proofingtools_sv-se-x64.exe

2014-02-21 17:48 - 2014-02-21 17:48 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit

2014-02-21 17:48 - 2011-07-04 15:25 - 00122616 _____ () C:\Users\Veronica\AppData\Local\GDIPFONTCACHEV1.DAT

2014-02-21 17:43 - 2014-02-21 17:43 - 00000000 ____D () C:\Users\Veronica\Desktop\Microsoft Office 2013

2014-02-21 17:42 - 2014-02-21 17:42 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-02-21 17:42 - 2010-10-27 23:58 - 00000000 ____D () C:\windows\ShellNew

2014-02-21 17:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared

2014-02-21 17:41 - 2014-02-21 17:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server

2014-02-21 17:41 - 2014-02-21 17:39 - 00000000 ____D () C:\Program Files\Microsoft SQL Server

2014-02-21 17:39 - 2014-02-21 17:39 - 00000000 ____D () C:\windows\PCHEALTH

2014-02-21 17:39 - 2014-02-21 17:34 - 00000000 ____D () C:\Program Files\Microsoft Office

2014-02-21 17:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System

2014-02-21 17:35 - 2014-02-21 17:35 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services

2014-02-21 17:35 - 2014-02-21 17:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2014-02-21 17:34 - 2014-02-21 17:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-02-21 17:32 - 2014-02-21 17:32 - 00000000 __RHD () C:\MSOCache

2014-02-21 17:09 - 2014-02-21 16:09 - 17858952 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe

2014-02-21 17:09 - 2012-04-26 10:47 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe

2014-02-21 17:09 - 2012-04-26 10:47 - 00003806 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater

2014-02-21 17:09 - 2011-08-16 18:12 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-02-20 15:30 - 2014-02-20 15:30 - 02301440 _____ () C:\Users\Veronica\Downloads\Session 1 - Firm Objective & Investment Decision Rules (1).ppt

2014-02-20 15:30 - 2014-02-20 15:30 - 01414656 _____ () C:\Users\Veronica\Downloads\Session 2 - Estimating Project Cash Flows.ppt

2014-02-17 17:10 - 2014-02-17 17:10 - 02301440 _____ () C:\Users\Veronica\Downloads\Session 1 - Firm Objective & Investment Decision Rules.ppt

2014-02-16 13:46 - 2014-02-12 14:08 - 00029155 _____ () C:\Users\Veronica\Desktop\IAS.odt

2014-02-16 12:24 - 2013-06-03 18:19 - 00003994 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-02-16 12:24 - 2013-06-03 18:19 - 00003742 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-02-15 15:21 - 2014-02-15 15:21 - 00014384 _____ () C:\Users\Veronica\Downloads\Welcome.To.The.Jungle.2013.SWESUB.NORSUB.DANSUB.dvdrip.x264-TF.torrent

2014-02-15 15:20 - 2014-02-15 15:20 - 00013883 _____ () C:\Users\Veronica\Downloads\Planes.2013.SWEDiSH.DVDRip.x264-LiBERTAZ.9562379.TPB.torrent

2014-02-15 15:19 - 2014-02-15 15:19 - 00000000 ____D () C:\Users\Veronica\Downloads\All.Is.Lost.2013.SWESUB.1080p.HDTV.x264

2014-02-15 15:18 - 2014-02-15 15:18 - 00018360 _____ () C:\Users\Veronica\Downloads\all.is.lost.2013.swesub.1080p.hdtv.x264.tpb.torrent.TPB.torrent

2014-02-15 15:18 - 2014-02-15 15:18 - 00014965 _____ () C:\Users\Veronica\Downloads\captain.philips.2013.swesub.webrip..x264.ac3-helge32.TPB.torrent

2014-02-15 15:18 - 2014-02-15 15:18 - 00000000 ____D () C:\Users\Veronica\Downloads\Captain.Philips.2013.SWESUB.WEBRIP..x264.AC3-helge32

2014-02-13 17:46 - 2014-02-13 17:46 - 00097442 _____ () C:\Users\Veronica\Desktop\Personligt brev.odt

2014-02-13 16:50 - 2014-02-13 16:50 - 01509305 _____ () C:\Users\Veronica\Downloads\FACO (FA) Session 8.pptx

2014-02-12 14:15 - 2014-02-12 14:15 - 00018596 _____ () C:\Users\Veronica\Desktop\Indirect method.odt

2014-02-12 14:06 - 2014-02-12 14:06 - 02053558 _____ () C:\Users\Veronica\Downloads\FACO (FA) Session 5 (1).pptx

2014-02-12 11:46 - 2014-02-12 11:46 - 02053558 _____ () C:\Users\Veronica\Downloads\FACO (FA) Session 5.pptx

2014-02-06 13:16 - 2014-02-14 08:30 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-02-06 12:30 - 2014-02-14 08:30 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-02-06 12:30 - 2014-02-14 08:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-02-06 12:12 - 2014-02-14 08:30 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-02-06 12:07 - 2014-02-14 08:30 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-02-06 12:06 - 2014-02-14 08:30 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-02-06 11:57 - 2014-02-14 08:30 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-02-06 11:56 - 2014-02-14 08:30 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-02-06 11:52 - 2014-02-14 08:30 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-02-06 11:49 - 2014-02-14 08:30 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-02-06 11:48 - 2014-02-14 08:30 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-02-06 11:48 - 2014-02-14 08:30 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-02-06 11:38 - 2014-02-14 08:30 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-02-06 11:32 - 2014-02-14 08:30 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-02-06 11:20 - 2014-02-14 08:30 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-02-06 11:17 - 2014-02-14 08:30 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-02-06 11:11 - 2014-02-14 08:30 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-02-06 11:01 - 2014-02-14 08:30 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-02-06 11:00 - 2014-02-14 08:30 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-02-06 10:57 - 2014-02-14 08:30 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-02-06 10:57 - 2014-02-14 08:30 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-02-06 10:52 - 2014-02-14 08:30 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-02-06 10:52 - 2014-02-14 08:30 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-02-06 10:50 - 2014-02-14 08:30 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-02-06 10:49 - 2014-02-14 08:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-02-06 10:47 - 2014-02-14 08:30 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-02-06 10:46 - 2014-02-14 08:30 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-02-06 10:25 - 2014-02-14 08:30 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-02-06 10:25 - 2014-02-14 08:30 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-02-06 10:24 - 2014-02-14 08:30 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-02-06 10:22 - 2014-02-14 08:30 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-02-06 10:13 - 2014-02-14 08:30 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-02-06 10:09 - 2014-02-14 08:30 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-02-06 10:03 - 2014-02-14 08:30 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-02-06 09:55 - 2014-02-14 08:30 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-02-06 09:41 - 2014-02-14 08:30 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-02-06 09:40 - 2014-02-14 08:30 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-02-06 09:36 - 2014-02-14 08:30 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-02-06 09:34 - 2014-02-14 08:30 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-02-04 12:12 - 2014-02-04 12:12 - 00714772 _____ () C:\Users\Veronica\Downloads\FACO (FA) Fall13 Session 6_Part 2.pptx

2014-02-03 23:33 - 2014-02-03 21:55 - 00097280 _____ () C:\Users\Veronica\Desktop\Seminar 2.ppt

2014-02-03 18:39 - 2014-02-03 18:39 - 00024742 _____ () C:\Users\Veronica\Downloads\faco (1).xlsx

2014-02-03 18:38 - 2014-02-03 18:38 - 00024742 _____ () C:\Users\Veronica\Downloads\faco.xlsx

2014-02-01 16:49 - 2014-02-01 16:13 - 00020481 _____ () C:\Users\Veronica\Downloads\cv-mallar.nu-cv-mall-3-europass.odt

2014-02-01 15:56 - 2014-02-01 15:56 - 00020426 _____ () C:\Users\Veronica\Downloads\CV Veronica Maltin.odt

2014-01-31 10:55 - 2014-01-31 10:55 - 00015264 _____ () C:\Users\Veronica\Downloads\Microsoft_OFFICE_2010__Pro_Plus_PRECRACKED.TPB.torrent

 

Some content of TEMP:

====================

C:\Users\Veronica\AppData\Local\Temp\DataCard_Setup64.exe

C:\Users\Veronica\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\Veronica\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Veronica\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\Veronica\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Veronica\AppData\Local\Temp\ose00001.exe

C:\Users\Veronica\AppData\Local\Temp\Quarantine.exe

C:\Users\Veronica\AppData\Local\Temp\ResetDevice.exe

C:\Users\Veronica\AppData\Local\Temp\utt117F.tmp.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-02-15 17:02

 

==================== End Of Log ============================

Länk till kommentar
Dela på andra webbplatser
VeronicaM

VeronicaM

Postad
  • Trådskapare
Postad
C:\AdwCleaner\Quarantine\C\Users\Veronica\AppData\Local\Babylon\Setup\Setup.exe.vir a variant of Win32/Toolbar.Babylon.H potentially unwanted application

C:\Users\Veronica\AppData\Local\Temp\nsfE481.tmp\trtextsetup.exe Win32/Packed.ScrambleWrapper.J potentially unwanted application

C:\Users\Veronica\Downloads\DownloadSetup.exe Win32/InstallMate.A potentially unwanted application

D:\VERONICA-DATOR\Backup Set 2012-05-13 193020\Backup Files 2012-05-13 193020\Backup files 1.zip a variant of Win32/Toolbar.Babylon.H potentially unwanted application

D:\VERONICA-DATOR\Backup Set 2012-05-13 193020\Backup Files 2012-05-13 193020\Backup files 21.zip Win32/Toggle.A potentially unwanted application

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Visst har du gjort rätt :thumbsup:

 

1. C:\Users\Veronica\Downloads\DownloadSetup.exe Win32/InstallMate.A potentially unwanted application

Det där är en installationsfil som ligger i mappen "Hämtade filer". Du kan själv ta bort den om du vill.

 

2. Starta Anteckningar.

Kopiera alla rader i rutan:

C:\Users\Veronica\AppData\Local\Temp\nsfE481.tmp\trtextsetup.exe
C:\Program Files (x86)\GrabRez
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Veronica\AppData\Local\Temp\crx7EEB.tmp [2013-06-03]
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

 

3. Hur fungerar datorn nu?

Några fler frågor innan du får instruktionen för att avinstallera specialprogrammen?

Länk till kommentar
Dela på andra webbplatser
VeronicaM

VeronicaM

Postad
  • Trådskapare
Postad
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-02-2014 02

Ran by Veronica at 2014-02-28 14:17:10 Run:1

Running from C:\Users\Veronica\Downloads

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

C:\Users\Veronica\AppData\Local\Temp\nsfE481.tmp\trtextsetup.exe

C:\Program Files (x86)\GrabRez

CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Veronica\AppData\Local\Temp\crx7EEB.tmp [2013-06-03]

*****************

 

C:\Users\Veronica\AppData\Local\Temp\nsfE481.tmp\trtextsetup.exe => Moved successfully.

C:\Program Files (x86)\GrabRez => Moved successfully.

HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj => Key deleted successfully.

"C:\Users\Veronica\AppData\Local\Temp\crx7EEB.tmp" => File/Directory not found.

 

==== End of Fixlog ====

Länk till kommentar
Dela på andra webbplatser
VeronicaM

VeronicaM

Postad
  • Trådskapare
Postad

Datorn fungerar finfint, har inte märkt av viruset sen jag gjorde de första instruktionerna :) tack så hemskt mycket!!

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Bra!

 

1. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Uninstall-knappen.

 

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe

Dubbelklicka på filen för att starta programmet.

Tryck på knappen CleanUp! och FRST kommer att avinstalleras efter en omstart av datorn. Ta bort (släng i papperskorgen) ShorutcutCleaner, SystemLook och eventuella loggar, om de är kvar.

 

3. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/

Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Länk till kommentar
Dela på andra webbplatser
Black*Adder

Black*Adder

Postad
Postad

Hej!

Ja, så klart måste Malewarebytes få göra sitt jobb, men sen borde det vara enklast att
redigera länken till webbläsaren. Awesomehp lägger in att t.ex IE skall startas:
"C:\Program Files\Internet Explorer\iexplore.exe" http://awesomehp.com**********
Samma sak med Chrome.

:D

 

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Hej Black Adder!

 

Att ändra genvägarna/länkarna till webbläsarna är just det som ShortcutCleaner gör.

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

Gå till ämneslista


×
×
  • Skapa nytt...