Har min tjej virus

[Jessar1994]

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 9.0.8112.16476  BrowserJavaVersion: 1.6.0_29

Run by Jessica at 9:32:55 on 2014-03-13

Microsoft Windows 7 Home Premium   6.1.7600.0.1252.46.1053.18.3894.1916 [GMT 1:00]

.

AV: Trend Micro Titanium Maximum Security *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}

SP: Trend Micro Titanium Maximum Security *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

C:\Windows\system32\atieclxx.exe

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\taskhost.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe

C:\Users\Jessica\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\msiexec.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

C:\Program Files\Realtek\RtVOsd\RtVOsd.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\taskhost.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.se/

uSearch Bar = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=SE&userid=83d5ca45-fd3e-4c9f-a53f-3bc4f179a760&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}

uSearch Page = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=SE&userid=83d5ca45-fd3e-4c9f-a53f-3bc4f179a760&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}

uSearchAssistant = hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=SE&userid=83d5ca45-fd3e-4c9f-a53f-3bc4f179a760&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}

mWinlogon: Userinit = userinit.exe

BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll

BHO: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

TB: blekko search bar: {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll

TB: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [spotify Web Helper] "C:\Users\Jessica\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: HideFastUserSwitching = dword:0

IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Free YouTube Download - C:\Users\Jessica\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

IE: Free YouTube to MP3 Converter - C:\Users\Jessica\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: NameServer = 8.8.8.8

TCP: Interfaces\{E3555E6E-A94C-47DA-B311-8CC9FFA8DC73} : DHCPNameServer = 8.8.8.8

TCP: Interfaces\{E3555E6E-A94C-47DA-B311-8CC9FFA8DC73}\144454C4 : DHCPNameServer = 10.0.0.14 10.0.0.7

TCP: Interfaces\{E3555E6E-A94C-47DA-B311-8CC9FFA8DC73}\44F4651444F4 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{E3555E6E-A94C-47DA-B311-8CC9FFA8DC73}\44F6671646F6 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{E3555E6E-A94C-47DA-B311-8CC9FFA8DC73}\8456166797 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{E3555E6E-A94C-47DA-B311-8CC9FFA8DC73}\845616679737 : DHCPNameServer = 192.168.0.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll

Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll

SSODL: WebCheck - <orphaned>

SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll

SEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe64.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""

x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"

x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe64.dll

x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll

x64-Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - <orphaned>

x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 TMEBC;TMEBC;C:\Windows\System32\drivers\TMEBC64.sys [2013-8-12 46392]

R1 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2013-8-12 77184]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-2-25 98208]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-6-22 203264]

R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2013-8-12 310952]

R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]

R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-6-19 103992]

R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-7-2 27192]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-2-25 13336]

R2 RtVOsdService;RtVOsdService Installer;C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-6-18 315392]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-2-25 2320920]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]

R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-27 158976]

R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-6-22 10342240]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-2-25 333928]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-29 1255736]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]

.

=============== Created Last 30 ================

.

.

==================== Find3M  ====================

.

2014-03-04 16:42:23 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2014-03-04 16:42:22 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-02-01 18:52:02 1487334 ----a-w- C:\Windows\System32\PerfStringBackup.TMP

.

============= FINISH:  9:33:05,80 ===============

 

[Jessar1994]

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 2011-07-27 20:04:38

System Uptime: 2014-03-13 09:25:26 (0 hours ago)

.

Motherboard: Hewlett-Packard |  | 143A

Processor: Intel® Core i5 CPU       M 460  @ 2.53GHz | CPU | 2534/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 576 GiB total, 399,712 GiB free.

D: is FIXED (NTFS) - 20 GiB total, 2,897 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP175: 2014-02-23 18:53:24 - Windows Update

RP176: 2014-03-04 16:54:43 - Installed BankID.

RP177: 2014-03-07 16:47:59 - Windows Update

RP178: 2014-03-13 09:27:46 - Removed Java 7 Update 13

.

==== Installed Programs ======================

.

 Update for Microsoft Office 2007 (KB2508958)

Acrobat.com

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh

Adobe AIR

Adobe Flash Player 12 ActiveX

Adobe Reader XI (11.0.06) - Svenska

Adobe Shockwave Player 11.5

Agatha Christie - Death on the Nile

Apple-programstöd

Apple Mobile Device Support

Apple Software Update

ATI Catalyst Install Manager

µTorrent

BankID säkerhetsprogram

Bejeweled 2 Deluxe

Blackhawk Striker 2

Bonjour

Broadcom 802.11 Wireless LAN Adapter

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chuzzle Deluxe

CleanMyPC - Registry Cleaner

CyberLink DVD Suite

CyberLink PowerDVD 9

CyberLink YouCam

Dora's Carnival Adventure

Energy Star Digital Logo

Escape Rosecliff Island

ESU for Microsoft Windows 7

FATE

Final Drive Nitro

FirstClass Client

Free Studio version 5.7.6.1015

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Hewlett-Packard ACLM.NET v1.1.2.0

HP Advisor

HP Customer Experience Enhancements

HP Documentation

HP Game Console

HP Games

HP Power Manager

HP Quick Launch

HP Setup

HP Software Framework

HP Wireless Assistant

Intel® Control Center

Intel® Management Engine Components

Intel® Rapid Storage Technology

Intel® Turbo Boost Technology Driver

iTunes

Java Auto Updater

Java 6 Update 20 (64-bit)

Java 6 Update 29

Jewel Quest - Heritage

LabelPrint

LightScribe System Software

Magic Desktop

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile Language Pack - SVE

Microsoft .NET Framework 4 Client Profile SVE Language Pack

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (Swedish) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel 2007 Help Uppdatering (KB963678)

Microsoft Office Excel MUI (Swedish) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Swedish) 2007

Microsoft Office InfoPath MUI (Swedish) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Swedish) 2007

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (Swedish) 2007

Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669)

Microsoft Office PowerPoint MUI (Swedish) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Finnish) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Swedish) 2007

Microsoft Office Proofing (Swedish) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Swedish) 2007

Microsoft Office Shared 64-bit MUI (Swedish) 2007

Microsoft Office Shared MUI (Swedish) 2007

Microsoft Office Word 2007 Help Uppdatering (KB963665)

Microsoft Office Word MUI (Swedish) 2007

Microsoft Silverlight

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Penguins!

PhotoNow!

Plants vs. Zombies

Poker Superstars III

Polar Bowler

Polar Golfer

Power2Go

PowerDirector

PX Profile Update

QuickTime

Realtek Ethernet Controller Driver For Windows 7

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Recovery Manager

Replay Music

RtVOsd

Search Protection

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2518870)

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition 

Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 

Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 

Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition 

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 

Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition 

Skype™ 6.11

Spotify

Synaptics Pointing Device Driver

System Requirements Lab for Intel

The Sims 2

Trend Micro Titanium

Trend Micro Titanium Maximum Security

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition

Windows Live Sync

WinRAR 4.01 (64-bit)

Virtual Villagers - The Secret City

VLC media player 2.0.7

Zuma Deluxe

.

==== End Of File ===========================

 

[Mikael63]

Lustig rubrik 

[Cecilia]

Inte virus med olämplig sökmotorinställning och tillägg i Internet Explorer kan jag se.

 

1. Avinstallera

Java™ 6 Update 20 (64-bit)

Java™ 6 Update 29

eftersom det är två väldigt gamla versioner med många kända säkerhetshål som gör det lätt att infektera datorn från en webbsida. De flesta klarar sig utan Java men om man måste ha Java är det viktigt att alltid ha den senaste versionen.

 

2. Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på Report-knappen.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt
 

[Jessar1994]

Förlåt för sent svar

 

 

# AdwCleaner v3.022 - Report created 20/03/2014 at 09:03:14

# Updated 13/03/2014 by Xplode

# Operating System : Windows 7 Home Premium  (64 bits)

# Username : Jessica - JESSICA-HP

# Running from : C:\Users\Jessica\Desktop\AdwCleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

File Found : C:\Windows\System32\roboot64.exe

Folder Found : C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj

Folder Found C:\Program Files (x86)\blekkotb_031

Folder Found C:\ProgramData\Tarma Installer

Folder Found C:\Users\Jessica\AppData\Local\blekkotb_031

Folder Found C:\Users\Jessica\AppData\LocalLow\blekkotb_031

Folder Found C:\Users\Jessica\AppData\Roaming\OpenCandy

Folder Found C:\Users\Jessica\AppData\Roaming\Search Protection

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Found : [x64] HKLM\SOFTWARE\Tarma Installer

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v9.0.8112.16476

 

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [search Page] - hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=SE&userid=83d5ca45-fd3e-4c9f-a53f-3bc4f179a760&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [search Bar] - hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=SE&userid=83d5ca45-fd3e-4c9f-a53f-3bc4f179a760&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=SE&userid=83d5ca45-fd3e-4c9f-a53f-3bc4f179a760&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [searchAssistant] - hxxp://feed.helperbar.com/?publisher=OPENCANDY&dpid=OPENCANDYAPRIL&co=SE&userid=83d5ca45-fd3e-4c9f-a53f-3bc4f179a760&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}

 

-\\ Google Chrome v33.0.1750.146

 

[ File : C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [3954 octets] - [20/03/2014 09:03:14]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4014 octets] ##########

[Jessar1994]

# AdwCleaner v3.022 - Report created 20/03/2014 at 09:04:07

# Updated 13/03/2014 by Xplode

# Operating System : Windows 7 Home Premium  (64 bits)

# Username : Jessica - JESSICA-HP

# Running from : C:\Users\Jessica\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\Program Files (x86)\blekkotb_031

Folder Deleted : C:\Users\Jessica\AppData\Local\blekkotb_031

Folder Deleted : C:\Users\Jessica\AppData\LocalLow\blekkotb_031

Folder Deleted : C:\Users\Jessica\AppData\Roaming\OpenCandy

Folder Deleted : C:\Users\Jessica\AppData\Roaming\Search Protection

Folder Deleted : C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj

File Deleted : C:\Windows\System32\roboot64.exe

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8769ADCE-DBA5-48E9-AFB5-67B12CDF2E61}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v9.0.8112.16476

 

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Page]

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Bar]

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [searchAssistant]

 

-\\ Google Chrome v33.0.1750.146

 

[ File : C:\Users\Jessica\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [4110 octets] - [20/03/2014 09:03:14]

AdwCleaner[s0].txt - [3284 octets] - [20/03/2014 09:04:07]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3344 octets] ##########

[Cecilia]

Inget att be om ursäkt för, vi har båda annat som är viktigare än att sitta vid datorn.

 

Kör DDS igen och klistra in den nya DDS.txt (inte Attach.txt denna gång).

 

Några kvarvarande problem?

[Jessar1994]

Inget att be om ursäkt för, vi har båda annat som är viktigare än att sitta vid datorn.

 

Kör DDS igen och klistra in den nya DDS.txt (inte Attach.txt denna gång).

 

Några kvarvarande problem?

Jag gjorde en scan med Eset

Den hittade detta:

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\blekkotb_031\blekkotb_019.dll.vir a variant of Win32/Toolbar.Visicom.A potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\blekkotb_031\blekkotb_019X.dll.vir a variant of Win32/Toolbar.Visicom.B potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application

 

C:\AdwCleaner\Quarantine\C\Users\Jessica\AppData\LocalLow\blekkotb_031\blekkotb_019X.dll.vir a variant of Win32/Toolbar.Visicom.B potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Users\Jessica\AppData\Roaming\OpenCandy\CEA9FB98CBCF46AD978C62A966C436A4\LinkuryInstaller_p1v16.exe.vir probably a variant of MSIL/Toolbar.Linkury.A potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Users\Jessica\AppData\Roaming\OpenCandy\CEA9FB98CBCF46AD978C62A966C436A4\OCBrowserHelper_1.0.3.85.dll.vir a variant of Win32/OpenCandy.A potentially unsafe application

 

C:\AdwCleaner\Quarantine\C\Users\Jessica\AppData\Roaming\Search Protection\SearchProtection.exe.vir a variant of Win32/Toolbar.Widgi potentially unwanted application

 

C:\AdwCleaner\Quarantine\C\Users\Jessica\AppData\Roaming\Search Protection\Uninstall.exe.vir probably a variant of Win32/Toolbar.Widgi potentially unwanted application

 

 

C:\Users\Jessica\AppData\Local\Temp\ICReinstall_AcrobatReaderSetup.exe a variant of Win32/InstallCore.IK potentially unwanted application

 

C:\Users\Jessica\AppData\Local\Temp\is1242154493\545605_stp\wajam_validate.exe Win32/Wajam.F potentially unwanted application

 

C:\Users\Jessica\AppData\Local\Temp\Rar$EX59.584\Crack\Binaries\Win32\steam_api.dll a variant of Win32/HackTool.Crack.BQ potentially unsafe application

 

C:\Users\Jessica\AppData\Local\Temp\Rar$EX86.104\Crack\Binaries\Win32\steam_api.dll a variant of Win32/HackTool.Crack.BQ potentially unsafe application

 

C:\Users\Jessica\AppData\Local\Temp\Rar$EX98.400\Crack\Binaries\Win32\steam_api.dll a variant of Win32/HackTool.Crack.BQ potentially unsafe application

 

Jag avinstallera AdwCleaner för då tar ju den de med sig som ligger i karantän och sen gjorde jag diskrensning.

 

Jag ska köra DDS så fort jag får tid till det.

[Jessar1994]

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 9.0.8112.16476

Run by Jessica at 13:12:30 on 2014-03-20

Microsoft Windows 7 Home Premium   6.1.7600.0.1252.46.1053.18.3894.2565 [GMT 1:00]

.

AV: Trend Micro Titanium Maximum Security *Enabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}

SP: Trend Micro Titanium Maximum Security *Enabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe

C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\system32\svchost.exe -k regsvc

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Users\Jessica\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe

C:\Program Files\Realtek\RtVOsd\RtVOsd.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe

C:\Windows\system32\msiexec.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

uSearch Bar = hxxp://www.google.com

uSearch Page = hxxp://www.google.com

mStart Page = about:blank

uSearchAssistant = hxxp://www.google.com

mWinlogon: Userinit = userinit.exe

BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll

BHO: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [spotify Web Helper] "C:\Users\Jessica\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: HideFastUserSwitching = dword:0

IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 8.8.8.8 8.8.4.4

TCP: Interfaces\{E3555E6E-A94C-47DA-B311-8CC9FFA8DC73} : DHCPNameServer = 8.8.8.8 8.8.4.4

TCP: Interfaces\{E3555E6E-A94C-47DA-B311-8CC9FFA8DC73}\144454C4 : DHCPNameServer = 10.0.0.14 10.0.0.7

TCP: Interfaces\{E3555E6E-A94C-47DA-B311-8CC9FFA8DC73}\44F4651444F4 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{E3555E6E-A94C-47DA-B311-8CC9FFA8DC73}\44F6671646F6 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{E3555E6E-A94C-47DA-B311-8CC9FFA8DC73}\8456166797 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{E3555E6E-A94C-47DA-B311-8CC9FFA8DC73}\845616679737 : DHCPNameServer = 192.168.0.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe32.dll

Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg32.dll

Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll

Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll

SSODL: WebCheck - <orphaned>

SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll

SEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = about:blank

x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe64.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""

x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1137\7.5.1137\TmBpIe64.dll

x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\2.5.1331\6.8.1094\TmIEPlg.dll

x64-Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - <orphaned>

x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 TMEBC;TMEBC;C:\Windows\System32\drivers\TMEBC64.sys [2013-8-12 46392]

R1 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2013-8-12 77184]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-2-25 98208]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-6-22 203264]

R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2013-8-12 310952]

R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]

R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-27 158976]

R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2010-6-22 10342240]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]

S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-2-25 333928]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]

.

=============== Created Last 30 ================

.

2014-03-20 12:03:16 -------- d-----w- C:\Users\Jessica\AppData\Roaming\BankID

2014-03-20 12:03:05 -------- d-----w- C:\Program Files (x86)\BankID

2014-03-20 08:09:07 238128 ----a-w- C:\Windows\RegBootClean64.exe

2014-03-20 07:27:13 -------- d-----w- C:\ProgramData\Steam

2014-03-13 08:52:30 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-03-13 08:52:30 -------- d-----w- C:\Program Files\iTunes

2014-03-13 08:52:30 -------- d-----w- C:\Program Files\iPod

2014-03-13 08:52:30 -------- d-----w- C:\Program Files (x86)\iTunes

2014-03-13 08:48:25 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll

2014-03-13 08:48:25 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll

2014-03-13 08:48:25 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll

2014-03-13 08:48:25 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll

2014-03-13 08:48:25 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll

.

==================== Find3M  ====================

.

2014-03-13 08:42:12 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-03-13 08:42:12 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2014-01-17 15:24:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2014-01-17 15:24:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

.

============= FINISH: 13:13:13,24 ===============

[Cecilia]

Det ser bra ut.

Nu återstår bara en sista städomgång:

1. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe
Dubbelklicka på filen för att starta programmet.
Tryck på knappen CleanUp! och DDS kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.

2. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/
Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.