redirect i chrome

10 Maj, 2015

HUR tar jag bort ett program som poppar upp när jag klickar på en länk? Det sker inte alltid, och följande händer:

Vid klickning på länk kommer jag kvickt till en sida som heter något på "redirect.......". Sedan kommer jag vidare till en annonssida, vilken som helst, alltid olika. Jag stänger ner sidan och vid nästa försök med samma länk, fungerar det.

Har kört igenom en del onlinescanningar utan resultat. Jag har måttlig datorvana bör väl tilläggas.

Windows 7 Home.

HP Laptop

Tackar för alla tips

10 Maj, 2015

Följ anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn så gott det går och så får vi se var annonsprogrammet gömmer sig i din dator.

10 Maj, 2015

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015

Ran by Elgiganten AB (administrator) on KÖKET on 10-05-2015 15:54:22

Running from C:\Users\Elgiganten AB\Desktop

Loaded Profiles: Elgiganten AB (Available profiles: Elgiganten AB)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Svenska (Sverige)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe

(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe

() C:\Program Files (x86)\Emotum\Stay Connected\Service.exe

(Bredbandsbolaget) C:\Program Files (x86)\Bredbandsbolaget\ESUS_B2\ESUS_B2.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe

(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe

(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

() C:\Program Files (x86)\RocketDock\RocketDock.exe

(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe

(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe

(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-12-22] (IDT, Inc.)

HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-04-22] (Hewlett-Packard)

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\...\Policies\system: [DisableLockWorkstation] 0

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\...\Policies\system: [DisableChangePassword] 0

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\...\MountPoints2: {6b817c91-ea40-11e4-a7f0-082e5f97a489} - G:\LG_PC_Programs.exe

HKU\S-1-5-18\...\Run: [bredbandsbolaget Servicecenter] => C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe [443752 2010-01-20] (Bredbandsbolaget)

HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2427680 2014-12-10] (IObit)

Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

BootExecute: RegistryDefragBootTime.exeautocheck autochk *

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.

ProxyServer: [.DEFAULT] => http=127.0.0.1:49802;https=127.0.0.1:49802

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.superstart.se/

SearchScopes: HKLM -> {C7C8B855-AA6B-4C50-9615-8E7CF4EC0A3E} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 -> {C7C8B855-AA6B-4C50-9615-8E7CF4EC0A3E} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-3968084286-2689556007-1972798229-1001 -> DefaultScope {B78EEAC2-C580-477B-AD7C-C68BC0D2F93A} URL = http://www.google.com/search?hl=sv&q={searchTerms}&rlz=1I7GGHP_svSE610

SearchScopes: HKU\S-1-5-21-3968084286-2689556007-1972798229-1001 -> {B78EEAC2-C580-477B-AD7C-C68BC0D2F93A} URL = http://www.google.com/search?hl=sv&q={searchTerms}&rlz=1I7GGHP_svSE610

BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-08] (Advanced Micro Devices)

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-05-08] (Oracle Corporation)

BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\x64\IEBHO.dll [2011-08-26] (HP)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)

BHO: Mouse Gestures -> {A6A49249-57AE-4295-8D4D-18A9502C7D8E} -> C:\Program Files\Internet Explorer\Plugins\Drowse\MouseGestures.dll [2010-02-23] (Drowse)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)

BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-05-08] (Oracle Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)

BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-08] (Advanced Micro Devices)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-08] (Oracle Corporation)

BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2012\IEBHO.dll [2011-08-26] (HP)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)

BHO-x32: Mouse Gestures -> {A6A49249-57AE-4295-8D4D-18A9502C7D8E} -> C:\Program Files (x86)\Internet Explorer\Plugins\Drowse\MouseGestures.dll [2010-02-23] (Drowse)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)

BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)

BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit)

BHO-x32: Bredbandsbolaget Servicecenter Plugin -> {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} -> C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll [2010-01-20] (Bredbandsbolaget)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-08] (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)

Toolbar: HKU\S-1-5-21-3968084286-2689556007-1972798229-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

Toolbar: HKU\S-1-5-21-3968084286-2689556007-1972798229-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:

========

FF ProfilePath: C:\Users\Elgiganten AB\AppData\Roaming\Mozilla\Firefox\Profiles\n55rcey6.default

FF Homepage: user_pref("browser.startup.homepage", );

FF DefaultSearchEngine: Yahoo!

FF SelectedSearchEngine: Yahoo!

FF Keyword.URL: hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=902615&ilc=12&p=

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()

FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-08] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-05-08] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)

FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2015-01-28] (Finansiell ID-Teknik BID AB)

FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.3.0.6 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2015-01-28] (Finansiell ID-Teknik BID AB)

FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll [2014-09-04] (Cuminas Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-08] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-08] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-3968084286-2689556007-1972798229-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Elgiganten AB\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)

FF Plugin HKU\S-1-5-21-3968084286-2689556007-1972798229-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Elgiganten AB\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)

FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Elgiganten AB\AppData\Roaming\Mozilla\Firefox\Profiles\n55rcey6.default\Extensions\iobitascsurfingprotection@iobit.com [2015-01-06]

Chrome:

=======

CHR HomePage: Profile 1 -> hxxp://www.superstart.se/

CHR StartupUrls: Profile 1 -> "hxxp://www.superstart.se/"

CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]

CHR Extension: (Google Docs) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]

CHR Extension: (Google Drive) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-15]

CHR Extension: (YouTube) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]

CHR Extension: (Google Search) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-15]

CHR Extension: (Website Logon) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2015-02-15]

CHR Extension: (Google Sheets) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]

CHR Extension: (Google Wallet) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-15]

CHR Extension: (Gmail) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-15]

CHR Profile: C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1

CHR Extension: (Google Translate) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-01-24]

CHR Extension: (Google Docs) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-24]

CHR Extension: (Google Drive) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-24]

CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2015-01-24]

CHR Extension: (YouTube) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-24]

CHR Extension: (Google Cast) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-01-24]

CHR Extension: (Adblock Plus) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-24]

CHR Extension: (Google Search) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-24]

CHR Extension: (Website Logon) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2015-01-24]

CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015-01-24]

CHR Extension: (Java API Search) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dphfngjamcomlehblpblaacingmaojnm [2015-01-24]

CHR Extension: (Wikipedia Lookup - Context Menu) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ehigjigpolmdglippjafhnpngmaeepkp [2015-01-24]

CHR Extension: (Google Calendar) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-01-24]

CHR Extension: (Blur) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2015-01-24]

CHR Extension: (Bookmark Manager) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]

CHR Extension: (IE Tab) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2015-01-24]

CHR Extension: (Java for Browsing) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ibbogmiigionndgfnmajmchoejcapfeo [2015-05-05]

CHR Extension: (FlashControl) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe [2015-01-24]

CHR Extension: (Google Mail Checker) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-01-24]

CHR Extension: (Google Wallet) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-24]

CHR Extension: (Gmail) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-24]

CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]

R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-05-07] (Microsoft Corporation)

R2 ESCSvc; C:\Program Files (x86)\Emotum\Stay Connected\Service.exe [659752 2010-08-25] ()

R2 ESUSClient_B2; C:\Program Files (x86)\Bredbandsbolaget\ESUS_B2\ESUS_B2.exe [358824 2011-03-07] (Bredbandsbolaget)

R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]

R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-04-10] (Foxit Software Inc.)

R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424 2011-08-26] (HP)

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [49464 2014-05-21] (Hewlett-Packard Company)

R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)

S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2015-01-06] (IObit)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)

S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339968 2014-12-22] (IDT, Inc.) [File not signed]

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

S2 SpyHunter 4 Service; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2014-12-22] (Advanced Micro Devices Inc.)

S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-12-22] (Broadcom Corporation.)

S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-21] (Broadcom Corporation.)

R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-11] (Disc Soft Ltd)

S3 esgiguard; No ImagePath

S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-05-07] ()

S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-06] (REALiX)

R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)

S0 is3srv; C:\Windows\SysWow64\drivers\is3srv64.sys [74768 2014-05-05] (iS3 Inc.)

R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG Electronics Inc.)

R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG Electronics Inc.)

R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG Electronics Inc.)

S3 MBAMSwissArmy; No ImagePath

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)

S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)

R0 szkg5; C:\Windows\SysWow64\DRIVERS\szkg64.sys [74768 2014-05-05] (iS3 Inc.)

S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)

S3 clwvd; system32\DRIVERS\clwvd.sys [X]

S3 CV2K1; system32\DRIVERS\cv2k1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-10 15:54 - 2015-05-10 15:54 - 00029820 _____ () C:\Users\Elgiganten AB\Desktop\FRST.txt

2015-05-10 15:54 - 2015-05-10 15:54 - 00000000 ____D () C:\FRST

2015-05-10 15:52 - 2015-05-10 15:52 - 02102784 _____ (Farbar) C:\Users\Elgiganten AB\Desktop\FRST64.exe

2015-05-08 00:23 - 2015-05-08 00:22 - 00320424 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2015-05-08 00:22 - 2015-05-08 00:22 - 00189864 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2015-05-08 00:22 - 2015-05-08 00:22 - 00189864 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2015-05-08 00:22 - 2015-05-08 00:22 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2015-05-08 00:20 - 2015-05-08 00:19 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2015-05-08 00:19 - 2015-05-08 00:19 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2015-05-08 00:19 - 2015-05-08 00:19 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2015-05-08 00:19 - 2015-05-08 00:19 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2015-05-08 00:15 - 2015-05-08 00:15 - 00000000 ____D () C:\Users\Public\Foxit Software

2015-05-08 00:14 - 2015-05-08 00:14 - 00000000 ____D () C:\Program Files (x86)\Foxit Software

2015-05-08 00:09 - 2015-05-08 00:10 - 00003182 _____ () C:\Windows\System32\Tasks\ASC8_PerformanceMonitor

2015-05-07 23:36 - 2015-05-10 09:27 - 00000000 ____D () C:\ProgramData\AVAST Software

2015-05-07 21:57 - 2015-05-07 21:57 - 00000000 ____D () C:\Users\Elgiganten AB\AppData\Roaming\Enigma Software Group

2015-05-07 21:56 - 2015-05-07 21:56 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys

2015-05-07 11:01 - 2015-05-07 11:01 - 00000000 ____D () C:\Users\Elgiganten AB\AppData\Local\F-Secure

2015-05-07 00:04 - 2015-05-07 00:04 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-05-07 00:04 - 2015-05-07 00:04 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-05-07 00:04 - 2015-05-07 00:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2015-05-07 00:01 - 2015-05-07 00:01 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe

2015-05-07 00:00 - 2015-05-07 00:00 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll

2015-05-07 00:00 - 2015-05-07 00:00 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll

2015-05-07 00:00 - 2015-05-07 00:00 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe

2015-05-07 00:00 - 2015-05-07 00:00 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll

2015-05-07 00:00 - 2015-05-07 00:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe

2015-05-07 00:00 - 2015-05-07 00:00 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe

2015-05-07 00:00 - 2015-05-07 00:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll

2015-05-07 00:00 - 2015-05-07 00:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll

2015-04-30 22:17 - 2015-04-30 22:17 - 916096890 _____ () C:\Windows\MEMORY.DMP

2015-04-30 22:17 - 2015-04-30 22:17 - 00374656 _____ () C:\Windows\Minidump\043015-42463-01.dmp

2015-04-30 13:54 - 2015-04-30 13:54 - 00002135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk

2015-04-30 13:54 - 2015-04-30 13:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2015-04-30 13:54 - 2015-04-30 13:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-04-29 23:46 - 2015-04-29 23:46 - 00000000 ____D () C:\Users\Elgiganten AB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast

2015-04-29 22:55 - 2015-04-29 23:46 - 00001231 _____ () C:\Users\Elgiganten AB\Desktop\Chromecast.lnk

2015-04-29 13:29 - 2015-04-29 13:29 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll

2015-04-29 13:29 - 2015-04-29 13:29 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll

2015-04-29 13:29 - 2015-04-29 13:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll

2015-04-29 13:29 - 2015-04-29 13:29 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll

2015-04-29 13:28 - 2015-04-29 13:28 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll

2015-04-29 13:28 - 2015-04-29 13:28 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll

2015-04-15 14:33 - 2015-04-15 14:33 - 00000000 ____D () C:\Windows\system32\appraiser

2015-04-15 11:07 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-04-15 11:07 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-04-15 11:07 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-04-15 11:07 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-04-15 11:07 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-04-15 11:07 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-04-15 11:07 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-04-15 11:07 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-04-15 11:07 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-04-15 11:07 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-04-15 11:07 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-04-15 11:07 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-04-15 11:07 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-04-15 11:07 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-04-15 11:07 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-04-15 11:07 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-04-15 11:07 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-04-15 11:07 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-04-15 11:07 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-04-15 11:07 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-04-15 11:07 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-04-15 11:07 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2015-04-15 11:07 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-04-15 11:07 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-04-15 11:07 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2015-04-15 11:07 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2015-04-15 11:07 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2015-04-15 11:07 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2015-04-15 11:07 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2015-04-15 11:07 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2015-04-15 11:07 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

2015-04-15 11:06 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-04-15 11:06 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-04-15 11:06 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-04-15 11:06 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-04-15 11:06 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-04-15 11:06 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-04-15 11:06 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-04-15 11:06 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-04-15 11:06 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-04-15 11:06 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-04-15 11:06 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-04-15 11:06 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-04-15 11:06 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-04-15 11:06 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-04-15 11:06 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-04-15 11:06 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-04-15 11:06 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-04-15 11:06 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-04-15 11:06 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-04-15 11:06 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-04-15 11:06 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-04-15 11:06 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-04-15 11:06 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-04-15 11:06 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-04-15 11:06 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-04-15 11:06 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-04-15 11:06 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-04-15 11:06 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-04-15 11:06 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-04-15 11:06 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-04-15 11:06 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-04-15 11:06 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-04-15 11:06 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-04-15 11:06 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-04-15 11:06 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-04-15 11:06 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-04-15 11:06 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-04-15 11:06 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-04-15 11:06 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-04-15 11:06 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-04-15 11:06 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-04-15 11:06 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-04-15 11:06 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-04-15 11:06 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-04-15 11:06 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-04-15 11:06 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-04-15 11:06 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-04-15 11:06 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-04-15 11:06 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-04-15 11:06 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-04-15 11:06 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-04-15 11:06 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-04-15 11:06 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-04-15 11:06 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-04-15 11:06 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-04-15 11:06 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-04-15 11:06 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-04-15 11:06 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-04-15 11:06 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys

2015-04-15 11:06 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll

2015-04-15 11:06 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll

2015-04-15 11:06 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys

2015-04-14 22:03 - 2015-04-14 22:03 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-10 15:54 - 2012-06-30 22:22 - 00001008 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-05-10 15:49 - 2015-02-02 21:55 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3968084286-2689556007-1972798229-1001UA1d03f224034191a.job

2015-05-10 15:49 - 2013-04-04 22:31 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-05-10 09:36 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-05-10 09:36 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-05-10 09:30 - 2014-02-07 23:46 - 00000000 ____D () C:\ProgramData\ProductData

2015-05-10 09:29 - 2012-06-30 22:22 - 00001004 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-05-10 09:28 - 2014-04-29 09:29 - 00000452 ____H () C:\Windows\Tasks\SN.Booster-S-615019665.job

2015-05-10 09:28 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-05-10 09:17 - 2012-06-08 22:33 - 00298496 ___SH () C:\Users\Elgiganten AB\Thumbs.db

2015-05-10 08:08 - 2014-10-25 19:16 - 00000364 _____ () C:\Windows\Tasks\HPCeeScheduleForElgiganten AB.job

2015-05-10 01:00 - 2012-03-12 17:29 - 01307281 _____ () C:\Windows\WindowsUpdate.log

2015-05-10 00:57 - 2012-05-17 07:54 - 00000000 ____D () C:\Users\Elgiganten AB\Documents\Bladet

2015-05-09 23:56 - 2015-02-02 21:55 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3968084286-2689556007-1972798229-1001Core.job

2015-05-09 19:50 - 2014-10-25 19:16 - 00003234 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForElgiganten AB

2015-05-09 19:49 - 2012-06-09 19:31 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2015-05-09 19:49 - 2012-06-02 19:45 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log

2015-05-09 12:02 - 2012-06-13 20:52 - 00000000 ___RD () C:\Fastigheter

2015-05-08 00:16 - 2012-05-16 23:02 - 00000000 ____D () C:\Users\Elgiganten AB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-05-08 00:16 - 2012-05-16 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

2015-05-08 00:16 - 2012-05-16 23:02 - 00000000 ____D () C:\Program Files\WinRAR

2015-05-08 00:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System

2015-05-07 23:54 - 2012-05-16 22:36 - 00000000 ____D () C:\Users\Elgiganten AB\AppData\Roaming\uTorrent

2015-05-07 23:39 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar

2015-05-07 23:10 - 2012-05-16 22:43 - 00000000 ____D () C:\Users\Elgiganten AB\Downloads\På gång

2015-05-07 23:10 - 2012-05-16 22:43 - 00000000 ____D () C:\Users\Elgiganten AB\Downloads\Klara

2015-05-07 21:56 - 2013-09-30 21:30 - 00000000 ____D () C:\Program Files\Enigma Software Group

2015-05-07 11:07 - 2012-09-04 15:29 - 00000000 ____D () C:\ProgramData\f-secure

2015-05-07 09:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2015-05-07 07:58 - 2011-11-12 03:13 - 00664052 _____ () C:\Windows\system32\perfh01D.dat

2015-05-07 07:58 - 2011-11-12 03:13 - 00142820 _____ () C:\Windows\system32\perfc01D.dat

2015-05-07 07:58 - 2009-07-14 07:13 - 01580482 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-05-07 07:48 - 2014-08-10 16:41 - 95436800 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak

2015-05-07 07:48 - 2014-08-10 16:41 - 00851968 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak

2015-05-07 07:48 - 2014-08-10 16:41 - 00061440 _____ () C:\Windows\system32\config\SAM.iodefrag.bak

2015-05-07 07:48 - 2014-08-10 16:41 - 00036864 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak

2015-05-04 17:23 - 2012-05-17 11:34 - 00000000 ____D () C:\Users\Elgiganten AB\AppData\Local\Spotify

2015-05-04 15:23 - 2012-05-17 11:33 - 00000000 ____D () C:\Users\Elgiganten AB\AppData\Roaming\Spotify

2015-04-30 22:17 - 2013-09-30 23:23 - 00000000 ____D () C:\Windows\Minidump

2015-04-30 22:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports

2015-04-30 21:57 - 2012-05-17 11:24 - 00000000 ____D () C:\Users\Elgiganten AB\AppData\Roaming\vlc

2015-04-30 13:53 - 2014-01-21 23:56 - 00000000 ____D () C:\Users\Elgiganten AB\Desktop\B.åh

2015-04-30 07:28 - 2009-07-14 07:08 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2015-04-30 00:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers

2015-04-29 23:46 - 2012-05-16 20:22 - 00000000 ____D () C:\Users\Elgiganten AB\AppData\Local\Google

2015-04-29 23:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

2015-04-29 22:39 - 2012-05-16 21:03 - 00000000 ____D () C:\Users\Elgiganten AB\AppData\Local\Thunderbird

2015-04-29 13:27 - 2015-04-02 23:22 - 00000000 ____D () C:\Users\Elgiganten AB\Tracing

2015-04-29 13:27 - 2014-08-11 21:35 - 00000000 ____D () C:\Users\Elgiganten AB\AppData\Roaming\DAEMON Tools Lite

2015-04-28 01:04 - 2012-06-08 22:37 - 00000000 ____D () C:\Brk

2015-04-16 08:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat

2015-04-15 14:33 - 2014-05-03 00:32 - 00000000 ___SD () C:\Windows\system32\CompatTel

2015-04-15 14:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2015-04-15 14:18 - 2012-05-16 23:17 - 00000000 ____D () C:\ProgramData\Microsoft Help

2015-04-15 14:16 - 2012-03-12 17:34 - 01556052 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

2015-04-15 14:14 - 2013-07-25 07:58 - 00000000 ____D () C:\Windows\system32\MRT

2015-04-15 14:05 - 2012-05-16 20:24 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-04-14 22:03 - 2013-04-04 22:31 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-04-14 22:03 - 2013-04-04 22:31 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-04-14 22:03 - 2013-04-04 22:31 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-04-14 00:25 - 2012-05-24 12:53 - 00000000 ___RD () C:\Users\Elgiganten AB\Desktop\Mat

2015-04-13 22:44 - 2014-04-22 12:49 - 00000000 ____D () C:\Users\Elgiganten AB\AppData\Local\IE Tab

2015-04-13 13:23 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

==================== Files in the root of some directories =======

2015-01-25 18:12 - 2015-01-25 18:12 - 0001248 _____ () C:\Users\Elgiganten AB\AppData\Roaming\HNIRSXY

2015-02-02 14:06 - 2015-02-02 14:06 - 2020824 _____ (ObjectB) C:\Users\Elgiganten AB\AppData\Roaming\HNIRSXY.exe

2015-01-25 18:12 - 2015-01-25 18:12 - 0001248 _____ () C:\Users\Elgiganten AB\AppData\Roaming\WVSOONIK

2015-02-02 13:56 - 2015-02-02 13:56 - 2020824 _____ (Cinema PlusV02.02) C:\Users\Elgiganten AB\AppData\Roaming\WVSOONIK.exe

2014-12-26 19:25 - 2015-02-08 17:24 - 0006144 _____ () C:\Users\Elgiganten AB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-11-04 14:13 - 2014-11-04 14:13 - 0000218 _____ () C:\Users\Elgiganten AB\AppData\Local\recently-used.xbel

2012-05-16 18:06 - 2015-03-12 13:36 - 0007631 _____ () C:\Users\Elgiganten AB\AppData\Local\resmon.resmoncfg

2014-12-22 16:37 - 2014-12-22 16:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:

====================

C:\Users\Elgiganten AB\audacity-win-2.0.3.exe

C:\Users\Elgiganten AB\chromeinstall-7u17.exe

C:\Users\Elgiganten AB\chromeinstall-7u21 (1).exe

C:\Users\Elgiganten AB\chromeinstall-7u21 (2).exe

C:\Users\Elgiganten AB\chromeinstall-7u21 (3).exe

C:\Users\Elgiganten AB\chromeinstall-7u21 (4).exe

C:\Users\Elgiganten AB\chromeinstall-7u21.exe

C:\Users\Elgiganten AB\ChromeSetup.exe

C:\Users\Elgiganten AB\DG_Setup.exe

C:\Users\Elgiganten AB\driveragent.exe

C:\Users\Elgiganten AB\FacebookVideoCallSetup_v1.2.205.0.exe

C:\Users\Elgiganten AB\GoogleEarthPluginSetup.exe

C:\Users\Elgiganten AB\jre-7u25-windows-i586.exe

C:\Users\Elgiganten AB\jre-7u25-windows-x64.exe

C:\Users\Elgiganten AB\Lame_v3.99.3_for_Windows.exe

C:\Users\Elgiganten AB\LGPCSuite_Setup.exe

C:\Users\Elgiganten AB\MouseGestures_x86.exe

C:\Users\Elgiganten AB\Shockwave_Installer_Slim (1).exe

C:\Users\Elgiganten AB\Shockwave_Installer_Slim.exe

C:\Users\Elgiganten AB\sp29294.exe

C:\Users\Elgiganten AB\sp48051.exe

C:\Users\Elgiganten AB\sp49538.exe

C:\Users\Elgiganten AB\sp52352.exe

C:\Users\Elgiganten AB\sp54996.exe

C:\Users\Elgiganten AB\spotify.exe

C:\Users\Elgiganten AB\weathersp3_StubInstaller (1).exe

C:\Users\Elgiganten AB\weathersp3_StubInstaller.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-04 00:29

==================== End Of Log ============================

10 Maj, 2015

Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på knappen Log file.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[R0].txt

10 Maj, 2015

# AdwCleaner v4.203 - Logfile created 10/05/2015 at 17:29:50

# Updated 30/04/2015 by Xplode

# Database : 2015-05-09.1 [server]

# Operating system : Windows 7 Home Premium Service Pack 1 (x64)

# Username : Elgiganten AB - KÖKET

# Running from : C:\Users\Elgiganten AB\Desktop\adwcleaner_4.203.exe

# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Program Files\Common Files\System\SysMenu64.dll

File Found : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb

File Found : C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb

Folder Found : C:\Program Files\Common Files\ShopperPro

Folder Found : C:\ProgramData\epicscale

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1

Data Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

Data Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:49802;hxxps=127.0.0.1:49802

Key Found : HKCU\Software\EpicScale

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Key Found : [x64] HKCU\Software\EpicScale

Key Found : HKLM\SOFTWARE\0614be75-b982-4268-a02a-526510c6043b

Key Found : HKLM\SOFTWARE\58966a4f-a545-4ed9-b25a-6bcdd9295034

Key Found : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt

Key Found : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}

Key Found : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL

Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Key Found : HKLM\SOFTWARE\HitsBlender

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}

Key Found : HKU\.DEFAULT\Software\IBUpdaterService

Key Found : HKU\.DEFAULT\Software\YTDownloader

Value Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]

Value Found : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [savedLegacySettings]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728

-\\ Mozilla Firefox v

-\\ Google Chrome v42.0.2311.135

-\\ Comodo Dragon v

-\\ Opera v0.0.0.0

-\\ Chrome Canary v

*************************

AdwCleaner[R0].txt - [8764 bytes] - [13/09/2013 01:11:18]

AdwCleaner[R1].txt - [26751 bytes] - [02/02/2015 17:29:15]

AdwCleaner[R2].txt - [2876 bytes] - [10/05/2015 17:29:50]

AdwCleaner[s0].txt - [9023 bytes] - [13/09/2013 01:13:19]

AdwCleaner[s1].txt - [25237 bytes] - [02/02/2015 17:33:51]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3054 bytes] ##########

10 Maj, 2015

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.

Klicka på Clean-knappen.
Tryck på OK.
Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s0].txt

2. Starta FRST.

Välj Addition.txt.

Skanna med programmet och klistra in eller bifoga de två nya FRST.txt och Addition.txt.

3. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Välj alternativet Enable detection of potentially unwanted applications.

Klicka på Advanced Settings.
Ta bort bocken framför Remove found threats.
Bocka för:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

10 Maj, 2015

# AdwCleaner v4.203 - Logfile created 10/05/2015 at

18:02:06

# Updated 30/04/2015 by Xplode

# Database : 2015-05-09.1 [server]

# Operating system : Windows 7 Home Premium Service Pack

1 (x64)

# Username : Elgiganten AB - KÖKET

# Running from : C:\Users\Elgiganten AB\Desktop

\adwcleaner_4.203.exe

# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\epicscale

Folder Deleted : C:\Program Files\Common Files\ShopperPro

File Deleted : C:\Windows\AppPatch\Custom\{8a4d5a43-

c64a-45ab-bdf4-804fe18ceafd}.sdb

File Deleted : C:\Windows\AppPatch\Custom

\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb

File Deleted : C:\Program Files\Common Files\System

\SysMenu64.dll

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\*\shellex

\ContextMenuHandlers\SysMenuExt

Key Deleted : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL

Key Deleted : HKLM\SOFTWARE\0614be75-b982-4268-a02a-

526510c6043b

Key Deleted : HKLM\SOFTWARE\58966a4f-a545-4ed9-b25a-

6bcdd9295034

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7

-45F9-B8A4-36A305168069}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909

-49B6-AFE2-8BDE245DC7E6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Explorer\Browser Helper Objects

\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

Key Deleted : HKCU\Software\Microsoft\Windows

\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-

8BDE245DC7E6}

Key Deleted : HKCU\Software\Microsoft\Windows

\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-

8BDE245DC7E6}

Key Deleted : HKCU\Software\EpicScale

Key Deleted : HKLM\SOFTWARE\HitsBlender

Key Deleted : HKU\.DEFAULT\Software\IBUpdaterService

Key Deleted : HKU\.DEFAULT\Software\YTDownloader

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows

\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-

1D2EB0B89613}

Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows

\CurrentVersion\Internet Settings [ProxyServer] -

hxxp=127.0.0.1:49802;hxxps=127.0.0.1:49802

Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows

\CurrentVersion\Internet Settings [ProxyEnable] - 1

Data Deleted : HKU\.DEFAULT\Software\Microsoft\Windows

\CurrentVersion\Internet Settings [ProxyOverride] - <-

loopback>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728

-\\ Mozilla Firefox v

-\\ Google Chrome v42.0.2311.135

-\\ Comodo Dragon v

-\\ Opera v0.0.0.0

-\\ Chrome Canary v

*************************

AdwCleaner[R0].txt - [8764 bytes] - [13/09/2013 01:11:18]

AdwCleaner[R1].txt - [26751 bytes] - [02/02/2015

17:29:15]

AdwCleaner[R2].txt - [3137 bytes] - [10/05/2015 17:29:50]

AdwCleaner[s0].txt - [9023 bytes] - [13/09/2013 01:13:19]

AdwCleaner[s1].txt - [25237 bytes] - [02/02/2015

17:33:51]

AdwCleaner[s2].txt - [2837 bytes] - [10/05/2015 18:02:06]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [2896

bytes] ##########

10 Maj, 2015

Hur går det med de andra loggarna?

10 Maj, 2015

Jag kör nu eset´s onlinescanning, men det har hållit på i snart 5 1/2 timmar och bara hunnit med 42%. Får stå på under natten så skickar jag i morgon. Tackar för all hjälp, så länge.

10 Maj, 2015

Kan inte klistra in texten, bifogar filen istället.

Försöker igen:

ESET online scanner 15-05-11.txt

11 Maj, 2015

Och så var det nya loggar (FRST.txt och Addition.txt) från FRST som också behövs.

11 Maj, 2015

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015

Ran by Elgiganten AB (administrator) on KÖKET on 11-05-2015 15:54:02

Running from C:\Users\Elgiganten AB\Desktop

Loaded Profiles: Elgiganten AB (Available profiles: Elgiganten AB)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Svenska (Sverige)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-

frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will

not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe

(HP) C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel

\Fuel.Service.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

() C:\Program Files (x86)\Emotum\Stay Connected\Service.exe

(Bredbandsbolaget) C:\Program Files (x86)\Bredbandsbolaget\ESUS_B2\ESUS_B2.exe

(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe

(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud

\FCUpdateService.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services

\HPClientServices.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared

\HPDrvMntSvc.exe

(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common

\HPSupportSolutionsFrameworkService.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP

Quick Launch\HPWMISVC.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live

\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live

\WLIDSVCM.EXE

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

() C:\Program Files (x86)\RocketDock\RocketDock.exe

(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support

Framework\HPSA_Service.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card

Reader\RIconMan.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe

(HP) C:\Program Files (x86)\HP SimplePass 2012\BioMonitor.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Egna program\Office2007\Office12\WINWORD.EXE

(Microsoft Corporation) C:\Windows\splwow64.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

(HP) C:\Program Files (x86)\HP SimplePass 2012\TouchControl.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to

default or removed. The file will not be moved.)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288

2011-10-14] (Synaptics Incorporated)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe

[1332296 2015-01-30] (Microsoft Corporation)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440

2014-05-19] (Logitech, Inc.)

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-12

-22] (IDT, Inc.)

HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP

Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-04-22]

(Hewlett-Packard)

Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

(Logitech, Inc.)

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\...\Run: [RocketDock] => C:

\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\...\RunOnce: [Adobe Speed

Launcher] => 1431323418

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\...\Policies\system:

[DisableLockWorkstation] 0

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\...\Policies\system:

[DisableChangePassword] 0

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\...\MountPoints2: {6b817c91-ea40-

11e4-a7f0-082e5f97a489} - G:\LG_PC_Programs.exe

HKU\S-1-5-18\...\Run: [bredbandsbolaget Servicecenter] => C:\Program Files

(x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe [443752 2010-01-20]

(Bredbandsbolaget)

HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit

\Advanced SystemCare 8\ASCTray.exe [2427680 2014-12-10] (IObit)

Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software

\BtwProximityCP.dll

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>

No File

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed

or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <=======

ATTENTION

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\SOFTWARE\Policies\Microsoft

\Internet Explorer: Policy restriction <======= ATTENTION

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.

ProxyServer: [.DEFAULT] => http=127.0.0.1:49802;https=127.0.0.1:49802

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =

http://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =

http://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://www.google.com

HKU\S-1-5-21-3968084286-2689556007-1972798229-1001\Software\Microsoft\Internet

Explorer\Main,Start Page = http://www.superstart.se/

SearchScopes: HKLM -> {C7C8B855-AA6B-4C50-9615-8E7CF4EC0A3E} URL =

http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link

%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 -> {C7C8B855-AA6B-4C50-9615-8E7CF4EC0A3E} URL =

http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link

%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL

=

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL

=

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL

=

SearchScopes: HKU\S-1-5-21-3968084286-2689556007-1972798229-1001 -> DefaultScope

{B78EEAC2-C580-477B-AD7C-C68BC0D2F93A} URL = http://www.google.com/search?hl=sv&q=

{searchTerms}&rlz=1I7GGHP_svSE610

SearchScopes: HKU\S-1-5-21-3968084286-2689556007-1972798229-1001 -> {B78EEAC2-C580-

477B-AD7C-C68BC0D2F93A} URL = http://www.google.com/search?hl=sv&q={searchTerms}

&rlz=1I7GGHP_svSE610

BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program

Files\AMD\SteadyVideo\SteadyVideo.dll [2011-06-08] (Advanced Micro Devices)

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:

\Program Files\Java\jre7\bin\ssv.dll [2015-05-08] (Oracle Corporation)

BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program

Files (x86)\HP SimplePass 2012\x64\IEBHO.dll [2011-08-26] (HP)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:

\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011

-03-29] (Microsoft Corp.)

BHO: Mouse Gestures -> {A6A49249-57AE-4295-8D4D-18A9502C7D8E} -> C:\Program Files

\Internet Explorer\Plugins\Drowse\MouseGestures.dll [2010-02-23] (Drowse)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program

Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)

BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files

\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:

\Program Files\Java\jre7\bin\jp2ssv.dll [2015-05-08] (Oracle Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program

Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck

\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)

BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program

Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2011-06-08] (Advanced Micro Devices)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:

\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-08] (Oracle Corporation)

BHO-x32: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:

\Program Files (x86)\HP SimplePass 2012\IEBHO.dll [2011-08-26] (HP)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->

C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live

\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)

BHO-x32: Mouse Gestures -> {A6A49249-57AE-4295-8D4D-18A9502C7D8E} -> C:\Program Files

(x86)\Internet Explorer\Plugins\Drowse\MouseGestures.dll [2010-02-23] (Drowse)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:

\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google

Inc.)

BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program

Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)

BHO-x32: Bredbandsbolaget Servicecenter Plugin -> {DB87CDE1-EF9C-44EB-A42F-

6D0B3C72C516} -> C:\Program Files (x86)\Bredbandsbolaget\Servicecenter

\IEFixItNowPlugin.dll [2010-01-20] (Bredbandsbolaget)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->

C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-08] (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:

\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck

\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program

Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)

Toolbar: HKU\S-1-5-21-3968084286-2689556007-1972798229-1001 -> No Name - {7FEBEFE3-

6B19-4349-98D2-FFB09D4B49CA} - No File

Toolbar: HKU\S-1-5-21-3968084286-2689556007-1972798229-1001 -> Google Toolbar -

{2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google

Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5}

http://download.eset.com/special/eos/OnlineScanner.cab

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD

\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files

(x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD

\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files

(x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:

========

FF ProfilePath: C:\Users\Elgiganten AB\AppData\Roaming\Mozilla\Firefox\Profiles

\n55rcey6.default

FF Homepage: user_pref("browser.startup.homepage", );

FF DefaultSearchEngine: Yahoo!

FF SelectedSearchEngine: Yahoo!

FF Keyword.URL: hxxp://search.yahoo.com/search?ei=utf-

8&fr=greentree_ff1&type=902615&ilc=12&p=

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash

\NPSWF64_17_0_0_169.dll [2015-04-14] ()

FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin

\dtplugin\npDeployJava1.dll [2015-05-08] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin

\plugin2\npjp2.dll [2015-05-08] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft

Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe

\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash

\NPSWF32_17_0_0_169.dll [2015-04-14] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director

\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)

FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program

Files (x86)\BankID\npBispBrowser.dll [2015-01-28] (Finansiell ID-Teknik BID AB)

FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.3.0.6 -> C:\Program

Files (x86)\BankID\npBispBrowser.dll [2015-01-28] (Finansiell ID-Teknik BID AB)

FF Plugin-x32: @cuminas.jp/DjVuPlugin -> C:\Program Files (x86)\Cuminas\Document

Express DjVu Plug-in\npdjvu.dll [2014-09-04] (Cuminas Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf ->

C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[2015-02-11] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf

-> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[2015-02-11] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp

-> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[2015-02-11] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader

Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software

\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google

Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java

\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-08] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java

\jre7\bin\plugin2\npjp2.dll [2015-05-08] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft

Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files

(x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files

(x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files

(x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files

(x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN

\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR

\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-3968084286-2689556007-1972798229-1001:

@tools.google.com/Google Update;version=3 -> C:\Users\Elgiganten AB\AppData\Local

\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)

FF Plugin HKU\S-1-5-21-3968084286-2689556007-1972798229-1001:

@tools.google.com/Google Update;version=9 -> C:\Users\Elgiganten AB\AppData\Local

\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)

FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Elgiganten AB

\AppData\Roaming\Mozilla\Firefox\Profiles\n55rcey6.default\Extensions

\iobitascsurfingprotection@iobit.com [2015-01-06]

Chrome:

=======

CHR HomePage: Profile 1 -> hxxp://www.superstart.se/

CHR StartupUrls: Profile 1 -> "hxxp://www.superstart.se/"

CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?

{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri=

{google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}

{google:currentPageUrl}{google:pageClassification}{google:searchVersion}

{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]

CHR Extension: (Google Docs) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]

CHR Extension: (Google Drive) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-15]

CHR Extension: (YouTube) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User

Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]

CHR Extension: (Google Search) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-15]

CHR Extension: (Website Logon) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Default\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2015-02-15]

CHR Extension: (Google Sheets) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]

CHR Extension: (Google Wallet) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-15]

CHR Extension: (Gmail) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User

Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-15]

CHR Profile: C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data\Profile 1

CHR Extension: (Google Translate) - C:\Users\Elgiganten AB\AppData\Local\Google

\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-01-24]

CHR Extension: (Google Docs) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-24]

CHR Extension: (Google Drive) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-24]

CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Elgiganten AB

\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions

\bbmegnmpleoagolcnjnejdacakedpcgd [2015-01-24]

CHR Extension: (YouTube) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User

Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-24]

CHR Extension: (Google Cast) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Profile 1\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-01-24]

CHR Extension: (Adblock Plus) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-24]

CHR Extension: (Google Search) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-24]

CHR Extension: (Website Logon) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Profile 1\Extensions\debkinhcgejcbfgjiaalomcmkedjmiaa [2015-01-24]

CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Elgiganten AB\AppData\Local

\Google\Chrome\User Data\Profile 1\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2015

-01-24]

CHR Extension: (Java API Search) - C:\Users\Elgiganten AB\AppData\Local\Google

\Chrome\User Data\Profile 1\Extensions\dphfngjamcomlehblpblaacingmaojnm [2015-01-24]

CHR Extension: (Wikipedia Lookup - Context Menu) - C:\Users\Elgiganten AB\AppData

\Local\Google\Chrome\User Data\Profile 1\Extensions\ehigjigpolmdglippjafhnpngmaeepkp

[2015-01-24]

CHR Extension: (Google Calendar) - C:\Users\Elgiganten AB\AppData\Local\Google

\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-01-24]

CHR Extension: (Blur) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User Data

\Profile 1\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2015-01-24]

CHR Extension: (Bookmark Manager) - C:\Users\Elgiganten AB\AppData\Local\Google

\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]

CHR Extension: (IE Tab) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User

Data\Profile 1\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2015-01-24]

CHR Extension: (Java for Browsing) - C:\Users\Elgiganten AB\AppData\Local\Google

\Chrome\User Data\Profile 1\Extensions\ibbogmiigionndgfnmajmchoejcapfeo [2015-05-05]

CHR Extension: (FlashControl) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Profile 1\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe [2015-01-24]

CHR Extension: (Google Mail Checker) - C:\Users\Elgiganten AB\AppData\Local\Google

\Chrome\User Data\Profile 1\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-01-24]

CHR Extension: (Google Wallet) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome

\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-24]

CHR Extension: (Gmail) - C:\Users\Elgiganten AB\AppData\Local\Google\Chrome\User

Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-24]

CHR HKLM-x32\...\Chrome\Extension: [debkinhcgejcbfgjiaalomcmkedjmiaa] - C:\Program

Files (x86)\HP SimplePass 2012\tschrome.crx [2011-08-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the

registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare

8\ASCService.exe [815392 2014-11-04] (IObit)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

[361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]

R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-05-07] (Microsoft

Corporation)

R2 ESCSvc; C:\Program Files (x86)\Emotum\Stay Connected\Service.exe [659752 2010-08-

25] ()

R2 ESUSClient_B2; C:\Program Files (x86)\Bredbandsbolaget\ESUS_B2\ESUS_B2.exe [358824

2011-03-07] (Bredbandsbolaget)

R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits

Software AS) [File not signed]

R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit

Cloud\FCUpdateService.exe [244392 2015-04-10] (Foxit Software Inc.)

R2 FPLService; C:\Program Files (x86)\HP SimplePass 2012\TrueSuiteService.exe [260424

2011-08-26] (HP)

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support

Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not

signed]

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common

\HPSupportSolutionsFrameworkService.exe [49464 2014-05-21] (Hewlett-Packard Company)

R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896

2014-09-30] (IObit)

S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456

2015-01-06] (IObit)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30]

(Microsoft Corporation)

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30]

(Microsoft Corporation)

S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339968 2014-12-22] (IDT, Inc.)

[File not signed]

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27]

(Microsoft Corporation)

S2 SpyHunter 4 Service; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the

registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2014-12-22] (Advanced

Micro Devices Inc.)

S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-12-22] (Broadcom

Corporation.)

S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-21] (Broadcom

Corporation.)

R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink

Corporation)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-11] (Disc

Soft Ltd)

S3 esgiguard; No ImagePath

S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-05-07] ()

S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers

\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-06] (REALiX

)

R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys

[17920 2010-06-19] (Siliten)

S0 is3srv; C:\Windows\SysWow64\drivers\is3srv64.sys [74768 2014-05-05] (iS3 Inc.)

R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtpt64.sys [16384 2009-09-29] (LG

Electronics Inc.)

R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbs64.sys [14848 2009-09-29] (LG

Electronics Inc.)

R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmdm64.sys [17408 2009-09-29] (LG

Electronics Inc.)

S3 MBAMSwissArmy; No ImagePath

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft

Corporation)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft

Corporation)

S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers

\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-

06-04] (IObit)

R0 szkg5; C:\Windows\SysWow64\DRIVERS\szkg64.sys [74768 2014-05-05] (iS3 Inc.)

S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers

\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)

S3 clwvd; system32\DRIVERS\clwvd.sys [X]

S3 CV2K1; system32\DRIVERS\cv2k1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any

associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-11 00:16 - 2015-05-11 00:16 - 00031515 _____ () C:\Users\Elgiganten AB

\Desktop\ESET online scanner 15-05-11.txt

2015-05-10 18:12 - 2015-05-10 18:12 - 00000000 ____D () C:\Program Files (x86)\ESET

2015-05-10 18:06 - 2015-05-10 18:06 - 00002976 _____ () C:\Users\Elgiganten AB

\Desktop\AdwCleaner[s2].txt

2015-05-10 18:04 - 2015-05-11 07:38 - 00000112 _____ () C:\Windows\setupact.log

2015-05-10 18:04 - 2015-05-10 18:04 - 00000000 _____ () C:\Windows\setuperr.log

2015-05-10 18:03 - 2015-05-10 18:03 - 00005150 _____ () C:\Windows\PFRO.log

2015-05-10 18:02 - 2015-05-10 18:02 - 00000000 ____H () C:\asc_rdflag

2015-05-10 17:31 - 2015-05-10 17:34 - 00003137 _____ () C:\Users\Elgiganten AB

\Desktop\AdwCleaner[R2].txt

2015-05-10 17:29 - 2015-05-10 17:29 - 02204160 _____ () C:\Users\Elgiganten AB

\Desktop\adwcleaner_4.203.exe

2015-05-10 15:55 - 2015-05-10 15:56 - 00050650 _____ () C:\Users\Elgiganten AB

\Desktop\Addition.txt

2015-05-10 15:54 - 2015-05-11 15:54 - 00029818 _____ () C:\Users\Elgiganten AB

\Desktop\FRST.txt

2015-05-10 15:54 - 2015-05-11 15:54 - 00000000 ____D () C:\FRST

2015-05-10 15:52 - 2015-05-10 15:52 - 02102784 _____ (Farbar) C:\Users\Elgiganten AB

\Desktop\FRST64.exe

2015-05-08 00:23 - 2015-05-08 00:22 - 00320424 _____ (Oracle Corporation) C:\Windows

\system32\javaws.exe

2015-05-08 00:22 - 2015-05-08 00:22 - 00189864 _____ (Oracle Corporation) C:\Windows

\system32\javaw.exe

2015-05-08 00:22 - 2015-05-08 00:22 - 00189864 _____ (Oracle Corporation) C:\Windows

\system32\java.exe

2015-05-08 00:22 - 2015-05-08 00:22 - 00111016 _____ (Oracle Corporation) C:\Windows

\system32\WindowsAccessBridge-64.dll

2015-05-08 00:20 - 2015-05-08 00:19 - 00272808 _____ (Oracle Corporation) C:\Windows

\SysWOW64\javaws.exe

2015-05-08 00:19 - 2015-05-08 00:19 - 00176040 _____ (Oracle Corporation) C:\Windows

\SysWOW64\javaw.exe

2015-05-08 00:19 - 2015-05-08 00:19 - 00176040 _____ (Oracle Corporation) C:\Windows

\SysWOW64\java.exe

2015-05-08 00:19 - 2015-05-08 00:19 - 00098216 _____ (Oracle Corporation) C:\Windows

\SysWOW64\WindowsAccessBridge-32.dll

2015-05-08 00:15 - 2015-05-08 00:15 - 00000000 ____D () C:\Users\Public\Foxit

Software

2015-05-08 00:14 - 2015-05-08 00:14 - 00000000 ____D () C:\Program Files (x86)\Foxit

Software

2015-05-08 00:09 - 2015-05-08 00:10 - 00003182 _____ () C:\Windows\System32\Tasks

\ASC8_PerformanceMonitor

2015-05-07 23:36 - 2015-05-10 09:27 - 00000000 ____D () C:\ProgramData\AVAST Software

2015-05-07 21:57 - 2015-05-07 21:57 - 00000000 ____D () C:\Users\Elgiganten AB

\AppData\Roaming\Enigma Software Group

2015-05-07 21:56 - 2015-05-07 21:56 - 00022704 _____ () C:\Windows\system32\Drivers

\EsgScanner.sys

2015-05-07 11:01 - 2015-05-07 11:01 - 00000000 ____D () C:\Users\Elgiganten AB

\AppData\Local\F-Secure

2015-05-07 00:04 - 2015-05-07 00:04 - 05569984 _____ (Microsoft Corporation) C:

\Windows\system32\ntoskrnl.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 03989440 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ntkrnlpa.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 03934144 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ntoskrnl.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 01728960 _____ (Microsoft Corporation) C:

\Windows\system32\ntdll.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 01461760 _____ (Microsoft Corporation) C:

\Windows\system32\lsasrv.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 01310744 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ntdll.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 01254400 _____ (Microsoft Corporation) C:

\Windows\system32\diagtrack.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 01162752 _____ (Microsoft Corporation) C:

\Windows\system32\kernel32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 01114112 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\kernel32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00879104 _____ (Microsoft Corporation) C:

\Windows\system32\tdh.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00879104 _____ (Microsoft Corporation) C:

\Windows\system32\advapi32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00728064 _____ (Microsoft Corporation) C:

\Windows\system32\kerberos.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00686080 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\adtschema.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00686080 _____ (Microsoft Corporation) C:

\Windows\system32\adtschema.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00641536 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\advapi32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00635392 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\tdh.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00550912 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\kerberos.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00503808 _____ (Microsoft Corporation) C:

\Windows\system32\srcore.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00424448 _____ (Microsoft Corporation) C:

\Windows\system32\KernelBase.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00404992 _____ (Microsoft Corporation) C:

\Windows\system32\tracerpt.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00364544 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\tracerpt.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00362496 _____ (Microsoft Corporation) C:

\Windows\system32\wow64win.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00341504 _____ (Microsoft Corporation) C:

\Windows\system32\schannel.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00338432 _____ (Microsoft Corporation) C:

\Windows\system32\conhost.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00314880 _____ (Microsoft Corporation) C:

\Windows\system32\msv1_0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00309760 _____ (Microsoft Corporation) C:

\Windows\system32\ncrypt.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00296960 _____ (Microsoft Corporation) C:

\Windows\system32\rstrui.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00274944 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\KernelBase.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00259584 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msv1_0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00248832 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\schannel.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00243712 _____ (Microsoft Corporation) C:

\Windows\system32\wow64.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00221184 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ncrypt.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00215040 _____ (Microsoft Corporation) C:

\Windows\system32\winsrv.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00210944 _____ (Microsoft Corporation) C:

\Windows\system32\wdigest.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00172032 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wdigest.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00155584 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\ksecpkg.sys

2015-05-07 00:04 - 2015-05-07 00:04 - 00146432 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msaudite.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00146432 _____ (Microsoft Corporation) C:

\Windows\system32\msaudite.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00136192 _____ (Microsoft Corporation) C:

\Windows\system32\sspicli.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00113664 _____ (Microsoft Corporation) C:

\Windows\system32\sechost.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00112640 _____ (Microsoft Corporation) C:

\Windows\system32\smss.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00104448 _____ (Microsoft Corporation) C:

\Windows\system32\logman.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00096768 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\sspicli.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00095680 _____ (Microsoft Corporation) C:

\Windows\system32\Drivers\ksecdd.sys

2015-05-07 00:04 - 2015-05-07 00:04 - 00092160 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\sechost.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00086528 _____ (Microsoft Corporation) C:

\Windows\system32\TSpkg.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00082944 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\logman.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00065536 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\TSpkg.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00064000 _____ (Microsoft Corporation) C:

\Windows\system32\auditpol.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00060416 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\msobjs.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00060416 _____ (Microsoft Corporation) C:

\Windows\system32\msobjs.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00050176 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\auditpol.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00050176 _____ (Microsoft Corporation) C:

\Windows\system32\srclient.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00047104 _____ (Microsoft Corporation) C:

\Windows\system32\typeperf.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00043520 _____ (Microsoft Corporation) C:

\Windows\system32\csrsrv.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00043008 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\srclient.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00043008 _____ (Microsoft Corporation) C:

\Windows\system32\relog.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00040448 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\typeperf.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00037888 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\relog.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00036864 _____ (Microsoft Corporation) C:

\Windows\system32\UtcResources.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00031232 _____ (Microsoft Corporation) C:

\Windows\system32\lsass.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00029184 _____ (Microsoft Corporation) C:

\Windows\system32\sspisrv.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00028160 _____ (Microsoft Corporation) C:

\Windows\system32\secur32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00025600 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\setup16.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00022016 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\secur32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00022016 _____ (Microsoft Corporation) C:

\Windows\system32\credssp.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00019456 _____ (Microsoft Corporation) C:

\Windows\system32\diskperf.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00017408 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\diskperf.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00017408 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\credssp.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00016384 _____ (Microsoft Corporation) C:

\Windows\system32\ntvdm64.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00014336 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\ntvdm64.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00013312 _____ (Microsoft Corporation) C:

\Windows\system32\wow64cpu.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00007680 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\instnm.exe

2015-05-07 00:04 - 2015-05-07 00:04 - 00006656 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\apisetschema.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00006656 _____ (Microsoft Corporation) C:

\Windows\system32\apisetschema.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00006144 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00006144 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00005120 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00005120 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00005120 _____ (Microsoft Corporation) C:

\Windows\SysWOW64\wow32.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004608 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004608 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004608 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004608 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00004096 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2015-05-07 00:04 - 2015-05-07 00:04 - 00003584 ____H (Microsoft Corporation) C:

\Windows\system32\api-ms-win-core-heap-l1-1-0.dll