Just nu i M3-nätverket
Gå till innehåll

Ultra

Medlem
  • Antal inlägg

    250
  • Gick med

  • Senaste besök

  1. Hej, Jag kör Thunderbird på en dator och har där ett e-postkonto på en profil men nu skulle jag vilja ha ytterligare ett e-postkonto kopplat till Thunderbird. Alltså två separata konton som jag kan växla emellan, INTE att all e-post kommer till samma inkorg. Typ, Nisse startar Thunderbird och väljer sin "profil" och då ser han sin e-post och de mappar han har skapat i programmet. Sen kommer Kalle och vill kolla sin e-post vilket medför att Nisse loggar ut från sin "profil" och sen får Kalle logga in på sin profil. Jag har försökt leta runt men hittar inga vettiga svar/instruktioner om hur man går till väga men jag antar, och hoppas, att det går att göra på detta sätt. När man startar Thunderbird så kan man ju skapa en ny "Profil" och sen följa guiden om att lägga till ett nytt e-postkonto men blir det då två helt separerade konton? Alltså att inte allt kommer till samma inkorg? Nästa grej är att jag vill föra över allt från mitt gamla e-postprogram som är Outlook Express, alltså få med alla mappar och innehåll mm. Tips på hur jag bör gå till väga mottages tacksamt :-)
  2. Ja, jag har gett upp Hemgrupp då jag fått det att fungera, iaf hyfsat (se ovan), och då törs jag inte gå in och grotta med något annat.
  3. Det verkar ha varit det där med användare och lösenord som spökade. Jag fixade användare och lösenord på alla datorer och efter lite fix så har jag fått det att fungera...iaf hyfsat. Det är en dator som trilskas lite, den har kontakt med alla andra datorer men det går inte att komma åt den från någon annan dator. Då kommer det bara upp ett fönster med: "Ange nätverksautentiseringsuppgifter". Inte det fönstret med både användarnamn och lösen ord utan här ska bara lösenord fyllas i. Och så finns det ett alternativ där man kan "Använd ett annat konto". Jag har provat med alla lösenord jag har men får det inte att fungera. Från den datorn som det inte går att komma åt gick jag bakvägen och la en genväg till dess Skrivbord på en av de andra datorerna och när jag klickar på genvägen så går det att komma åt den datorns Skrivbord. Men det går alltså inte att komma åt den om man går in i "Nätverk" och väljer den datorn. Hur som helst så verkar ju allt annat fungera så jag kanske bara ska acceptera och vara glad, det är väl ungefär så denna fantastiska datorvärld fungerar. Att man inte alltid behöver förstå varför :-) Tack för alla tips
  4. Nä, har inte skapat något tidigare, bara nu och då fick jag välja lösenord själv.
  5. Jag vill bla. dela Skrivborden på datorerna, hur gör jag då? Ska skrivbordsmappen läggas i en annan mapp (delat)?
  6. Ja, jag skapade en hemgrupp på ena datorn och när jag går in på "Hemgrupp" på en annan dator så står det "Dator X har redan en Hemgrupp, klicka här för att gå med i den" typ. Men det händer inget när jag försöker ansluta till den. På denna dator hittar jag ingenstans där jag kan skapa en (ny) Hemgrupp men det kanske bara går att ha en Hemgrupp. Om jag går till Hemgrupp på "Dator X" så kommer det upp att jag kan skapa en Hemgrupp men jag hittar inte den som den andra datorn säger redan ska finnas på "Dator X". Hänger du med? ;-)
  7. Hej och tack för svaren. Jag var inne på det där med Hemgrupp och försökte köra efter den där guiden men fick det inte att fungera. Ibland blir det att det redan finns en hemgrupp och ibland att man skulle skapa en ny. Men tycker du att det är vägen att gå Vertpre? Cecilia, jag tänkte också på det där men vad är det för konto? Är det användarkontot? Datorerna startar ju upp direkt utan att man behöver välja användare eller lösenord.
  8. Hej, Har haft ett nätverk som tidigare har fungerat, åtminstone, tillfredsställande men ibland har det varit problem med att datorerna bara hittat varandra från ena hållet osv. Det har varit blandade datorer med allt ifrån Windows XP till Windows 10. Nu har jag bytt ut ett par datorer och självklart så strular det ännu mer med nätverket och jag tänkte om det finns något enkelt sätt att typ "nollställa" nätverket och börja om från början för att få det att fungera bättre. Jag tycker att jag har letat på nätet efter guider mm. men har inte hittat något vettigt (eller så är jag bara för korkad för att förstå). Finns det någon vänlig själ här som har några tips och råd? Det handlar om fyra stycken datorer, tre med Windows 10 Pro och en dator med Windows 7 Ultimate. Datorerna är anslutna till nätverket via kabel men det finns även trådlöst. Alla datorerna är döpta till specifika namn och är anslutna till arbetsgruppen "WOURKGROUP". När jag från min nya dator väljer "Nätverk" i utforskaren så kommer alla de andra datorerna upp men när jag klickar på någon av de så kommer det upp ett fönster med "Ange nätverksautentiseringsuppgifter" och att man ska fylla i Användarnamn och Lösenord, vad är detta? Det står även "Domän: XXX" (namnet på min dator) i detta fönster. Vad ska jag göra? Jag antar att det är någon inställning någonstans som ska ändras eller? Tänkte på det där med domänet. Nätverket fungerade som sagt tidigare men nu när min nya dator har kommit in verkar det se helt annorlunda ut. Kan tillägga att det utbytta datorn, en gammal XP, var som något slags server då den var ansluten till en skrivare som kunde användas av de andra datorerna. Jag kan även lägga till att jag är helt ny på W10 så jag är lite ovan att hitta runt i datorn än så länge. Jag hoppas att det är någon här som kan hjälpa till eller kanske kan länka till någon vettig guide eller nåt. Tack så länge!
  9. Hej, Jag skulle vilja ha tips på om det finns någon smidig modem/router som man kan använda till Tele2 mobila bredband som jag har. Alltså om det går att sätta i det SIM-kortet i ett smidigare modem än det stora modemet jag har nu. Funkar det att göra så eller är SIM-kortet "låst" till Tele2s egna modem? Är ute och reser en del och det skulle vara skönt med en smidigare lösning. Det finns ju USB-modem men jag vill ha så att jag kan dela internetuppkopplingen via WiFi. Tips på vettig lösning mottages gärna.
  10. Hej, Eset verkar ha hängt sig på 31% så jag avslutade och tänkte börja om. Det här hittade den hittills: C:\FRST\Quarantine\C\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\fggnmmjhficagbcgpgpkkonpjeehmgoa\content.js JS/Chromex.Agent.L trojan C:\FRST\Quarantine\C\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\fggnmmjhficagbcgpgpkkonpjeehmgoa\Qi62.js JS/Kryptik.ATB trojan
  11. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015 Ran by Tomas at 2015-01-09 09:03:40 Run:1 Running from C:\Users\Tomas\Desktop Loaded Profiles: Tomas & UpdatusUser (Available profiles: Tomas & UpdatusUser) Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [sunJavaUpdateReg] => C:\Windows\SysWOW64\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {0a479bf6-962b-11dd-a3b2-806e6f6e6963} - F:\start.exe CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.6.0_01\bin\jp2ssv.dll No File Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File CHR dev: Chrome dev build detected! <======= ATTENTION CHR Extension: (uNisalles) - C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\ [2013-08-22] 2014-12-29 18:07 - 2014-12-31 01:22 - 00000000 ____D () C:\Program Files (x86)\unisAleis 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\Program Files (x86)\uNisalles 2015-01-08 15:47 - 2013-03-11 09:45 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\BitTorrent Task: {895E0CD0-9DA0-456B-A605-55574A667BDB} - System32\Tasks\{85286B8D-AD13-4A3D-A567-56CC47D0957D} => pcalua.exe -a F:\setup.exe -d F:\ Task: {E0D9B1D2-57A9-4347-8673-54C54D1DE307} - System32\Tasks\{98F0081B-895B-46F7-B838-B4FB4378D932} => pcalua.exe -a "C:\Users\Tomas\Downloads\NCR1_install (2).exe" -d C:\Users\Tomas\Downloads Task: {FA0D3926-9CA2-4ED1-9863-9543B27BA4CD} - System32\Tasks\{39821805-2F8F-4E0A-93FE-7D510B5007B6} => F:\Setup.exe AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm EmptyTemp: ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateReg => value deleted successfully. HKU\S-1-5-21-63412372-1427995199-370361792-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully. HKU\S-1-5-21-63412372-1427995199-370361792-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully. "HKU\S-1-5-21-63412372-1427995199-370361792-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a479bf6-962b-11dd-a3b2-806e6f6e6963}" => Key deleted successfully. HKCR\CLSID\{0a479bf6-962b-11dd-a3b2-806e6f6e6963} => Key not found. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. HKU\S-1-5-21-63412372-1427995199-370361792-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} => value deleted successfully. "HKCR\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}" => Key deleted successfully. HKU\S-1-5-21-63412372-1427995199-370361792-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} => value deleted successfully. HKCR\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922} => Key not found. CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry. C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\ => Moved successfully. C:\Program Files (x86)\unisAleis => Moved successfully. "C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa" => File/Directory not found. C:\Program Files (x86)\uNisalles => Moved successfully. C:\Users\Tomas\AppData\Roaming\BitTorrent => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{895E0CD0-9DA0-456B-A605-55574A667BDB}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{895E0CD0-9DA0-456B-A605-55574A667BDB}" => Key deleted successfully. C:\Windows\System32\Tasks\{85286B8D-AD13-4A3D-A567-56CC47D0957D} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{85286B8D-AD13-4A3D-A567-56CC47D0957D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0D9B1D2-57A9-4347-8673-54C54D1DE307}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0D9B1D2-57A9-4347-8673-54C54D1DE307}" => Key deleted successfully. C:\Windows\System32\Tasks\{98F0081B-895B-46F7-B838-B4FB4378D932} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{98F0081B-895B-46F7-B838-B4FB4378D932}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA0D3926-9CA2-4ED1-9863-9543B27BA4CD}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA0D3926-9CA2-4ED1-9863-9543B27BA4CD}" => Key deleted successfully. C:\Windows\System32\Tasks\{39821805-2F8F-4E0A-93FE-7D510B5007B6} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{39821805-2F8F-4E0A-93FE-7D510B5007B6}" => Key deleted successfully. C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully. EmptyTemp: => Removed 10.8 GB temporary data. The system needed a reboot. ==== End of Fixlog 09:23:48 ====
  12. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015 Ran by Tomas (administrator) on TOMASNYHP on 08-01-2015 17:22:19 Running from C:\Users\Tomas\Desktop Loaded Profiles: Tomas & UpdatusUser (Available profiles: Tomas & UpdatusUser) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nfservice.exe (Norman Safeground AS) C:\Program Files\Norman\Nse\bin\nseupdatesvc.exe (Norman Safeground AS) C:\Program Files\Norman\nvc\bin\nvcsvc.exe (Norman AS) C:\Program Files\Norman\Npm\Bin\nvoy.exe (Norman Safeground AS) C:\Program Files\Norman\Ngs\bin\nnf.exe (Norman Safeground AS) C:\Program Files\Norman\Ngs\bin\nprosec.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nwscmon.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\Zanda.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe () C:\hp\HPEZBTN\HPBtnSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe (OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\Zlh.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe (Dassault Systèmes SolidWorks Corp.) C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\zlhh.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\scheduler.exe () C:\Program Files\Norman\Npm\Bin\njeeves2.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Hewlett-Packard Company) C:\hp\KBD\kbd.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-06-11] (Intel Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-02] (Hewlett-Packard) HKLM-x32\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company) HKLM-x32\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] () HKLM-x32\...\Run: [OsdMaestro] => c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [119296 2007-02-15] (OsdMaestro) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [indexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [Norman ZANDA] => C:\Program Files\Norman\Npm\Bin\ZLH.EXE [88536 2014-08-21] (Norman Safeground AS) HKLM-x32\...\Run: [sunJavaUpdateReg] => C:\Windows\SysWOW64\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [Google Update] => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-28] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\RunOnce: [Application Restart #4] => C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\MountPoints2: {5fc4e9cc-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\MountPoints2: {5fc4e9d5-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [Google Update] => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-28] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [Messenger (Yahoo!)] => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {0a479bf6-962b-11dd-a3b2-806e6f6e6963} - F:\start.exe HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {5fc4e9cc-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {5fc4e9d5-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnk ShortcutTarget: SolidWorks 2013 Fast Start.lnk -> C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk ShortcutTarget: SolidWorks Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-63412372-1427995199-370361792-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-63412372-1427995199-370361792-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Länkhjälp till Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation) BHO-x32: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files (x86)\AOL\AOL Verktygsfält 5.0\aoltb.dll (AOL LLC) BHO-x32: Inloggningshjälp för Microsoft-konto -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.6.0_01\bin\jp2ssv.dll No File Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Verktygsfält 5.0\aoltb.dll (AOL LLC) Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab Tcpip\Parameters: [DhcpNameServer] 217.27.161.40 217.27.161.3 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 -> C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin HKU\S-1-5-21-63412372-1427995199-370361792-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-63412372-1427995199-370361792-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-09-03] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (uNisalles) - C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\ [2013-08-22] CHR StartMenuInternet: Google Chrome - C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.) R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [File not signed] R2 HPBtnSrv; c:\hp\HPEZBTN\HPBtnSrv.exe [198240 2007-05-29] () R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed] R2 nfservice; C:\Program Files\Norman\Npm\Bin\nfservice.exe [194536 2014-11-03] (Norman Safeground AS) R3 NJeeves2; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [179080 2014-11-27] () R2 NNFSVC; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [281128 2014-06-30] (Norman Safeground AS) R2 Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [456664 2014-06-30] (Norman Safeground AS) R2 NPROSECSVC; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [140032 2014-10-15] (Norman Safeground AS) R2 nseupdatesvc; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [261456 2014-12-03] (Norman Safeground AS) R2 nvcsvc; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [401560 2014-11-27] (Norman Safeground AS) R2 nvoy; C:\Program Files\Norman\Npm\Bin\nvoy.exe [246560 2013-06-27] (Norman AS) R2 NWSCMON; C:\Program Files\Norman\Npm\Bin\nwscmon.exe [231008 2014-08-05] (Norman Safeground AS) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.) R3 Scheduler; C:\Program Files\Norman\Npm\Bin\scheduler.exe [199680 2014-06-30] (Norman Safeground AS) R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-09-22] (SafeNet, Inc.) R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259040 2011-09-22] (SafeNet, Inc) R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292384 2011-09-22] (SafeNet, Inc.) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2013-03-18] (SolidWorks) [File not signed] S3 Norman NJeeves; "C:\Program Files\Norman\Npm\Bin\Njeeves.exe" [X] S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-01] (SafeNet Inc.) S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-08-01] (SafeNet Inc.) S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-01] (SafeNet Inc.) R3 gzflt; C:\Program Files\Norman\nvc\bin\gzflt.sys [138232 2014-06-04] (BitDefender LLC) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.) R1 NGS; c:\program files\norman\ngs\bin\ngs64.sys [23488 2014-06-27] (Norman Safeground AS) R1 NPROSEC; C:\Program Files\Norman\Ngs\Bin\nprosec64.sys [41536 2014-08-27] (Norman Safeground AS) R2 nregsec; C:\Program Files\Norman\Ngs\Bin\nregsec64.sys [68792 2014-10-15] (Norman Safeground AS) R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) S3 TdsNordecr; C:\Windows\System32\DRIVERS\nordecr.sys [28672 2007-10-30] (Todos Data System AB) R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-06-26] (BitDefender S.R.L.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263}; C:\Program Files (x86)\HP\DVDPlay\000.fcl [32240 2008-06-11] (Cyberlink Corp.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-08 16:15 - 2015-01-08 16:15 - 00034018 _____ () C:\Users\Tomas\Desktop\Addition.txt 2015-01-08 16:13 - 2015-01-08 17:22 - 00021669 _____ () C:\Users\Tomas\Desktop\FRST.txt 2015-01-08 16:06 - 2015-01-08 17:17 - 00000000 ____D () C:\AdwCleaner 2015-01-08 16:02 - 2015-01-08 16:02 - 02191360 _____ () C:\Users\Tomas\Desktop\adwcleaner_4.107.exe 2015-01-08 12:35 - 2015-01-08 12:36 - 02124288 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe 2015-01-01 13:25 - 2015-01-04 18:09 - 00000000 ____D () C:\Users\Tomas\Downloads\Digital Tutors - Creating a Parametric Multi Bodied CAD Model in Solidworks[AKD] 2014-12-31 18:14 - 2014-12-31 18:14 - 00000000 ____D () C:\Users\Tomas\Documents\MATLAB 2014-12-31 17:55 - 2014-12-31 19:01 - 00000000 ____D () C:\Program Files\Ricardo 2014-12-31 17:03 - 2014-12-31 17:03 - 00002892 _____ () C:\Windows\System32\Tasks\{39821805-2F8F-4E0A-93FE-7D510B5007B6} 2014-12-31 13:11 - 2014-12-31 13:11 - 00001224 _____ () C:\Windows\SysWOW64\hdd32.log 2014-12-31 13:06 - 2006-12-20 10:00 - 02511360 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\haspds_windows.dll 2014-12-31 13:06 - 2005-06-21 11:10 - 00024576 _____ () C:\Windows\SysWOW64\hdsuinst.exe 2014-12-31 13:06 - 2002-07-26 17:02 - 00153088 _____ () C:\Windows\SysWOW64\UNWISE.EXE 2014-12-31 13:05 - 2014-12-31 13:05 - 00001527 _____ () C:\Users\Public\Desktop\Dynomation-5.lnk 2014-12-31 13:05 - 2014-12-31 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motion Software Simulations 2014-12-31 13:03 - 2015-01-05 12:02 - 00000000 ____D () C:\Dynomation5 2014-12-31 12:51 - 2014-12-31 12:51 - 00003034 _____ () C:\Windows\System32\Tasks\{85286B8D-AD13-4A3D-A567-56CC47D0957D} 2014-12-30 22:17 - 2014-11-27 09:59 - 00205336 _____ () C:\Windows\system32\nscrnsav.scr 2014-12-30 22:17 - 2014-06-30 12:42 - 00461120 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\tdi_nf.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00133152 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale7_nf64.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00130080 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale_nf64.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00123888 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale7_nf.sys 2014-12-30 22:17 - 2014-06-30 12:41 - 00120792 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale_nf.sys 2014-12-30 22:17 - 2014-06-26 12:49 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\Trufos.sys 2014-12-30 22:17 - 2011-08-26 10:03 - 00053928 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsec.sys 2014-12-30 22:17 - 2011-08-11 13:52 - 00034440 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsecl64.sys 2014-12-30 22:17 - 2011-08-11 13:52 - 00030856 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsecl.sys 2014-12-30 21:56 - 2014-12-30 21:56 - 00000000 ____D () C:\Program Files\Windows Live 2014-12-30 21:52 - 2014-12-30 21:52 - 01650048 _____ (Norman Safeground AS ) C:\Users\Tomas\Downloads\NormanSecuritySuite_1100x64 (4).exe 2014-12-30 17:37 - 2014-12-30 17:37 - 00000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc 2014-12-30 17:37 - 2014-12-30 17:37 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Gibbs 2014-12-30 17:37 - 2014-12-30 17:37 - 00000000 ____D () C:\Users\Tomas\AppData\Local\Gibbs 2014-12-30 17:25 - 2014-12-30 17:25 - 00000000 ____D () C:\ProgramData\Gibbs 2014-12-30 17:22 - 2013-08-01 15:11 - 04609928 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe 2014-12-30 17:22 - 2013-08-01 15:11 - 04609928 _____ (SafeNet Inc.) C:\Windows\system32\aksllmtp.exe 2014-12-30 17:22 - 2013-08-01 15:11 - 00140736 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksfridge.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00331328 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\hardlock.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00303624 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksusb.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00198088 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\hlvdd.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00091784 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksdf.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00077768 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\aksusb4.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00070088 _____ (SafeNet Inc.) C:\Windows\system32\akshhl30.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00063944 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\akshhl.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00060488 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\akshasp.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00021448 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksclass.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00018376 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\akshsp52.dll 2014-12-30 17:20 - 2014-12-31 13:10 - 00019350 _____ () C:\Windows\aksdrvsetup.log 2014-12-30 17:20 - 2014-12-30 17:20 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel 2014-12-30 17:20 - 2014-12-30 17:20 - 00000000 ____D () C:\Program Files (x86)\SafeNet Sentinel 2014-12-30 17:20 - 2009-09-17 07:05 - 00145448 _____ (SafeNet, Inc.) C:\Windows\system32\Drivers\sentinel64.sys 2014-12-30 17:19 - 2014-12-30 17:19 - 00000000 ____D () C:\Users\Tomas\Documents\Downloaded Installations 2014-12-29 20:28 - 2014-12-29 20:28 - 00000000 ____D () C:\Users\Tomas\Desktop\Ny mapp 2014-12-29 19:36 - 2015-01-04 18:10 - 00000000 ____D () C:\Users\Tomas\Downloads\InfiniteSkills – Learning SolidWorks 2015 2014-12-29 19:32 - 2014-12-29 19:36 - 07342075 _____ () C:\Users\Tomas\Downloads\Engineering Analysis with SolidWorks Simulation 2014 book.zip 2014-12-29 19:32 - 2014-12-29 19:34 - 45322957 _____ () C:\Users\Tomas\Downloads\Mechanics of Materials Labs With Solidworks Simulation 2014.zip 2014-12-29 19:18 - 2014-12-29 19:19 - 00000000 ____D () C:\Users\Tomas\Desktop\_SolidSQUAD_ 2014-12-29 19:14 - 2014-06-22 07:17 - 00000000 ____D () C:\Users\Tomas\Desktop\Windows 2014-12-29 19:07 - 2014-09-28 14:59 - 00000000 ____D () C:\Users\Tomas\Desktop\Lynda – Modeling a Motorcycle Engine with SolidWorks 2014-12-29 19:06 - 2014-12-29 19:06 - 00000000 ____D () C:\Users\Tomas\Ny Mapp 2014-12-29 19:04 - 2014-12-29 19:04 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\WinRAR 2014-12-29 19:03 - 2014-12-29 19:03 - 01987488 _____ () C:\Users\Tomas\Downloads\winrar-x64-520sw.exe 2014-12-29 19:03 - 2014-12-29 19:03 - 00000000 ____D () C:\Program Files\WinRAR 2014-12-29 19:02 - 2014-12-29 19:02 - 01766152 _____ () C:\Users\Tomas\Downloads\wrar520 (1).exe 2014-12-29 19:00 - 2014-12-29 19:00 - 01766152 _____ () C:\Users\Tomas\Downloads\wrar520.exe 2014-12-29 18:38 - 2014-12-29 18:44 - 244373633 _____ () C:\Users\Tomas\Downloads\Ricardo Wave v71.rar 2014-12-29 18:28 - 2015-01-04 18:11 - 00000000 ____D () C:\Users\Tomas\Downloads\Lynda – Modeling a Motorcycle Engine with SolidWorks 2014-12-29 18:08 - 2014-12-29 18:08 - 00000000 ____D () C:\Program Files (x86)\Shareaholic for Pinterest 2014-12-29 18:07 - 2014-12-31 01:22 - 00000000 ____D () C:\Program Files (x86)\unisAleis 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\Program Files (x86)\uNisalles 2014-12-29 17:45 - 2015-01-04 17:50 - 00000000 ____D () C:\Users\Tomas\Downloads\Ricardo Suite 2014.1 x86 & x64 2014-12-29 13:47 - 2014-12-29 13:47 - 00000000 ____D () C:\Users\Tomas\Downloads\Avl Suite 2013 Workspace Suite v2013.1 With Fire v2013.1 (x86x64) 2014-12-28 12:25 - 2014-12-28 12:25 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PipeMax v3.98 2014-12-28 12:25 - 2014-12-28 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PipeMax v3.98 2014-12-28 12:24 - 2014-12-28 12:24 - 00249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe 2014-12-28 12:23 - 2014-12-28 18:46 - 00000000 ____D () C:\PIPE398 2014-12-28 12:23 - 2014-12-28 12:23 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE 2014-12-27 17:25 - 2014-12-27 17:25 - 00000000 ____D () C:\Users\Tomas\Downloads\SolidProfessor Solidworks 2013 2014-12-27 17:14 - 2015-01-04 18:07 - 00000000 ____D () C:\Users\Tomas\Downloads\AVL Suite 2014.0 (Workspace Suite 2014.0) x86 & x64 2014-12-20 17:24 - 2014-12-20 17:24 - 12101910 _____ () C:\Users\Tomas\Downloads\freeware_software.exe 2014-12-20 14:36 - 2014-12-20 14:37 - 60018700 _____ (Isoplex, Inc. ) C:\Users\Tomas\Downloads\isoplex-setup-1.0.4.exe 2014-12-20 14:32 - 2015-01-01 13:56 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lotus Engineering Software 2014-12-20 14:32 - 2015-01-01 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lotus Engineering Software 2014-12-20 14:31 - 2015-01-01 13:56 - 00000000 ____D () C:\lesoft 2014-12-20 14:21 - 2014-12-20 14:21 - 06510590 _____ () C:\Users\Tomas\Downloads\freeware_documentation.exe 2014-12-20 14:20 - 2014-12-20 14:21 - 35421980 _____ () C:\Users\Tomas\Downloads\install_engine 2.exe 2014-12-18 14:10 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-18 14:10 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-12-11 03:28 - 2014-12-11 03:28 - 00000000 ____D () C:\Windows\system32\appraiser 2014-12-11 03:03 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-12-11 03:03 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-12-11 03:03 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-12-11 03:03 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-12-11 03:03 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-12-11 03:03 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-12-11 03:03 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-12-11 03:03 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-12-11 03:03 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-12-11 03:03 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-12-10 09:30 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-12-10 09:30 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2014-12-10 09:30 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-10 09:30 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-12-10 09:30 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-10 09:30 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-10 09:30 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-12-10 09:30 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-10 09:30 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-12-10 09:30 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-10 09:30 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-12-10 09:30 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-10 09:30 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-10 09:30 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-12-10 09:30 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-10 09:30 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-12-10 09:30 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-10 09:30 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-12-10 09:30 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-10 09:30 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-12-10 09:30 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-10 09:30 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-12-10 09:30 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-10 09:30 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-12-10 09:30 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-10 09:30 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-12-10 09:30 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-12-10 09:30 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-12-10 09:30 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-10 09:30 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-10 09:30 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-12-10 09:30 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-12-10 09:30 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-12-10 09:30 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-12-10 09:30 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-12-10 09:30 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-10 09:30 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-10 09:30 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-12-10 09:30 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-10 09:30 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-12-10 09:30 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-10 09:30 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-12-10 09:30 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-12-10 09:30 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-12-10 09:30 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-12-10 09:30 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-12-10 09:30 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-10 09:30 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-12-10 09:30 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-12-10 09:30 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-12-10 09:30 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-10 09:30 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-12-10 09:30 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-10 09:30 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-12-10 09:30 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-12-10 09:30 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-12-10 09:30 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-10 09:30 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-10 09:30 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-12-10 09:29 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-10 09:29 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-12-10 09:29 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2014-12-10 09:29 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe 2014-12-10 09:29 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2014-12-10 09:29 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2014-12-10 09:29 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2014-12-10 09:29 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-08 17:22 - 2014-11-27 13:19 - 00000000 ____D () C:\FRST 2015-01-08 17:22 - 2008-09-15 18:28 - 00003666 _____ () C:\Windows\System32\Tasks\HP Health Check 2015-01-08 17:19 - 2014-05-27 13:36 - 00000000 ____D () C:\ProgramData\VMware 2015-01-08 17:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-08 17:19 - 2009-07-14 05:51 - 02862353 _____ () C:\Windows\setupact.log 2015-01-08 17:19 - 2008-09-15 17:58 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-08 17:18 - 2010-11-21 04:47 - 00362040 _____ () C:\Windows\PFRO.log 2015-01-08 17:17 - 2011-04-08 14:28 - 01447012 _____ () C:\Windows\WindowsUpdate.log 2015-01-08 16:41 - 2011-10-28 13:10 - 00001004 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-63412372-1427995199-370361792-1000UA.job 2015-01-08 16:34 - 2013-03-25 12:16 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-08 16:01 - 2011-04-08 13:58 - 00017456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-08 16:01 - 2011-04-08 13:58 - 00017456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-08 15:51 - 2010-09-07 13:37 - 00000000 ____D () C:\Program Files\Norman 2015-01-08 15:49 - 2008-09-15 18:09 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-08 15:47 - 2013-03-11 09:45 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\BitTorrent 2015-01-08 14:14 - 2011-04-08 15:56 - 00691864 _____ () C:\Windows\system32\perfh007.dat 2015-01-08 14:14 - 2011-04-08 15:56 - 00150362 _____ () C:\Windows\system32\perfc007.dat 2015-01-08 14:14 - 2010-11-21 12:38 - 00666540 _____ () C:\Windows\system32\perfh01D.dat 2015-01-08 14:14 - 2010-11-21 12:38 - 00143866 _____ () C:\Windows\system32\perfc01D.dat 2015-01-08 14:14 - 2009-07-14 06:13 - 02431052 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-08 12:51 - 2014-11-27 13:27 - 00000000 ____D () C:\Users\Tomas\Desktop\Virus 14 2015-01-07 10:29 - 2009-09-28 17:44 - 00000000 ____D () C:\Users\Tomas\Desktop\Kolvar 2015-01-07 08:10 - 2013-03-06 08:25 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2015-01-07 07:41 - 2011-10-28 13:10 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-63412372-1427995199-370361792-1000Core.job 2015-01-05 10:52 - 2014-05-27 13:42 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\VMware 2015-01-05 10:52 - 2014-05-27 13:42 - 00000000 ____D () C:\Users\Tomas\AppData\Local\VMware 2015-01-04 17:11 - 2011-04-08 14:00 - 00000000 ____D () C:\Users\Tomas 2015-01-02 18:44 - 2013-05-10 09:35 - 00000000 ____D () C:\ProgramData\Yahoo! 2015-01-02 18:37 - 2013-07-26 18:21 - 00000000 ____D () C:\Program Files\Autodesk 2015-01-02 18:10 - 2013-03-14 11:58 - 00000000 ____D () C:\ProgramData\Autodesk 2015-01-02 18:09 - 2013-07-26 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2015-01-02 16:50 - 2014-06-28 11:27 - 00000000 ____D () C:\Users\Tomas\Desktop\ULTRA_EngineProjekt 2015-01-01 13:20 - 2013-11-26 16:30 - 00000000 ____D () C:\Users\Tomas\Capri 2014-12-31 13:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup 2014-12-31 13:06 - 2008-09-15 18:17 - 00049217 _____ () C:\Windows\DirectX.log 2014-12-30 22:17 - 2010-09-07 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norman Security Suite 2014-12-30 21:57 - 2013-03-05 13:05 - 00001537 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2014-12-30 21:57 - 2013-03-05 13:05 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2014-12-30 19:44 - 2012-10-11 18:20 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-12-30 18:20 - 2011-04-08 14:38 - 00118168 _____ () C:\Users\Tomas\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-30 18:19 - 2009-07-14 05:45 - 00408464 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-30 18:01 - 2013-03-14 11:58 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Autodesk 2014-12-30 17:26 - 2013-03-18 17:16 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared 2014-12-26 11:01 - 2013-06-12 18:00 - 00000000 ____D () C:\Users\Tomas\Desktop\Ultra-Thundercars 2014-12-19 18:56 - 2011-11-02 13:14 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\vlc 2014-12-17 10:49 - 2013-07-17 17:42 - 00000000 ____D () C:\Users\Tomas\Desktop\Bilder 2014-12-12 04:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-12-11 06:34 - 2013-03-25 12:16 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-12-11 06:34 - 2013-03-25 12:16 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-12-11 06:34 - 2011-11-01 13:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-12-11 03:28 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-12-11 03:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-12-11 03:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-12-11 03:12 - 2013-07-27 02:00 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-11 03:06 - 2012-10-11 19:01 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-11 03:06 - 2011-10-28 09:24 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Files to move or delete: ==================== C:\Users\Tomas\install_flashplayer11x32_chra_aaa_aih.exe Some content of TEMP: ==================== C:\Users\Tomas\AppData\Local\Temp\AcDeltree.exe C:\Users\Tomas\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\Tomas\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe C:\Users\Tomas\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\Quarantine.exe C:\Users\Tomas\AppData\Local\Temp\Runner2.exe C:\Users\Tomas\AppData\Local\Temp\Runner4.exe C:\Users\Tomas\AppData\Local\Temp\sqlite3.dll C:\Users\Tomas\AppData\Local\Temp\ttv.exe C:\Users\Tomas\AppData\Local\Temp\uttB9B1.tmp.exe C:\Users\Tomas\AppData\Local\Temp\_is2606.exe C:\Users\Tomas\AppData\Local\Temp\_is8461.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-04 22:42 ==================== End Of Log ============================
  13. # AdwCleaner v4.107 - Report created 08/01/2015 at 17:17:46 # Updated 07/01/2015 by Xplode # Database : 2015-01-03.1 [Live] # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : Tomas - TOMASNYHP # Running from : C:\Users\Tomas\Desktop\adwcleaner_4.107.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\15457971234326063082 Folder Deleted : C:\Program Files (x86)\DeltaFix Folder Deleted : C:\Windows\SysWOW64\SearchProtect ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17496 -\\ Google Chrome v [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319614&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPAE5EC031-09C0-40A1-8858-2FCB7C52047C&q={searchTerms}&SSPV= [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319614&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPAE5EC031-09C0-40A1-8858-2FCB7C52047C&q={searchTerms}&SSPV= [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29 [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29 ************************* AdwCleaner[R0].txt - [6193 octets] - [08/01/2015 16:06:52] AdwCleaner[R1].txt - [6253 octets] - [08/01/2015 17:05:04] AdwCleaner[R2].txt - [6313 octets] - [08/01/2015 17:10:03] AdwCleaner[s0].txt - [5655 octets] - [08/01/2015 17:17:46] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5715 octets] ##########
  14. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015 Ran by Tomas (administrator) on TOMASNYHP on 08-01-2015 16:13:47 Running from C:\Users\Tomas\Desktop Loaded Profiles: Tomas & UpdatusUser (Available profiles: Tomas & UpdatusUser) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nfservice.exe (Norman Safeground AS) C:\Program Files\Norman\Nse\bin\nseupdatesvc.exe (Norman Safeground AS) C:\Program Files\Norman\nvc\bin\nvcsvc.exe (Norman AS) C:\Program Files\Norman\Npm\Bin\nvoy.exe (Norman Safeground AS) C:\Program Files\Norman\Ngs\bin\nnf.exe (Norman Safeground AS) C:\Program Files\Norman\Ngs\bin\nprosec.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nwscmon.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\Zanda.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe (OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\Zlh.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe (Dassault Systèmes SolidWorks Corp.) C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\zlhh.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe () C:\hp\HPEZBTN\HPBtnSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\scheduler.exe () C:\Program Files\Norman\Npm\Bin\njeeves2.exe (Hewlett-Packard Company) C:\hp\KBD\kbd.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-06-11] (Intel Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-02] (Hewlett-Packard) HKLM-x32\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company) HKLM-x32\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] () HKLM-x32\...\Run: [OsdMaestro] => c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [119296 2007-02-15] (OsdMaestro) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [indexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [Norman ZANDA] => C:\Program Files\Norman\Npm\Bin\ZLH.EXE [88536 2014-08-21] (Norman Safeground AS) HKLM-x32\...\Run: [sunJavaUpdateReg] => C:\Windows\SysWOW64\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [Google Update] => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-28] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\RunOnce: [Application Restart #4] => C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\MountPoints2: {5fc4e9cc-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\MountPoints2: {5fc4e9d5-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [Google Update] => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-28] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [Messenger (Yahoo!)] => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {0a479bf6-962b-11dd-a3b2-806e6f6e6963} - F:\start.exe HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {5fc4e9cc-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {5fc4e9d5-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnk ShortcutTarget: SolidWorks 2013 Fast Start.lnk -> C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk ShortcutTarget: SolidWorks Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-63412372-1427995199-370361792-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-63412372-1427995199-370361792-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKLM -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKLM -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} SearchScopes: HKLM-x32 -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} SearchScopes: HKLM-x32 -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File BHO-x32: Länkhjälp till Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation) BHO-x32: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files (x86)\AOL\AOL Verktygsfält 5.0\aoltb.dll (AOL LLC) BHO-x32: Inloggningshjälp för Microsoft-konto -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.6.0_01\bin\jp2ssv.dll No File Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Verktygsfält 5.0\aoltb.dll (AOL LLC) Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab Tcpip\Parameters: [DhcpNameServer] 217.27.161.40 217.27.161.3 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 -> C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin HKU\S-1-5-21-63412372-1427995199-370361792-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-63412372-1427995199-370361792-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-09-03] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (uNisalles) - C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\ [2013-08-22] CHR StartMenuInternet: Google Chrome - C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.) R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [File not signed] R2 HPBtnSrv; c:\hp\HPEZBTN\HPBtnSrv.exe [198240 2007-05-29] () R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed] R2 nfservice; C:\Program Files\Norman\Npm\Bin\nfservice.exe [194536 2014-11-03] (Norman Safeground AS) R3 NJeeves2; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [179080 2014-11-27] () R2 NNFSVC; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [281128 2014-06-30] (Norman Safeground AS) R2 Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [456664 2014-06-30] (Norman Safeground AS) R2 NPROSECSVC; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [140032 2014-10-15] (Norman Safeground AS) R2 nseupdatesvc; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [261456 2014-12-03] (Norman Safeground AS) R2 nvcsvc; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [401560 2014-11-27] (Norman Safeground AS) R2 nvoy; C:\Program Files\Norman\Npm\Bin\nvoy.exe [246560 2013-06-27] (Norman AS) R2 NWSCMON; C:\Program Files\Norman\Npm\Bin\nwscmon.exe [231008 2014-08-05] (Norman Safeground AS) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.) R3 Scheduler; C:\Program Files\Norman\Npm\Bin\scheduler.exe [199680 2014-06-30] (Norman Safeground AS) R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-09-22] (SafeNet, Inc.) R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259040 2011-09-22] (SafeNet, Inc) R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292384 2011-09-22] (SafeNet, Inc.) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2013-03-18] (SolidWorks) [File not signed] S3 Norman NJeeves; "C:\Program Files\Norman\Npm\Bin\Njeeves.exe" [X] S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-01] (SafeNet Inc.) S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-08-01] (SafeNet Inc.) S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-01] (SafeNet Inc.) R3 gzflt; C:\Program Files\Norman\nvc\bin\gzflt.sys [138232 2014-06-04] (BitDefender LLC) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.) R1 NGS; c:\program files\norman\ngs\bin\ngs64.sys [23488 2014-06-27] (Norman Safeground AS) R1 NPROSEC; C:\Program Files\Norman\Ngs\Bin\nprosec64.sys [41536 2014-08-27] (Norman Safeground AS) R2 nregsec; C:\Program Files\Norman\Ngs\Bin\nregsec64.sys [68792 2014-10-15] (Norman Safeground AS) R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) S3 TdsNordecr; C:\Windows\System32\DRIVERS\nordecr.sys [28672 2007-10-30] (Todos Data System AB) R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-06-26] (BitDefender S.R.L.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263}; C:\Program Files (x86)\HP\DVDPlay\000.fcl [32240 2008-06-11] (Cyberlink Corp.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-08 16:13 - 2015-01-08 16:14 - 00023888 _____ () C:\Users\Tomas\Desktop\FRST.txt 2015-01-08 16:06 - 2015-01-08 16:08 - 00000000 ____D () C:\AdwCleaner 2015-01-08 16:02 - 2015-01-08 16:02 - 02191360 _____ () C:\Users\Tomas\Desktop\adwcleaner_4.107.exe 2015-01-08 12:35 - 2015-01-08 12:36 - 02124288 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe 2015-01-01 13:25 - 2015-01-04 18:09 - 00000000 ____D () C:\Users\Tomas\Downloads\Digital Tutors - Creating a Parametric Multi Bodied CAD Model in Solidworks[AKD] 2014-12-31 18:14 - 2014-12-31 18:14 - 00000000 ____D () C:\Users\Tomas\Documents\MATLAB 2014-12-31 17:55 - 2014-12-31 19:01 - 00000000 ____D () C:\Program Files\Ricardo 2014-12-31 17:03 - 2014-12-31 17:03 - 00002892 _____ () C:\Windows\System32\Tasks\{39821805-2F8F-4E0A-93FE-7D510B5007B6} 2014-12-31 13:11 - 2014-12-31 13:11 - 00001224 _____ () C:\Windows\SysWOW64\hdd32.log 2014-12-31 13:06 - 2006-12-20 10:00 - 02511360 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\haspds_windows.dll 2014-12-31 13:06 - 2005-06-21 11:10 - 00024576 _____ () C:\Windows\SysWOW64\hdsuinst.exe 2014-12-31 13:06 - 2002-07-26 17:02 - 00153088 _____ () C:\Windows\SysWOW64\UNWISE.EXE 2014-12-31 13:05 - 2014-12-31 13:05 - 00001527 _____ () C:\Users\Public\Desktop\Dynomation-5.lnk 2014-12-31 13:05 - 2014-12-31 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motion Software Simulations 2014-12-31 13:03 - 2015-01-05 12:02 - 00000000 ____D () C:\Dynomation5 2014-12-31 12:51 - 2014-12-31 12:51 - 00003034 _____ () C:\Windows\System32\Tasks\{85286B8D-AD13-4A3D-A567-56CC47D0957D} 2014-12-30 22:17 - 2014-11-27 09:59 - 00205336 _____ () C:\Windows\system32\nscrnsav.scr 2014-12-30 22:17 - 2014-06-30 12:42 - 00461120 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\tdi_nf.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00133152 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale7_nf64.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00130080 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale_nf64.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00123888 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale7_nf.sys 2014-12-30 22:17 - 2014-06-30 12:41 - 00120792 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale_nf.sys 2014-12-30 22:17 - 2014-06-26 12:49 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\Trufos.sys 2014-12-30 22:17 - 2011-08-26 10:03 - 00053928 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsec.sys 2014-12-30 22:17 - 2011-08-11 13:52 - 00034440 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsecl64.sys 2014-12-30 22:17 - 2011-08-11 13:52 - 00030856 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsecl.sys 2014-12-30 21:56 - 2014-12-30 21:56 - 00000000 ____D () C:\Program Files\Windows Live 2014-12-30 21:52 - 2014-12-30 21:52 - 01650048 _____ (Norman Safeground AS ) C:\Users\Tomas\Downloads\NormanSecuritySuite_1100x64 (4).exe 2014-12-30 20:35 - 2014-12-30 20:35 - 00000000 ____D () C:\Users\Tomas\Desktop\FRST-OlderVersion 2014-12-30 17:37 - 2014-12-30 17:37 - 00000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc 2014-12-30 17:37 - 2014-12-30 17:37 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Gibbs 2014-12-30 17:37 - 2014-12-30 17:37 - 00000000 ____D () C:\Users\Tomas\AppData\Local\Gibbs 2014-12-30 17:25 - 2014-12-30 17:25 - 00000000 ____D () C:\ProgramData\Gibbs 2014-12-30 17:22 - 2013-08-01 15:11 - 04609928 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe 2014-12-30 17:22 - 2013-08-01 15:11 - 04609928 _____ (SafeNet Inc.) C:\Windows\system32\aksllmtp.exe 2014-12-30 17:22 - 2013-08-01 15:11 - 00140736 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksfridge.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00331328 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\hardlock.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00303624 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksusb.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00198088 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\hlvdd.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00091784 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksdf.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00077768 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\aksusb4.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00070088 _____ (SafeNet Inc.) C:\Windows\system32\akshhl30.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00063944 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\akshhl.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00060488 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\akshasp.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00021448 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksclass.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00018376 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\akshsp52.dll 2014-12-30 17:20 - 2014-12-31 13:10 - 00019350 _____ () C:\Windows\aksdrvsetup.log 2014-12-30 17:20 - 2014-12-30 17:20 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel 2014-12-30 17:20 - 2014-12-30 17:20 - 00000000 ____D () C:\Program Files (x86)\SafeNet Sentinel 2014-12-30 17:20 - 2009-09-17 07:05 - 00145448 _____ (SafeNet, Inc.) C:\Windows\system32\Drivers\sentinel64.sys 2014-12-30 17:19 - 2014-12-30 17:19 - 00000000 ____D () C:\Users\Tomas\Documents\Downloaded Installations 2014-12-29 20:28 - 2014-12-29 20:28 - 00000000 ____D () C:\Users\Tomas\Desktop\Ny mapp 2014-12-29 19:36 - 2015-01-04 18:10 - 00000000 ____D () C:\Users\Tomas\Downloads\InfiniteSkills – Learning SolidWorks 2015 2014-12-29 19:32 - 2014-12-29 19:36 - 07342075 _____ () C:\Users\Tomas\Downloads\Engineering Analysis with SolidWorks Simulation 2014 book.zip 2014-12-29 19:32 - 2014-12-29 19:34 - 45322957 _____ () C:\Users\Tomas\Downloads\Mechanics of Materials Labs With Solidworks Simulation 2014.zip 2014-12-29 19:18 - 2014-12-29 19:19 - 00000000 ____D () C:\Users\Tomas\Desktop\_SolidSQUAD_ 2014-12-29 19:14 - 2014-06-22 07:17 - 00000000 ____D () C:\Users\Tomas\Desktop\Windows 2014-12-29 19:07 - 2014-09-28 14:59 - 00000000 ____D () C:\Users\Tomas\Desktop\Lynda – Modeling a Motorcycle Engine with SolidWorks 2014-12-29 19:06 - 2014-12-29 19:06 - 00000000 ____D () C:\Users\Tomas\Ny Mapp 2014-12-29 19:04 - 2014-12-29 19:04 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\WinRAR 2014-12-29 19:03 - 2014-12-29 19:03 - 01987488 _____ () C:\Users\Tomas\Downloads\winrar-x64-520sw.exe 2014-12-29 19:03 - 2014-12-29 19:03 - 00000000 ____D () C:\Program Files\WinRAR 2014-12-29 19:02 - 2014-12-29 19:02 - 01766152 _____ () C:\Users\Tomas\Downloads\wrar520 (1).exe 2014-12-29 19:00 - 2014-12-29 19:00 - 01766152 _____ () C:\Users\Tomas\Downloads\wrar520.exe 2014-12-29 18:38 - 2014-12-29 18:44 - 244373633 _____ () C:\Users\Tomas\Downloads\Ricardo Wave v71.rar 2014-12-29 18:28 - 2015-01-04 18:11 - 00000000 ____D () C:\Users\Tomas\Downloads\Lynda – Modeling a Motorcycle Engine with SolidWorks 2014-12-29 18:08 - 2014-12-31 01:10 - 00000000 ____D () C:\Program Files (x86)\DeltaFix 2014-12-29 18:08 - 2014-12-29 18:08 - 00000000 ____D () C:\Program Files (x86)\Shareaholic for Pinterest 2014-12-29 18:07 - 2014-12-31 01:22 - 00000000 ____D () C:\Program Files (x86)\unisAleis 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\ProgramData\15457971234326063082 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\Program Files (x86)\uNisalles 2014-12-29 17:45 - 2015-01-04 17:50 - 00000000 ____D () C:\Users\Tomas\Downloads\Ricardo Suite 2014.1 x86 & x64 2014-12-29 13:47 - 2014-12-29 13:47 - 00000000 ____D () C:\Users\Tomas\Downloads\Avl Suite 2013 Workspace Suite v2013.1 With Fire v2013.1 (x86x64) 2014-12-28 12:25 - 2014-12-28 12:25 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PipeMax v3.98 2014-12-28 12:25 - 2014-12-28 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PipeMax v3.98 2014-12-28 12:24 - 2014-12-28 12:24 - 00249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe 2014-12-28 12:23 - 2014-12-28 18:46 - 00000000 ____D () C:\PIPE398 2014-12-28 12:23 - 2014-12-28 12:23 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE 2014-12-27 17:25 - 2014-12-27 17:25 - 00000000 ____D () C:\Users\Tomas\Downloads\SolidProfessor Solidworks 2013 2014-12-27 17:14 - 2015-01-04 18:07 - 00000000 ____D () C:\Users\Tomas\Downloads\AVL Suite 2014.0 (Workspace Suite 2014.0) x86 & x64 2014-12-20 17:24 - 2014-12-20 17:24 - 12101910 _____ () C:\Users\Tomas\Downloads\freeware_software.exe 2014-12-20 14:36 - 2014-12-20 14:37 - 60018700 _____ (Isoplex, Inc. ) C:\Users\Tomas\Downloads\isoplex-setup-1.0.4.exe 2014-12-20 14:32 - 2015-01-01 13:56 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lotus Engineering Software 2014-12-20 14:32 - 2015-01-01 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lotus Engineering Software 2014-12-20 14:31 - 2015-01-01 13:56 - 00000000 ____D () C:\lesoft 2014-12-20 14:21 - 2014-12-20 14:21 - 06510590 _____ () C:\Users\Tomas\Downloads\freeware_documentation.exe 2014-12-20 14:20 - 2014-12-20 14:21 - 35421980 _____ () C:\Users\Tomas\Downloads\install_engine 2.exe 2014-12-18 14:10 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-18 14:10 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-12-11 03:28 - 2014-12-11 03:28 - 00000000 ____D () C:\Windows\system32\appraiser 2014-12-11 03:03 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-12-11 03:03 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-12-11 03:03 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-12-11 03:03 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-12-11 03:03 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-12-11 03:03 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-12-11 03:03 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-12-11 03:03 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-12-11 03:03 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-12-11 03:03 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-12-10 09:30 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-12-10 09:30 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2014-12-10 09:30 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-10 09:30 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-12-10 09:30 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-10 09:30 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-10 09:30 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-12-10 09:30 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-10 09:30 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-12-10 09:30 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-10 09:30 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-12-10 09:30 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-10 09:30 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-10 09:30 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-12-10 09:30 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-10 09:30 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-12-10 09:30 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-10 09:30 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-12-10 09:30 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-10 09:30 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-12-10 09:30 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-10 09:30 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-12-10 09:30 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-10 09:30 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-12-10 09:30 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-10 09:30 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-12-10 09:30 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-12-10 09:30 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-12-10 09:30 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-10 09:30 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-10 09:30 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-12-10 09:30 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-12-10 09:30 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-12-10 09:30 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-12-10 09:30 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-12-10 09:30 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-10 09:30 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-10 09:30 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-12-10 09:30 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-10 09:30 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-12-10 09:30 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-10 09:30 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-12-10 09:30 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-12-10 09:30 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-12-10 09:30 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-12-10 09:30 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-12-10 09:30 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-10 09:30 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-12-10 09:30 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-12-10 09:30 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-12-10 09:30 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-10 09:30 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-12-10 09:30 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-10 09:30 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-12-10 09:30 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-12-10 09:30 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-12-10 09:30 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-10 09:30 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-10 09:30 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-12-10 09:29 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-10 09:29 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-12-10 09:29 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2014-12-10 09:29 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe 2014-12-10 09:29 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2014-12-10 09:29 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2014-12-10 09:29 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2014-12-10 09:29 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-08 16:13 - 2014-11-27 13:19 - 00000000 ____D () C:\FRST 2015-01-08 16:01 - 2011-04-08 13:58 - 00017456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-08 16:01 - 2011-04-08 13:58 - 00017456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-08 15:58 - 2011-04-08 14:28 - 01441880 _____ () C:\Windows\WindowsUpdate.log 2015-01-08 15:53 - 2014-05-27 13:36 - 00000000 ____D () C:\ProgramData\VMware 2015-01-08 15:52 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-08 15:52 - 2009-07-14 05:51 - 02850515 _____ () C:\Windows\setupact.log 2015-01-08 15:51 - 2010-09-07 13:37 - 00000000 ____D () C:\Program Files\Norman 2015-01-08 15:51 - 2008-09-15 17:58 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-08 15:49 - 2008-09-15 18:09 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-08 15:47 - 2013-03-11 09:45 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\BitTorrent 2015-01-08 15:41 - 2011-10-28 13:10 - 00001004 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-63412372-1427995199-370361792-1000UA.job 2015-01-08 15:34 - 2013-03-25 12:16 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-08 14:14 - 2011-04-08 15:56 - 00691864 _____ () C:\Windows\system32\perfh007.dat 2015-01-08 14:14 - 2011-04-08 15:56 - 00150362 _____ () C:\Windows\system32\perfc007.dat 2015-01-08 14:14 - 2010-11-21 12:38 - 00666540 _____ () C:\Windows\system32\perfh01D.dat 2015-01-08 14:14 - 2010-11-21 12:38 - 00143866 _____ () C:\Windows\system32\perfc01D.dat 2015-01-08 14:14 - 2009-07-14 06:13 - 02431052 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-08 12:51 - 2014-11-27 13:27 - 00000000 ____D () C:\Users\Tomas\Desktop\Virus 14 2015-01-08 12:29 - 2008-09-15 18:28 - 00003666 _____ () C:\Windows\System32\Tasks\HP Health Check 2015-01-07 10:29 - 2009-09-28 17:44 - 00000000 ____D () C:\Users\Tomas\Desktop\Kolvar 2015-01-07 08:10 - 2013-03-06 08:25 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2015-01-07 07:41 - 2011-10-28 13:10 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-63412372-1427995199-370361792-1000Core.job 2015-01-05 10:52 - 2014-05-27 13:42 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\VMware 2015-01-05 10:52 - 2014-05-27 13:42 - 00000000 ____D () C:\Users\Tomas\AppData\Local\VMware 2015-01-04 17:11 - 2011-04-08 14:00 - 00000000 ____D () C:\Users\Tomas 2015-01-04 17:10 - 2010-11-21 04:47 - 00361730 _____ () C:\Windows\PFRO.log 2015-01-02 18:44 - 2013-05-10 09:35 - 00000000 ____D () C:\ProgramData\Yahoo! 2015-01-02 18:37 - 2013-07-26 18:21 - 00000000 ____D () C:\Program Files\Autodesk 2015-01-02 18:10 - 2013-03-14 11:58 - 00000000 ____D () C:\ProgramData\Autodesk 2015-01-02 18:09 - 2013-07-26 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2015-01-02 16:50 - 2014-06-28 11:27 - 00000000 ____D () C:\Users\Tomas\Desktop\ULTRA_EngineProjekt 2015-01-01 13:20 - 2013-11-26 16:30 - 00000000 ____D () C:\Users\Tomas\Capri 2014-12-31 13:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup 2014-12-31 13:06 - 2008-09-15 18:17 - 00049217 _____ () C:\Windows\DirectX.log 2014-12-30 22:17 - 2010-09-07 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norman Security Suite 2014-12-30 21:57 - 2013-03-05 13:05 - 00001537 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2014-12-30 21:57 - 2013-03-05 13:05 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2014-12-30 19:44 - 2012-10-11 18:20 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-12-30 18:20 - 2011-04-08 14:38 - 00118168 _____ () C:\Users\Tomas\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-30 18:19 - 2009-07-14 05:45 - 00408464 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-30 18:01 - 2013-03-14 11:58 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Autodesk 2014-12-30 17:26 - 2013-03-18 17:16 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared 2014-12-26 11:01 - 2013-06-12 18:00 - 00000000 ____D () C:\Users\Tomas\Desktop\Ultra-Thundercars 2014-12-19 18:56 - 2011-11-02 13:14 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\vlc 2014-12-17 10:49 - 2013-07-17 17:42 - 00000000 ____D () C:\Users\Tomas\Desktop\Bilder 2014-12-12 04:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-12-11 06:34 - 2013-03-25 12:16 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-12-11 06:34 - 2013-03-25 12:16 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-12-11 06:34 - 2011-11-01 13:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-12-11 03:28 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-12-11 03:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-12-11 03:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-12-11 03:12 - 2013-07-27 02:00 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-11 03:06 - 2012-10-11 19:01 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-11 03:06 - 2011-10-28 09:24 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Files to move or delete: ==================== C:\Users\Tomas\install_flashplayer11x32_chra_aaa_aih.exe Some content of TEMP: ==================== C:\Users\Tomas\AppData\Local\Temp\AcDeltree.exe C:\Users\Tomas\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\Tomas\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe C:\Users\Tomas\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\Runner2.exe C:\Users\Tomas\AppData\Local\Temp\Runner4.exe C:\Users\Tomas\AppData\Local\Temp\ttv.exe C:\Users\Tomas\AppData\Local\Temp\uttB9B1.tmp.exe C:\Users\Tomas\AppData\Local\Temp\_is2606.exe C:\Users\Tomas\AppData\Local\Temp\_is8461.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-04 22:42 ==================== End Of Log ============================ Addition.txt FRST.txt
  15. Ha ha, även om jag inte direkt är någon expert så köpte jag inte heller "klicka-snett-teorin" ;-) # AdwCleaner v4.107 - Report created 08/01/2015 at 16:06:52 # Updated 07/01/2015 by Xplode # Database : 2015-01-03.1 [Live] # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : Tomas - TOMASNYHP # Running from : C:\Users\Tomas\Desktop\adwcleaner_4.107.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Found : C:\Program Files (x86)\DeltaFix Folder Found : C:\ProgramData\15457971234326063082 Folder Found : C:\Windows\SysWOW64\SearchProtect ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Key Found : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : [x64] HKCU\Software\Conduit Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} Key Found : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Found : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472} Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472} Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Found : HKLM\SOFTWARE\Classes\S Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17496 -\\ Google Chrome v [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319614&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPAE5EC031-09C0-40A1-8858-2FCB7C52047C&q={searchTerms}&SSPV= [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319614&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPAE5EC031-09C0-40A1-8858-2FCB7C52047C&q={searchTerms}&SSPV= [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : booedmolknjekdopkepjjeckmjkdpfgl [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : flpcjncodpafbgdpnkljologafpionhb [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Homepage] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29 [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Homepage] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29 ************************* AdwCleaner[R0].txt - [6021 octets] - [08/01/2015 16:06:52] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6081 octets] ##########
×
×
  • Skapa nytt...