Just nu i M3-nätverket
Gå till innehåll

Ultra

Medlem
  • Antal inlägg

    250
  • Gick med

  • Senaste besök

Allt postat av Ultra

  1. Hej, Jag kör Thunderbird på en dator och har där ett e-postkonto på en profil men nu skulle jag vilja ha ytterligare ett e-postkonto kopplat till Thunderbird. Alltså två separata konton som jag kan växla emellan, INTE att all e-post kommer till samma inkorg. Typ, Nisse startar Thunderbird och väljer sin "profil" och då ser han sin e-post och de mappar han har skapat i programmet. Sen kommer Kalle och vill kolla sin e-post vilket medför att Nisse loggar ut från sin "profil" och sen får Kalle logga in på sin profil. Jag har försökt leta runt men hittar inga vettiga svar/instruktioner om hur man går till väga men jag antar, och hoppas, att det går att göra på detta sätt. När man startar Thunderbird så kan man ju skapa en ny "Profil" och sen följa guiden om att lägga till ett nytt e-postkonto men blir det då två helt separerade konton? Alltså att inte allt kommer till samma inkorg? Nästa grej är att jag vill föra över allt från mitt gamla e-postprogram som är Outlook Express, alltså få med alla mappar och innehåll mm. Tips på hur jag bör gå till väga mottages tacksamt :-)
  2. Ja, jag har gett upp Hemgrupp då jag fått det att fungera, iaf hyfsat (se ovan), och då törs jag inte gå in och grotta med något annat.
  3. Det verkar ha varit det där med användare och lösenord som spökade. Jag fixade användare och lösenord på alla datorer och efter lite fix så har jag fått det att fungera...iaf hyfsat. Det är en dator som trilskas lite, den har kontakt med alla andra datorer men det går inte att komma åt den från någon annan dator. Då kommer det bara upp ett fönster med: "Ange nätverksautentiseringsuppgifter". Inte det fönstret med både användarnamn och lösen ord utan här ska bara lösenord fyllas i. Och så finns det ett alternativ där man kan "Använd ett annat konto". Jag har provat med alla lösenord jag har men får det inte att fungera. Från den datorn som det inte går att komma åt gick jag bakvägen och la en genväg till dess Skrivbord på en av de andra datorerna och när jag klickar på genvägen så går det att komma åt den datorns Skrivbord. Men det går alltså inte att komma åt den om man går in i "Nätverk" och väljer den datorn. Hur som helst så verkar ju allt annat fungera så jag kanske bara ska acceptera och vara glad, det är väl ungefär så denna fantastiska datorvärld fungerar. Att man inte alltid behöver förstå varför :-) Tack för alla tips
  4. Nä, har inte skapat något tidigare, bara nu och då fick jag välja lösenord själv.
  5. Jag vill bla. dela Skrivborden på datorerna, hur gör jag då? Ska skrivbordsmappen läggas i en annan mapp (delat)?
  6. Ja, jag skapade en hemgrupp på ena datorn och när jag går in på "Hemgrupp" på en annan dator så står det "Dator X har redan en Hemgrupp, klicka här för att gå med i den" typ. Men det händer inget när jag försöker ansluta till den. På denna dator hittar jag ingenstans där jag kan skapa en (ny) Hemgrupp men det kanske bara går att ha en Hemgrupp. Om jag går till Hemgrupp på "Dator X" så kommer det upp att jag kan skapa en Hemgrupp men jag hittar inte den som den andra datorn säger redan ska finnas på "Dator X". Hänger du med? ;-)
  7. Hej och tack för svaren. Jag var inne på det där med Hemgrupp och försökte köra efter den där guiden men fick det inte att fungera. Ibland blir det att det redan finns en hemgrupp och ibland att man skulle skapa en ny. Men tycker du att det är vägen att gå Vertpre? Cecilia, jag tänkte också på det där men vad är det för konto? Är det användarkontot? Datorerna startar ju upp direkt utan att man behöver välja användare eller lösenord.
  8. Hej, Har haft ett nätverk som tidigare har fungerat, åtminstone, tillfredsställande men ibland har det varit problem med att datorerna bara hittat varandra från ena hållet osv. Det har varit blandade datorer med allt ifrån Windows XP till Windows 10. Nu har jag bytt ut ett par datorer och självklart så strular det ännu mer med nätverket och jag tänkte om det finns något enkelt sätt att typ "nollställa" nätverket och börja om från början för att få det att fungera bättre. Jag tycker att jag har letat på nätet efter guider mm. men har inte hittat något vettigt (eller så är jag bara för korkad för att förstå). Finns det någon vänlig själ här som har några tips och råd? Det handlar om fyra stycken datorer, tre med Windows 10 Pro och en dator med Windows 7 Ultimate. Datorerna är anslutna till nätverket via kabel men det finns även trådlöst. Alla datorerna är döpta till specifika namn och är anslutna till arbetsgruppen "WOURKGROUP". När jag från min nya dator väljer "Nätverk" i utforskaren så kommer alla de andra datorerna upp men när jag klickar på någon av de så kommer det upp ett fönster med "Ange nätverksautentiseringsuppgifter" och att man ska fylla i Användarnamn och Lösenord, vad är detta? Det står även "Domän: XXX" (namnet på min dator) i detta fönster. Vad ska jag göra? Jag antar att det är någon inställning någonstans som ska ändras eller? Tänkte på det där med domänet. Nätverket fungerade som sagt tidigare men nu när min nya dator har kommit in verkar det se helt annorlunda ut. Kan tillägga att det utbytta datorn, en gammal XP, var som något slags server då den var ansluten till en skrivare som kunde användas av de andra datorerna. Jag kan även lägga till att jag är helt ny på W10 så jag är lite ovan att hitta runt i datorn än så länge. Jag hoppas att det är någon här som kan hjälpa till eller kanske kan länka till någon vettig guide eller nåt. Tack så länge!
  9. Hej, Jag skulle vilja ha tips på om det finns någon smidig modem/router som man kan använda till Tele2 mobila bredband som jag har. Alltså om det går att sätta i det SIM-kortet i ett smidigare modem än det stora modemet jag har nu. Funkar det att göra så eller är SIM-kortet "låst" till Tele2s egna modem? Är ute och reser en del och det skulle vara skönt med en smidigare lösning. Det finns ju USB-modem men jag vill ha så att jag kan dela internetuppkopplingen via WiFi. Tips på vettig lösning mottages gärna.
  10. Hej, Eset verkar ha hängt sig på 31% så jag avslutade och tänkte börja om. Det här hittade den hittills: C:\FRST\Quarantine\C\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\fggnmmjhficagbcgpgpkkonpjeehmgoa\content.js JS/Chromex.Agent.L trojan C:\FRST\Quarantine\C\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\fggnmmjhficagbcgpgpkkonpjeehmgoa\Qi62.js JS/Kryptik.ATB trojan
  11. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015 Ran by Tomas at 2015-01-09 09:03:40 Run:1 Running from C:\Users\Tomas\Desktop Loaded Profiles: Tomas & UpdatusUser (Available profiles: Tomas & UpdatusUser) Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [sunJavaUpdateReg] => C:\Windows\SysWOW64\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {0a479bf6-962b-11dd-a3b2-806e6f6e6963} - F:\start.exe CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.6.0_01\bin\jp2ssv.dll No File Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File CHR dev: Chrome dev build detected! <======= ATTENTION CHR Extension: (uNisalles) - C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\ [2013-08-22] 2014-12-29 18:07 - 2014-12-31 01:22 - 00000000 ____D () C:\Program Files (x86)\unisAleis 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\Program Files (x86)\uNisalles 2015-01-08 15:47 - 2013-03-11 09:45 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\BitTorrent Task: {895E0CD0-9DA0-456B-A605-55574A667BDB} - System32\Tasks\{85286B8D-AD13-4A3D-A567-56CC47D0957D} => pcalua.exe -a F:\setup.exe -d F:\ Task: {E0D9B1D2-57A9-4347-8673-54C54D1DE307} - System32\Tasks\{98F0081B-895B-46F7-B838-B4FB4378D932} => pcalua.exe -a "C:\Users\Tomas\Downloads\NCR1_install (2).exe" -d C:\Users\Tomas\Downloads Task: {FA0D3926-9CA2-4ED1-9863-9543B27BA4CD} - System32\Tasks\{39821805-2F8F-4E0A-93FE-7D510B5007B6} => F:\Setup.exe AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm EmptyTemp: ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateReg => value deleted successfully. HKU\S-1-5-21-63412372-1427995199-370361792-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully. HKU\S-1-5-21-63412372-1427995199-370361792-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully. "HKU\S-1-5-21-63412372-1427995199-370361792-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a479bf6-962b-11dd-a3b2-806e6f6e6963}" => Key deleted successfully. HKCR\CLSID\{0a479bf6-962b-11dd-a3b2-806e6f6e6963} => Key not found. "HKLM\SOFTWARE\Policies\Google" => Key deleted successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. "HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully. HKU\S-1-5-21-63412372-1427995199-370361792-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} => value deleted successfully. "HKCR\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922}" => Key deleted successfully. HKU\S-1-5-21-63412372-1427995199-370361792-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{DE9C389F-3316-41A7-809B-AA305ED9D922} => value deleted successfully. HKCR\CLSID\{DE9C389F-3316-41A7-809B-AA305ED9D922} => Key not found. CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry. C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\ => Moved successfully. C:\Program Files (x86)\unisAleis => Moved successfully. "C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa" => File/Directory not found. C:\Program Files (x86)\uNisalles => Moved successfully. C:\Users\Tomas\AppData\Roaming\BitTorrent => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{895E0CD0-9DA0-456B-A605-55574A667BDB}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{895E0CD0-9DA0-456B-A605-55574A667BDB}" => Key deleted successfully. C:\Windows\System32\Tasks\{85286B8D-AD13-4A3D-A567-56CC47D0957D} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{85286B8D-AD13-4A3D-A567-56CC47D0957D}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0D9B1D2-57A9-4347-8673-54C54D1DE307}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0D9B1D2-57A9-4347-8673-54C54D1DE307}" => Key deleted successfully. C:\Windows\System32\Tasks\{98F0081B-895B-46F7-B838-B4FB4378D932} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{98F0081B-895B-46F7-B838-B4FB4378D932}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA0D3926-9CA2-4ED1-9863-9543B27BA4CD}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA0D3926-9CA2-4ED1-9863-9543B27BA4CD}" => Key deleted successfully. C:\Windows\System32\Tasks\{39821805-2F8F-4E0A-93FE-7D510B5007B6} => Moved successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{39821805-2F8F-4E0A-93FE-7D510B5007B6}" => Key deleted successfully. C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully. EmptyTemp: => Removed 10.8 GB temporary data. The system needed a reboot. ==== End of Fixlog 09:23:48 ====
  12. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015 Ran by Tomas (administrator) on TOMASNYHP on 08-01-2015 17:22:19 Running from C:\Users\Tomas\Desktop Loaded Profiles: Tomas & UpdatusUser (Available profiles: Tomas & UpdatusUser) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nfservice.exe (Norman Safeground AS) C:\Program Files\Norman\Nse\bin\nseupdatesvc.exe (Norman Safeground AS) C:\Program Files\Norman\nvc\bin\nvcsvc.exe (Norman AS) C:\Program Files\Norman\Npm\Bin\nvoy.exe (Norman Safeground AS) C:\Program Files\Norman\Ngs\bin\nnf.exe (Norman Safeground AS) C:\Program Files\Norman\Ngs\bin\nprosec.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nwscmon.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\Zanda.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 8.0\Reader\reader_sl.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe () C:\hp\HPEZBTN\HPBtnSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe (OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\Zlh.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe (Dassault Systèmes SolidWorks Corp.) C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\zlhh.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\scheduler.exe () C:\Program Files\Norman\Npm\Bin\njeeves2.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Hewlett-Packard Company) C:\hp\KBD\kbd.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-06-11] (Intel Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-02] (Hewlett-Packard) HKLM-x32\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company) HKLM-x32\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] () HKLM-x32\...\Run: [OsdMaestro] => c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [119296 2007-02-15] (OsdMaestro) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [indexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [Norman ZANDA] => C:\Program Files\Norman\Npm\Bin\ZLH.EXE [88536 2014-08-21] (Norman Safeground AS) HKLM-x32\...\Run: [sunJavaUpdateReg] => C:\Windows\SysWOW64\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [Google Update] => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-28] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\RunOnce: [Application Restart #4] => C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\MountPoints2: {5fc4e9cc-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\MountPoints2: {5fc4e9d5-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [Google Update] => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-28] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [Messenger (Yahoo!)] => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {0a479bf6-962b-11dd-a3b2-806e6f6e6963} - F:\start.exe HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {5fc4e9cc-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {5fc4e9d5-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnk ShortcutTarget: SolidWorks 2013 Fast Start.lnk -> C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk ShortcutTarget: SolidWorks Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-63412372-1427995199-370361792-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-63412372-1427995199-370361792-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Länkhjälp till Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation) BHO-x32: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files (x86)\AOL\AOL Verktygsfält 5.0\aoltb.dll (AOL LLC) BHO-x32: Inloggningshjälp för Microsoft-konto -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.6.0_01\bin\jp2ssv.dll No File Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Verktygsfält 5.0\aoltb.dll (AOL LLC) Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab Tcpip\Parameters: [DhcpNameServer] 217.27.161.40 217.27.161.3 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 -> C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin HKU\S-1-5-21-63412372-1427995199-370361792-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-63412372-1427995199-370361792-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-09-03] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (uNisalles) - C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\ [2013-08-22] CHR StartMenuInternet: Google Chrome - C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.) R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [File not signed] R2 HPBtnSrv; c:\hp\HPEZBTN\HPBtnSrv.exe [198240 2007-05-29] () R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed] R2 nfservice; C:\Program Files\Norman\Npm\Bin\nfservice.exe [194536 2014-11-03] (Norman Safeground AS) R3 NJeeves2; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [179080 2014-11-27] () R2 NNFSVC; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [281128 2014-06-30] (Norman Safeground AS) R2 Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [456664 2014-06-30] (Norman Safeground AS) R2 NPROSECSVC; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [140032 2014-10-15] (Norman Safeground AS) R2 nseupdatesvc; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [261456 2014-12-03] (Norman Safeground AS) R2 nvcsvc; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [401560 2014-11-27] (Norman Safeground AS) R2 nvoy; C:\Program Files\Norman\Npm\Bin\nvoy.exe [246560 2013-06-27] (Norman AS) R2 NWSCMON; C:\Program Files\Norman\Npm\Bin\nwscmon.exe [231008 2014-08-05] (Norman Safeground AS) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.) R3 Scheduler; C:\Program Files\Norman\Npm\Bin\scheduler.exe [199680 2014-06-30] (Norman Safeground AS) R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-09-22] (SafeNet, Inc.) R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259040 2011-09-22] (SafeNet, Inc) R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292384 2011-09-22] (SafeNet, Inc.) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2013-03-18] (SolidWorks) [File not signed] S3 Norman NJeeves; "C:\Program Files\Norman\Npm\Bin\Njeeves.exe" [X] S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-01] (SafeNet Inc.) S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-08-01] (SafeNet Inc.) S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-01] (SafeNet Inc.) R3 gzflt; C:\Program Files\Norman\nvc\bin\gzflt.sys [138232 2014-06-04] (BitDefender LLC) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.) R1 NGS; c:\program files\norman\ngs\bin\ngs64.sys [23488 2014-06-27] (Norman Safeground AS) R1 NPROSEC; C:\Program Files\Norman\Ngs\Bin\nprosec64.sys [41536 2014-08-27] (Norman Safeground AS) R2 nregsec; C:\Program Files\Norman\Ngs\Bin\nregsec64.sys [68792 2014-10-15] (Norman Safeground AS) R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) S3 TdsNordecr; C:\Windows\System32\DRIVERS\nordecr.sys [28672 2007-10-30] (Todos Data System AB) R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-06-26] (BitDefender S.R.L.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263}; C:\Program Files (x86)\HP\DVDPlay\000.fcl [32240 2008-06-11] (Cyberlink Corp.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-08 16:15 - 2015-01-08 16:15 - 00034018 _____ () C:\Users\Tomas\Desktop\Addition.txt 2015-01-08 16:13 - 2015-01-08 17:22 - 00021669 _____ () C:\Users\Tomas\Desktop\FRST.txt 2015-01-08 16:06 - 2015-01-08 17:17 - 00000000 ____D () C:\AdwCleaner 2015-01-08 16:02 - 2015-01-08 16:02 - 02191360 _____ () C:\Users\Tomas\Desktop\adwcleaner_4.107.exe 2015-01-08 12:35 - 2015-01-08 12:36 - 02124288 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe 2015-01-01 13:25 - 2015-01-04 18:09 - 00000000 ____D () C:\Users\Tomas\Downloads\Digital Tutors - Creating a Parametric Multi Bodied CAD Model in Solidworks[AKD] 2014-12-31 18:14 - 2014-12-31 18:14 - 00000000 ____D () C:\Users\Tomas\Documents\MATLAB 2014-12-31 17:55 - 2014-12-31 19:01 - 00000000 ____D () C:\Program Files\Ricardo 2014-12-31 17:03 - 2014-12-31 17:03 - 00002892 _____ () C:\Windows\System32\Tasks\{39821805-2F8F-4E0A-93FE-7D510B5007B6} 2014-12-31 13:11 - 2014-12-31 13:11 - 00001224 _____ () C:\Windows\SysWOW64\hdd32.log 2014-12-31 13:06 - 2006-12-20 10:00 - 02511360 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\haspds_windows.dll 2014-12-31 13:06 - 2005-06-21 11:10 - 00024576 _____ () C:\Windows\SysWOW64\hdsuinst.exe 2014-12-31 13:06 - 2002-07-26 17:02 - 00153088 _____ () C:\Windows\SysWOW64\UNWISE.EXE 2014-12-31 13:05 - 2014-12-31 13:05 - 00001527 _____ () C:\Users\Public\Desktop\Dynomation-5.lnk 2014-12-31 13:05 - 2014-12-31 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motion Software Simulations 2014-12-31 13:03 - 2015-01-05 12:02 - 00000000 ____D () C:\Dynomation5 2014-12-31 12:51 - 2014-12-31 12:51 - 00003034 _____ () C:\Windows\System32\Tasks\{85286B8D-AD13-4A3D-A567-56CC47D0957D} 2014-12-30 22:17 - 2014-11-27 09:59 - 00205336 _____ () C:\Windows\system32\nscrnsav.scr 2014-12-30 22:17 - 2014-06-30 12:42 - 00461120 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\tdi_nf.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00133152 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale7_nf64.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00130080 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale_nf64.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00123888 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale7_nf.sys 2014-12-30 22:17 - 2014-06-30 12:41 - 00120792 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale_nf.sys 2014-12-30 22:17 - 2014-06-26 12:49 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\Trufos.sys 2014-12-30 22:17 - 2011-08-26 10:03 - 00053928 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsec.sys 2014-12-30 22:17 - 2011-08-11 13:52 - 00034440 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsecl64.sys 2014-12-30 22:17 - 2011-08-11 13:52 - 00030856 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsecl.sys 2014-12-30 21:56 - 2014-12-30 21:56 - 00000000 ____D () C:\Program Files\Windows Live 2014-12-30 21:52 - 2014-12-30 21:52 - 01650048 _____ (Norman Safeground AS ) C:\Users\Tomas\Downloads\NormanSecuritySuite_1100x64 (4).exe 2014-12-30 17:37 - 2014-12-30 17:37 - 00000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc 2014-12-30 17:37 - 2014-12-30 17:37 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Gibbs 2014-12-30 17:37 - 2014-12-30 17:37 - 00000000 ____D () C:\Users\Tomas\AppData\Local\Gibbs 2014-12-30 17:25 - 2014-12-30 17:25 - 00000000 ____D () C:\ProgramData\Gibbs 2014-12-30 17:22 - 2013-08-01 15:11 - 04609928 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe 2014-12-30 17:22 - 2013-08-01 15:11 - 04609928 _____ (SafeNet Inc.) C:\Windows\system32\aksllmtp.exe 2014-12-30 17:22 - 2013-08-01 15:11 - 00140736 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksfridge.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00331328 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\hardlock.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00303624 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksusb.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00198088 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\hlvdd.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00091784 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksdf.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00077768 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\aksusb4.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00070088 _____ (SafeNet Inc.) C:\Windows\system32\akshhl30.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00063944 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\akshhl.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00060488 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\akshasp.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00021448 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksclass.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00018376 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\akshsp52.dll 2014-12-30 17:20 - 2014-12-31 13:10 - 00019350 _____ () C:\Windows\aksdrvsetup.log 2014-12-30 17:20 - 2014-12-30 17:20 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel 2014-12-30 17:20 - 2014-12-30 17:20 - 00000000 ____D () C:\Program Files (x86)\SafeNet Sentinel 2014-12-30 17:20 - 2009-09-17 07:05 - 00145448 _____ (SafeNet, Inc.) C:\Windows\system32\Drivers\sentinel64.sys 2014-12-30 17:19 - 2014-12-30 17:19 - 00000000 ____D () C:\Users\Tomas\Documents\Downloaded Installations 2014-12-29 20:28 - 2014-12-29 20:28 - 00000000 ____D () C:\Users\Tomas\Desktop\Ny mapp 2014-12-29 19:36 - 2015-01-04 18:10 - 00000000 ____D () C:\Users\Tomas\Downloads\InfiniteSkills – Learning SolidWorks 2015 2014-12-29 19:32 - 2014-12-29 19:36 - 07342075 _____ () C:\Users\Tomas\Downloads\Engineering Analysis with SolidWorks Simulation 2014 book.zip 2014-12-29 19:32 - 2014-12-29 19:34 - 45322957 _____ () C:\Users\Tomas\Downloads\Mechanics of Materials Labs With Solidworks Simulation 2014.zip 2014-12-29 19:18 - 2014-12-29 19:19 - 00000000 ____D () C:\Users\Tomas\Desktop\_SolidSQUAD_ 2014-12-29 19:14 - 2014-06-22 07:17 - 00000000 ____D () C:\Users\Tomas\Desktop\Windows 2014-12-29 19:07 - 2014-09-28 14:59 - 00000000 ____D () C:\Users\Tomas\Desktop\Lynda – Modeling a Motorcycle Engine with SolidWorks 2014-12-29 19:06 - 2014-12-29 19:06 - 00000000 ____D () C:\Users\Tomas\Ny Mapp 2014-12-29 19:04 - 2014-12-29 19:04 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\WinRAR 2014-12-29 19:03 - 2014-12-29 19:03 - 01987488 _____ () C:\Users\Tomas\Downloads\winrar-x64-520sw.exe 2014-12-29 19:03 - 2014-12-29 19:03 - 00000000 ____D () C:\Program Files\WinRAR 2014-12-29 19:02 - 2014-12-29 19:02 - 01766152 _____ () C:\Users\Tomas\Downloads\wrar520 (1).exe 2014-12-29 19:00 - 2014-12-29 19:00 - 01766152 _____ () C:\Users\Tomas\Downloads\wrar520.exe 2014-12-29 18:38 - 2014-12-29 18:44 - 244373633 _____ () C:\Users\Tomas\Downloads\Ricardo Wave v71.rar 2014-12-29 18:28 - 2015-01-04 18:11 - 00000000 ____D () C:\Users\Tomas\Downloads\Lynda – Modeling a Motorcycle Engine with SolidWorks 2014-12-29 18:08 - 2014-12-29 18:08 - 00000000 ____D () C:\Program Files (x86)\Shareaholic for Pinterest 2014-12-29 18:07 - 2014-12-31 01:22 - 00000000 ____D () C:\Program Files (x86)\unisAleis 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\Program Files (x86)\uNisalles 2014-12-29 17:45 - 2015-01-04 17:50 - 00000000 ____D () C:\Users\Tomas\Downloads\Ricardo Suite 2014.1 x86 & x64 2014-12-29 13:47 - 2014-12-29 13:47 - 00000000 ____D () C:\Users\Tomas\Downloads\Avl Suite 2013 Workspace Suite v2013.1 With Fire v2013.1 (x86x64) 2014-12-28 12:25 - 2014-12-28 12:25 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PipeMax v3.98 2014-12-28 12:25 - 2014-12-28 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PipeMax v3.98 2014-12-28 12:24 - 2014-12-28 12:24 - 00249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe 2014-12-28 12:23 - 2014-12-28 18:46 - 00000000 ____D () C:\PIPE398 2014-12-28 12:23 - 2014-12-28 12:23 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE 2014-12-27 17:25 - 2014-12-27 17:25 - 00000000 ____D () C:\Users\Tomas\Downloads\SolidProfessor Solidworks 2013 2014-12-27 17:14 - 2015-01-04 18:07 - 00000000 ____D () C:\Users\Tomas\Downloads\AVL Suite 2014.0 (Workspace Suite 2014.0) x86 & x64 2014-12-20 17:24 - 2014-12-20 17:24 - 12101910 _____ () C:\Users\Tomas\Downloads\freeware_software.exe 2014-12-20 14:36 - 2014-12-20 14:37 - 60018700 _____ (Isoplex, Inc. ) C:\Users\Tomas\Downloads\isoplex-setup-1.0.4.exe 2014-12-20 14:32 - 2015-01-01 13:56 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lotus Engineering Software 2014-12-20 14:32 - 2015-01-01 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lotus Engineering Software 2014-12-20 14:31 - 2015-01-01 13:56 - 00000000 ____D () C:\lesoft 2014-12-20 14:21 - 2014-12-20 14:21 - 06510590 _____ () C:\Users\Tomas\Downloads\freeware_documentation.exe 2014-12-20 14:20 - 2014-12-20 14:21 - 35421980 _____ () C:\Users\Tomas\Downloads\install_engine 2.exe 2014-12-18 14:10 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-18 14:10 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-12-11 03:28 - 2014-12-11 03:28 - 00000000 ____D () C:\Windows\system32\appraiser 2014-12-11 03:03 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-12-11 03:03 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-12-11 03:03 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-12-11 03:03 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-12-11 03:03 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-12-11 03:03 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-12-11 03:03 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-12-11 03:03 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-12-11 03:03 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-12-11 03:03 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-12-10 09:30 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-12-10 09:30 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2014-12-10 09:30 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-10 09:30 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-12-10 09:30 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-10 09:30 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-10 09:30 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-12-10 09:30 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-10 09:30 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-12-10 09:30 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-10 09:30 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-12-10 09:30 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-10 09:30 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-10 09:30 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-12-10 09:30 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-10 09:30 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-12-10 09:30 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-10 09:30 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-12-10 09:30 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-10 09:30 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-12-10 09:30 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-10 09:30 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-12-10 09:30 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-10 09:30 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-12-10 09:30 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-10 09:30 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-12-10 09:30 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-12-10 09:30 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-12-10 09:30 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-10 09:30 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-10 09:30 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-12-10 09:30 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-12-10 09:30 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-12-10 09:30 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-12-10 09:30 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-12-10 09:30 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-10 09:30 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-10 09:30 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-12-10 09:30 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-10 09:30 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-12-10 09:30 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-10 09:30 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-12-10 09:30 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-12-10 09:30 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-12-10 09:30 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-12-10 09:30 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-12-10 09:30 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-10 09:30 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-12-10 09:30 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-12-10 09:30 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-12-10 09:30 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-10 09:30 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-12-10 09:30 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-10 09:30 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-12-10 09:30 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-12-10 09:30 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-12-10 09:30 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-10 09:30 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-10 09:30 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-12-10 09:29 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-10 09:29 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-12-10 09:29 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2014-12-10 09:29 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe 2014-12-10 09:29 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2014-12-10 09:29 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2014-12-10 09:29 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2014-12-10 09:29 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-08 17:22 - 2014-11-27 13:19 - 00000000 ____D () C:\FRST 2015-01-08 17:22 - 2008-09-15 18:28 - 00003666 _____ () C:\Windows\System32\Tasks\HP Health Check 2015-01-08 17:19 - 2014-05-27 13:36 - 00000000 ____D () C:\ProgramData\VMware 2015-01-08 17:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-08 17:19 - 2009-07-14 05:51 - 02862353 _____ () C:\Windows\setupact.log 2015-01-08 17:19 - 2008-09-15 17:58 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-08 17:18 - 2010-11-21 04:47 - 00362040 _____ () C:\Windows\PFRO.log 2015-01-08 17:17 - 2011-04-08 14:28 - 01447012 _____ () C:\Windows\WindowsUpdate.log 2015-01-08 16:41 - 2011-10-28 13:10 - 00001004 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-63412372-1427995199-370361792-1000UA.job 2015-01-08 16:34 - 2013-03-25 12:16 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-08 16:01 - 2011-04-08 13:58 - 00017456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-08 16:01 - 2011-04-08 13:58 - 00017456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-08 15:51 - 2010-09-07 13:37 - 00000000 ____D () C:\Program Files\Norman 2015-01-08 15:49 - 2008-09-15 18:09 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-08 15:47 - 2013-03-11 09:45 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\BitTorrent 2015-01-08 14:14 - 2011-04-08 15:56 - 00691864 _____ () C:\Windows\system32\perfh007.dat 2015-01-08 14:14 - 2011-04-08 15:56 - 00150362 _____ () C:\Windows\system32\perfc007.dat 2015-01-08 14:14 - 2010-11-21 12:38 - 00666540 _____ () C:\Windows\system32\perfh01D.dat 2015-01-08 14:14 - 2010-11-21 12:38 - 00143866 _____ () C:\Windows\system32\perfc01D.dat 2015-01-08 14:14 - 2009-07-14 06:13 - 02431052 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-08 12:51 - 2014-11-27 13:27 - 00000000 ____D () C:\Users\Tomas\Desktop\Virus 14 2015-01-07 10:29 - 2009-09-28 17:44 - 00000000 ____D () C:\Users\Tomas\Desktop\Kolvar 2015-01-07 08:10 - 2013-03-06 08:25 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2015-01-07 07:41 - 2011-10-28 13:10 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-63412372-1427995199-370361792-1000Core.job 2015-01-05 10:52 - 2014-05-27 13:42 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\VMware 2015-01-05 10:52 - 2014-05-27 13:42 - 00000000 ____D () C:\Users\Tomas\AppData\Local\VMware 2015-01-04 17:11 - 2011-04-08 14:00 - 00000000 ____D () C:\Users\Tomas 2015-01-02 18:44 - 2013-05-10 09:35 - 00000000 ____D () C:\ProgramData\Yahoo! 2015-01-02 18:37 - 2013-07-26 18:21 - 00000000 ____D () C:\Program Files\Autodesk 2015-01-02 18:10 - 2013-03-14 11:58 - 00000000 ____D () C:\ProgramData\Autodesk 2015-01-02 18:09 - 2013-07-26 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2015-01-02 16:50 - 2014-06-28 11:27 - 00000000 ____D () C:\Users\Tomas\Desktop\ULTRA_EngineProjekt 2015-01-01 13:20 - 2013-11-26 16:30 - 00000000 ____D () C:\Users\Tomas\Capri 2014-12-31 13:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup 2014-12-31 13:06 - 2008-09-15 18:17 - 00049217 _____ () C:\Windows\DirectX.log 2014-12-30 22:17 - 2010-09-07 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norman Security Suite 2014-12-30 21:57 - 2013-03-05 13:05 - 00001537 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2014-12-30 21:57 - 2013-03-05 13:05 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2014-12-30 19:44 - 2012-10-11 18:20 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-12-30 18:20 - 2011-04-08 14:38 - 00118168 _____ () C:\Users\Tomas\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-30 18:19 - 2009-07-14 05:45 - 00408464 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-30 18:01 - 2013-03-14 11:58 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Autodesk 2014-12-30 17:26 - 2013-03-18 17:16 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared 2014-12-26 11:01 - 2013-06-12 18:00 - 00000000 ____D () C:\Users\Tomas\Desktop\Ultra-Thundercars 2014-12-19 18:56 - 2011-11-02 13:14 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\vlc 2014-12-17 10:49 - 2013-07-17 17:42 - 00000000 ____D () C:\Users\Tomas\Desktop\Bilder 2014-12-12 04:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-12-11 06:34 - 2013-03-25 12:16 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-12-11 06:34 - 2013-03-25 12:16 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-12-11 06:34 - 2011-11-01 13:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-12-11 03:28 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-12-11 03:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-12-11 03:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-12-11 03:12 - 2013-07-27 02:00 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-11 03:06 - 2012-10-11 19:01 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-11 03:06 - 2011-10-28 09:24 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Files to move or delete: ==================== C:\Users\Tomas\install_flashplayer11x32_chra_aaa_aih.exe Some content of TEMP: ==================== C:\Users\Tomas\AppData\Local\Temp\AcDeltree.exe C:\Users\Tomas\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\Tomas\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe C:\Users\Tomas\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\Quarantine.exe C:\Users\Tomas\AppData\Local\Temp\Runner2.exe C:\Users\Tomas\AppData\Local\Temp\Runner4.exe C:\Users\Tomas\AppData\Local\Temp\sqlite3.dll C:\Users\Tomas\AppData\Local\Temp\ttv.exe C:\Users\Tomas\AppData\Local\Temp\uttB9B1.tmp.exe C:\Users\Tomas\AppData\Local\Temp\_is2606.exe C:\Users\Tomas\AppData\Local\Temp\_is8461.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-04 22:42 ==================== End Of Log ============================
  13. # AdwCleaner v4.107 - Report created 08/01/2015 at 17:17:46 # Updated 07/01/2015 by Xplode # Database : 2015-01-03.1 [Live] # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : Tomas - TOMASNYHP # Running from : C:\Users\Tomas\Desktop\adwcleaner_4.107.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\15457971234326063082 Folder Deleted : C:\Program Files (x86)\DeltaFix Folder Deleted : C:\Windows\SysWOW64\SearchProtect ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17496 -\\ Google Chrome v [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319614&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPAE5EC031-09C0-40A1-8858-2FCB7C52047C&q={searchTerms}&SSPV= [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319614&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPAE5EC031-09C0-40A1-8858-2FCB7C52047C&q={searchTerms}&SSPV= [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29 [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29 ************************* AdwCleaner[R0].txt - [6193 octets] - [08/01/2015 16:06:52] AdwCleaner[R1].txt - [6253 octets] - [08/01/2015 17:05:04] AdwCleaner[R2].txt - [6313 octets] - [08/01/2015 17:10:03] AdwCleaner[s0].txt - [5655 octets] - [08/01/2015 17:17:46] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5715 octets] ##########
  14. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015 Ran by Tomas (administrator) on TOMASNYHP on 08-01-2015 16:13:47 Running from C:\Users\Tomas\Desktop Loaded Profiles: Tomas & UpdatusUser (Available profiles: Tomas & UpdatusUser) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nfservice.exe (Norman Safeground AS) C:\Program Files\Norman\Nse\bin\nseupdatesvc.exe (Norman Safeground AS) C:\Program Files\Norman\nvc\bin\nvcsvc.exe (Norman AS) C:\Program Files\Norman\Npm\Bin\nvoy.exe (Norman Safeground AS) C:\Program Files\Norman\Ngs\bin\nnf.exe (Norman Safeground AS) C:\Program Files\Norman\Ngs\bin\nprosec.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nwscmon.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\Zanda.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe (OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\Zlh.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe (Dassault Systèmes SolidWorks Corp.) C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\zlhh.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe () C:\hp\HPEZBTN\HPBtnSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\scheduler.exe () C:\Program Files\Norman\Npm\Bin\njeeves2.exe (Hewlett-Packard Company) C:\hp\KBD\kbd.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-06-11] (Intel Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-02] (Hewlett-Packard) HKLM-x32\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company) HKLM-x32\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] () HKLM-x32\...\Run: [OsdMaestro] => c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [119296 2007-02-15] (OsdMaestro) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [indexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [Norman ZANDA] => C:\Program Files\Norman\Npm\Bin\ZLH.EXE [88536 2014-08-21] (Norman Safeground AS) HKLM-x32\...\Run: [sunJavaUpdateReg] => C:\Windows\SysWOW64\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [Google Update] => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-28] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\RunOnce: [Application Restart #4] => C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\MountPoints2: {5fc4e9cc-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\MountPoints2: {5fc4e9d5-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [Google Update] => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-28] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [Messenger (Yahoo!)] => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {0a479bf6-962b-11dd-a3b2-806e6f6e6963} - F:\start.exe HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {5fc4e9cc-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {5fc4e9d5-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnk ShortcutTarget: SolidWorks 2013 Fast Start.lnk -> C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk ShortcutTarget: SolidWorks Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-63412372-1427995199-370361792-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-63412372-1427995199-370361792-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKLM -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKLM -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} SearchScopes: HKLM-x32 -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} SearchScopes: HKLM-x32 -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File BHO-x32: Länkhjälp till Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation) BHO-x32: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files (x86)\AOL\AOL Verktygsfält 5.0\aoltb.dll (AOL LLC) BHO-x32: Inloggningshjälp för Microsoft-konto -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.6.0_01\bin\jp2ssv.dll No File Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Verktygsfält 5.0\aoltb.dll (AOL LLC) Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab Tcpip\Parameters: [DhcpNameServer] 217.27.161.40 217.27.161.3 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 -> C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin HKU\S-1-5-21-63412372-1427995199-370361792-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-63412372-1427995199-370361792-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-09-03] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (uNisalles) - C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\ [2013-08-22] CHR StartMenuInternet: Google Chrome - C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.) R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [File not signed] R2 HPBtnSrv; c:\hp\HPEZBTN\HPBtnSrv.exe [198240 2007-05-29] () R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed] R2 nfservice; C:\Program Files\Norman\Npm\Bin\nfservice.exe [194536 2014-11-03] (Norman Safeground AS) R3 NJeeves2; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [179080 2014-11-27] () R2 NNFSVC; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [281128 2014-06-30] (Norman Safeground AS) R2 Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [456664 2014-06-30] (Norman Safeground AS) R2 NPROSECSVC; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [140032 2014-10-15] (Norman Safeground AS) R2 nseupdatesvc; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [261456 2014-12-03] (Norman Safeground AS) R2 nvcsvc; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [401560 2014-11-27] (Norman Safeground AS) R2 nvoy; C:\Program Files\Norman\Npm\Bin\nvoy.exe [246560 2013-06-27] (Norman AS) R2 NWSCMON; C:\Program Files\Norman\Npm\Bin\nwscmon.exe [231008 2014-08-05] (Norman Safeground AS) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.) R3 Scheduler; C:\Program Files\Norman\Npm\Bin\scheduler.exe [199680 2014-06-30] (Norman Safeground AS) R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-09-22] (SafeNet, Inc.) R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259040 2011-09-22] (SafeNet, Inc) R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292384 2011-09-22] (SafeNet, Inc.) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2013-03-18] (SolidWorks) [File not signed] S3 Norman NJeeves; "C:\Program Files\Norman\Npm\Bin\Njeeves.exe" [X] S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-01] (SafeNet Inc.) S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-08-01] (SafeNet Inc.) S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-01] (SafeNet Inc.) R3 gzflt; C:\Program Files\Norman\nvc\bin\gzflt.sys [138232 2014-06-04] (BitDefender LLC) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.) R1 NGS; c:\program files\norman\ngs\bin\ngs64.sys [23488 2014-06-27] (Norman Safeground AS) R1 NPROSEC; C:\Program Files\Norman\Ngs\Bin\nprosec64.sys [41536 2014-08-27] (Norman Safeground AS) R2 nregsec; C:\Program Files\Norman\Ngs\Bin\nregsec64.sys [68792 2014-10-15] (Norman Safeground AS) R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) S3 TdsNordecr; C:\Windows\System32\DRIVERS\nordecr.sys [28672 2007-10-30] (Todos Data System AB) R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-06-26] (BitDefender S.R.L.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263}; C:\Program Files (x86)\HP\DVDPlay\000.fcl [32240 2008-06-11] (Cyberlink Corp.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-08 16:13 - 2015-01-08 16:14 - 00023888 _____ () C:\Users\Tomas\Desktop\FRST.txt 2015-01-08 16:06 - 2015-01-08 16:08 - 00000000 ____D () C:\AdwCleaner 2015-01-08 16:02 - 2015-01-08 16:02 - 02191360 _____ () C:\Users\Tomas\Desktop\adwcleaner_4.107.exe 2015-01-08 12:35 - 2015-01-08 12:36 - 02124288 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe 2015-01-01 13:25 - 2015-01-04 18:09 - 00000000 ____D () C:\Users\Tomas\Downloads\Digital Tutors - Creating a Parametric Multi Bodied CAD Model in Solidworks[AKD] 2014-12-31 18:14 - 2014-12-31 18:14 - 00000000 ____D () C:\Users\Tomas\Documents\MATLAB 2014-12-31 17:55 - 2014-12-31 19:01 - 00000000 ____D () C:\Program Files\Ricardo 2014-12-31 17:03 - 2014-12-31 17:03 - 00002892 _____ () C:\Windows\System32\Tasks\{39821805-2F8F-4E0A-93FE-7D510B5007B6} 2014-12-31 13:11 - 2014-12-31 13:11 - 00001224 _____ () C:\Windows\SysWOW64\hdd32.log 2014-12-31 13:06 - 2006-12-20 10:00 - 02511360 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\haspds_windows.dll 2014-12-31 13:06 - 2005-06-21 11:10 - 00024576 _____ () C:\Windows\SysWOW64\hdsuinst.exe 2014-12-31 13:06 - 2002-07-26 17:02 - 00153088 _____ () C:\Windows\SysWOW64\UNWISE.EXE 2014-12-31 13:05 - 2014-12-31 13:05 - 00001527 _____ () C:\Users\Public\Desktop\Dynomation-5.lnk 2014-12-31 13:05 - 2014-12-31 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motion Software Simulations 2014-12-31 13:03 - 2015-01-05 12:02 - 00000000 ____D () C:\Dynomation5 2014-12-31 12:51 - 2014-12-31 12:51 - 00003034 _____ () C:\Windows\System32\Tasks\{85286B8D-AD13-4A3D-A567-56CC47D0957D} 2014-12-30 22:17 - 2014-11-27 09:59 - 00205336 _____ () C:\Windows\system32\nscrnsav.scr 2014-12-30 22:17 - 2014-06-30 12:42 - 00461120 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\tdi_nf.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00133152 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale7_nf64.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00130080 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale_nf64.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00123888 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale7_nf.sys 2014-12-30 22:17 - 2014-06-30 12:41 - 00120792 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale_nf.sys 2014-12-30 22:17 - 2014-06-26 12:49 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\Trufos.sys 2014-12-30 22:17 - 2011-08-26 10:03 - 00053928 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsec.sys 2014-12-30 22:17 - 2011-08-11 13:52 - 00034440 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsecl64.sys 2014-12-30 22:17 - 2011-08-11 13:52 - 00030856 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsecl.sys 2014-12-30 21:56 - 2014-12-30 21:56 - 00000000 ____D () C:\Program Files\Windows Live 2014-12-30 21:52 - 2014-12-30 21:52 - 01650048 _____ (Norman Safeground AS ) C:\Users\Tomas\Downloads\NormanSecuritySuite_1100x64 (4).exe 2014-12-30 20:35 - 2014-12-30 20:35 - 00000000 ____D () C:\Users\Tomas\Desktop\FRST-OlderVersion 2014-12-30 17:37 - 2014-12-30 17:37 - 00000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc 2014-12-30 17:37 - 2014-12-30 17:37 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Gibbs 2014-12-30 17:37 - 2014-12-30 17:37 - 00000000 ____D () C:\Users\Tomas\AppData\Local\Gibbs 2014-12-30 17:25 - 2014-12-30 17:25 - 00000000 ____D () C:\ProgramData\Gibbs 2014-12-30 17:22 - 2013-08-01 15:11 - 04609928 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe 2014-12-30 17:22 - 2013-08-01 15:11 - 04609928 _____ (SafeNet Inc.) C:\Windows\system32\aksllmtp.exe 2014-12-30 17:22 - 2013-08-01 15:11 - 00140736 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksfridge.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00331328 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\hardlock.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00303624 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksusb.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00198088 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\hlvdd.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00091784 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksdf.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00077768 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\aksusb4.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00070088 _____ (SafeNet Inc.) C:\Windows\system32\akshhl30.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00063944 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\akshhl.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00060488 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\akshasp.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00021448 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksclass.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00018376 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\akshsp52.dll 2014-12-30 17:20 - 2014-12-31 13:10 - 00019350 _____ () C:\Windows\aksdrvsetup.log 2014-12-30 17:20 - 2014-12-30 17:20 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel 2014-12-30 17:20 - 2014-12-30 17:20 - 00000000 ____D () C:\Program Files (x86)\SafeNet Sentinel 2014-12-30 17:20 - 2009-09-17 07:05 - 00145448 _____ (SafeNet, Inc.) C:\Windows\system32\Drivers\sentinel64.sys 2014-12-30 17:19 - 2014-12-30 17:19 - 00000000 ____D () C:\Users\Tomas\Documents\Downloaded Installations 2014-12-29 20:28 - 2014-12-29 20:28 - 00000000 ____D () C:\Users\Tomas\Desktop\Ny mapp 2014-12-29 19:36 - 2015-01-04 18:10 - 00000000 ____D () C:\Users\Tomas\Downloads\InfiniteSkills – Learning SolidWorks 2015 2014-12-29 19:32 - 2014-12-29 19:36 - 07342075 _____ () C:\Users\Tomas\Downloads\Engineering Analysis with SolidWorks Simulation 2014 book.zip 2014-12-29 19:32 - 2014-12-29 19:34 - 45322957 _____ () C:\Users\Tomas\Downloads\Mechanics of Materials Labs With Solidworks Simulation 2014.zip 2014-12-29 19:18 - 2014-12-29 19:19 - 00000000 ____D () C:\Users\Tomas\Desktop\_SolidSQUAD_ 2014-12-29 19:14 - 2014-06-22 07:17 - 00000000 ____D () C:\Users\Tomas\Desktop\Windows 2014-12-29 19:07 - 2014-09-28 14:59 - 00000000 ____D () C:\Users\Tomas\Desktop\Lynda – Modeling a Motorcycle Engine with SolidWorks 2014-12-29 19:06 - 2014-12-29 19:06 - 00000000 ____D () C:\Users\Tomas\Ny Mapp 2014-12-29 19:04 - 2014-12-29 19:04 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\WinRAR 2014-12-29 19:03 - 2014-12-29 19:03 - 01987488 _____ () C:\Users\Tomas\Downloads\winrar-x64-520sw.exe 2014-12-29 19:03 - 2014-12-29 19:03 - 00000000 ____D () C:\Program Files\WinRAR 2014-12-29 19:02 - 2014-12-29 19:02 - 01766152 _____ () C:\Users\Tomas\Downloads\wrar520 (1).exe 2014-12-29 19:00 - 2014-12-29 19:00 - 01766152 _____ () C:\Users\Tomas\Downloads\wrar520.exe 2014-12-29 18:38 - 2014-12-29 18:44 - 244373633 _____ () C:\Users\Tomas\Downloads\Ricardo Wave v71.rar 2014-12-29 18:28 - 2015-01-04 18:11 - 00000000 ____D () C:\Users\Tomas\Downloads\Lynda – Modeling a Motorcycle Engine with SolidWorks 2014-12-29 18:08 - 2014-12-31 01:10 - 00000000 ____D () C:\Program Files (x86)\DeltaFix 2014-12-29 18:08 - 2014-12-29 18:08 - 00000000 ____D () C:\Program Files (x86)\Shareaholic for Pinterest 2014-12-29 18:07 - 2014-12-31 01:22 - 00000000 ____D () C:\Program Files (x86)\unisAleis 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\ProgramData\15457971234326063082 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\Program Files (x86)\uNisalles 2014-12-29 17:45 - 2015-01-04 17:50 - 00000000 ____D () C:\Users\Tomas\Downloads\Ricardo Suite 2014.1 x86 & x64 2014-12-29 13:47 - 2014-12-29 13:47 - 00000000 ____D () C:\Users\Tomas\Downloads\Avl Suite 2013 Workspace Suite v2013.1 With Fire v2013.1 (x86x64) 2014-12-28 12:25 - 2014-12-28 12:25 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PipeMax v3.98 2014-12-28 12:25 - 2014-12-28 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PipeMax v3.98 2014-12-28 12:24 - 2014-12-28 12:24 - 00249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe 2014-12-28 12:23 - 2014-12-28 18:46 - 00000000 ____D () C:\PIPE398 2014-12-28 12:23 - 2014-12-28 12:23 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE 2014-12-27 17:25 - 2014-12-27 17:25 - 00000000 ____D () C:\Users\Tomas\Downloads\SolidProfessor Solidworks 2013 2014-12-27 17:14 - 2015-01-04 18:07 - 00000000 ____D () C:\Users\Tomas\Downloads\AVL Suite 2014.0 (Workspace Suite 2014.0) x86 & x64 2014-12-20 17:24 - 2014-12-20 17:24 - 12101910 _____ () C:\Users\Tomas\Downloads\freeware_software.exe 2014-12-20 14:36 - 2014-12-20 14:37 - 60018700 _____ (Isoplex, Inc. ) C:\Users\Tomas\Downloads\isoplex-setup-1.0.4.exe 2014-12-20 14:32 - 2015-01-01 13:56 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lotus Engineering Software 2014-12-20 14:32 - 2015-01-01 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lotus Engineering Software 2014-12-20 14:31 - 2015-01-01 13:56 - 00000000 ____D () C:\lesoft 2014-12-20 14:21 - 2014-12-20 14:21 - 06510590 _____ () C:\Users\Tomas\Downloads\freeware_documentation.exe 2014-12-20 14:20 - 2014-12-20 14:21 - 35421980 _____ () C:\Users\Tomas\Downloads\install_engine 2.exe 2014-12-18 14:10 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-18 14:10 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-12-11 03:28 - 2014-12-11 03:28 - 00000000 ____D () C:\Windows\system32\appraiser 2014-12-11 03:03 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-12-11 03:03 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-12-11 03:03 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-12-11 03:03 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-12-11 03:03 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-12-11 03:03 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-12-11 03:03 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-12-11 03:03 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-12-11 03:03 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-12-11 03:03 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-12-10 09:30 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-12-10 09:30 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2014-12-10 09:30 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-10 09:30 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-12-10 09:30 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-10 09:30 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-10 09:30 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-12-10 09:30 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-10 09:30 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-12-10 09:30 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-10 09:30 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-12-10 09:30 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-10 09:30 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-10 09:30 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-12-10 09:30 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-10 09:30 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-12-10 09:30 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-10 09:30 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-12-10 09:30 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-10 09:30 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-12-10 09:30 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-10 09:30 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-12-10 09:30 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-10 09:30 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-12-10 09:30 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-10 09:30 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-12-10 09:30 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-12-10 09:30 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-12-10 09:30 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-10 09:30 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-10 09:30 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-12-10 09:30 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-12-10 09:30 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-12-10 09:30 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-12-10 09:30 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-12-10 09:30 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-10 09:30 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-10 09:30 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-12-10 09:30 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-10 09:30 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-12-10 09:30 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-10 09:30 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-12-10 09:30 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-12-10 09:30 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-12-10 09:30 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-12-10 09:30 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-12-10 09:30 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-10 09:30 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-12-10 09:30 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-12-10 09:30 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-12-10 09:30 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-10 09:30 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-12-10 09:30 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-10 09:30 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-12-10 09:30 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-12-10 09:30 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-12-10 09:30 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-10 09:30 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-10 09:30 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-12-10 09:29 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-10 09:29 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-12-10 09:29 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2014-12-10 09:29 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe 2014-12-10 09:29 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2014-12-10 09:29 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2014-12-10 09:29 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2014-12-10 09:29 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-08 16:13 - 2014-11-27 13:19 - 00000000 ____D () C:\FRST 2015-01-08 16:01 - 2011-04-08 13:58 - 00017456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-08 16:01 - 2011-04-08 13:58 - 00017456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-08 15:58 - 2011-04-08 14:28 - 01441880 _____ () C:\Windows\WindowsUpdate.log 2015-01-08 15:53 - 2014-05-27 13:36 - 00000000 ____D () C:\ProgramData\VMware 2015-01-08 15:52 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-08 15:52 - 2009-07-14 05:51 - 02850515 _____ () C:\Windows\setupact.log 2015-01-08 15:51 - 2010-09-07 13:37 - 00000000 ____D () C:\Program Files\Norman 2015-01-08 15:51 - 2008-09-15 17:58 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-08 15:49 - 2008-09-15 18:09 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-08 15:47 - 2013-03-11 09:45 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\BitTorrent 2015-01-08 15:41 - 2011-10-28 13:10 - 00001004 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-63412372-1427995199-370361792-1000UA.job 2015-01-08 15:34 - 2013-03-25 12:16 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-08 14:14 - 2011-04-08 15:56 - 00691864 _____ () C:\Windows\system32\perfh007.dat 2015-01-08 14:14 - 2011-04-08 15:56 - 00150362 _____ () C:\Windows\system32\perfc007.dat 2015-01-08 14:14 - 2010-11-21 12:38 - 00666540 _____ () C:\Windows\system32\perfh01D.dat 2015-01-08 14:14 - 2010-11-21 12:38 - 00143866 _____ () C:\Windows\system32\perfc01D.dat 2015-01-08 14:14 - 2009-07-14 06:13 - 02431052 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-08 12:51 - 2014-11-27 13:27 - 00000000 ____D () C:\Users\Tomas\Desktop\Virus 14 2015-01-08 12:29 - 2008-09-15 18:28 - 00003666 _____ () C:\Windows\System32\Tasks\HP Health Check 2015-01-07 10:29 - 2009-09-28 17:44 - 00000000 ____D () C:\Users\Tomas\Desktop\Kolvar 2015-01-07 08:10 - 2013-03-06 08:25 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2015-01-07 07:41 - 2011-10-28 13:10 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-63412372-1427995199-370361792-1000Core.job 2015-01-05 10:52 - 2014-05-27 13:42 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\VMware 2015-01-05 10:52 - 2014-05-27 13:42 - 00000000 ____D () C:\Users\Tomas\AppData\Local\VMware 2015-01-04 17:11 - 2011-04-08 14:00 - 00000000 ____D () C:\Users\Tomas 2015-01-04 17:10 - 2010-11-21 04:47 - 00361730 _____ () C:\Windows\PFRO.log 2015-01-02 18:44 - 2013-05-10 09:35 - 00000000 ____D () C:\ProgramData\Yahoo! 2015-01-02 18:37 - 2013-07-26 18:21 - 00000000 ____D () C:\Program Files\Autodesk 2015-01-02 18:10 - 2013-03-14 11:58 - 00000000 ____D () C:\ProgramData\Autodesk 2015-01-02 18:09 - 2013-07-26 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2015-01-02 16:50 - 2014-06-28 11:27 - 00000000 ____D () C:\Users\Tomas\Desktop\ULTRA_EngineProjekt 2015-01-01 13:20 - 2013-11-26 16:30 - 00000000 ____D () C:\Users\Tomas\Capri 2014-12-31 13:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup 2014-12-31 13:06 - 2008-09-15 18:17 - 00049217 _____ () C:\Windows\DirectX.log 2014-12-30 22:17 - 2010-09-07 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norman Security Suite 2014-12-30 21:57 - 2013-03-05 13:05 - 00001537 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2014-12-30 21:57 - 2013-03-05 13:05 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2014-12-30 19:44 - 2012-10-11 18:20 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-12-30 18:20 - 2011-04-08 14:38 - 00118168 _____ () C:\Users\Tomas\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-30 18:19 - 2009-07-14 05:45 - 00408464 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-30 18:01 - 2013-03-14 11:58 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Autodesk 2014-12-30 17:26 - 2013-03-18 17:16 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared 2014-12-26 11:01 - 2013-06-12 18:00 - 00000000 ____D () C:\Users\Tomas\Desktop\Ultra-Thundercars 2014-12-19 18:56 - 2011-11-02 13:14 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\vlc 2014-12-17 10:49 - 2013-07-17 17:42 - 00000000 ____D () C:\Users\Tomas\Desktop\Bilder 2014-12-12 04:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-12-11 06:34 - 2013-03-25 12:16 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-12-11 06:34 - 2013-03-25 12:16 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-12-11 06:34 - 2011-11-01 13:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-12-11 03:28 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-12-11 03:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-12-11 03:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-12-11 03:12 - 2013-07-27 02:00 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-11 03:06 - 2012-10-11 19:01 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-11 03:06 - 2011-10-28 09:24 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Files to move or delete: ==================== C:\Users\Tomas\install_flashplayer11x32_chra_aaa_aih.exe Some content of TEMP: ==================== C:\Users\Tomas\AppData\Local\Temp\AcDeltree.exe C:\Users\Tomas\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\Tomas\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe C:\Users\Tomas\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\Runner2.exe C:\Users\Tomas\AppData\Local\Temp\Runner4.exe C:\Users\Tomas\AppData\Local\Temp\ttv.exe C:\Users\Tomas\AppData\Local\Temp\uttB9B1.tmp.exe C:\Users\Tomas\AppData\Local\Temp\_is2606.exe C:\Users\Tomas\AppData\Local\Temp\_is8461.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-04 22:42 ==================== End Of Log ============================ Addition.txt FRST.txt
  15. Ha ha, även om jag inte direkt är någon expert så köpte jag inte heller "klicka-snett-teorin" ;-) # AdwCleaner v4.107 - Report created 08/01/2015 at 16:06:52 # Updated 07/01/2015 by Xplode # Database : 2015-01-03.1 [Live] # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) # Username : Tomas - TOMASNYHP # Running from : C:\Users\Tomas\Desktop\adwcleaner_4.107.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Found : C:\Program Files (x86)\DeltaFix Folder Found : C:\ProgramData\15457971234326063082 Folder Found : C:\Windows\SysWOW64\SearchProtect ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Key Found : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : [x64] HKCU\Software\Conduit Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} Key Found : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Found : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9} Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D} Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472} Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472} Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Found : HKLM\SOFTWARE\Classes\S Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{05AF6264-0648-49B6-A810-61CF18884F1E} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D291EE29-CE80-4F52-B62B-585DDB3C9F89} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17496 -\\ Google Chrome v [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319614&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPAE5EC031-09C0-40A1-8858-2FCB7C52047C&q={searchTerms}&SSPV= [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319614&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPAE5EC031-09C0-40A1-8858-2FCB7C52047C&q={searchTerms}&SSPV= [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [search Provider] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : booedmolknjekdopkepjjeckmjkdpfgl [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : flpcjncodpafbgdpnkljologafpionhb [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Homepage] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29 [C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Homepage] : hxxp://websearch.searchfix.info/?unqvl=63&idate=2014/12/29 ************************* AdwCleaner[R0].txt - [6021 octets] - [08/01/2015 16:06:52] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6081 octets] ##########
  16. Hej, Så var det dags igen, chefen verkar ha "klickat snett" på sin dator som har dragit på sig något skit. Den är seg och vill inte öppna program, websidor mm som den ska. Här kommer de första loggarna: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015 Ran by Tomas (administrator) on TOMASNYHP on 08-01-2015 12:42:50 Running from C:\Users\Tomas\Desktop Loaded Profiles: Tomas & UpdatusUser (Available profiles: Tomas & UpdatusUser) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nfservice.exe (Norman Safeground AS) C:\Program Files\Norman\Nse\bin\nseupdatesvc.exe (Norman Safeground AS) C:\Program Files\Norman\nvc\bin\nvcsvc.exe (Norman AS) C:\Program Files\Norman\Npm\Bin\nvoy.exe (Norman Safeground AS) C:\Program Files\Norman\Ngs\bin\nnf.exe (Norman Safeground AS) C:\Program Files\Norman\Ngs\bin\nprosec.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nwscmon.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\Zanda.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dassault Systèmes SolidWorks Corp.) C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe (Dassault Systèmes SolidWorks Corp.) C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\Zlh.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\zlhh.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe () C:\hp\HPEZBTN\HPBtnSrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe () C:\Program Files\Norman\Npm\Bin\njeeves2.exe (Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\scheduler.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Hewlett-Packard Company) C:\hp\KBD\kbd.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Google Inc.) C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-06-11] (Intel Corporation) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75008 2008-06-02] (Hewlett-Packard) HKLM-x32\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company) HKLM-x32\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] () HKLM-x32\...\Run: [OsdMaestro] => c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe [119296 2007-02-15] (OsdMaestro) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [indexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Norman ZANDA] => C:\Program Files\Norman\Npm\Bin\ZLH.EXE [88536 2014-08-21] (Norman Safeground AS) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [Google Update] => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-28] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Run: [bitTorrent] => C:\Users\Tomas\AppData\Roaming\BitTorrent\BitTorrent.exe [1388888 2014-11-26] (BitTorrent Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\RunOnce: [Application Restart #4] => C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\MountPoints2: {5fc4e9cc-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1000\...\MountPoints2: {5fc4e9d5-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [Google Update] => C:\Users\Tomas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-28] (Google Inc.) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [Messenger (Yahoo!)] => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation) HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\Policies\Explorer: [] HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {0a479bf6-962b-11dd-a3b2-806e6f6e6963} - F:\start.exe HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {5fc4e9cc-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a HKU\S-1-5-21-63412372-1427995199-370361792-1001\...\MountPoints2: {5fc4e9d5-110c-11e2-9fa8-00221558bc48} - K:\LaunchU3.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2013 Fast Start.lnk ShortcutTarget: SolidWorks 2013 Fast Start.lnk -> C:\Windows\Installer\{B6B5EA7E-B91F-443D-A958-B0062FB53804}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Background Downloader.lnk ShortcutTarget: SolidWorks Background Downloader.lnk -> C:\Program Files (x86)\Common Files\SolidWorks Installation Manager\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-63412372-1427995199-370361792-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-63412372-1427995199-370361792-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKLM -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKLM -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} SearchScopes: HKLM-x32 -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} SearchScopes: HKLM-x32 -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchfix.info/?unqvl=63&idate=2014/12/29&l=1&q={searchTerms} SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {05AF6264-0648-49B6-A810-61CF18884F1E} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1222&query={searchTerms}&invocationType=tb50hpcndtie7-sv-se SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {D291EE29-CE80-4F52-B62B-585DDB3C9F89} URL = http://se.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913934 SearchScopes: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File BHO-x32: Länkhjälp till Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: AOL Toolbar BHO -> {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} -> C:\Program Files (x86)\AOL\AOL Verktygsfält 5.0\aoltb.dll (AOL LLC) BHO-x32: Inloggningshjälp för Microsoft-konto -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Verktygsfält 5.0\aoltb.dll (AOL LLC) Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1000 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File Toolbar: HKU\S-1-5-21-63412372-1427995199-370361792-1001 -> AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab Tcpip\Parameters: [DhcpNameServer] 217.27.161.40 217.27.161.3 FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 -> C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin HKU\S-1-5-21-63412372-1427995199-370361792-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-63412372-1427995199-370361792-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Tomas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-09-03] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Wallet) - C:\Users\Tomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (uNisalles) - C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa\ [2013-08-22] CHR StartMenuInternet: Google Chrome - C:\Users\Tomas\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet Inc.) R2 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [File not signed] R2 HPBtnSrv; c:\hp\HPEZBTN\HPBtnSrv.exe [198240 2007-05-29] () R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed] R2 nfservice; C:\Program Files\Norman\Npm\Bin\nfservice.exe [194536 2014-11-03] (Norman Safeground AS) R3 NJeeves2; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [179080 2014-11-27] () R2 NNFSVC; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [281128 2014-06-30] (Norman Safeground AS) R2 Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [456664 2014-06-30] (Norman Safeground AS) R2 NPROSECSVC; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [140032 2014-10-15] (Norman Safeground AS) R2 nseupdatesvc; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [261456 2014-12-03] (Norman Safeground AS) R2 nvcsvc; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [401560 2014-11-27] (Norman Safeground AS) R2 nvoy; C:\Program Files\Norman\Npm\Bin\nvoy.exe [246560 2013-06-27] (Norman AS) R2 NWSCMON; C:\Program Files\Norman\Npm\Bin\nwscmon.exe [231008 2014-08-05] (Norman Safeground AS) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.) R3 Scheduler; C:\Program Files\Norman\Npm\Bin\scheduler.exe [199680 2014-06-30] (Norman Safeground AS) R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [374304 2011-09-22] (SafeNet, Inc.) R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259040 2011-09-22] (SafeNet, Inc) R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292384 2011-09-22] (SafeNet, Inc.) S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2013-03-18] (SolidWorks) [File not signed] S3 Norman NJeeves; "C:\Program Files\Norman\Npm\Bin\Njeeves.exe" [X] S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-08-01] (SafeNet Inc.) S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-08-01] (SafeNet Inc.) S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-01] (SafeNet Inc.) R3 gzflt; C:\Program Files\Norman\nvc\bin\gzflt.sys [138232 2014-06-04] (BitDefender LLC) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet Inc.) R1 NGS; c:\program files\norman\ngs\bin\ngs64.sys [23488 2014-06-27] (Norman Safeground AS) R1 NPROSEC; C:\Program Files\Norman\Ngs\Bin\nprosec64.sys [41536 2014-08-27] (Norman Safeground AS) R2 nregsec; C:\Program Files\Norman\Ngs\Bin\nregsec64.sys [68792 2014-10-15] (Norman Safeground AS) R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) S3 TdsNordecr; C:\Windows\System32\DRIVERS\nordecr.sys [28672 2007-10-30] (Todos Data System AB) R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-06-26] (BitDefender S.R.L.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263}; C:\Program Files (x86)\HP\DVDPlay\000.fcl [32240 2008-06-11] (Cyberlink Corp.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-08 12:35 - 2015-01-08 12:36 - 02124288 _____ (Farbar) C:\Users\Tomas\Desktop\FRST64.exe 2015-01-01 13:25 - 2015-01-04 18:09 - 00000000 ____D () C:\Users\Tomas\Downloads\Digital Tutors - Creating a Parametric Multi Bodied CAD Model in Solidworks[AKD] 2014-12-31 18:14 - 2014-12-31 18:14 - 00000000 ____D () C:\Users\Tomas\Documents\MATLAB 2014-12-31 17:55 - 2014-12-31 19:01 - 00000000 ____D () C:\Program Files\Ricardo 2014-12-31 17:03 - 2014-12-31 17:03 - 00002892 _____ () C:\Windows\System32\Tasks\{39821805-2F8F-4E0A-93FE-7D510B5007B6} 2014-12-31 13:11 - 2014-12-31 13:11 - 00001224 _____ () C:\Windows\SysWOW64\hdd32.log 2014-12-31 13:06 - 2006-12-20 10:00 - 02511360 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\haspds_windows.dll 2014-12-31 13:06 - 2005-06-21 11:10 - 00024576 _____ () C:\Windows\SysWOW64\hdsuinst.exe 2014-12-31 13:06 - 2002-07-26 17:02 - 00153088 _____ () C:\Windows\SysWOW64\UNWISE.EXE 2014-12-31 13:05 - 2014-12-31 13:05 - 00001527 _____ () C:\Users\Public\Desktop\Dynomation-5.lnk 2014-12-31 13:05 - 2014-12-31 13:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motion Software Simulations 2014-12-31 13:03 - 2015-01-05 12:02 - 00000000 ____D () C:\Dynomation5 2014-12-31 12:51 - 2014-12-31 12:51 - 00003034 _____ () C:\Windows\System32\Tasks\{85286B8D-AD13-4A3D-A567-56CC47D0957D} 2014-12-30 22:17 - 2014-12-30 22:17 - 00001040 _____ () C:\Users\Public\Desktop\Norman Security Suite.lnk 2014-12-30 22:17 - 2014-11-27 09:59 - 00205336 _____ () C:\Windows\system32\nscrnsav.scr 2014-12-30 22:17 - 2014-06-30 12:42 - 00461120 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\tdi_nf.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00133152 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale7_nf64.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00130080 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale_nf64.sys 2014-12-30 22:17 - 2014-06-30 12:42 - 00123888 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale7_nf.sys 2014-12-30 22:17 - 2014-06-30 12:41 - 00120792 _____ (Norman Safeground AS) C:\Windows\system32\Drivers\ale_nf.sys 2014-12-30 22:17 - 2014-06-26 12:49 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\Trufos.sys 2014-12-30 22:17 - 2011-08-26 10:03 - 00053928 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsec.sys 2014-12-30 22:17 - 2011-08-11 13:52 - 00034440 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsecl64.sys 2014-12-30 22:17 - 2011-08-11 13:52 - 00030856 _____ (Norman ASA) C:\Windows\system32\Drivers\nnetsecl.sys 2014-12-30 21:56 - 2014-12-30 21:56 - 00000000 ____D () C:\Program Files\Windows Live 2014-12-30 21:52 - 2014-12-30 21:52 - 01650048 _____ (Norman Safeground AS ) C:\Users\Tomas\Downloads\NormanSecuritySuite_1100x64 (4).exe 2014-12-30 20:35 - 2015-01-08 12:42 - 00024676 _____ () C:\Users\Tomas\Desktop\FRST.txt 2014-12-30 20:35 - 2014-12-30 20:35 - 00000000 ____D () C:\Users\Tomas\Desktop\FRST-OlderVersion 2014-12-30 17:37 - 2014-12-30 17:37 - 00000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc 2014-12-30 17:37 - 2014-12-30 17:37 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Gibbs 2014-12-30 17:37 - 2014-12-30 17:37 - 00000000 ____D () C:\Users\Tomas\AppData\Local\Gibbs 2014-12-30 17:25 - 2014-12-30 17:25 - 00000000 ____D () C:\ProgramData\Gibbs 2014-12-30 17:22 - 2013-08-01 15:11 - 04609928 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe 2014-12-30 17:22 - 2013-08-01 15:11 - 04609928 _____ (SafeNet Inc.) C:\Windows\system32\aksllmtp.exe 2014-12-30 17:22 - 2013-08-01 15:11 - 00140736 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksfridge.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00331328 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\hardlock.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00303624 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksusb.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00198088 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\hlvdd.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00091784 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksdf.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00077768 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\aksusb4.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00070088 _____ (SafeNet Inc.) C:\Windows\system32\akshhl30.dll 2014-12-30 17:21 - 2013-08-01 15:11 - 00063944 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\akshhl.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00060488 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\akshasp.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00021448 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksclass.sys 2014-12-30 17:21 - 2013-08-01 15:11 - 00018376 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\akshsp52.dll 2014-12-30 17:20 - 2014-12-31 13:10 - 00019350 _____ () C:\Windows\aksdrvsetup.log 2014-12-30 17:20 - 2014-12-30 17:20 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel 2014-12-30 17:20 - 2014-12-30 17:20 - 00000000 ____D () C:\Program Files (x86)\SafeNet Sentinel 2014-12-30 17:20 - 2009-09-17 07:05 - 00145448 _____ (SafeNet, Inc.) C:\Windows\system32\Drivers\sentinel64.sys 2014-12-30 17:19 - 2014-12-30 17:19 - 00000000 ____D () C:\Users\Tomas\Documents\Downloaded Installations 2014-12-29 20:28 - 2014-12-29 20:28 - 00000000 ____D () C:\Users\Tomas\Desktop\Ny mapp 2014-12-29 19:36 - 2015-01-04 18:10 - 00000000 ____D () C:\Users\Tomas\Downloads\InfiniteSkills – Learning SolidWorks 2015 2014-12-29 19:32 - 2014-12-29 19:36 - 07342075 _____ () C:\Users\Tomas\Downloads\Engineering Analysis with SolidWorks Simulation 2014 book.zip 2014-12-29 19:32 - 2014-12-29 19:34 - 45322957 _____ () C:\Users\Tomas\Downloads\Mechanics of Materials Labs With Solidworks Simulation 2014.zip 2014-12-29 19:18 - 2014-12-29 19:19 - 00000000 ____D () C:\Users\Tomas\Desktop\_SolidSQUAD_ 2014-12-29 19:14 - 2014-06-22 07:17 - 00000000 ____D () C:\Users\Tomas\Desktop\Windows 2014-12-29 19:07 - 2014-09-28 14:59 - 00000000 ____D () C:\Users\Tomas\Desktop\Lynda – Modeling a Motorcycle Engine with SolidWorks 2014-12-29 19:06 - 2014-12-29 19:06 - 00000000 ____D () C:\Users\Tomas\Ny Mapp 2014-12-29 19:04 - 2014-12-29 19:04 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\WinRAR 2014-12-29 19:03 - 2014-12-29 19:03 - 01987488 _____ () C:\Users\Tomas\Downloads\winrar-x64-520sw.exe 2014-12-29 19:03 - 2014-12-29 19:03 - 00000000 ____D () C:\Program Files\WinRAR 2014-12-29 19:02 - 2014-12-29 19:02 - 01766152 _____ () C:\Users\Tomas\Downloads\wrar520 (1).exe 2014-12-29 19:00 - 2014-12-29 19:00 - 01766152 _____ () C:\Users\Tomas\Downloads\wrar520.exe 2014-12-29 18:38 - 2014-12-29 18:44 - 244373633 _____ () C:\Users\Tomas\Downloads\Ricardo Wave v71.rar 2014-12-29 18:28 - 2015-01-04 18:11 - 00000000 ____D () C:\Users\Tomas\Downloads\Lynda – Modeling a Motorcycle Engine with SolidWorks 2014-12-29 18:08 - 2014-12-31 01:10 - 00000000 ____D () C:\Program Files (x86)\DeltaFix 2014-12-29 18:08 - 2014-12-29 18:08 - 00000000 ____D () C:\Program Files (x86)\Shareaholic for Pinterest 2014-12-29 18:07 - 2014-12-31 01:22 - 00000000 ____D () C:\Program Files (x86)\youtubeadblocker 2014-12-29 18:07 - 2014-12-31 01:22 - 00000000 ____D () C:\Program Files (x86)\unisAleis 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\ProgramData\fggnmmjhficagbcgpgpkkonpjeehmgoa 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\ProgramData\15457971234326063082 2014-12-29 18:06 - 2014-12-29 18:06 - 00000000 ____D () C:\Program Files (x86)\uNisalles 2014-12-29 17:45 - 2015-01-04 17:50 - 00000000 ____D () C:\Users\Tomas\Downloads\Ricardo Suite 2014.1 x86 & x64 2014-12-29 13:47 - 2014-12-29 13:47 - 00000000 ____D () C:\Users\Tomas\Downloads\Avl Suite 2013 Workspace Suite v2013.1 With Fire v2013.1 (x86x64) 2014-12-28 12:25 - 2014-12-28 12:25 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PipeMax v3.98 2014-12-28 12:25 - 2014-12-28 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PipeMax v3.98 2014-12-28 12:24 - 2014-12-28 12:24 - 00249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe 2014-12-28 12:23 - 2014-12-28 18:46 - 00000000 ____D () C:\PIPE398 2014-12-28 12:23 - 2014-12-28 12:23 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE 2014-12-27 17:25 - 2014-12-27 17:25 - 00000000 ____D () C:\Users\Tomas\Downloads\SolidProfessor Solidworks 2013 2014-12-27 17:14 - 2015-01-04 18:07 - 00000000 ____D () C:\Users\Tomas\Downloads\AVL Suite 2014.0 (Workspace Suite 2014.0) x86 & x64 2014-12-20 17:24 - 2014-12-20 17:24 - 12101910 _____ () C:\Users\Tomas\Downloads\freeware_software.exe 2014-12-20 14:36 - 2014-12-20 14:37 - 60018700 _____ (Isoplex, Inc. ) C:\Users\Tomas\Downloads\isoplex-setup-1.0.4.exe 2014-12-20 14:32 - 2015-01-01 13:56 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lotus Engineering Software 2014-12-20 14:32 - 2015-01-01 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lotus Engineering Software 2014-12-20 14:31 - 2015-01-01 13:56 - 00000000 ____D () C:\lesoft 2014-12-20 14:21 - 2014-12-20 14:21 - 06510590 _____ () C:\Users\Tomas\Downloads\freeware_documentation.exe 2014-12-20 14:20 - 2014-12-20 14:21 - 35421980 _____ () C:\Users\Tomas\Downloads\install_engine 2.exe 2014-12-18 14:10 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-18 14:10 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-12-11 03:28 - 2014-12-11 03:28 - 00000000 ____D () C:\Windows\system32\appraiser 2014-12-11 03:03 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-12-11 03:03 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-12-11 03:03 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-12-11 03:03 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-12-11 03:03 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-12-11 03:03 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-12-11 03:03 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-12-11 03:03 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-12-11 03:03 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-12-11 03:03 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-12-10 09:30 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-12-10 09:30 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-12-10 09:30 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2014-12-10 09:30 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-10 09:30 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-12-10 09:30 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-10 09:30 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-10 09:30 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-12-10 09:30 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-10 09:30 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-12-10 09:30 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-10 09:30 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-12-10 09:30 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-10 09:30 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-10 09:30 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-12-10 09:30 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-10 09:30 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-12-10 09:30 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-10 09:30 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-12-10 09:30 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-10 09:30 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-12-10 09:30 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-10 09:30 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-12-10 09:30 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-10 09:30 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-12-10 09:30 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-10 09:30 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-12-10 09:30 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-12-10 09:30 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-12-10 09:30 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-10 09:30 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-10 09:30 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-12-10 09:30 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-12-10 09:30 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-12-10 09:30 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-12-10 09:30 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-12-10 09:30 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-10 09:30 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-10 09:30 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-12-10 09:30 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-10 09:30 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-12-10 09:30 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-10 09:30 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-12-10 09:30 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-12-10 09:30 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-12-10 09:30 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-12-10 09:30 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-12-10 09:30 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-10 09:30 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-12-10 09:30 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-12-10 09:30 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-12-10 09:30 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-10 09:30 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-12-10 09:30 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-10 09:30 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-12-10 09:30 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-12-10 09:30 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-12-10 09:30 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-10 09:30 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-10 09:30 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-12-10 09:29 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-10 09:29 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-12-10 09:29 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2014-12-10 09:29 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe 2014-12-10 09:29 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2014-12-10 09:29 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2014-12-10 09:29 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2014-12-10 09:29 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2014-12-10 09:29 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2014-12-10 09:29 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-08 12:42 - 2014-11-27 13:19 - 00000000 ____D () C:\FRST 2015-01-08 12:41 - 2011-10-28 13:10 - 00001004 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-63412372-1427995199-370361792-1000UA.job 2015-01-08 12:40 - 2011-04-08 13:58 - 00017456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-08 12:40 - 2011-04-08 13:58 - 00017456 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-08 12:34 - 2013-03-25 12:16 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-08 12:31 - 2011-04-08 14:28 - 01430986 _____ () C:\Windows\WindowsUpdate.log 2015-01-08 12:29 - 2013-03-11 09:45 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\BitTorrent 2015-01-08 12:29 - 2008-09-15 18:28 - 00003666 _____ () C:\Windows\System32\Tasks\HP Health Check 2015-01-08 12:26 - 2014-05-27 13:36 - 00000000 ____D () C:\ProgramData\VMware 2015-01-08 12:24 - 2010-09-07 13:37 - 00000000 ____D () C:\Program Files\Norman 2015-01-08 12:24 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-08 12:24 - 2009-07-14 05:51 - 02838677 _____ () C:\Windows\setupact.log 2015-01-08 12:24 - 2008-09-15 17:58 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-01-07 10:29 - 2009-09-28 17:44 - 00000000 ____D () C:\Users\Tomas\Desktop\Kolvar 2015-01-07 08:10 - 2013-03-06 08:25 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2015-01-07 07:41 - 2011-10-28 13:10 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-63412372-1427995199-370361792-1000Core.job 2015-01-06 18:52 - 2011-04-08 15:56 - 00691864 _____ () C:\Windows\system32\perfh007.dat 2015-01-06 18:52 - 2011-04-08 15:56 - 00150362 _____ () C:\Windows\system32\perfc007.dat 2015-01-06 18:52 - 2010-11-21 12:38 - 00666540 _____ () C:\Windows\system32\perfh01D.dat 2015-01-06 18:52 - 2010-11-21 12:38 - 00143866 _____ () C:\Windows\system32\perfc01D.dat 2015-01-06 18:52 - 2009-07-14 06:13 - 02431052 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-05 10:52 - 2014-05-27 13:42 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\VMware 2015-01-05 10:52 - 2014-05-27 13:42 - 00000000 ____D () C:\Users\Tomas\AppData\Local\VMware 2015-01-04 17:11 - 2011-04-08 14:00 - 00000000 ____D () C:\Users\Tomas 2015-01-04 17:10 - 2010-11-21 04:47 - 00361730 _____ () C:\Windows\PFRO.log 2015-01-02 18:44 - 2013-05-10 09:35 - 00000000 ____D () C:\ProgramData\Yahoo! 2015-01-02 18:37 - 2013-07-26 18:21 - 00000000 ____D () C:\Program Files\Autodesk 2015-01-02 18:10 - 2013-03-14 11:58 - 00000000 ____D () C:\ProgramData\Autodesk 2015-01-02 18:09 - 2013-07-26 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk 2015-01-02 16:50 - 2014-06-28 11:27 - 00000000 ____D () C:\Users\Tomas\Desktop\ULTRA_EngineProjekt 2015-01-01 13:20 - 2013-11-26 16:30 - 00000000 ____D () C:\Users\Tomas\Capri 2014-12-31 13:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Setup 2014-12-31 13:06 - 2008-09-15 18:17 - 00049217 _____ () C:\Windows\DirectX.log 2014-12-30 22:17 - 2010-09-07 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norman Security Suite 2014-12-30 21:57 - 2013-03-05 13:05 - 00001537 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2014-12-30 21:57 - 2013-03-05 13:05 - 00000000 ____D () C:\Program Files (x86)\Windows Live 2014-12-30 19:44 - 2012-10-11 18:20 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-12-30 18:20 - 2011-04-08 14:38 - 00118168 _____ () C:\Users\Tomas\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-30 18:19 - 2009-07-14 05:45 - 00408464 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-30 18:01 - 2013-03-14 11:58 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\Autodesk 2014-12-30 17:26 - 2013-03-18 17:16 - 00000000 ____D () C:\Program Files\Common Files\SolidWorks Shared 2014-12-26 11:01 - 2013-06-12 18:00 - 00000000 ____D () C:\Users\Tomas\Desktop\Ultra-Thundercars 2014-12-19 18:56 - 2011-11-02 13:14 - 00000000 ____D () C:\Users\Tomas\AppData\Roaming\vlc 2014-12-17 10:49 - 2013-07-17 17:42 - 00000000 ____D () C:\Users\Tomas\Desktop\Bilder 2014-12-12 04:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-12-11 06:34 - 2013-03-25 12:16 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-12-11 06:34 - 2013-03-25 12:16 - 00003806 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-12-11 06:34 - 2011-11-01 13:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-12-11 03:28 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-12-11 03:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-12-11 03:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-12-11 03:12 - 2013-07-27 02:00 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-11 03:06 - 2012-10-11 19:01 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-12-11 03:06 - 2011-10-28 09:24 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Files to move or delete: ==================== C:\Users\Tomas\install_flashplayer11x32_chra_aaa_aih.exe Some content of TEMP: ==================== C:\Users\Tomas\AppData\Local\Temp\AcDeltree.exe C:\Users\Tomas\AppData\Local\Temp\FNP_ACT_InstallerCA.dll C:\Users\Tomas\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe C:\Users\Tomas\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\Tomas\AppData\Local\Temp\Runner2.exe C:\Users\Tomas\AppData\Local\Temp\Runner4.exe C:\Users\Tomas\AppData\Local\Temp\ttv.exe C:\Users\Tomas\AppData\Local\Temp\uttB9B1.tmp.exe C:\Users\Tomas\AppData\Local\Temp\_is2606.exe C:\Users\Tomas\AppData\Local\Temp\_is8461.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-04 22:42 ==================== End Of Log ============================ Addition.txt
  17. Har tidigare provat att ha det på två olika datorer men då har de nya mejlen bara kommit upp på den datorn som man öppnat de nya mejlen i så det blev väldigt rörigt. Det kanske man kommer undan genom att "lämna kopia på servern". Men det jag är ute efter är att kunna komma åt mottagna och skickade mejl i en annan dator och/eller mobilen och även de olika mappar som jag sparar mejl i, fungerar det? Vilket/vilka mejlprogram kan/ska man då använda eller blir det som en slags webmejl man loggar in på där allt ser likadant ut oavsett från vilken dator man kollar?
  18. Hej, Jag känner mig lite omodern som bara har min e-post i en dator och sen använder webmejl när jag är ute och reser. Hur gör man om man vill kunna läsa och skicka mejl från fler olika enheter?
  19. Hej och ursäkta lite sen respons. Det kom en solsemester, fotledsfraktur och ett bröllop emellan ;-) Nu verkar det vara "full fart" på datorn igen och inga direkta problem. Behöver jag göra något mer?
  20. C:\AdwCleaner\Quarantine\C\Program\AskPartnerNetwork\Toolbar\APNSetup.exe.vir a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application C:\Documents and Settings\Verkstan\Lokala inställningar\temp\APNSetup.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application C:\Documents and Settings\Verkstan\Lokala inställningar\temp\NERO13349\Toolbar.exe Win32/Toolbar.AskSBar potentially unwanted application C:\System Volume Information\_restore{18E5BF07-C6D0-4C3D-BFA9-C4C0E55832E9}\RP924\A0032000.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application
  21. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-09-2014 Ran by Verkstan at 2014-09-09 15:38:49 Run:1 Running from C:\Documents and Settings\Verkstan\Skrivbord Boot Mode: Normal ============================================== Content of fixlist: ***************** CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp CHR DefaultSearchKeyword: Default -> ask.com CHR DefaultSearchURL: Default -> http://www.search.as...q={searchTerms} CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com...q={searchTerms} CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [] ***************** Chrome HomePage deleted successfully. Chrome DefaultSearchKeyword deleted successfully. Chrome DefaultSearchURL deleted successfully. Chrome DefaultSuggestURL deleted successfully. "HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf" => Key deleted successfully. "C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx" => File/Directory not found. ==== End of Fixlog ====
  22. Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-09-2014 Ran by Verkstan (administrator) on MASKIN on 09-09-2014 14:02:31 Running from C:\Documents and Settings\Verkstan\Skrivbord Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Svenska Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Oracle Corporation) C:\Program\Delade filer\Java\Java Update\jusched.exe (Technology Nexus AB) C:\Program\Personal\bin\Personal.exe (Microsoft Corporation) C:\Program\Windows Desktop Search\WindowsSearch.exe (Autodata Limited) C:\Program\Delade filer\Autodata Limited Shared\Service\ADCDLicSvc.exe (Oracle Corporation) C:\Program\Java\jre7\bin\jqs.exe (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [soundMan] => C:\WINDOWS\SOUNDMAN.EXE [90112 2005-08-17] (Realtek Semiconductor Corp.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [NeroFilterCheck] => C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG) HKLM\...\Run: [Adobe ARM] => C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Run: [sunJavaUpdateSched] => C:\Program\Delade filer\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKU\S-1-5-21-2086406662-4009647907-3775310342-1006\...\Run: [Google Update] => C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe [116648 2012-05-08] (Google Inc.) Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Gamma Loader.exe.lnk ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Microsoft Office.lnk ShortcutTarget: Microsoft Office.lnk -> C:\Program\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Personal.lnk ShortcutTarget: Personal.lnk -> C:\Program\Personal\bin\Personal.exe (Technology Nexus AB) Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Windows Search.lnk ShortcutTarget: Windows Search.lnk -> C:\Program\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) Startup: C:\Documents and Settings\Verkstan\Start-meny\Program\Autostart\Alliansserver.lnk ShortcutTarget: Alliansserver.lnk -> \\Bokföring\allians\Data\AlliansPathfinder.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.leta.se/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adress - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Länkar - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124959871312 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program\Delade filer\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 217.27.161.40 217.27.161.3 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program\Microsoft Silverlight\3.0.50106.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @se.nexus/Personal -> C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB) FF Plugin: Adobe Reader -> C:\Program\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-04-11] Chrome: ======= CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp CHR StartupUrls: Default -> "hxxp://www.leta.se/" CHR DefaultSearchKeyword: Default -> ask.com CHR DefaultSearchURL: Default -> http://www.search.ask.com/web?q={searchTerms} CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms} CHR CustomProfile: C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-08] CHR Extension: (Sök på Google) - C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-08] CHR Extension: (Google Wallet) - C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23] CHR Extension: (Gmail) - C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-08] CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [] CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Autodata Limited License Service; C:\Program\Delade filer\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2008-11-26] (Autodata Limited) [File not signed] R2 JavaQuickStarterService; C:\Program\Java\jre7\bin\jqs.exe [182696 2014-07-25] (Oracle Corporation) R2 MDM; C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed] S3 NBService; C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2007-06-29] (Nero AG) S3 NMIndexingService; C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG) S3 WMPNetworkSvc; C:\Program\Windows Media Player\WMPNetwk.exe [912384 2006-11-15] (Microsoft Corporation) S2 !SASCORE; "C:\Program\SUPERAntiSpyware\SASCORE.EXE" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation) R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [3644800 2005-08-19] (Realtek Semiconductor Corp.) S3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation) R3 FETNDISB; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [42496 2004-04-15] (VIA Technologies, Inc. ) R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [453632 2006-01-02] (Aladdin Knowledge Systems) [File not signed] R2 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2006-01-02] (Aladdin Knowledge Systems) [File not signed] R2 Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [73216 2000-10-24] () [File not signed] S3 Sntnlusb; C:\WINDOWS\System32\Drivers\SNTNLUSB.SYS [20288 2000-10-24] (Rainbow Technologies Inc.) [File not signed] R0 viamraid; C:\WINDOWS\System32\DRIVERS\VIAMRAID.SYS [73600 2004-03-29] (VIA Technologies inc,.ltd) S3 SANDRA; \??\D:\SANDRA.sys [X] S1 SASKUTIL; \??\C:\Program\SUPERAntiSpyware\SASKUTIL.SYS [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-09 14:02 - 2014-09-09 14:03 - 00012449 _____ () C:\Documents and Settings\Verkstan\Skrivbord\FRST.txt 2014-09-09 14:00 - 2014-09-09 14:01 - 01097728 _____ (Farbar) C:\Documents and Settings\Verkstan\Skrivbord\FRST.exe 2014-09-09 13:39 - 2014-09-09 13:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2014-09-08 15:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll 2014-09-08 15:44 - 2014-09-09 13:37 - 00000000 ____D () C:\AdwCleaner 2014-09-08 15:40 - 2014-09-08 15:40 - 01370467 _____ () C:\Documents and Settings\Verkstan\Skrivbord\adwcleaner_3.309.exe 2014-09-04 16:18 - 2014-09-08 15:38 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-09-04 16:17 - 2014-09-04 16:17 - 00000000 ____D () C:\Program\Malwarebytes Anti-Malware 2014-09-04 16:17 - 2014-09-04 16:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes Anti-Malware 2014-09-04 16:17 - 2014-05-12 07:26 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-09-04 15:50 - 2014-09-09 14:02 - 00000000 ____D () C:\FRST 2014-09-04 15:39 - 2014-09-04 15:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$ 2014-09-04 15:31 - 2014-09-04 15:31 - 00009968 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-09-04 15:31 - 2014-09-04 15:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2014-09-04 15:31 - 2014-09-04 15:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2014-09-04 15:29 - 2014-09-04 15:30 - 00011586 _____ () C:\WINDOWS\KB2936068-IE8.log 2014-09-04 15:03 - 2014-09-04 15:39 - 00013474 _____ () C:\WINDOWS\KB2922229.log 2014-09-04 15:01 - 2014-09-04 15:31 - 00013016 _____ () C:\WINDOWS\KB2929961.log 2014-09-04 15:00 - 2014-09-04 15:31 - 00013946 _____ () C:\WINDOWS\KB2930275.log 2014-08-11 08:27 - 2014-08-11 08:27 - 00000000 ____D () C:\Program\Delade filer\Java 2014-08-11 08:27 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-08-11 08:27 - 2014-07-25 12:26 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-08-11 08:26 - 2014-08-11 08:26 - 00005737 _____ () C:\WINDOWS\system32\jupdate-1.7.0_67-b01.log 2014-08-11 08:26 - 2014-08-11 08:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Java 2014-08-11 08:26 - 2014-07-25 12:55 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-08-11 08:26 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-08-11 08:26 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-09 14:03 - 2014-09-09 14:02 - 00012449 _____ () C:\Documents and Settings\Verkstan\Skrivbord\FRST.txt 2014-09-09 14:03 - 2011-03-31 15:10 - 00000000 ____D () C:\Documents and Settings\Verkstan\Lokala inställningar\temp 2014-09-09 14:02 - 2014-09-04 15:50 - 00000000 ____D () C:\FRST 2014-09-09 14:02 - 2005-11-19 10:41 - 00000000 ____D () C:\Documents and Settings\Verkstan\Skrivbord 2014-09-09 14:01 - 2014-09-09 14:00 - 01097728 _____ (Farbar) C:\Documents and Settings\Verkstan\Skrivbord\FRST.exe 2014-09-09 14:01 - 2012-05-08 15:40 - 00001098 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2086406662-4009647907-3775310342-1006UA.job 2014-09-09 13:41 - 2005-08-25 17:23 - 01154852 _____ () C:\WINDOWS\WindowsUpdate.log 2014-09-09 13:39 - 2014-09-09 13:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2014-09-09 13:39 - 2014-04-18 12:56 - 00000228 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP - Inloggningsmeddelande gällande när tjänsten upphör.job 2014-09-09 13:39 - 2005-08-25 18:19 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-09-09 13:39 - 2005-08-25 18:19 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-09-09 13:39 - 2004-08-04 21:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl 2014-09-09 13:38 - 2005-11-19 10:41 - 00000304 ___SH () C:\Documents and Settings\Verkstan\ntuser.ini 2014-09-09 13:38 - 2005-11-16 18:17 - 00029204 _____ () C:\WINDOWS\system32\nvapps.xml 2014-09-09 13:38 - 2005-08-25 17:29 - 00032406 _____ () C:\WINDOWS\SchedLgU.Txt 2014-09-09 13:38 - 2005-08-25 10:29 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-09-09 13:37 - 2014-09-08 15:44 - 00000000 ____D () C:\AdwCleaner 2014-09-09 13:37 - 2005-11-17 02:14 - 00000000 ____D () C:\Program 2014-09-09 13:05 - 2012-04-26 13:18 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-09-09 11:19 - 2005-11-19 10:41 - 00000000 ___HD () C:\Documents and Settings\Verkstan\Nätverket 2014-09-09 11:01 - 2012-05-08 15:40 - 00001046 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2086406662-4009647907-3775310342-1006Core.job 2014-09-08 15:40 - 2014-09-08 15:40 - 01370467 _____ () C:\Documents and Settings\Verkstan\Skrivbord\adwcleaner_3.309.exe 2014-09-08 15:38 - 2014-09-04 16:18 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-09-08 15:00 - 2014-04-18 12:56 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP - Månatligt meddelande gällande när tjänsten upphör.job 2014-09-08 13:39 - 2005-11-19 10:41 - 00000000 ___RD () C:\Documents and Settings\Verkstan\Mina dokument 2014-09-04 16:17 - 2014-09-04 16:17 - 00000000 ____D () C:\Program\Malwarebytes Anti-Malware 2014-09-04 16:17 - 2014-09-04 16:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes Anti-Malware 2014-09-04 16:17 - 2010-08-16 13:47 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes 2014-09-04 16:17 - 2005-11-17 02:13 - 00000000 ___RD () C:\Documents and Settings\All Users\Start-meny\Program 2014-09-04 15:44 - 2005-08-25 18:15 - 00123728 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-09-04 15:39 - 2014-09-04 15:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$ 2014-09-04 15:39 - 2014-09-04 15:03 - 00013474 _____ () C:\WINDOWS\KB2922229.log 2014-09-04 15:39 - 2013-10-16 13:21 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-09-04 15:39 - 2005-08-25 18:17 - 03112668 _____ () C:\WINDOWS\FaxSetup.log 2014-09-04 15:39 - 2005-08-25 18:17 - 01514875 _____ () C:\WINDOWS\ocgen.log 2014-09-04 15:39 - 2005-08-25 18:17 - 01448572 _____ () C:\WINDOWS\iis6.log 2014-09-04 15:39 - 2005-08-25 18:17 - 01434001 _____ () C:\WINDOWS\tsoc.log 2014-09-04 15:39 - 2005-08-25 18:17 - 01014555 _____ () C:\WINDOWS\comsetup.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00976032 _____ () C:\WINDOWS\msmqinst.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00617504 _____ () C:\WINDOWS\ntdtcsetup.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00546120 _____ () C:\WINDOWS\netfxocm.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00216760 _____ () C:\WINDOWS\MedCtrOC.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00189298 _____ () C:\WINDOWS\ocmsn.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00156950 _____ () C:\WINDOWS\tabletoc.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00156351 _____ () C:\WINDOWS\msgsocm.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00001355 _____ () C:\WINDOWS\imsins.log 2014-09-04 15:31 - 2014-09-04 15:31 - 00009968 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-09-04 15:31 - 2014-09-04 15:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2014-09-04 15:31 - 2014-09-04 15:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2014-09-04 15:31 - 2014-09-04 15:01 - 00013016 _____ () C:\WINDOWS\KB2929961.log 2014-09-04 15:31 - 2014-09-04 15:00 - 00013946 _____ () C:\WINDOWS\KB2930275.log 2014-09-04 15:31 - 2011-04-15 14:36 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-09-04 15:31 - 2005-08-25 20:28 - 00451470 _____ () C:\WINDOWS\updspapi.log 2014-09-04 15:31 - 2005-08-25 18:17 - 00001355 _____ () C:\WINDOWS\imsins.BAK 2014-09-04 15:30 - 2014-09-04 15:29 - 00011586 _____ () C:\WINDOWS\KB2936068-IE8.log 2014-08-11 08:27 - 2014-08-11 08:27 - 00000000 ____D () C:\Program\Delade filer\Java 2014-08-11 08:27 - 2005-11-17 02:14 - 00000000 ____D () C:\Program\Delade filer 2014-08-11 08:26 - 2014-08-11 08:26 - 00005737 _____ () C:\WINDOWS\system32\jupdate-1.7.0_67-b01.log 2014-08-11 08:26 - 2014-08-11 08:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Java 2014-08-11 08:26 - 2013-12-02 15:40 - 00000000 ____D () C:\Program\Java Some content of TEMP: ==================== C:\Documents and Settings\Verkstan\Lokala inställningar\temp\APNSetup.exe C:\Documents and Settings\Verkstan\Lokala inställningar\temp\jre-7u55-windows-i586-iftw.exe C:\Documents and Settings\Verkstan\Lokala inställningar\temp\jre-7u60-windows-i586-iftw.exe C:\Documents and Settings\Verkstan\Lokala inställningar\temp\jre-7u67-windows-i586-iftw.exe C:\Documents and Settings\Verkstan\Lokala inställningar\temp\Quarantine.exe C:\Documents and Settings\Verkstan\Lokala inställningar\temp\SSUPDATE.EXE ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================
  23. Här är AdwCleaner: # AdwCleaner v3.309 - Report created 09/09/2014 at 13:37:27 # Updated 02/09/2014 by Xplode # Operating System : Microsoft Windows XP Service Pack 3 (32 bits) # Username : Verkstan - MASKIN # Running from : C:\Documents and Settings\Verkstan\Skrivbord\adwcleaner_3.309.exe # Option : Clean ***** [ Services ] ***** Service Deleted : APNMCP ***** [ Files / Folders ] ***** Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn Folder Deleted : C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork Folder Deleted : C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage Folder Deleted : C:\Program\AskPartnerNetwork Folder Deleted : C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\AskPartnerNetwork Folder Deleted : C:\DOCUME~1\Verkstan\LOKALA~1\Temp\apn File Deleted : C:\WINDOWS\system32\Utils.dll ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon] Key Deleted : HKCU\Software\AskPartnerNetwork Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Google Chrome v [ File : C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\preferences ] Deleted [search Provider] : hxxp://www.mekonomen.se/bil/sok/SearchProduct?filter.searchquerytext={searchTerms} ************************* AdwCleaner[R0].txt - [1664 octets] - [08/09/2014 15:44:33] AdwCleaner[R1].txt - [1724 octets] - [09/09/2014 13:35:23] AdwCleaner[s0].txt - [1669 octets] - [09/09/2014 13:37:27] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1729 octets] ##########
  24. # AdwCleaner v3.309 - Report created 08/09/2014 at 15:44:33 # Updated 02/09/2014 by Xplode # Operating System : Microsoft Windows XP Service Pack 3 (32 bits) # Username : Verkstan - MASKIN # Running from : C:\Documents and Settings\Verkstan\Skrivbord\adwcleaner_3.309.exe # Option : Scan ***** [ Services ] ***** Service Found : APNMCP ***** [ Files / Folders ] ***** File Found : C:\WINDOWS\system32\Utils.dll Folder Found : C:\DOCUME~1\Verkstan\LOKALA~1\Temp\apn Folder Found : C:\Documents and Settings\All Users\Application Data\apn Folder Found : C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork Folder Found : C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage Folder Found : C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\AskPartnerNetwork Folder Found : C:\Program\AskPartnerNetwork ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\AskPartnerNetwork Key Found : HKLM\SOFTWARE\AskPartnerNetwork Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon] ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Google Chrome v [ File : C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\preferences ] Found [search Provider] : hxxp://www.mekonomen.se/bil/sok/SearchProduct?filter.searchquerytext={searchTerms} ************************* AdwCleaner[R0].txt - [1524 octets] - [08/09/2014 15:44:33] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1584 octets] ##########
  25. Hej, Har en dator som börjat bli seg, speciellt på Internet. Jag vet att det är en gammal dator men den fyller sin funktion väl när den fungerar som den ska. Är det något som ser konstigt ut i loggarna? Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2014 Ran by Verkstan (administrator) on MASKIN on 04-09-2014 15:51:03 Running from C:\Documents and Settings\Verkstan\Skrivbord Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Svenska Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Realtek Semiconductor Corp.) C:\WINDOWS\SOUNDMAN.EXE (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe (Oracle Corporation) C:\Program\Delade filer\Java\Java Update\jusched.exe (APN) C:\Program\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (Technology Nexus AB) C:\Program\Personal\bin\Personal.exe (Microsoft Corporation) C:\Program\Windows Desktop Search\WindowsSearch.exe (APN LLC.) C:\Program\AskPartnerNetwork\Toolbar\apnmcp.exe (Autodata Limited) C:\Program\Delade filer\Autodata Limited Shared\Service\ADCDLicSvc.exe (Oracle Corporation) C:\Program\Java\jre7\bin\jqs.exe (Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Google Inc.) C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [soundMan] => C:\WINDOWS\SOUNDMAN.EXE [90112 2005-08-17] (Realtek Semiconductor Corp.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\...\Run: [nwiz] => nwiz.exe /install HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit HKLM\...\Run: [NeroFilterCheck] => C:\Program\Delade filer\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG) HKLM\...\Run: [Adobe ARM] => C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKLM\...\Run: [sunJavaUpdateSched] => C:\Program\Delade filer\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM\...\Run: [ApnTBMon] => C:\Program\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1942424 2014-08-29] (APN) HKU\S-1-5-21-2086406662-4009647907-3775310342-1006\...\Run: [Google Update] => C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe [116648 2012-05-08] (Google Inc.) Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Adobe Gamma Loader.exe.lnk ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Microsoft Office.lnk ShortcutTarget: Microsoft Office.lnk -> C:\Program\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Personal.lnk ShortcutTarget: Personal.lnk -> C:\Program\Personal\bin\Personal.exe (Technology Nexus AB) Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\Windows Search.lnk ShortcutTarget: Windows Search.lnk -> C:\Program\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation) Startup: C:\Documents and Settings\Verkstan\Start-meny\Program\Autostart\Alliansserver.lnk ShortcutTarget: Alliansserver.lnk -> \\Bokföring\allians\Data\AlliansPathfinder.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.leta.se/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://findgala.com/?&uid=290&q={searchTerms} SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://findgala.com/?&uid=290&q={searchTerms} BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - &Adress - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Länkar - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124959871312 DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program\Delade filer\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\OLE DB\msdaipp.dll (Microsoft Corporation) ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 217.27.161.40 217.27.161.3 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program\Microsoft Silverlight\3.0.50106.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @se.nexus/Personal -> C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB) FF Plugin: Adobe Reader -> C:\Program\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-04-11] Chrome: ======= CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp CHR StartupUrls: Default -> "hxxp://www.leta.se/" CHR DefaultSearchKeyword: Default -> ask.com CHR DefaultSearchURL: Default -> http://www.search.ask.com/web?q={searchTerms} CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms} CHR CustomProfile: C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-08] CHR Extension: (Sök på Google) - C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-08] CHR Extension: (Google Wallet) - C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23] CHR Extension: (Gmail) - C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-08] CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2014-08-29] CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 APNMCP; C:\Program\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-08-29] (APN LLC.) R2 Autodata Limited License Service; C:\Program\Delade filer\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2008-11-26] (Autodata Limited) [File not signed] R2 JavaQuickStarterService; C:\Program\Java\jre7\bin\jqs.exe [182696 2014-07-25] (Oracle Corporation) R2 MDM; C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed] S3 NBService; C:\Program\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2007-06-29] (Nero AG) S3 NMIndexingService; C:\Program\Delade filer\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG) S3 WMPNetworkSvc; C:\Program\Windows Media Player\WMPNetwk.exe [912384 2006-11-15] (Microsoft Corporation) S2 !SASCORE; "C:\Program\SUPERAntiSpyware\SASCORE.EXE" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 abp480n5; C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation) R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [3644800 2005-08-19] (Realtek Semiconductor Corp.) S3 EL90XBC; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [66591 2001-08-17] (3Com Corporation) R3 FETNDISB; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [42496 2004-04-15] (VIA Technologies, Inc. ) R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [453632 2006-01-02] (Aladdin Knowledge Systems) [File not signed] R2 Haspnt; C:\WINDOWS\system32\drivers\Haspnt.sys [47616 2006-01-02] (Aladdin Knowledge Systems) [File not signed] R2 Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [73216 2000-10-24] () [File not signed] S3 Sntnlusb; C:\WINDOWS\System32\Drivers\SNTNLUSB.SYS [20288 2000-10-24] (Rainbow Technologies Inc.) [File not signed] R0 viamraid; C:\WINDOWS\System32\DRIVERS\VIAMRAID.SYS [73600 2004-03-29] (VIA Technologies inc,.ltd) S3 SANDRA; \??\D:\SANDRA.sys [X] S1 SASKUTIL; \??\C:\Program\SUPERAntiSpyware\SASKUTIL.SYS [X] U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation) U1 WS2IFSL; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-04 15:51 - 2014-09-04 15:51 - 00013467 _____ () C:\Documents and Settings\Verkstan\Skrivbord\FRST.txt 2014-09-04 15:50 - 2014-09-04 15:51 - 00000000 ____D () C:\FRST 2014-09-04 15:49 - 2014-09-04 15:49 - 01096704 _____ (Farbar) C:\Documents and Settings\Verkstan\Skrivbord\FRST.exe 2014-09-04 15:39 - 2014-09-04 15:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$ 2014-09-04 15:31 - 2014-09-04 15:31 - 00009968 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-09-04 15:31 - 2014-09-04 15:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2014-09-04 15:31 - 2014-09-04 15:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2014-09-04 15:29 - 2014-09-04 15:30 - 00011586 _____ () C:\WINDOWS\KB2936068-IE8.log 2014-09-04 15:03 - 2014-09-04 15:39 - 00013474 _____ () C:\WINDOWS\KB2922229.log 2014-09-04 15:01 - 2014-09-04 15:31 - 00013016 _____ () C:\WINDOWS\KB2929961.log 2014-09-04 15:00 - 2014-09-04 15:31 - 00013946 _____ () C:\WINDOWS\KB2930275.log 2014-08-11 08:29 - 2014-08-11 08:29 - 00000000 ____D () C:\Program\AskPartnerNetwork 2014-08-11 08:29 - 2014-08-11 08:29 - 00000000 ____D () C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\AskPartnerNetwork 2014-08-11 08:29 - 2014-08-11 08:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork 2014-08-11 08:29 - 2014-08-11 08:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\APN 2014-08-11 08:27 - 2014-08-11 08:27 - 00000000 ____D () C:\Program\Delade filer\Java 2014-08-11 08:27 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-08-11 08:27 - 2014-07-25 12:26 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2014-08-11 08:26 - 2014-08-11 08:26 - 00005737 _____ () C:\WINDOWS\system32\jupdate-1.7.0_67-b01.log 2014-08-11 08:26 - 2014-08-11 08:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Java 2014-08-11 08:26 - 2014-07-25 12:55 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-08-11 08:26 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-08-11 08:26 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-04 15:52 - 2011-03-31 15:10 - 00000000 ____D () C:\Documents and Settings\Verkstan\Lokala inställningar\temp 2014-09-04 15:51 - 2014-09-04 15:51 - 00013467 _____ () C:\Documents and Settings\Verkstan\Skrivbord\FRST.txt 2014-09-04 15:51 - 2014-09-04 15:50 - 00000000 ____D () C:\FRST 2014-09-04 15:51 - 2005-11-19 10:41 - 00000000 ____D () C:\Documents and Settings\Verkstan\Skrivbord 2014-09-04 15:49 - 2014-09-04 15:49 - 01096704 _____ (Farbar) C:\Documents and Settings\Verkstan\Skrivbord\FRST.exe 2014-09-04 15:46 - 2005-08-25 17:23 - 01099968 _____ () C:\WINDOWS\WindowsUpdate.log 2014-09-04 15:45 - 2014-04-18 12:56 - 00000228 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP - Inloggningsmeddelande gällande när tjänsten upphör.job 2014-09-04 15:45 - 2005-11-16 18:17 - 00029204 _____ () C:\WINDOWS\system32\nvapps.xml 2014-09-04 15:45 - 2005-08-25 18:19 - 00000159 _____ () C:\WINDOWS\wiadebug.log 2014-09-04 15:45 - 2005-08-25 18:19 - 00000050 _____ () C:\WINDOWS\wiaservc.log 2014-09-04 15:45 - 2004-08-04 21:00 - 00012598 _____ () C:\WINDOWS\system32\wpa.dbl 2014-09-04 15:44 - 2005-08-25 18:15 - 00123728 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-09-04 15:44 - 2005-08-25 10:29 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-09-04 15:43 - 2005-11-19 10:41 - 00000304 ___SH () C:\Documents and Settings\Verkstan\ntuser.ini 2014-09-04 15:43 - 2005-08-25 17:29 - 00032410 _____ () C:\WINDOWS\SchedLgU.Txt 2014-09-04 15:39 - 2014-09-04 15:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$ 2014-09-04 15:39 - 2014-09-04 15:03 - 00013474 _____ () C:\WINDOWS\KB2922229.log 2014-09-04 15:39 - 2013-10-16 13:21 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-09-04 15:39 - 2005-08-25 18:17 - 03112668 _____ () C:\WINDOWS\FaxSetup.log 2014-09-04 15:39 - 2005-08-25 18:17 - 01514875 _____ () C:\WINDOWS\ocgen.log 2014-09-04 15:39 - 2005-08-25 18:17 - 01448572 _____ () C:\WINDOWS\iis6.log 2014-09-04 15:39 - 2005-08-25 18:17 - 01434001 _____ () C:\WINDOWS\tsoc.log 2014-09-04 15:39 - 2005-08-25 18:17 - 01014555 _____ () C:\WINDOWS\comsetup.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00976032 _____ () C:\WINDOWS\msmqinst.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00617504 _____ () C:\WINDOWS\ntdtcsetup.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00546120 _____ () C:\WINDOWS\netfxocm.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00216760 _____ () C:\WINDOWS\MedCtrOC.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00189298 _____ () C:\WINDOWS\ocmsn.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00156950 _____ () C:\WINDOWS\tabletoc.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00156351 _____ () C:\WINDOWS\msgsocm.log 2014-09-04 15:39 - 2005-08-25 18:17 - 00001355 _____ () C:\WINDOWS\imsins.log 2014-09-04 15:31 - 2014-09-04 15:31 - 00009968 _____ () C:\WINDOWS\KB2964358-IE8.log 2014-09-04 15:31 - 2014-09-04 15:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$ 2014-09-04 15:31 - 2014-09-04 15:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$ 2014-09-04 15:31 - 2014-09-04 15:01 - 00013016 _____ () C:\WINDOWS\KB2929961.log 2014-09-04 15:31 - 2014-09-04 15:00 - 00013946 _____ () C:\WINDOWS\KB2930275.log 2014-09-04 15:31 - 2011-04-15 14:36 - 00000000 ____D () C:\WINDOWS\ie8updates 2014-09-04 15:31 - 2005-08-25 20:28 - 00451470 _____ () C:\WINDOWS\updspapi.log 2014-09-04 15:31 - 2005-08-25 18:17 - 00001355 _____ () C:\WINDOWS\imsins.BAK 2014-09-04 15:30 - 2014-09-04 15:29 - 00011586 _____ () C:\WINDOWS\KB2936068-IE8.log 2014-09-04 15:05 - 2012-04-26 13:18 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-09-04 15:01 - 2012-05-08 15:40 - 00001098 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2086406662-4009647907-3775310342-1006UA.job 2014-09-04 11:01 - 2012-05-08 15:40 - 00001046 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2086406662-4009647907-3775310342-1006Core.job 2014-09-01 14:52 - 2005-11-19 10:41 - 00000000 ___HD () C:\Documents and Settings\Verkstan\Nätverket 2014-08-29 09:12 - 2005-11-19 10:41 - 00000000 ___RD () C:\Documents and Settings\Verkstan\Mina dokument 2014-08-11 08:29 - 2014-08-11 08:29 - 00000000 ____D () C:\Program\AskPartnerNetwork 2014-08-11 08:29 - 2014-08-11 08:29 - 00000000 ____D () C:\Documents and Settings\Verkstan\Lokala inställningar\Application Data\AskPartnerNetwork 2014-08-11 08:29 - 2014-08-11 08:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork 2014-08-11 08:29 - 2014-08-11 08:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\APN 2014-08-11 08:29 - 2005-11-17 02:14 - 00000000 ____D () C:\Program 2014-08-11 08:27 - 2014-08-11 08:27 - 00000000 ____D () C:\Program\Delade filer\Java 2014-08-11 08:27 - 2005-11-17 02:14 - 00000000 ____D () C:\Program\Delade filer 2014-08-11 08:26 - 2014-08-11 08:26 - 00005737 _____ () C:\WINDOWS\system32\jupdate-1.7.0_67-b01.log 2014-08-11 08:26 - 2014-08-11 08:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Java 2014-08-11 08:26 - 2013-12-02 15:40 - 00000000 ____D () C:\Program\Java 2014-08-11 08:26 - 2005-11-17 02:13 - 00000000 ___RD () C:\Documents and Settings\All Users\Start-meny\Program 2014-08-08 15:20 - 2014-04-18 12:56 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP - Månatligt meddelande gällande när tjänsten upphör.job Some content of TEMP: ==================== C:\Documents and Settings\Verkstan\Lokala inställningar\temp\APNSetup.exe C:\Documents and Settings\Verkstan\Lokala inställningar\temp\jre-7u55-windows-i586-iftw.exe C:\Documents and Settings\Verkstan\Lokala inställningar\temp\jre-7u60-windows-i586-iftw.exe C:\Documents and Settings\Verkstan\Lokala inställningar\temp\jre-7u67-windows-i586-iftw.exe C:\Documents and Settings\Verkstan\Lokala inställningar\temp\SSUPDATE.EXE ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ Addition.txt
×
×
  • Skapa nytt...