capturelibservice.exe

[Cecilia]

Finns mappen C:\Program(x86)\BillP Studios\ ?

 

Strunta i WinPatrol och gör resten.

[HUP151]

BillP Studios finns ej. hade krångel med att jag ej var administratör som jag trodde jag var men det löste sig:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:30:45, on 2012-05-24

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe

C:\Program Files (x86)\Free Download Manager\fdm.exe

C:\Program Files (x86)\Personal\bin\Personal.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Windows\Samsung\PanelMgr\SSMMgr.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\BluetoothHeadsetProxy.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=make&s={searchTerms}&f=4

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll

O2 - BHO: Bredbandsbolaget Servicecenter Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: QuickNet - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - (no file)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O4 - HKLM\..\Run: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [TQ566808] "G:\Setup.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [WinPatrol] "C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe" -expressboot

O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [iSUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

O4 - HKCU\..\Run: [bredbandsbolaget Servicecenter] "C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe"

O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe -autorun

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O4 - HKUS\S-1-5-21-3568276641-1655601339-408530589-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')

O4 - HKUS\S-1-5-18\..\Run: [bredbandsbolaget Servicecenter] "C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe" (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [bredbandsbolaget Servicecenter] "C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe" (User 'Default user')

O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program Files (x86)\Personal\bin\Personal.exe

O4 - Global Startup: BTTray.lnk = ?

O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm

O8 - Extra context menu item: Ladda ner allt med Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm

O8 - Extra context menu item: Ladda ner markerat med Free Download Mananger - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm

O8 - Extra context menu item: Ladda ner med Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm

O8 - Extra context menu item: Skicka bild till &Bluetooth-enhet... - C:\Program Files (x86)\btsendto_ie_ctx.htm

O8 - Extra context menu item: Skicka sida till &Bluetooth-enhet... - C:\Program Files (x86)\btsendto_ie.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)

O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)

O9 - Extra button: Skicka till Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files (x86)\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: Skicka till &Bluetooth-enhet... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files (x86)\btsendto_ie.htm

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files (x86)\bin\btwdins.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 12220 bytes

 

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by Hans-Erik at 12:44:53 on 2012-05-24

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.8190.6310 [GMT 2:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe

C:\Program Files (x86)\Free Download Manager\fdm.exe

C:\Program Files (x86)\Personal\bin\Personal.exe

C:\Program Files (x86)\BTTray.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files (x86)\bin\btwdins.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\BtStackServer.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\BluetoothHeadsetProxy.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.se/

uSearch Bar = Preserve

mSearchAssistant = hxxp://start.facemoods.com/?a=make&s={searchTerms}&f=4

mURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

BHO: Free Download Manager: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll

BHO: Bredbandsbolaget Servicecenter Plugin: {db87cde1-ef9c-44eb-a42f-6d0b3c72c516} - C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: QuickNet: {ea5ca8b6-9b9c-4994-a7a1-947b6c631be7} - QuickNet BHO

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [iSUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

uRun: [bredbandsbolaget Servicecenter] "C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe"

uRun: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe -autorun

uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

mRun: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

mRun: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [TQ566808] "G:\Setup.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [WinPatrol] "C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe" -expressboot

mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

dRun: [bredbandsbolaget Servicecenter] "C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BTTray.lnk - C:\Program Files (x86)\BTTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm

IE: Ladda ner allt med Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm

IE: Ladda ner markerat med Free Download Mananger - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm

IE: Ladda ner med Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm

IE: Skicka bild till &Bluetooth-enhet... - C:\Program Files (x86)\btsendto_ie_ctx.htm

IE: Skicka sida till &Bluetooth-enhet... - C:\Program Files (x86)\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files (x86)\btsendto_ie.htm

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{50699D42-3C15-4743-9EBB-83790A8DC9BA} : DhcpNameServer = 195.54.122.199 195.54.122.204

TCP: Interfaces\{C79B9FF2-D717-4EDE-A026-20422E3ECCA7} : DhcpNameServer = 192.168.1.254

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{3049C3E9-B461-4BC5-8870-4C09146192CA}

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{9FDDE16B-836F-4806-AB1F-1455CBEFF289}

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}

{CC59E0F9-7E43-44FA-9FAA-8377850BF205}

{DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7}

TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

mRun-x64: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun-x64: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

mRun-x64: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [TQ566808] "G:\Setup.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [WinPatrol] "C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe" -expressboot

mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files (x86)\btsendto_ie.htm

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Hans-Erik\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\

FF - prefs.js: browser.startup.homepage - www.google.se

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B831769d1-f744-4df3-89b3-41e2e043bf17%7D&mid=138415cee0d826824a409f03b216a359-23554e96296f5bae23a1c811714a2b24e60aca57&ds=AVG&v=8.0.0.40&lang=en&pr=fr&d=2011-10-08%2013%3A48%3A43&sap=ku&q=

FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.17\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl.dll

FF - plugin: C:\Program Files (x86)\Sony\Media Go\npmediago.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]

R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-5-6 2348352]

R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2011-5-10 11576]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys --> C:\Windows\system32\DRIVERS\lv302a64.sys [?]

R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?]

R3 Tdsshbecr;Handelsbanken card reader;C:\Windows\system32\DRIVERS\shbecr.sys --> C:\Windows\system32\DRIVERS\shbecr.sys [?]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-13 257696]

S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\system32\DRIVERS\ggflt.sys --> C:\Windows\system32\DRIVERS\ggflt.sys [?]

S3 NPF;WinPcap Packet Driver (NPF);C:\Windows\system32\drivers\NPF.sys --> C:\Windows\system32\drivers\NPF.sys [?]

S3 PerfHost;Värd för prestandaräknar-DLL;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968]

S3 pwdrvio;pwdrvio;\??\C:\Windows\system32\pwdrvio.sys --> C:\Windows\system32\pwdrvio.sys [?]

S3 pwdspio;pwdspio;\??\C:\Windows\system32\pwdspio.sys --> C:\Windows\system32\pwdspio.sys [?]

S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2011-1-6 155320]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]

S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-3 89920]

S4 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-9-27 74752]

S4 FreemakeVideoCapture;FreemakeVideoCapture;C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [2011-12-10 8704]

S4 IObitUnlocker;IObitUnlocker;C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2011-7-29 35256]

S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" --> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [?]

S4 PuranDefrag;PuranDefrag;"C:\Windows\system32\PuranDefragS.exe" --> C:\Windows\system32\PuranDefragS.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== File Associations ===============

.

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

.

=============== Created Last 30 ================

.

2012-05-24 08:40:21 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{74F92362-929C-444B-B236-022B70091840}

2012-05-24 08:40:11 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{88EC5A12-77E6-475C-B032-B8B5032B5040}

2012-05-23 20:39:46 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{76614299-5A06-4828-948B-8C5EE0577C86}

2012-05-23 20:39:36 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{90F282F9-9CD7-4A9E-ABF1-731AA29FC8C3}

2012-05-23 08:39:24 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{8B74DF5B-AB04-4992-A8E4-D6AD38BFC202}

2012-05-23 08:39:14 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{4E69E8CA-2653-4755-B336-8183E7AC65D8}

2012-05-22 20:38:50 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{D171E0BB-D826-4A84-A28E-491CE41E4E57}

2012-05-22 20:38:40 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{868F9212-AF52-45D3-B271-44C783907102}

2012-05-22 08:38:28 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2DC046AC-6D05-4118-BFE8-2B58FCA72B56}

2012-05-22 08:38:17 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{C3467B4B-8DF4-4543-A4C5-35745D498386}

2012-05-21 20:37:54 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{AAA3FAD9-A896-4CEE-8333-0C7DBD8DC66E}

2012-05-21 20:37:44 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{51EB1E96-DF49-48D1-923D-DAD01E8D15B4}

2012-05-21 08:37:19 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{8F661716-8F5A-45D3-99B7-6C9201FCAA5F}

2012-05-21 08:37:09 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{CE618FF2-D40D-44EB-BD6A-51AF15F911EC}

2012-05-20 20:36:46 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{31378B01-8605-446E-98F8-F1529FCBF2FF}

2012-05-20 20:36:35 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{592248F4-8297-483A-B0A0-A66294E54FBB}

2012-05-20 08:36:23 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{ADBBD994-9F1E-4637-BA36-14891D874DEE}

2012-05-20 08:36:13 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{8084A53F-179B-47F5-9D21-9384061440E1}

2012-05-19 20:35:49 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2B10A032-9DFF-42EE-AA81-655333FE91EC}

2012-05-19 20:35:39 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{E079C280-8B6F-4F66-BCA5-6A13DFF26B91}

2012-05-19 08:35:26 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{991C64DF-3D79-4B82-8E33-CC0FB2716BCB}

2012-05-19 08:35:16 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{40F0BF93-6406-4B3B-AA3E-DAC7140E5AE2}

2012-05-18 20:34:53 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{49A7E28B-CEA3-418C-8803-5DC19AD9BE78}

2012-05-18 20:34:42 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{1087D7AA-984A-4A57-B77C-D05E502E8336}

2012-05-18 08:34:30 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{010D39D7-AC7B-4C07-99B5-9E41E4FAF569}

2012-05-18 08:34:20 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2F1F0528-5FA6-491C-87A4-086277A6B906}

2012-05-17 20:33:55 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{CD83A3B3-8F28-4808-AE8F-148477EA8A03}

2012-05-17 20:33:45 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{870FBCF2-BAD9-407C-8FA3-FCD1CCAA3CE1}

2012-05-17 08:33:22 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{A1978AF5-5529-4514-9C39-FEB7FC1634CE}

2012-05-17 08:33:12 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{0E107D55-8737-44CF-9DCC-95D86BA2CAAE}

2012-05-17 08:14:58 388096 ----a-r- C:\Users\Hans-Erik\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-05-17 07:59:17 -------- d-----w- C:\Program Files (x86)\Trend Micro

2012-05-16 20:32:48 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{DC84D991-A40B-4A1D-960F-504D43C7791B}

2012-05-16 20:32:38 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{D7C1E9AE-FE2B-47B6-92C7-C9D18E79712E}

2012-05-16 08:32:25 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{31AA0FD4-53E3-44CF-9D25-87B88DF10920}

2012-05-16 08:32:15 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{5B61ADBB-7301-49E4-9914-69D1CE58FF1E}

2012-05-15 20:31:51 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{1038DB5D-600F-4A86-A53C-0E400F8088E7}

2012-05-15 20:31:41 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{FAA7DF6F-46CC-4706-8684-3CC73767D332}

2012-05-15 08:31:29 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6351AA1D-3A66-4F26-94E7-EC5D3A478193}

2012-05-15 08:31:19 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{411581CD-A77B-4A41-B8B8-019BBE97983C}

2012-05-14 20:30:55 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{F70B511A-54F8-497D-8548-C4E55EEBFFF4}

2012-05-14 20:30:44 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{A724AF67-3FBF-4AFA-8BBE-9C126F36544C}

2012-05-14 08:30:20 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{FF76351A-3355-47B2-9FC4-1F78D977E6D1}

2012-05-14 08:30:10 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{17E70ADD-155E-434B-9383-1951D32D3069}

2012-05-13 20:29:47 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{63B4FFD5-7840-468A-9DD3-B00691D4C6D4}

2012-05-13 20:29:37 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{4F5279A8-ED81-40FC-A684-039F8763B109}

2012-05-13 08:29:25 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{64A011A9-E929-4DD5-AF4B-B1A6C122CBFA}

2012-05-13 08:29:14 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{F3CA0EDE-955D-421F-95E0-577DE07B98EC}

2012-05-12 20:28:50 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6DF0E081-FB75-4AB4-B10F-92BFF0B1676A}

2012-05-12 20:28:40 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{1EFABB80-B99D-473E-B1D4-24EEBCB5DA2B}

2012-05-12 10:51:58 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-12 10:51:58 2766848 ----a-w- C:\Windows\System32\win32k.sys

2012-05-12 08:28:17 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{0800F66C-1023-4620-BA91-286FD3432876}

2012-05-12 08:28:07 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{EBE4E1A4-CFC5-412C-9787-18E61B8025F9}

2012-05-12 07:56:18 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-05-11 20:27:43 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{C2BE2E6B-5008-480F-B2E3-4205DDD8A6C5}

2012-05-11 20:27:33 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{66ED04A7-8241-499B-96D5-90D0BF29FC80}

2012-05-11 08:27:21 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{59E1BEA6-EC04-407F-A879-5A4B0A08F488}

2012-05-11 08:27:11 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{3B82C0DF-B9CD-4090-BA38-AF01CEB6E7C0}

2012-05-10 20:26:45 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{1DB2062E-1F00-496D-950B-F1DBA015123A}

2012-05-10 20:26:34 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{5A0C0A4B-8165-413E-A35C-1FBF5A33F4AF}

2012-05-10 08:26:23 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{B79415E2-455B-4EFC-B863-6C745E519890}

2012-05-10 08:26:13 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6DFE39EB-4391-4EEA-A842-B464D32E2628}

2012-05-09 20:25:49 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{00EBA73F-B5FF-431D-B333-3B334F72CA23}

2012-05-09 20:25:39 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{D30EE8AA-E7B3-4EE4-9C32-5521AC897363}

2012-05-09 08:25:27 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{E6CFA517-9775-4406-9575-BC1F68170107}

2012-05-09 08:25:16 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{E4847CEE-B039-4720-8E1B-2CE63049FF0E}

2012-05-08 20:24:53 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{F27BBE1D-16CC-4BD4-895D-0F96ABFE9C20}

2012-05-08 20:24:42 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{088D406B-FBE1-4AD6-BCB8-C649581736AE}

2012-05-08 08:24:29 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{9ABA5746-B269-4842-9957-0239D11EBE0D}

2012-05-08 08:24:19 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{C9075035-CAD4-4190-8AB6-941B211606C6}

2012-05-07 20:23:54 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{B6E86E63-520A-4672-BCFD-631A79E5D219}

2012-05-07 20:23:44 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{52535C6A-3D37-40AF-9F7E-BCD06D0BB65A}

2012-05-07 08:23:32 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{9ECA5C43-0CA2-4A4D-AEB4-C226DD5BF13D}

2012-05-07 08:23:21 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{A983C8F3-A267-4AF0-B07C-2EFAC8061FF1}

2012-05-06 20:22:57 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{63B29EB9-BE33-47C8-BAF1-B3FCECBDAADA}

2012-05-06 20:22:47 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{4DD0367A-EB3C-49F2-BA92-53245C02A796}

2012-05-06 08:22:23 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{517ADE73-2B5C-4568-BB2A-82947CFD1955}

2012-05-06 08:22:01 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{D6F2D105-F3CE-4CC1-896E-8E51A3C9B9C1}

2012-05-05 20:21:38 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{A17D31DF-C88F-441D-B538-84170561893E}

2012-05-05 20:21:17 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{CD22C3CD-6130-4428-ACF0-0BC4518697BF}

2012-05-05 08:21:04 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{BA36E1F9-5443-4D30-B63F-E45188B0DDD3}

2012-05-05 08:20:54 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{7D20C516-7469-4A36-A96C-E415C8B80758}

2012-05-04 20:20:30 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{198C0973-723C-4B79-BE23-0409D2F04CD3}

2012-05-04 20:20:19 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{076FA63B-A543-442B-8983-F1497966886E}

2012-05-04 08:20:06 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6B1E5F8D-F147-489F-8A07-46EC1AB0FE76}

2012-05-04 08:19:56 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{05A3B03C-F2AE-41B3-AAAE-0804239500BF}

2012-05-03 20:19:32 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{B70E230C-F500-4E08-9DCB-CD47BBA5A467}

2012-05-03 20:19:22 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{D282D7C3-A14F-4F6E-AC37-CA1ABEE23034}

2012-05-03 08:19:09 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{865A28E9-7DDE-44EA-A96B-19C18FA27586}

2012-05-03 08:18:58 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{B58D8951-B46A-4352-B3A7-E630D2431514}

2012-05-02 20:18:33 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{13B394CE-F17E-41C2-8114-2BFD94CE1BD6}

2012-05-02 20:18:22 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{F7C1680F-F5DD-4050-9FB9-38728A0F0FB8}

2012-05-02 08:18:10 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6562AB47-0215-4EF4-B7DA-44995319C55B}

2012-05-02 08:18:00 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{C72D01AC-0C56-4618-80D3-03D2448C794E}

2012-05-01 20:17:37 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{C20FA90D-5414-4F45-BC2C-DCE696ABFB99}

2012-05-01 20:17:27 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6A007989-78C8-4121-805C-CE4E43AC5AD5}

2012-05-01 08:17:14 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{896F975A-C335-4874-B7EB-4CACDD0437AE}

2012-05-01 08:17:04 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2D964EDD-C631-4E8C-99B7-96EB00218D9D}

2012-04-30 20:16:40 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2B85ADAB-240B-4B48-A80D-9B13F40D5EC4}

2012-04-30 20:16:30 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{82ED73EA-D74F-48CA-A54F-7A930D06B27D}

2012-04-30 08:16:05 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{9B3684E2-BDA3-4163-BEA3-5C6530356B5F}

2012-04-30 08:15:54 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{56870BB1-8916-405D-A169-66BF9EBBDBF6}

2012-04-29 19:56:50 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{FA33D3E7-B3EB-4A51-BA7D-BA4BE396C357}

2012-04-29 19:56:40 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{E9DDF2CF-B8A4-42AA-BBE2-F28CE3693384}

2012-04-29 07:56:28 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{890B820B-6A71-42E0-8AAB-14E0429F5234}

2012-04-29 07:56:18 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{94D3EDB8-C0C1-4594-8CD3-F32375E96203}

2012-04-28 19:55:53 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2BB9B1A7-AA0F-4461-8164-99C2CAF54F77}

2012-04-28 19:55:42 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{A7CF7CBD-D41F-4D28-A661-9BB98DCBBD00}

2012-04-28 07:55:30 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{814FD50A-758B-442A-A2D7-66F9F05BFC51}

2012-04-28 07:55:20 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{9BF84BF7-FBD4-4B08-B6A4-264275ED4788}

2012-04-27 19:54:57 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2D185412-B8A2-4E07-9190-D204A8C7C25F}

2012-04-27 19:54:46 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{9BBF42CC-EB27-4BE2-B928-654003607AFB}

2012-04-27 07:54:34 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{FD07AF82-D250-4E6F-8175-8BB049194CB6}

2012-04-27 07:54:24 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{63A510C0-BF72-4F7C-93F3-7937C17A6DF9}

2012-04-26 19:53:59 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{8613FE92-8F75-445D-896D-5BEB4EA65C25}

2012-04-26 19:53:49 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{43CA548D-48FD-4BB6-9AA4-41E8FAEABA8B}

2012-04-26 07:53:38 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{69AD474F-94BB-4BB8-96CB-64934106BE4A}

2012-04-26 07:53:27 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{666D10CF-3CD9-4F4E-BDBD-C14B10F6B6AB}

2012-04-25 19:53:03 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{E37CFA61-EEC7-4EFD-8AC2-BAF0537D163A}

2012-04-25 19:52:53 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{C4DE5BBF-F0EA-4164-BFFB-074D4A9C14D1}

2012-04-25 07:52:42 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{558BAA33-5A90-4FAB-BB31-D08DDAC3763E}

2012-04-25 07:52:31 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6BE110D5-1D08-4B3F-9FC3-F41A60E1F98C}

2012-04-24 19:52:08 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{D0738A1C-BCA1-496C-9214-C8445858A5D1}

2012-04-24 19:51:57 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{ACC91DD3-B52B-4274-B3A2-55E20FDF8260}

.

==================== Find3M ====================

.

2012-05-23 14:50:02 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-23 14:50:02 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-04-04 13:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-03-30 12:45:03 1422720 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-03-29 14:22:51 40448 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

2012-03-28 07:30:46 22259528 ----a-w- C:\Users\Hans-Erik\vlc-2.0.1-win32.exe

2012-03-20 23:34:30 72576 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2012-03-08 16:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2012-03-08 16:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR

2012-03-02 12:22:02 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-03-01 15:39:45 327680 ----a-w- C:\Windows\System32\d3d10_1core.dll

2012-03-01 15:39:45 196096 ----a-w- C:\Windows\System32\d3d10_1.dll

2012-03-01 14:46:01 219648 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2012-03-01 14:46:01 160768 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2012-02-29 21:00:22 3089728 ----a-w- C:\Windows\System32\nvsvc64.dll

2012-02-29 21:00:09 6074176 ----a-w- C:\Windows\System32\nvcpl.dll

2012-02-29 20:59:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe

2012-02-29 20:59:47 63296 ----a-w- C:\Windows\System32\nvshext.dll

2012-02-29 20:59:47 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll

2012-02-29 20:59:47 118080 ----a-w- C:\Windows\System32\nvmctray.dll

2012-02-29 15:37:41 5632 ----a-w- C:\Windows\System32\wmi.dll

2012-02-29 15:37:38 219136 ----a-w- C:\Windows\System32\wintrust.dll

2012-02-29 15:35:44 78848 ----a-w- C:\Windows\System32\imagehlp.dll

2012-02-29 15:11:45 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-02-29 15:11:42 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-02-29 15:09:53 157696 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-02-29 14:40:31 2002944 ----a-w- C:\Windows\System32\d3d10warp.dll

2012-02-29 14:09:35 834048 ----a-w- C:\Windows\System32\d2d1.dll

2012-02-29 14:08:47 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2012-02-29 14:06:08 1556480 ----a-w- C:\Windows\System32\DWrite.dll

2012-02-29 13:52:46 16384 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-02-29 13:44:50 683008 ----a-w- C:\Windows\SysWow64\d2d1.dll

2012-02-29 13:41:40 1069056 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll

2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll

2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2009-09-03 12:12:07 75447 ----a-w- C:\Program Files (x86)\Uninstal.exe

2007-02-27 09:04:48 42288 ----a-w- C:\Program Files (x86)\AdminUtils.exe

2007-02-27 09:04:48 14640 ----a-w- C:\Program Files (x86)\BluetoothHeadsetProxy.exe

2007-02-27 09:04:46 102704 ----a-w- C:\Program Files (x86)\BtwHtmlPrint.exe

2007-02-27 09:04:44 982320 ----a-w- C:\Program Files (x86)\BTTray.exe

2007-02-27 09:04:42 2140464 ----a-w- C:\Program Files (x86)\BTStackServer.exe

2007-02-27 09:04:40 227120 ----a-w- C:\Program Files (x86)\btsendto_explorer.exe

2007-02-25 23:57:26 133632 ----a-w- C:\Program Files (x86)\BtBalloon.dll

2007-02-25 21:07:18 321024 ----a-w- C:\Program Files (x86)\btsendto_visio2k.vsl

2003-05-29 10:53:30 91648 ----a-w- C:\Program Files (x86)\gzip.exe

.

============= FINISH: 12:45:26,64 ===============

[Cecilia]

facemods är fortfarande där trots fixandet i HijackThis så det behövs något kraftfullare program.

 

Spara ComboFix på Skrivbordet: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram, men lämna brandväggen på.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

Kör ComboFix och följ anvisningarna som visas.

Om det kommer upp en fråga om du vill installera återställningskonsolen så svara Ja.

Mer detaljerad vägledning finns på http://www.bleepingcomputer.com/combofix/se/hur-combofix-ska-anvandas

 

Om det kommer upp något meddelande, t ex att ett rootkit har hittats, från ComboFix skriv ner det och skriv det sedan i ditt svar.

 

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när det körs eftersom så det kan hänga upp sig då.

 

När ComboFix är färdig ska en logg komma upp, klistra in den i ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet.

 

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.

[HUP151]

blir lite "nervklen" när jag ser allt detta om ComboFix. har gjort om hela förfarandet med högerklickning på highjackthis-exe-filen och kört som administatör - det krånglade med det tidigare - har nu fått följande dds.text där jag nu inte hittar facemods eller ser jag dåligt. betr frammake kan jag inte ladda ner på nytt utifall där finns en uninstall-fil? om du hittar facemods ser jag mig tvungen att vänta tills min son kommer på besök - han får nog göra combo-fixen också.

 

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31

Run by Hans-Erik at 10:37:24 on 2012-05-25

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.8190.6439 [GMT 2:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe

C:\Program Files (x86)\Free Download Manager\fdm.exe

C:\Program Files (x86)\Personal\bin\Personal.exe

C:\Program Files (x86)\BTTray.exe

C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Windows\Samsung\PanelMgr\SSMMgr.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\Samsung\PanelMgr\caller64.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files (x86)\bin\btwdins.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Windows\System32\mobsync.exe

C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\BtStackServer.exe

C:\Program Files (x86)\BluetoothHeadsetProxy.exe

C:\Windows\sysWOW64\wbem\wmiprvse.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.se/

uSearch Bar = Preserve

mURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

BHO: Free Download Manager: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll

BHO: Bredbandsbolaget Servicecenter Plugin: {db87cde1-ef9c-44eb-a42f-6d0b3c72c516} - C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\IEFixItNowPlugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: QuickNet: {ea5ca8b6-9b9c-4994-a7a1-947b6c631be7} - QuickNet BHO

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [iSUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

uRun: [bredbandsbolaget Servicecenter] "C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe"

uRun: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe -autorun

uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe

mRun: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

mRun: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [TQ566808] "G:\Setup.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [WinPatrol] "C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe" -expressboot

mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

dRun: [bredbandsbolaget Servicecenter] "C:\Program Files (x86)\Bredbandsbolaget\Servicecenter\Bredbandsbolaget.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BTTray.lnk - C:\Program Files (x86)\BTTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm

IE: Ladda ner allt med Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm

IE: Ladda ner markerat med Free Download Mananger - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm

IE: Ladda ner med Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm

IE: Skicka bild till &Bluetooth-enhet... - C:\Program Files (x86)\btsendto_ie_ctx.htm

IE: Skicka sida till &Bluetooth-enhet... - C:\Program Files (x86)\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files (x86)\btsendto_ie.htm

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{50699D42-3C15-4743-9EBB-83790A8DC9BA} : DhcpNameServer = 195.54.122.199 195.54.122.204

TCP: Interfaces\{C79B9FF2-D717-4EDE-A026-20422E3ECCA7} : DhcpNameServer = 192.168.1.254

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{3049C3E9-B461-4BC5-8870-4C09146192CA}

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{9FDDE16B-836F-4806-AB1F-1455CBEFF289}

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}

{CC59E0F9-7E43-44FA-9FAA-8377850BF205}

{DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7}

TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

mRun-x64: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun-x64: [iSUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start

mRun-x64: [samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [TQ566808] "G:\Setup.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [WinPatrol] "C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe" -expressboot

mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files (x86)\btsendto_ie.htm

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Hans-Erik\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\

FF - prefs.js: browser.startup.homepage - www.google.se

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B831769d1-f744-4df3-89b3-41e2e043bf17%7D&mid=138415cee0d826824a409f03b216a359-23554e96296f5bae23a1c811714a2b24e60aca57&ds=AVG&v=8.0.0.40&lang=en&pr=fr&d=2011-10-08%2013%3A48%3A43&sap=ku&q=

FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.17\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl.dll

FF - plugin: C:\Program Files (x86)\Sony\Media Go\npmediago.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]

R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\system32\Drivers\SmartDefragDriver.sys --> C:\Windows\system32\Drivers\SmartDefragDriver.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-5-6 2348352]

R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2011-5-10 11576]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 lvpepf64;Volume Adapter;C:\Windows\system32\DRIVERS\lv302a64.sys --> C:\Windows\system32\DRIVERS\lv302a64.sys [?]

R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\system32\drivers\LVUSBS64.sys --> C:\Windows\system32\drivers\LVUSBS64.sys [?]

R3 Tdsshbecr;Handelsbanken card reader;C:\Windows\system32\DRIVERS\shbecr.sys --> C:\Windows\system32\DRIVERS\shbecr.sys [?]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-13 257696]

S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\system32\DRIVERS\ggflt.sys --> C:\Windows\system32\DRIVERS\ggflt.sys [?]

S3 NPF;WinPcap Packet Driver (NPF);C:\Windows\system32\drivers\NPF.sys --> C:\Windows\system32\drivers\NPF.sys [?]

S3 PerfHost;Värd för prestandaräknar-DLL;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968]

S3 pwdrvio;pwdrvio;\??\C:\Windows\system32\pwdrvio.sys --> C:\Windows\system32\pwdrvio.sys [?]

S3 pwdspio;pwdspio;\??\C:\Windows\system32\pwdspio.sys --> C:\Windows\system32\pwdspio.sys [?]

S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2011-1-6 155320]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]

S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-3 89920]

S4 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2011-9-27 74752]

S4 FreemakeVideoCapture;FreemakeVideoCapture;"C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe" --> C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [?]

S4 IObitUnlocker;IObitUnlocker;C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [2011-7-29 35256]

S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" --> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [?]

S4 PuranDefrag;PuranDefrag;"C:\Windows\system32\PuranDefragS.exe" --> C:\Windows\system32\PuranDefragS.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== File Associations ===============

.

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

.

=============== Created Last 30 ================

.

2012-05-24 20:40:54 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{0EBD3CA0-EF47-4CD3-8E14-A30628FDB0D7}

2012-05-24 20:40:44 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{A7A1DAB7-15E4-4503-A0C7-25E7900B7269}

2012-05-24 08:40:21 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{74F92362-929C-444B-B236-022B70091840}

2012-05-24 08:40:11 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{88EC5A12-77E6-475C-B032-B8B5032B5040}

2012-05-23 20:39:46 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{76614299-5A06-4828-948B-8C5EE0577C86}

2012-05-23 20:39:36 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{90F282F9-9CD7-4A9E-ABF1-731AA29FC8C3}

2012-05-23 08:39:24 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{8B74DF5B-AB04-4992-A8E4-D6AD38BFC202}

2012-05-23 08:39:14 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{4E69E8CA-2653-4755-B336-8183E7AC65D8}

2012-05-22 20:38:50 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{D171E0BB-D826-4A84-A28E-491CE41E4E57}

2012-05-22 20:38:40 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{868F9212-AF52-45D3-B271-44C783907102}

2012-05-22 08:38:28 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2DC046AC-6D05-4118-BFE8-2B58FCA72B56}

2012-05-22 08:38:17 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{C3467B4B-8DF4-4543-A4C5-35745D498386}

2012-05-21 20:37:54 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{AAA3FAD9-A896-4CEE-8333-0C7DBD8DC66E}

2012-05-21 20:37:44 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{51EB1E96-DF49-48D1-923D-DAD01E8D15B4}

2012-05-21 08:37:19 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{8F661716-8F5A-45D3-99B7-6C9201FCAA5F}

2012-05-21 08:37:09 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{CE618FF2-D40D-44EB-BD6A-51AF15F911EC}

2012-05-20 20:36:46 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{31378B01-8605-446E-98F8-F1529FCBF2FF}

2012-05-20 20:36:35 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{592248F4-8297-483A-B0A0-A66294E54FBB}

2012-05-20 08:36:23 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{ADBBD994-9F1E-4637-BA36-14891D874DEE}

2012-05-20 08:36:13 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{8084A53F-179B-47F5-9D21-9384061440E1}

2012-05-19 20:35:49 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2B10A032-9DFF-42EE-AA81-655333FE91EC}

2012-05-19 20:35:39 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{E079C280-8B6F-4F66-BCA5-6A13DFF26B91}

2012-05-19 08:35:26 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{991C64DF-3D79-4B82-8E33-CC0FB2716BCB}

2012-05-19 08:35:16 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{40F0BF93-6406-4B3B-AA3E-DAC7140E5AE2}

2012-05-18 20:34:53 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{49A7E28B-CEA3-418C-8803-5DC19AD9BE78}

2012-05-18 20:34:42 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{1087D7AA-984A-4A57-B77C-D05E502E8336}

2012-05-18 08:34:30 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{010D39D7-AC7B-4C07-99B5-9E41E4FAF569}

2012-05-18 08:34:20 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2F1F0528-5FA6-491C-87A4-086277A6B906}

2012-05-17 20:33:55 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{CD83A3B3-8F28-4808-AE8F-148477EA8A03}

2012-05-17 20:33:45 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{870FBCF2-BAD9-407C-8FA3-FCD1CCAA3CE1}

2012-05-17 08:33:22 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{A1978AF5-5529-4514-9C39-FEB7FC1634CE}

2012-05-17 08:33:12 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{0E107D55-8737-44CF-9DCC-95D86BA2CAAE}

2012-05-17 08:14:58 388096 ----a-r- C:\Users\Hans-Erik\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-05-17 07:59:17 -------- d-----w- C:\Program Files (x86)\Trend Micro

2012-05-16 20:32:48 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{DC84D991-A40B-4A1D-960F-504D43C7791B}

2012-05-16 20:32:38 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{D7C1E9AE-FE2B-47B6-92C7-C9D18E79712E}

2012-05-16 08:32:25 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{31AA0FD4-53E3-44CF-9D25-87B88DF10920}

2012-05-16 08:32:15 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{5B61ADBB-7301-49E4-9914-69D1CE58FF1E}

2012-05-15 20:31:51 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{1038DB5D-600F-4A86-A53C-0E400F8088E7}

2012-05-15 20:31:41 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{FAA7DF6F-46CC-4706-8684-3CC73767D332}

2012-05-15 08:31:29 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6351AA1D-3A66-4F26-94E7-EC5D3A478193}

2012-05-15 08:31:19 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{411581CD-A77B-4A41-B8B8-019BBE97983C}

2012-05-14 20:30:55 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{F70B511A-54F8-497D-8548-C4E55EEBFFF4}

2012-05-14 20:30:44 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{A724AF67-3FBF-4AFA-8BBE-9C126F36544C}

2012-05-14 08:30:20 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{FF76351A-3355-47B2-9FC4-1F78D977E6D1}

2012-05-14 08:30:10 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{17E70ADD-155E-434B-9383-1951D32D3069}

2012-05-13 20:29:47 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{63B4FFD5-7840-468A-9DD3-B00691D4C6D4}

2012-05-13 20:29:37 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{4F5279A8-ED81-40FC-A684-039F8763B109}

2012-05-13 08:29:25 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{64A011A9-E929-4DD5-AF4B-B1A6C122CBFA}

2012-05-13 08:29:14 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{F3CA0EDE-955D-421F-95E0-577DE07B98EC}

2012-05-12 20:28:50 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6DF0E081-FB75-4AB4-B10F-92BFF0B1676A}

2012-05-12 20:28:40 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{1EFABB80-B99D-473E-B1D4-24EEBCB5DA2B}

2012-05-12 10:51:58 4699520 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-12 10:51:58 2766848 ----a-w- C:\Windows\System32\win32k.sys

2012-05-12 08:28:17 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{0800F66C-1023-4620-BA91-286FD3432876}

2012-05-12 08:28:07 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{EBE4E1A4-CFC5-412C-9787-18E61B8025F9}

2012-05-12 07:56:18 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-05-11 20:27:43 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{C2BE2E6B-5008-480F-B2E3-4205DDD8A6C5}

2012-05-11 20:27:33 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{66ED04A7-8241-499B-96D5-90D0BF29FC80}

2012-05-11 08:27:21 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{59E1BEA6-EC04-407F-A879-5A4B0A08F488}

2012-05-11 08:27:11 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{3B82C0DF-B9CD-4090-BA38-AF01CEB6E7C0}

2012-05-10 20:26:45 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{1DB2062E-1F00-496D-950B-F1DBA015123A}

2012-05-10 20:26:34 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{5A0C0A4B-8165-413E-A35C-1FBF5A33F4AF}

2012-05-10 08:26:23 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{B79415E2-455B-4EFC-B863-6C745E519890}

2012-05-10 08:26:13 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6DFE39EB-4391-4EEA-A842-B464D32E2628}

2012-05-09 20:25:49 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{00EBA73F-B5FF-431D-B333-3B334F72CA23}

2012-05-09 20:25:39 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{D30EE8AA-E7B3-4EE4-9C32-5521AC897363}

2012-05-09 08:25:27 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{E6CFA517-9775-4406-9575-BC1F68170107}

2012-05-09 08:25:16 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{E4847CEE-B039-4720-8E1B-2CE63049FF0E}

2012-05-08 20:24:53 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{F27BBE1D-16CC-4BD4-895D-0F96ABFE9C20}

2012-05-08 20:24:42 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{088D406B-FBE1-4AD6-BCB8-C649581736AE}

2012-05-08 08:24:29 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{9ABA5746-B269-4842-9957-0239D11EBE0D}

2012-05-08 08:24:19 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{C9075035-CAD4-4190-8AB6-941B211606C6}

2012-05-07 20:23:54 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{B6E86E63-520A-4672-BCFD-631A79E5D219}

2012-05-07 20:23:44 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{52535C6A-3D37-40AF-9F7E-BCD06D0BB65A}

2012-05-07 08:23:32 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{9ECA5C43-0CA2-4A4D-AEB4-C226DD5BF13D}

2012-05-07 08:23:21 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{A983C8F3-A267-4AF0-B07C-2EFAC8061FF1}

2012-05-06 20:22:57 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{63B29EB9-BE33-47C8-BAF1-B3FCECBDAADA}

2012-05-06 20:22:47 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{4DD0367A-EB3C-49F2-BA92-53245C02A796}

2012-05-06 08:22:23 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{517ADE73-2B5C-4568-BB2A-82947CFD1955}

2012-05-06 08:22:01 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{D6F2D105-F3CE-4CC1-896E-8E51A3C9B9C1}

2012-05-05 20:21:38 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{A17D31DF-C88F-441D-B538-84170561893E}

2012-05-05 20:21:17 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{CD22C3CD-6130-4428-ACF0-0BC4518697BF}

2012-05-05 08:21:04 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{BA36E1F9-5443-4D30-B63F-E45188B0DDD3}

2012-05-05 08:20:54 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{7D20C516-7469-4A36-A96C-E415C8B80758}

2012-05-04 20:20:30 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{198C0973-723C-4B79-BE23-0409D2F04CD3}

2012-05-04 20:20:19 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{076FA63B-A543-442B-8983-F1497966886E}

2012-05-04 08:20:06 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6B1E5F8D-F147-489F-8A07-46EC1AB0FE76}

2012-05-04 08:19:56 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{05A3B03C-F2AE-41B3-AAAE-0804239500BF}

2012-05-03 20:19:32 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{B70E230C-F500-4E08-9DCB-CD47BBA5A467}

2012-05-03 20:19:22 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{D282D7C3-A14F-4F6E-AC37-CA1ABEE23034}

2012-05-03 08:19:09 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{865A28E9-7DDE-44EA-A96B-19C18FA27586}

2012-05-03 08:18:58 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{B58D8951-B46A-4352-B3A7-E630D2431514}

2012-05-02 20:18:33 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{13B394CE-F17E-41C2-8114-2BFD94CE1BD6}

2012-05-02 20:18:22 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{F7C1680F-F5DD-4050-9FB9-38728A0F0FB8}

2012-05-02 08:18:10 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6562AB47-0215-4EF4-B7DA-44995319C55B}

2012-05-02 08:18:00 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{C72D01AC-0C56-4618-80D3-03D2448C794E}

2012-05-01 20:17:37 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{C20FA90D-5414-4F45-BC2C-DCE696ABFB99}

2012-05-01 20:17:27 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{6A007989-78C8-4121-805C-CE4E43AC5AD5}

2012-05-01 08:17:14 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{896F975A-C335-4874-B7EB-4CACDD0437AE}

2012-05-01 08:17:04 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2D964EDD-C631-4E8C-99B7-96EB00218D9D}

2012-04-30 20:16:40 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2B85ADAB-240B-4B48-A80D-9B13F40D5EC4}

2012-04-30 20:16:30 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{82ED73EA-D74F-48CA-A54F-7A930D06B27D}

2012-04-30 08:16:05 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{9B3684E2-BDA3-4163-BEA3-5C6530356B5F}

2012-04-30 08:15:54 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{56870BB1-8916-405D-A169-66BF9EBBDBF6}

2012-04-29 19:56:50 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{FA33D3E7-B3EB-4A51-BA7D-BA4BE396C357}

2012-04-29 19:56:40 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{E9DDF2CF-B8A4-42AA-BBE2-F28CE3693384}

2012-04-29 07:56:28 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{890B820B-6A71-42E0-8AAB-14E0429F5234}

2012-04-29 07:56:18 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{94D3EDB8-C0C1-4594-8CD3-F32375E96203}

2012-04-28 19:55:53 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2BB9B1A7-AA0F-4461-8164-99C2CAF54F77}

2012-04-28 19:55:42 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{A7CF7CBD-D41F-4D28-A661-9BB98DCBBD00}

2012-04-28 07:55:30 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{814FD50A-758B-442A-A2D7-66F9F05BFC51}

2012-04-28 07:55:20 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{9BF84BF7-FBD4-4B08-B6A4-264275ED4788}

2012-04-27 19:54:57 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{2D185412-B8A2-4E07-9190-D204A8C7C25F}

2012-04-27 19:54:46 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{9BBF42CC-EB27-4BE2-B928-654003607AFB}

2012-04-27 07:54:34 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{FD07AF82-D250-4E6F-8175-8BB049194CB6}

2012-04-27 07:54:24 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{63A510C0-BF72-4F7C-93F3-7937C17A6DF9}

2012-04-26 19:53:59 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{8613FE92-8F75-445D-896D-5BEB4EA65C25}

2012-04-26 19:53:49 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{43CA548D-48FD-4BB6-9AA4-41E8FAEABA8B}

2012-04-26 07:53:38 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{69AD474F-94BB-4BB8-96CB-64934106BE4A}

2012-04-26 07:53:27 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{666D10CF-3CD9-4F4E-BDBD-C14B10F6B6AB}

2012-04-25 19:53:03 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{E37CFA61-EEC7-4EFD-8AC2-BAF0537D163A}

2012-04-25 19:52:53 -------- d-----w- C:\Users\Hans-Erik\AppData\Local\{C4DE5BBF-F0EA-4164-BFFB-074D4A9C14D1}

.

==================== Find3M ====================

.

2012-05-23 14:50:02 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-05-23 14:50:02 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-04-04 13:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-03-30 12:45:03 1422720 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2012-03-29 14:22:51 40448 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

2012-03-28 07:30:46 22259528 ----a-w- C:\Users\Hans-Erik\vlc-2.0.1-win32.exe

2012-03-20 23:34:30 72576 ----a-w- C:\Windows\System32\drivers\partmgr.sys

2012-03-08 16:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2012-03-08 16:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR

2012-03-02 12:22:02 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2012-03-01 15:39:45 327680 ----a-w- C:\Windows\System32\d3d10_1core.dll

2012-03-01 15:39:45 196096 ----a-w- C:\Windows\System32\d3d10_1.dll

2012-03-01 14:46:01 219648 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2012-03-01 14:46:01 160768 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2012-02-29 21:00:22 3089728 ----a-w- C:\Windows\System32\nvsvc64.dll

2012-02-29 21:00:09 6074176 ----a-w- C:\Windows\System32\nvcpl.dll

2012-02-29 20:59:47 889664 ----a-w- C:\Windows\System32\nvvsvc.exe

2012-02-29 20:59:47 63296 ----a-w- C:\Windows\System32\nvshext.dll

2012-02-29 20:59:47 2561856 ----a-w- C:\Windows\System32\nvsvcr.dll

2012-02-29 20:59:47 118080 ----a-w- C:\Windows\System32\nvmctray.dll

2012-02-29 15:37:41 5632 ----a-w- C:\Windows\System32\wmi.dll

2012-02-29 15:37:38 219136 ----a-w- C:\Windows\System32\wintrust.dll

2012-02-29 15:35:44 78848 ----a-w- C:\Windows\System32\imagehlp.dll

2012-02-29 15:11:45 5120 ----a-w- C:\Windows\SysWow64\wmi.dll

2012-02-29 15:11:42 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll

2012-02-29 15:09:53 157696 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2012-02-29 14:40:31 2002944 ----a-w- C:\Windows\System32\d3d10warp.dll

2012-02-29 14:09:35 834048 ----a-w- C:\Windows\System32\d2d1.dll

2012-02-29 14:08:47 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2012-02-29 14:06:08 1556480 ----a-w- C:\Windows\System32\DWrite.dll

2012-02-29 13:52:46 16384 ----a-w- C:\Windows\System32\drivers\fs_rec.sys

2012-02-29 13:44:50 683008 ----a-w- C:\Windows\SysWow64\d2d1.dll

2012-02-29 13:41:40 1069056 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll

2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll

2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2009-09-03 12:12:07 75447 ----a-w- C:\Program Files (x86)\Uninstal.exe

2007-02-27 09:04:48 42288 ----a-w- C:\Program Files (x86)\AdminUtils.exe

2007-02-27 09:04:48 14640 ----a-w- C:\Program Files (x86)\BluetoothHeadsetProxy.exe

2007-02-27 09:04:46 102704 ----a-w- C:\Program Files (x86)\BtwHtmlPrint.exe

2007-02-27 09:04:44 982320 ----a-w- C:\Program Files (x86)\BTTray.exe

2007-02-27 09:04:42 2140464 ----a-w- C:\Program Files (x86)\BTStackServer.exe

2007-02-27 09:04:40 227120 ----a-w- C:\Program Files (x86)\btsendto_explorer.exe

2007-02-25 23:57:26 133632 ----a-w- C:\Program Files (x86)\BtBalloon.dll

2007-02-25 21:07:18 321024 ----a-w- C:\Program Files (x86)\btsendto_visio2k.vsl

2003-05-29 10:53:30 91648 ----a-w- C:\Program Files (x86)\gzip.exe

.

============= FINISH: 10:38:09,43 ===============

[Cecilia]

Bra!

 

Då tycker jag att du gör så här som nästa steg:

Klicka på start-knappen.

I det lilla sökfältet skriver du in: msconfig

Starta programmet när det kommer upp i listan ovanför.

 

Ta fram fliken Autostart.

Leta upp de två rader som innehåller texten: G:\Setup.exe

Ta bort bocken som finns framför de två raderna.

Leta upp de två rader som innehåller texten: WinPatrol

Ta bort bocken som finns framför de två raderna.

 

Klicka på OK.

 

Starta om datorn.

När Skrivbordet kommer upp, så kommer ett meddelande att visas om att du har ändrat systemkonfigurationen.

Bocka i den lilla rutan innan du klickar på OK.

 

Nu kan du ta bort FreeMake-mappen om du vill, men den ställer inte till med något även om den finns kvar.

[HUP151]

G:\Setup finns ej, Winpatrol finns med 1 markerad och 1 omarkerad ruta, finns för mig okända WMPNSCFG - som tydligen har med mediadelning att göra och den vill jag ha kvar i så fall - men sen finns också TQ566808 och ROC_roc_dec12 som förbryllar lite när jag googlat på dem, kanske har nåt med mitt problem att göra? har inte åtgärdat nåt än utan endast konstaterat vad som finns av okända program på autostart. en bluetooth finns med som jag tänker ta bort eftersom jag aldrig fått den att funka - har en bluetooth som är ok i min nya laptop.

[Cecilia]

Avmarkera även den andra raden med Winpatrol.

 

På samma rad som TQ566808 ska det stå "G:\Setup.exe" fast i en annan kolumn. Så de ska avmarkeras.

 

ROC_roc_dec12 har med AVG att göra, så den ska fortsätta att vara markerad.

[HUP151]

ok anvisningarna enkla att följa - G:\Setup.exe fanns där och avbockad liksom övriga. efter omstart får jag inget meddelande på skrivbordet att jag ändrat systemkonfigurationen. kollade msconfig igen och allt är avbockat som du instruerat. under rubriken Systemkonfiguration har selektiv start blåmarkerad ruta och därefter är "läs in systemtjänster" förbockad och och rutan vid "Läs in autostartobjekt" är blåmarkerad.

[Cecilia]

Utmärkt!

 

Tycker du att den här tråden är avslutad nu eller är det något mer?

[HUP151]

det blev ju nästan en lång Ariadne-tråd här - känns riktigt bra för mig just nu med allt nytt jag lärt mig - stort tack Cecilia!

[Cecilia]

Ingen orsak och bra att du känner dig nöjd.