Just nu i M3-nätverket
Gå till innehåll
Tobbe_890

LÖST Speedupmycomputor

Rekommendera Poster

Tobbe_890

Är det någon som vet hur man tar bort ett program som heter "Speedupmycomputor" från SmartTweek Software Inc. Går inte avinstallera genom att gå in i kontrollpanelen och Program och funktioner och välja avinstallera. På nätet finns program som sägs ta bort detta program men jag litar inte på dem.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Alldeles rätt att vara försiktig med råd du hittar på nätet, det finns mycket falsk information där.

 

Vad händer när du försöker avinstallera programmet?

 

Låt oss se hur det ser ut i din dator. Ladda ner Farbar Recovery Scan Tool (FRST) och spara på skrivbordet.
För 64-bitars Windows: http://download.bleepingcomputer.com/farbar/FRST64.exe
För 32-bitars Windows: http://download.bleepingcomputer.com/farbar/FRST.exe

Starta FRST.
Läs villkoren för programmet.
Klicka på Yes för att acceptera.
Klicka på Scan-knappen.
När det är klart kommer det att ha skapats två loggar FRST.txt och Addition.txt på skrivbordet.
Om du använder en annan webbläsare än Internet Explorer 11, klistra in innehållet i FRST.txt direkt i ditt svar och bifoga Addition.txt.
Om du använder Internet Explorer 11, får du bifoga båda loggarna till ditt svar.
Klicka på Använd fullständig editor för att se hur du bifogar filer.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Tobbe_890

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014

Ran by Torbjörn (administrator) on DATORTOBBE on 08-02-2014 18:46:59

Running from D:\Downloads

Windows 8 (X64) OS Language: Swedish

Internet Explorer Version 10

Boot Mode: Normal

 

The only official download link for FRST:

 

==================== Processes (Whitelisted) =================

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe

() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe

(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe

(Canon Inc.) C:\Program Files (x86)\Canon\CAL\CALMAIN.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Smart Cooling\AsSmartCoolingService.exe

(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Microsoft Corporation) C:\Users\Torbjörn\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe

() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe

() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe

(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe

(Dropbox, Inc.) C:\Users\Torbjörn\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Farbar) D:\Downloads\FRST64 (1).exe

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)

HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

HKLM\...\Run: [shadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)

HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)

HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ASUS Easy Update] - C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [195200 2012-05-24] (ASUSTeK Computer Inc.)

HKLM-x32\...\Run: [ASUS Ai Charger] - C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-06] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)

HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)

HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [spotify Web Helper] - C:\Users\Torbjörn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-15] (Spotify Ltd)

HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [skyDrive] - C:\Users\Torbjörn\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2014-01-04] (Microsoft Corporation)

HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [updateMyDrivers] - C:\Program Files (x86)\SmartTweak\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss

HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [speedUpMyComputer] - C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe [2054776 2013-07-22] ()

HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [spotify] - C:\Users\Torbjörn\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-15] (Spotify Ltd)

HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [FixMyRegistry] - C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss

HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)

HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\MountPoints2: {633ff7e9-5461-11e3-be7c-60a44ce69aa8} - "F:\Startme.exe" 

HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\MountPoints2: {879b3b65-9be8-11e2-be6a-806e6f6e6963} - "E:\Installer_Windows.exe" 

Startup: C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Torbjörn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX&q={searchTerms}

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX&q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com/web/?type=ds&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com/web/?type=ds&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX&q={searchTerms}

StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com/?type=sc&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX

SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX&q={searchTerms}

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS

SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX&q={searchTerms}

SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX&q={searchTerms}

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS

SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.nationzoom.com/web/?type=ds&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX&q={searchTerms}

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear

BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)

BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)

BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)

BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)

BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)

BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)

Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)

Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)

Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\Torbjörn\AppData\Roaming\Mozilla\Firefox\Profiles\xu8dg0u6.default

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Torbjörn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml

FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF

FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014-01-04]

FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\

FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\ []

FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi

FF Extension: Wajam - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013-12-09]

 

Chrome: 

=======

CHR Extension: (Wajam) - C:\Users\Torbjörn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2014-01-10]

CHR Extension: (Google Wallet) - C:\Users\Torbjörn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-04]

CHR Extension: (Norton Identity Protection) - C:\Users\Torbjörn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-01-04]

CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Torbjörn\AppData\Local\Wajam\Chrome\wajam.crx [2013-12-13]

CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-01-21]

 

==================== Services (Whitelisted) =================

 

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()

R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)

R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-08-16] (ASUSTeK Computer Inc.)

R2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [86606 2005-06-02] (Canon Inc.)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe [262288 2013-10-08] (Symantec Corporation)

R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)

R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248704 2013-01-25] ()

R2 WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [114176 2013-11-01] (Wajam)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [499856 2014-01-10] (Cherished Technololgy LIMITED)

 

==================== Drivers (Whitelisted) ====================

 

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-23] (ASUSTek Computer Inc.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()

R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()

R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )

R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)

R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)

R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)

R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-03] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-03] (Symantec Corporation)

R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140207.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)

R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140207.020\ENG64.SYS [126040 2014-01-03] (Symantec Corporation)

R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140207.020\EX64.SYS [2099288 2014-01-03] (Symantec Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)

R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)

R3 SRTSP; C:\Windows\system32\drivers\NAVx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)

R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)

R0 SymDS; C:\Windows\System32\drivers\NAVx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)

R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)

S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1501000.012\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)

R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-04] (Symantec Corporation)

R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)

R1 SymNetS; C:\Windows\system32\drivers\NAVx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)

S3 Tdsshbecr; C:\Windows\system32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-02-08 18:46 - 2014-02-08 18:46 - 00000000 ____D () C:\FRST

2014-02-08 18:13 - 2014-02-08 18:13 - 00297976 _____ () C:\WINDOWS\Minidump\020814-31218-01.dmp

2014-02-08 14:52 - 2014-02-08 14:53 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Sony

2014-02-08 14:52 - 2014-02-08 14:52 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Downloaded Installations

2014-02-08 14:52 - 2014-02-08 14:52 - 00000000 ____D () C:\ProgramData\Sony Corporation

2014-02-08 14:51 - 2014-02-08 14:52 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Sony

2014-02-08 14:51 - 2014-02-08 14:52 - 00000000 ____D () C:\Program Files (x86)\Sony Media Go Install

2014-02-08 14:50 - 2014-02-08 14:56 - 00340910 _____ () C:\WINDOWS\DPINST.LOG

2014-02-08 14:50 - 2014-02-08 14:52 - 00000000 ____D () C:\Program Files (x86)\Sony

2014-02-08 14:50 - 2014-02-08 14:50 - 00000000 ____D () C:\ProgramData\Sony

2014-02-06 15:53 - 2014-02-06 15:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-02-05 20:01 - 2014-02-06 09:28 - 00000080 _____ () C:\Users\Torbjörn\AppData\Local\X-Plane Installer.prf

2014-02-05 18:10 - 2014-02-05 18:10 - 00000024 _____ () C:\Users\Torbjörn\AppData\Local\x-plane_install_10.txt

2014-02-05 18:07 - 2014-02-08 17:47 - 00000073 _____ () C:\Users\Torbjörn\AppData\Local\X-Plane_drm.prf

2014-02-04 19:20 - 2014-02-04 19:20 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Realtime Soft

2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Realtime Soft

2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\ProgramData\Realtime Soft

2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\Program Files\UltraMon

2014-01-29 18:48 - 2014-01-29 18:48 - 00005380 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-29 14:11 - 2014-01-29 14:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive

2014-01-29 14:11 - 2014-01-29 14:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2014-01-29 14:11 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll

2014-01-29 14:11 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll

2014-01-29 10:54 - 2014-01-29 10:54 - 00000000 ____D () C:\Users\AA\AppData\Roaming\Macromedia

2014-01-29 10:51 - 2014-01-29 10:51 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

2014-01-29 10:45 - 2014-01-29 10:45 - 00000000 ____D () C:\Users\AA\AppData\Local\Google

2014-01-29 10:45 - 2014-01-29 10:45 - 00000000 ____D () C:\Users\AA\AppData\Local\CrashDumps

2014-01-29 10:32 - 2014-01-30 11:12 - 00000000 ____D () C:\Users\AA\AppData\Roaming\ClassicShell

2014-01-29 10:32 - 2014-01-29 10:32 - 00000000 ____D () C:\Users\AA\AppData\Roaming\Intel Corporation

2014-01-29 10:32 - 2014-01-29 10:32 - 00000000 ____D () C:\Users\AA\AppData\Local\NVIDIA Corporation

2014-01-29 10:31 - 2014-01-29 10:31 - 00000000 ____D () C:\Users\AA\AppData\Roaming\simplitec

2014-01-29 10:31 - 2014-01-29 10:31 - 00000000 ____D () C:\Users\AA\AppData\Local\NVIDIA

2014-01-29 10:31 - 2014-01-29 10:31 - 00000000 ____D () C:\Users\AA\AppData\Local\Adobe

2014-01-28 17:12 - 2014-01-28 17:12 - 00000000 ____D () C:\MicrosoftKB928080

2014-01-28 16:00 - 2014-01-29 14:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games

2014-01-28 11:29 - 2014-01-28 11:29 - 00003584 _____ () C:\Users\Torbjörn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-01-28 11:03 - 2014-01-28 11:03 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\CANON INC

2014-01-28 11:02 - 2014-01-28 11:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

2014-01-28 10:49 - 2014-01-28 10:49 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Canon_Inc_IC

2014-01-28 10:48 - 2014-01-28 10:48 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\canon

2014-01-28 10:48 - 2014-01-28 10:48 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC

2014-01-23 09:49 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2014-01-23 09:49 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433221.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433221.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 00357152 _____ () C:\WINDOWS\system32\NvIFROpenGL.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 00314656 _____ () C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2014-01-23 09:49 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2014-01-23 09:49 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys

2014-01-23 09:49 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll

2014-01-23 09:49 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll

2014-01-23 09:46 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys

2014-01-23 09:46 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

2014-01-22 18:53 - 2014-01-22 18:53 - 00001229 _____ () C:\WINDOWS\IE9_main.log

2014-01-22 10:59 - 2014-01-22 10:59 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Unity

2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Unity

2014-01-21 19:47 - 2014-02-08 18:13 - 736234291 _____ () C:\WINDOWS\MEMORY.DMP

2014-01-21 19:47 - 2014-02-08 18:13 - 00000000 ____D () C:\WINDOWS\Minidump

2014-01-21 19:47 - 2014-01-21 19:47 - 00298040 _____ () C:\WINDOWS\Minidump\012114-22640-01.dmp

2014-01-21 18:06 - 2014-01-21 18:06 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-01-17 14:10 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-01-17 14:10 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-01-17 14:10 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-01-17 14:10 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-01-17 14:10 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2014-01-17 14:10 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll

2014-01-17 14:10 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll

2014-01-17 14:10 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys

2014-01-17 14:10 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll

2014-01-17 14:10 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll

2014-01-17 14:10 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys

2014-01-17 14:10 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll

2014-01-17 14:10 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll

2014-01-17 14:10 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll

2014-01-17 14:10 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll

2014-01-17 14:08 - 2014-01-17 14:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-01-17 14:08 - 2014-01-17 14:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-01-15 18:57 - 2014-01-15 18:57 - 00001816 _____ () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

2014-01-15 17:48 - 2014-01-29 11:08 - 00000000 ____D () C:\Program Files (x86)\Miditzer Style 216

2014-01-10 18:27 - 2014-01-10 18:27 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup

2014-01-10 18:14 - 2014-01-10 18:14 - 00000000 _____ () C:\WINDOWS\OpPrintServer.INI

2014-01-10 18:13 - 2014-01-28 10:53 - 00000000 ____D () C:\Program Files (x86)\Canon

2014-01-10 18:09 - 2014-01-31 18:06 - 00000000 ____D () C:\ProgramData\WPM

2014-01-10 18:09 - 2014-01-11 11:31 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\nationzoom

2014-01-10 18:09 - 2014-01-10 18:10 - 00000000 ____D () C:\Program Files (x86)\Wajam

2014-01-10 18:09 - 2014-01-10 18:09 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam

2014-01-10 18:09 - 2014-01-10 18:09 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Wajam

2014-01-10 18:08 - 2014-01-29 11:07 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software

2014-01-10 18:08 - 2014-01-29 11:07 - 00000000 ____D () C:\Program Files (x86)\SmartTweak

2014-01-10 11:25 - 2014-01-10 11:37 - 00000000 ____D () C:\ProgramData\FLEXnet

2014-01-10 11:25 - 2014-01-10 11:25 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\NVIDIA

2014-01-10 11:25 - 2014-01-10 11:25 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\No Company Name

2014-01-10 11:04 - 2014-01-10 11:05 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc

2014-01-10 11:04 - 2014-01-10 11:04 - 00000000 ____D () C:\ProgramData\eSellerate

2014-01-10 11:04 - 2014-01-10 11:04 - 00000000 ____D () C:\Program Files (x86)\SmartSound Software

2014-01-09 14:49 - 2014-01-09 14:49 - 00000000 ____D () C:\WINDOWS\sv

2014-01-09 14:45 - 2014-01-09 14:49 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Windows Live

2014-01-09 14:40 - 2014-01-09 14:40 - 00000000 ____D () C:\Program Files (x86)\simplitec

2014-01-09 13:32 - 2014-01-09 13:32 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2014-01-09 12:34 - 2014-01-09 12:38 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\BankID

2014-01-09 12:34 - 2014-01-09 12:34 - 00000000 ____D () C:\Program Files (x86)\BankID

2014-01-09 09:29 - 2014-01-09 09:29 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\EPSON

 

==================== One Month Modified Files and Folders =======

 

2014-02-08 18:46 - 2014-02-08 18:46 - 00000000 ____D () C:\FRST

2014-02-08 18:44 - 2014-01-07 11:22 - 00000000 ___RD () C:\Users\Torbjörn\Dropbox

2014-02-08 18:44 - 2014-01-07 11:20 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Dropbox

2014-02-08 18:39 - 2014-01-04 10:09 - 00001016 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-02-08 18:39 - 2013-11-04 17:44 - 00000000 __RDO () C:\Users\Torbjörn\SkyDrive

2014-02-08 18:19 - 2014-01-04 10:09 - 00001020 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-02-08 18:13 - 2014-02-08 18:13 - 00297976 _____ () C:\WINDOWS\Minidump\020814-31218-01.dmp

2014-02-08 18:13 - 2014-01-21 19:47 - 736234291 _____ () C:\WINDOWS\MEMORY.DMP

2014-02-08 18:13 - 2014-01-21 19:47 - 00000000 ____D () C:\WINDOWS\Minidump

2014-02-08 18:13 - 2013-04-03 00:10 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-02-08 18:13 - 2012-11-06 04:40 - 01070820 _____ () C:\WINDOWS\PFRO.log

2014-02-08 18:13 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-02-08 18:00 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-02-08 17:47 - 2014-02-05 18:07 - 00000073 _____ () C:\Users\Torbjörn\AppData\Local\X-Plane_drm.prf

2014-02-08 17:33 - 2014-01-04 11:09 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\ClassicShell

2014-02-08 16:50 - 2012-11-06 04:37 - 00721472 _____ () C:\WINDOWS\system32\perfh01D.dat

2014-02-08 16:50 - 2012-11-06 04:37 - 00149372 _____ () C:\WINDOWS\system32\perfc01D.dat

2014-02-08 16:50 - 2012-07-26 08:28 - 01713108 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-02-08 16:44 - 2013-04-03 00:02 - 01951563 _____ () C:\WINDOWS\WindowsUpdate.log

2014-02-08 15:34 - 2014-01-04 10:07 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1750976799-1855760834-4008688005-1001

2014-02-08 14:56 - 2014-02-08 14:50 - 00340910 _____ () C:\WINDOWS\DPINST.LOG

2014-02-08 14:56 - 2012-11-06 04:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-02-08 14:53 - 2014-02-08 14:52 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Sony

2014-02-08 14:52 - 2014-02-08 14:52 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Downloaded Installations

2014-02-08 14:52 - 2014-02-08 14:52 - 00000000 ____D () C:\ProgramData\Sony Corporation

2014-02-08 14:52 - 2014-02-08 14:51 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Sony

2014-02-08 14:52 - 2014-02-08 14:51 - 00000000 ____D () C:\Program Files (x86)\Sony Media Go Install

2014-02-08 14:52 - 2014-02-08 14:50 - 00000000 ____D () C:\Program Files (x86)\Sony

2014-02-08 14:52 - 2014-01-03 22:46 - 00000000 ____D () C:\Users\Torbjörn

2014-02-08 14:50 - 2014-02-08 14:50 - 00000000 ____D () C:\ProgramData\Sony

2014-02-08 14:49 - 2012-07-26 08:21 - 00030664 _____ () C:\WINDOWS\setupact.log

2014-02-08 14:48 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent

2014-02-08 08:44 - 2014-01-04 12:17 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Adobe

2014-02-07 09:17 - 2014-01-04 10:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-02-06 15:58 - 2014-02-06 15:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

2014-02-06 09:28 - 2014-02-05 20:01 - 00000080 _____ () C:\Users\Torbjörn\AppData\Local\X-Plane Installer.prf

2014-02-05 18:10 - 2014-02-05 18:10 - 00000024 _____ () C:\Users\Torbjörn\AppData\Local\x-plane_install_10.txt

2014-02-05 11:47 - 2014-01-04 10:54 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Thunderbird

2014-02-04 19:20 - 2014-02-04 19:20 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Realtime Soft

2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Realtime Soft

2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\ProgramData\Realtime Soft

2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\Program Files\UltraMon

2014-02-04 17:34 - 2014-01-07 18:27 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\CrashDumps

2014-02-03 19:16 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-02-03 09:49 - 2012-07-26 06:26 - 01310720 ___SH () C:\WINDOWS\system32\config\BBI

2014-02-01 18:05 - 2014-01-04 10:04 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Spotify

2014-02-01 14:56 - 2014-01-04 10:04 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Spotify

2014-01-31 18:06 - 2014-01-10 18:09 - 00000000 ____D () C:\ProgramData\WPM

2014-01-30 22:10 - 2012-07-26 09:14 - 00694240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-01-30 22:10 - 2012-07-26 09:14 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-01-30 11:12 - 2014-01-29 10:32 - 00000000 ____D () C:\Users\AA\AppData\Roaming\ClassicShell

2014-01-30 11:03 - 2013-11-17 19:22 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Packages

2014-01-29 18:48 - 2014-01-29 18:48 - 00005380 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log

2014-01-29 18:48 - 2014-01-05 15:58 - 00000000 ____D () C:\ProgramData\Oracle

2014-01-29 18:48 - 2014-01-05 15:58 - 00000000 ____D () C:\Program Files (x86)\Java

2014-01-29 18:34 - 2014-01-07 09:22 - 02021160 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-01-29 14:11 - 2014-01-29 14:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive

2014-01-29 14:11 - 2014-01-29 14:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE

2014-01-29 14:11 - 2014-01-28 16:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games

2014-01-29 11:08 - 2014-01-15 17:48 - 00000000 ____D () C:\Program Files (x86)\Miditzer Style 216

2014-01-29 11:07 - 2014-01-10 18:08 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software

2014-01-29 11:07 - 2014-01-10 18:08 - 00000000 ____D () C:\Program Files (x86)\SmartTweak

2014-01-29 10:54 - 2014-01-29 10:54 - 00000000 ____D () C:\Users\AA\AppData\Roaming\Macromedia

2014-01-29 10:51 - 2014-01-29 10:51 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf

2014-01-29 10:45 - 2014-01-29 10:45 - 00000000 ____D () C:\Users\AA\AppData\Local\Google

2014-01-29 10:45 - 2014-01-29 10:45 - 00000000 ____D () C:\Users\AA\AppData\Local\CrashDumps

2014-01-29 10:32 - 2014-01-29 10:32 - 00000000 ____D () C:\Users\AA\AppData\Roaming\Intel Corporation

2014-01-29 10:32 - 2014-01-29 10:32 - 00000000 ____D () C:\Users\AA\AppData\Local\NVIDIA Corporation

2014-01-29 10:31 - 2014-01-29 10:31 - 00000000 ____D () C:\Users\AA\AppData\Roaming\simplitec

2014-01-29 10:31 - 2014-01-29 10:31 - 00000000 ____D () C:\Users\AA\AppData\Local\NVIDIA

2014-01-29 10:31 - 2014-01-29 10:31 - 00000000 ____D () C:\Users\AA\AppData\Local\Adobe

2014-01-29 10:31 - 2014-01-03 22:52 - 00000000 ___RD () C:\Users\AA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-01-29 10:31 - 2014-01-03 22:52 - 00000000 ___RD () C:\Users\AA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-01-28 17:12 - 2014-01-28 17:12 - 00000000 ____D () C:\MicrosoftKB928080

2014-01-28 11:29 - 2014-01-28 11:29 - 00003584 _____ () C:\Users\Torbjörn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-01-28 11:03 - 2014-01-28 11:03 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\CANON INC

2014-01-28 11:02 - 2014-01-28 11:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

2014-01-28 10:53 - 2014-01-10 18:13 - 00000000 ____D () C:\Program Files (x86)\Canon

2014-01-28 10:49 - 2014-01-28 10:49 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Canon_Inc_IC

2014-01-28 10:48 - 2014-01-28 10:48 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\canon

2014-01-28 10:48 - 2014-01-28 10:48 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC

2014-01-23 09:51 - 2013-04-03 00:02 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-01-22 18:53 - 2014-01-22 18:53 - 00001229 _____ () C:\WINDOWS\IE9_main.log

2014-01-22 10:59 - 2014-01-22 10:59 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Unity

2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Unity

2014-01-21 19:47 - 2014-01-21 19:47 - 00298040 _____ () C:\WINDOWS\Minidump\012114-22640-01.dmp

2014-01-21 18:06 - 2014-01-21 18:06 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-01-21 03:53 - 2014-01-05 13:24 - 01179576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2014-01-21 03:53 - 2014-01-05 13:24 - 01048152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2014-01-19 17:44 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache

2014-01-17 14:15 - 2014-01-05 16:31 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-01-17 14:14 - 2014-01-05 16:31 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-01-17 14:14 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\WinStore

2014-01-17 14:08 - 2014-01-17 14:08 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-01-17 14:08 - 2014-01-17 14:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-01-16 12:34 - 2014-01-04 09:51 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\VirtualStore

2014-01-15 18:57 - 2014-01-15 18:57 - 00001816 _____ () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

2014-01-15 15:12 - 2014-01-06 10:35 - 00004070 _____ () C:\WINDOWS\system32\lvcoinst.log

2014-01-11 11:32 - 2014-01-04 09:51 - 00001445 _____ () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-01-11 11:31 - 2014-01-10 18:09 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\nationzoom

2014-01-10 18:27 - 2014-01-10 18:27 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup

2014-01-10 18:14 - 2014-01-10 18:14 - 00000000 _____ () C:\WINDOWS\OpPrintServer.INI

2014-01-10 18:10 - 2014-01-10 18:09 - 00000000 ____D () C:\Program Files (x86)\Wajam

2014-01-10 18:09 - 2014-01-10 18:09 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam

2014-01-10 18:09 - 2014-01-10 18:09 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Wajam

2014-01-10 11:37 - 2014-01-10 11:25 - 00000000 ____D () C:\ProgramData\FLEXnet

2014-01-10 11:37 - 2014-01-04 09:51 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Adobe

2014-01-10 11:36 - 2012-11-06 04:52 - 00000000 ____D () C:\ProgramData\Adobe

2014-01-10 11:25 - 2014-01-10 11:25 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\NVIDIA

2014-01-10 11:25 - 2014-01-10 11:25 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\No Company Name

2014-01-10 11:05 - 2014-01-10 11:04 - 00000000 ____D () C:\ProgramData\SmartSound Software Inc

2014-01-10 11:04 - 2014-01-10 11:04 - 00000000 ____D () C:\ProgramData\eSellerate

2014-01-10 11:04 - 2014-01-10 11:04 - 00000000 ____D () C:\Program Files (x86)\SmartSound Software

2014-01-10 11:02 - 2012-11-06 04:52 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-01-09 14:49 - 2014-01-09 14:49 - 00000000 ____D () C:\WINDOWS\sv

2014-01-09 14:49 - 2014-01-09 14:45 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Windows Live

2014-01-09 14:48 - 2012-11-06 05:11 - 00000582 _____ () C:\WINDOWS\DirectX.log

2014-01-09 14:48 - 2012-11-06 05:11 - 00000000 ____D () C:\Program Files (x86)\Windows Live

2014-01-09 14:40 - 2014-01-09 14:40 - 00000000 ____D () C:\Program Files (x86)\simplitec

2014-01-09 13:32 - 2014-01-09 13:32 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2014-01-09 12:38 - 2014-01-09 12:34 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\BankID

2014-01-09 12:34 - 2014-01-09 12:34 - 00000000 ____D () C:\Program Files (x86)\BankID

2014-01-09 09:29 - 2014-01-09 09:29 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\EPSON

2014-01-09 09:04 - 2012-11-06 05:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

2014-01-09 09:03 - 2014-01-04 11:28 - 00000000 ____D () C:\Program Files (x86)\MSECache

 

Some content of TEMP:

====================

C:\Users\Torbjörn\AppData\Local\Temp\bitool.dll

C:\Users\Torbjörn\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplmvk6e.dll

C:\Users\Torbjörn\AppData\Local\Temp\FixMyRegistry.exe

C:\Users\Torbjörn\AppData\Local\Temp\Installer_Windows.exe

C:\Users\Torbjörn\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Torbjörn\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Torbjörn\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\Torbjörn\AppData\Local\Temp\nvStInst.exe

C:\Users\Torbjörn\AppData\Local\Temp\readSTILog.dll

C:\Users\Torbjörn\AppData\Local\Temp\smt_nationzoom_20131128171426.exe

C:\Users\Torbjörn\AppData\Local\Temp\SpeedUpMyComputer.exe

C:\Users\Torbjörn\AppData\Local\Temp\vcredist_x64.exe

C:\Users\Torbjörn\AppData\Local\Temp\wajam_download.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-02-06 10:00

 

==================== End Of Log ============================

Addition.txt

Redigerad av Cecilia
Tog bort länkarna i början av loggen för att göra den läslig /Cecilia, moderator

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

1. Går det att avinstaller "Wajam" i Kontrollpanelen?

 

2. Ladda ner Malwarebytes Anti-Malware Free (MBAM) från http://www.malwarebytes.org/mbam-download.php

Dubbelklicka på mbam-setup för att installera programmet.

 

Se till i slutet av installationen att det är bockar för:

Uppdatera Malwarebytes' Anti-Malware

Starta Malwarebytes' Anti-Malware

Klicka på Slutför

Om det finns någon uppdatering så kommer den att laddas ner och installeras.

 

När programmet startar så välj Utför fullständig skanning och klicka på Skanna.

Skanningen tar ett tag.

När den är klar så klicka på OK och sedan Visa resultat.

Bocka för allt och tryck sedan Ta bort markerade.

När borttagningen är klar så öppnar Anteckningar med en logg.

 

Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det.

Om det blir ett felmeddelande Error loading... efter omstarten så starta om datorn än en gång.

Om programmet inte kommer igång efter omstarten så starta det.

 

Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på fliken Loggar i MBAM.

Kopiera loggen och klistra in den i ditt svar.

 

3. Spara ShortcutCleaner på skrivbordet: http://www.bleepingcomputer.com/download/shortcut-cleaner/dl/172/

Starta den nedladdade filen ss-cleaner.exe.

Vänta tills den är klar.

En rapport kommer upp, bifoga den till ditt svar.

 

4. Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på Report-knappen.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt

 

http://general-changelog-team.fr/en/tools/15-adwcleaner

http://www.bleepingcomputer.com/forums/topic469711.html/page__view__findpost__p__2850275

 

5. Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet Remove found threats

Bocka för Scan Archives

 

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Scan

 

När skanningen är klar klicka på List of threats found, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Tobbe_890
Hej Cecilia, tack för att du försöker hjälpa mig! Tyvärr kanske detta var lite för svårt för mig. Jag har gjort det du anvisat mig men textfilerna försvann (vart?) när det blev sent och jag stängde av datorn. Denna fanns dock kvar. On-line scan hittade inga hot hann jag se.  

 

Malwarebytes Anti-Malware (Testversion) 1.75.0.1300

www.malwarebytes.org

 

Databasversion: v2014.02.09.04

 

Windows 8 x64 NTFS

Internet Explorer 10.0.9200.16750

Torbjörn :: DATORTOBBE [administratör]

 

Skydd: Aktiverad

 

2014-02-09 17:45:56

mbam-log-2014-02-09 (17-45-56).txt

 

Skanningstyp: Fullständig skanning (C:\|D:\|)

Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM

Inaktiverade skanningsalternativ: P2P

Antal skannade objekt: 557908

Förfluten tid: 1 timme(ar), 21 minut(er), 22 sekund(er)

 

Upptäckta minnesprocesser: 1

C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> 1336 -> Ta bort vid nästa datorstart.

 

Upptäckta minnesmoduler: 0

(Inga skadliga poster hittades)

 

Upptäckta registernycklar: 6

HKLM\SYSTEM\CurrentControlSet\Services\Wpm (PUP.Optional.WpManager.A) -> Sattes i karantän och togs bort.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WPM (PUP.Optional.WpManager.A) -> Sattes i karantän och togs bort.

HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Sattes i karantän och togs bort.

HKLM\SOFTWARE\nationzoomSoftware (PUP.Optional.NationZoom.A) -> Sattes i karantän och togs bort.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (PUP.Optional.Qone8) -> Sattes i karantän och togs bort.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpeedUpMyComputer (PUP.Optional.SpeedupmyComputer) -> Sattes i karantän och togs bort.

 

Upptäckta registervärden: 2

HKLM\SYSTEM\CurrentControlSet\Services\Wpm|ImagePath (PUP.Optional.WpManager.A) -> Data: C:\ProgramData\WPM\wprotectmanager.exe -service -> Sattes i karantän och togs bort.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SpeedUpMyComputer (PUP.Optional.SpeedupmyComputer) -> Data: C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss -> Sattes i karantän och togs bort.

 

Upptäckta registerdataposter: 4

HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command| (PUP.Optional.NationZoom.A) -> Dåligt: (C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com/?type=sc&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX) Bra: (iexplore.exe) -> Sattes i karantän och reparerades framgångsrikt.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Search_URL (PUP.Optional.NationZoom.A) -> Dåligt: (http://www.nationzoom.com/web/?type=ds&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX&q={searchTerms}) Bra: (http://www.google.com'>http://www.google.com) -> Sattes i karantän och reparerades framgångsrikt.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|DefaultScope (PUP.Optional.Qone8) -> Dåligt: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}) Bra: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}) -> Sattes i karantän och reparerades framgångsrikt.

HKLM\Software\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.NationZoom) -> Dåligt: (http://www.nationzoom.com/web/?type=ds&ts=1389373714&from=smt&uid=TOSHIBAXDT01ACA100_33D94YKPSXX33D94YKPSX&q={searchTerms}) Bra: (http://www.google.com) -> Sattes i karantän och reparerades framgångsrikt.

 

Upptäckta mappar: 1

C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer (PUP.Optional.SpeedupmyComputer) -> Sattes i karantän och togs bort.

 

Upptäckta filer: 12

C:\ProgramData\WPM\wprotectmanager.exe (PUP.Optional.WpManager.A) -> Ta bort vid nästa datorstart.

C:\Users\Torbjörn\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\77QYGK7R\wajam_install[1].exe (PUP.Optional.Wajam) -> Sattes i karantän och togs bort.

C:\Users\Torbjörn\AppData\Local\Microsoft\Windows\INetCache\Content.IE5\KAQH9SZK\BiTool[1].dll (PUP.Optional.Somoto) -> Sattes i karantän och togs bort.

C:\Users\Torbjörn\AppData\Local\Temp\bitool.dll (PUP.Optional.Somoto) -> Sattes i karantän och togs bort.

C:\Users\Torbjörn\AppData\Local\Temp\smt_nationzoom_20131128171426.exe (PUP.Optional.SkyTech.A) -> Sattes i karantän och togs bort.

C:\Users\Torbjörn\AppData\Local\Temp\wajam_download.exe (PUP.Optional.Wajam) -> Sattes i karantän och togs bort.

C:\Users\Torbjörn\AppData\Local\Temp\fullpackage_temp1389373704\tmp\NewGdp.exe (PUP.Optional.WpManager.A) -> Sattes i karantän och togs bort.

D:\Downloads\rcpsetup_r (1).exe (PUP.Optional.RegCleanerPro) -> Sattes i karantän och togs bort.

D:\Downloads\rcpsetup_r.exe (PUP.Optional.RegCleanerPro) -> Sattes i karantän och togs bort.

C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe (PUP.Optional.SpeedupmyComputer) -> Sattes i karantän och togs bort.

C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.url (PUP.Optional.SpeedupmyComputer) -> Sattes i karantän och togs bort.

C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\uninst.exe (PUP.Optional.SpeedupmyComputer) -> Sattes i karantän och togs bort.

 

(klar)

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Tobbe_890

Hej igen!

 

Men nu är speedmycomputor borta! Tack för all hjälp

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Hej!

 

Bra!

 

Men det kan finnas rester kvar (t ex mappar som skapats men inte tagits bort av MBAM) så om du vill ha hjälp med att få bort mer kör AdwCleaner igen och klistra in loggen som kommer upp, C:\AdwCleaner[R0].txt.

 

Eller om du struntar i resterna så säg till så får du instruktionerna för att avinstallera FRST och AdwCleaner direkt.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Tobbe_890

Hej,

Här är MBAM -loggen. Tack jag vill gärna veta hur man avinstallerar FRST och AdwCleaner.

 

Malwarebytes Anti-Malware (Testversion) 1.75.0.1300
www.malwarebytes.org
 
Databasversion: v2014.02.10.01
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Torbjörn :: DATORTOBBE [administratör]
 
Skydd: Aktiverad
 
2014-02-11 16:58:37
mbam-log-2014-02-11 (16-58-37).txt
 
Skanningstyp: Fullständig skanning (C:\|D:\|)
Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM
Inaktiverade skanningsalternativ: P2P
Antal skannade objekt: 557542
Förfluten tid: 1 timme(ar), 22 minut(er), 55 sekund(er)
 
Upptäckta minnesprocesser: 0
(Inga skadliga poster hittades)
 
Upptäckta minnesmoduler: 0
(Inga skadliga poster hittades)
 
Upptäckta registernycklar: 0
(Inga skadliga poster hittades)
 
Upptäckta registervärden: 0
(Inga skadliga poster hittades)
 
Upptäckta registerdataposter: 0
(Inga skadliga poster hittades)
 
Upptäckta mappar: 0
(Inga skadliga poster hittades)
 
Upptäckta filer: 0
(Inga skadliga poster hittades)
 
(klar)

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Tobbe_890
Hej,

Här är adwcleaner loggen. Verkar inte ha hänt något?

 

# AdwCleaner v3.018 - Report created 14/02/2014 at 13:12:55

# Updated 28/01/2014 by Xplode

# Operating System : Windows 8  (64 bits)

# Username : Torbjörn - DATORTOBBE

# Running from : D:\Downloads\adwcleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Found C:\Program Files (x86)\simplitec

Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec

Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec

Folder Found C:\ProgramData\simplitec

Folder Found C:\Users\AA\AppData\Roaming\simplitec

Folder Found C:\Users\Torbjörn\AppData\Roaming\simplitec

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v10.0.9200.16537

 

 

-\\ Mozilla Firefox v26.0 (sv-SE)

 

[ File : C:\Users\Torbjörn\AppData\Roaming\Mozilla\Firefox\Profiles\xu8dg0u6.default\prefs.js ]

 

 

-\\ Google Chrome v32.0.1700.107

 

[ File : C:\Users\Torbjörn\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

[ File : C:\Users\AA\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [1277 octets] - [14/02/2014 13:12:55]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1337 octets] ##########

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Hej!

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

 

Klicka på Clean-knappen.

Tryck på OK.

Tryck på OK fler gånger om det kommer upp meddelanden.

 

Datorn kommer att startas om.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[s0].txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Tobbe_890

Tyvärr något är fel. Jag startar Adwcleaner och klickar på scan, den söker igenom men sedan står det bara "Pending" och inget mer händer.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Har det hänt något i datorn sen i fredags när det gick att skanna med AdwCleaner?

 

Gör en snabbskanning med MBAM utifall att det är något skadligt/olämpligt som återkommit.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Tobbe_890

Hej,

 

Nej inga fel hittades.

 

Malwarebytes Anti-Malware (Testversion) 1.75.0.1300
www.malwarebytes.org
 
Databasversion: v2014.02.17.02
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Torbjörn :: DATORTOBBE [administratör]
 
Skydd: Aktiverad
 
2014-02-17 11:02:34
mbam-log-2014-02-17 (11-02-34).txt
 
Skanningstyp: Snabbskanning
Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM
Inaktiverade skanningsalternativ: P2P
Antal skannade objekt: 267951
Förfluten tid: 3 minut(er), 7 sekund(er)
 
Upptäckta minnesprocesser: 0
(Inga skadliga poster hittades)
 
Upptäckta minnesmoduler: 0
(Inga skadliga poster hittades)
 
Upptäckta registernycklar: 0
(Inga skadliga poster hittades)
 
Upptäckta registervärden: 0
(Inga skadliga poster hittades)
 
Upptäckta registerdataposter: 0
(Inga skadliga poster hittades)
 
Upptäckta mappar: 0
(Inga skadliga poster hittades)
 
Upptäckta filer: 0
(Inga skadliga poster hittades)
 
(klar)

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Kör FRST igen och klistra in den nya FRST.txt så får vi se hur det ser ut i den numera.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Tobbe_890

Hej,

 

Här är frst.txt körd idag.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014
Ran by Torbjörn (administrator) on DATORTOBBE on 17-02-2014 20:26:52
Running from D:\Downloads
Windows 8 (X64) OS Language: Swedish
Internet Explorer Version 10
Boot Mode: Normal
 

==================== Processes (Whitelisted) =================
 

 
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Canon Inc.) C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Smart Cooling\AsSmartCoolingService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Users\Torbjörn\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Dropbox, Inc.) C:\Users\Torbjörn\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [shadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS Easy Update] - C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [195200 2012-05-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUS Ai Charger] - C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-06] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [spotify Web Helper] - C:\Users\Torbjörn\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-15] (Spotify Ltd)
HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [skyDrive] - C:\Users\Torbjörn\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2014-01-04] (Microsoft Corporation)
HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [updateMyDrivers] - C:\Program Files (x86)\SmartTweak\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [spotify] - C:\Users\Torbjörn\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-15] (Spotify Ltd)
HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [FixMyRegistry] - C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\MountPoints2: {633ff7e9-5461-11e3-be7c-60a44ce69aa8} - "F:\Startme.exe" 
HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\MountPoints2: {879b3b65-9be8-11e2-be6a-806e6f6e6963} - "E:\Installer_Windows.exe" 
Startup: C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Torbjörn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.se/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Torbjörn\AppData\Roaming\Mozilla\Firefox\Profiles\xu8dg0u6.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.0.2.10 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Torbjörn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: sony.com/MediaGoDetector - C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014-01-04]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\ []
 
Chrome: 
=======
CHR Extension: (Google Wallet) - C:\Users\Torbjörn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-04]
CHR Extension: (Norton Identity Protection) - C:\Users\Torbjörn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-01-04]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-01-21]
 
==================== Services (Whitelisted) =================
 
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-08-16] (ASUSTeK Computer Inc.)
R2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [86606 2005-06-02] (Canon Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.1.0.18\NAV.exe [262288 2013-10-08] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248704 2013-01-25] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-23] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE06000.01B\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-03] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-03] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140214.001\IDSvia64.sys [521944 2014-01-21] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140217.001\ENG64.SYS [126040 2014-01-03] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140217.001\EX64.SYS [2099288 2014-01-03] (Symantec Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NAVx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1501000.012\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-04] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NAVx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
S3 Tdsshbecr; C:\Windows\system32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-16 12:25 - 2014-02-16 12:25 - 00298032 _____ () C:\WINDOWS\Minidump\021614-17890-01.dmp
2014-02-16 09:46 - 2014-02-16 09:46 - 00000000 ___HD () C:\Program Files (x86)\Zero G Registry
2014-02-16 09:46 - 2014-02-16 09:46 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\aerosoft
2014-02-15 11:08 - 2014-02-15 11:08 - 00108464 _____ () C:\Users\Torbjörn\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-13 10:12 - 2014-02-13 10:12 - 00000132 _____ () C:\Users\Torbjörn\AppData\Roaming\CS5-inställningar för formatet Adobe PNG
2014-02-10 09:58 - 2014-02-15 16:22 - 00000000 ____D () C:\AdwCleaner
2014-02-09 20:17 - 2014-02-09 20:17 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-09 17:45 - 2014-02-09 17:45 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Malwarebytes
2014-02-09 17:44 - 2014-02-09 17:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-09 17:44 - 2014-02-09 17:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-09 17:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-08 18:46 - 2014-02-17 20:26 - 00000000 ____D () C:\FRST
2014-02-08 18:13 - 2014-02-08 18:13 - 00297976 _____ () C:\WINDOWS\Minidump\020814-31218-01.dmp
2014-02-08 14:52 - 2014-02-08 14:53 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Sony
2014-02-08 14:52 - 2014-02-08 14:52 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Downloaded Installations
2014-02-08 14:52 - 2014-02-08 14:52 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-02-08 14:51 - 2014-02-08 14:52 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Sony
2014-02-08 14:51 - 2014-02-08 14:52 - 00000000 ____D () C:\Program Files (x86)\Sony Media Go Install
2014-02-08 14:50 - 2014-02-12 20:48 - 00345994 _____ () C:\WINDOWS\DPINST.LOG
2014-02-08 14:50 - 2014-02-08 14:52 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-02-08 14:50 - 2014-02-08 14:50 - 00000000 ____D () C:\ProgramData\Sony
2014-02-06 15:53 - 2014-02-06 15:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-05 20:01 - 2014-02-06 09:28 - 00000080 _____ () C:\Users\Torbjörn\AppData\Local\X-Plane Installer.prf
2014-02-05 18:10 - 2014-02-05 18:10 - 00000024 _____ () C:\Users\Torbjörn\AppData\Local\x-plane_install_10.txt
2014-02-05 18:07 - 2014-02-17 18:52 - 00000073 _____ () C:\Users\Torbjörn\AppData\Local\X-Plane_drm.prf
2014-02-04 19:20 - 2014-02-04 19:20 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Realtime Soft
2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Realtime Soft
2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\ProgramData\Realtime Soft
2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\Program Files\UltraMon
2014-01-29 18:48 - 2014-01-29 18:48 - 00005380 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-29 14:11 - 2014-01-29 14:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive
2014-01-29 14:11 - 2014-01-29 14:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-01-29 14:11 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2014-01-29 14:11 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2014-01-29 10:54 - 2014-01-29 10:54 - 00000000 ____D () C:\Users\AA\AppData\Roaming\Macromedia
2014-01-29 10:51 - 2014-01-29 10:51 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-01-29 10:45 - 2014-01-29 10:45 - 00000000 ____D () C:\Users\AA\AppData\Local\Google
2014-01-29 10:45 - 2014-01-29 10:45 - 00000000 ____D () C:\Users\AA\AppData\Local\CrashDumps
2014-01-29 10:32 - 2014-01-30 11:12 - 00000000 ____D () C:\Users\AA\AppData\Roaming\ClassicShell
2014-01-29 10:32 - 2014-01-29 10:32 - 00000000 ____D () C:\Users\AA\AppData\Roaming\Intel Corporation
2014-01-29 10:32 - 2014-01-29 10:32 - 00000000 ____D () C:\Users\AA\AppData\Local\NVIDIA Corporation
2014-01-29 10:31 - 2014-01-29 10:31 - 00000000 ____D () C:\Users\AA\AppData\Local\NVIDIA
2014-01-29 10:31 - 2014-01-29 10:31 - 00000000 ____D () C:\Users\AA\AppData\Local\Adobe
2014-01-28 17:12 - 2014-01-28 17:12 - 00000000 ____D () C:\MicrosoftKB928080
2014-01-28 16:00 - 2014-01-29 14:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-01-28 11:29 - 2014-01-28 11:29 - 00003584 _____ () C:\Users\Torbjörn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-28 11:03 - 2014-01-28 11:03 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\CANON INC
2014-01-28 11:02 - 2014-01-28 11:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-28 10:49 - 2014-01-28 10:49 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Canon_Inc_IC
2014-01-28 10:48 - 2014-01-28 10:48 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\canon
2014-01-28 10:48 - 2014-01-28 10:48 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
2014-01-23 09:49 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-01-23 09:49 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433221.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433221.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 00357152 _____ () C:\WINDOWS\system32\NvIFROpenGL.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 00314656 _____ () C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-01-23 09:49 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-01-23 09:49 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-01-23 09:49 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-01-23 09:49 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2014-01-23 09:46 - 2013-12-27 19:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-01-23 09:46 - 2013-12-27 19:42 - 00033056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-01-22 18:53 - 2014-01-22 18:53 - 00001229 _____ () C:\WINDOWS\IE9_main.log
2014-01-22 10:59 - 2014-01-22 10:59 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Unity
2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Unity
2014-01-21 19:47 - 2014-02-16 12:25 - 770644843 _____ () C:\WINDOWS\MEMORY.DMP
2014-01-21 19:47 - 2014-02-16 12:25 - 00000000 ____D () C:\WINDOWS\Minidump
2014-01-21 19:47 - 2014-01-21 19:47 - 00298040 _____ () C:\WINDOWS\Minidump\012114-22640-01.dmp
2014-01-21 18:06 - 2014-01-21 18:06 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
 
==================== One Month Modified Files and Folders =======
 
2014-02-17 20:26 - 2014-02-08 18:46 - 00000000 ____D () C:\FRST
2014-02-17 20:26 - 2014-01-07 11:20 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Dropbox
2014-02-17 20:19 - 2014-01-04 10:09 - 00001020 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-17 20:04 - 2014-01-07 11:22 - 00000000 ___RD () C:\Users\Torbjörn\Dropbox
2014-02-17 20:00 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-17 18:52 - 2014-02-05 18:07 - 00000073 _____ () C:\Users\Torbjörn\AppData\Local\X-Plane_drm.prf
2014-02-17 17:26 - 2012-11-06 04:37 - 00721472 _____ () C:\WINDOWS\system32\perfh01D.dat
2014-02-17 17:26 - 2012-11-06 04:37 - 00149372 _____ () C:\WINDOWS\system32\perfc01D.dat
2014-02-17 17:26 - 2012-07-26 08:28 - 01713108 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-17 17:13 - 2014-01-04 10:09 - 00001016 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-17 17:13 - 2013-11-04 17:44 - 00000000 __RDO () C:\Users\Torbjörn\SkyDrive
2014-02-17 17:12 - 2013-04-03 00:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-17 17:12 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-17 13:15 - 2014-01-04 11:09 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\ClassicShell
2014-02-17 09:30 - 2014-01-04 12:17 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Adobe
2014-02-16 12:25 - 2014-02-16 12:25 - 00298032 _____ () C:\WINDOWS\Minidump\021614-17890-01.dmp
2014-02-16 12:25 - 2014-01-21 19:47 - 770644843 _____ () C:\WINDOWS\MEMORY.DMP
2014-02-16 12:25 - 2014-01-21 19:47 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-16 09:46 - 2014-02-16 09:46 - 00000000 ___HD () C:\Program Files (x86)\Zero G Registry
2014-02-16 09:46 - 2014-02-16 09:46 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\aerosoft
2014-02-15 16:22 - 2014-02-10 09:58 - 00000000 ____D () C:\AdwCleaner
2014-02-15 16:22 - 2014-01-07 18:27 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\CrashDumps
2014-02-15 12:22 - 2014-01-04 10:07 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1750976799-1855760834-4008688005-1001
2014-02-15 11:08 - 2014-02-15 11:08 - 00108464 _____ () C:\Users\Torbjörn\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-13 10:12 - 2014-02-13 10:12 - 00000132 _____ () C:\Users\Torbjörn\AppData\Roaming\CS5-inställningar för formatet Adobe PNG
2014-02-12 20:48 - 2014-02-08 14:50 - 00345994 _____ () C:\WINDOWS\DPINST.LOG
2014-02-11 15:10 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-09 20:17 - 2014-02-09 20:17 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-09 20:03 - 2014-01-10 18:09 - 00000000 ____D () C:\ProgramData\WPM
2014-02-09 20:03 - 2012-11-06 04:40 - 01074102 _____ () C:\WINDOWS\PFRO.log
2014-02-09 20:02 - 2012-07-26 06:26 - 01310720 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-09 20:00 - 2014-01-10 18:08 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-02-09 17:45 - 2014-02-09 17:45 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Malwarebytes
2014-02-09 17:44 - 2014-02-09 17:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-09 17:44 - 2014-02-09 17:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 18:13 - 2014-02-08 18:13 - 00297976 _____ () C:\WINDOWS\Minidump\020814-31218-01.dmp
2014-02-08 16:44 - 2013-04-03 00:02 - 01951563 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-08 14:56 - 2012-11-06 04:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-08 14:53 - 2014-02-08 14:52 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Sony
2014-02-08 14:52 - 2014-02-08 14:52 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Downloaded Installations
2014-02-08 14:52 - 2014-02-08 14:52 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-02-08 14:52 - 2014-02-08 14:51 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Sony
2014-02-08 14:52 - 2014-02-08 14:51 - 00000000 ____D () C:\Program Files (x86)\Sony Media Go Install
2014-02-08 14:52 - 2014-02-08 14:50 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-02-08 14:52 - 2014-01-03 22:46 - 00000000 ____D () C:\Users\Torbjörn
2014-02-08 14:50 - 2014-02-08 14:50 - 00000000 ____D () C:\ProgramData\Sony
2014-02-08 14:49 - 2012-07-26 08:21 - 00030664 _____ () C:\WINDOWS\setupact.log
2014-02-08 14:48 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-02-07 09:17 - 2014-01-04 10:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-06 15:58 - 2014-02-06 15:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-06 09:28 - 2014-02-05 20:01 - 00000080 _____ () C:\Users\Torbjörn\AppData\Local\X-Plane Installer.prf
2014-02-05 18:10 - 2014-02-05 18:10 - 00000024 _____ () C:\Users\Torbjörn\AppData\Local\x-plane_install_10.txt
2014-02-05 11:47 - 2014-01-04 10:54 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Thunderbird
2014-02-04 19:20 - 2014-02-04 19:20 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Realtime Soft
2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Realtime Soft
2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\ProgramData\Realtime Soft
2014-02-04 17:54 - 2014-02-04 17:54 - 00000000 ____D () C:\Program Files\UltraMon
2014-02-01 18:05 - 2014-01-04 10:04 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Spotify
2014-02-01 14:56 - 2014-01-04 10:04 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Spotify
2014-01-30 22:10 - 2012-07-26 09:14 - 00694240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 22:10 - 2012-07-26 09:14 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 11:12 - 2014-01-29 10:32 - 00000000 ____D () C:\Users\AA\AppData\Roaming\ClassicShell
2014-01-30 11:03 - 2013-11-17 19:22 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Packages
2014-01-29 18:48 - 2014-01-29 18:48 - 00005380 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-29 18:48 - 2014-01-05 15:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-29 18:48 - 2014-01-05 15:58 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-29 18:34 - 2014-01-07 09:22 - 02021160 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-29 14:11 - 2014-01-29 14:11 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive
2014-01-29 14:11 - 2014-01-29 14:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-01-29 14:11 - 2014-01-28 16:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-01-29 11:08 - 2014-01-15 17:48 - 00000000 ____D () C:\Program Files (x86)\Miditzer Style 216
2014-01-29 11:07 - 2014-01-10 18:08 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-01-29 10:54 - 2014-01-29 10:54 - 00000000 ____D () C:\Users\AA\AppData\Roaming\Macromedia
2014-01-29 10:51 - 2014-01-29 10:51 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-01-29 10:45 - 2014-01-29 10:45 - 00000000 ____D () C:\Users\AA\AppData\Local\Google
2014-01-29 10:45 - 2014-01-29 10:45 - 00000000 ____D () C:\Users\AA\AppData\Local\CrashDumps
2014-01-29 10:32 - 2014-01-29 10:32 - 00000000 ____D () C:\Users\AA\AppData\Roaming\Intel Corporation
2014-01-29 10:32 - 2014-01-29 10:32 - 00000000 ____D () C:\Users\AA\AppData\Local\NVIDIA Corporation
2014-01-29 10:31 - 2014-01-29 10:31 - 00000000 ____D () C:\Users\AA\AppData\Local\NVIDIA
2014-01-29 10:31 - 2014-01-29 10:31 - 00000000 ____D () C:\Users\AA\AppData\Local\Adobe
2014-01-29 10:31 - 2014-01-03 22:52 - 00000000 ___RD () C:\Users\AA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-29 10:31 - 2014-01-03 22:52 - 00000000 ___RD () C:\Users\AA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-28 17:12 - 2014-01-28 17:12 - 00000000 ____D () C:\MicrosoftKB928080
2014-01-28 11:29 - 2014-01-28 11:29 - 00003584 _____ () C:\Users\Torbjörn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-28 11:03 - 2014-01-28 11:03 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\CANON INC
2014-01-28 11:02 - 2014-01-28 11:02 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-01-28 10:53 - 2014-01-10 18:13 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-01-28 10:49 - 2014-01-28 10:49 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Canon_Inc_IC
2014-01-28 10:48 - 2014-01-28 10:48 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\canon
2014-01-28 10:48 - 2014-01-28 10:48 - 00000000 ____D () C:\ProgramData\Canon_Inc_IC
2014-01-23 09:51 - 2013-04-03 00:02 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-22 18:53 - 2014-01-22 18:53 - 00001229 _____ () C:\WINDOWS\IE9_main.log
2014-01-22 10:59 - 2014-01-22 10:59 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Unity
2014-01-22 10:58 - 2014-01-22 10:58 - 00000000 ____D () C:\Users\Torbjörn\AppData\Local\Unity
2014-01-21 19:47 - 2014-01-21 19:47 - 00298040 _____ () C:\WINDOWS\Minidump\012114-22640-01.dmp
2014-01-21 18:06 - 2014-01-21 18:06 - 00000000 ____D () C:\Users\Torbjörn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-21 03:53 - 2014-01-05 13:24 - 01179576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-01-21 03:53 - 2014-01-05 13:24 - 01048152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-01-19 17:44 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache
 
Some content of TEMP:
====================
C:\Users\Torbjörn\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptljaff.dll
C:\Users\Torbjörn\AppData\Local\Temp\FixMyRegistry.exe
C:\Users\Torbjörn\AppData\Local\Temp\Installer_Windows.exe
C:\Users\Torbjörn\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Torbjörn\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Torbjörn\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Torbjörn\AppData\Local\Temp\nvStInst.exe
C:\Users\Torbjörn\AppData\Local\Temp\Quarantine.exe
C:\Users\Torbjörn\AppData\Local\Temp\readSTILog.dll
C:\Users\Torbjörn\AppData\Local\Temp\SpeedUpMyComputer.exe
C:\Users\Torbjörn\AppData\Local\Temp\vcredist_x64.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-16 11:18
 
==================== End Of Log ============================
Redigerad av Cecilia
Tog bort de tre länkarna i början av loggen för att den skulle gå att läsa /Cecilia, moderator

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Hej!

 

Nej, vanliga medlemmar här kan inte ta bort inlägg utan det är bara moderatorer som kan göra det.

 

1. Angående

HKU\S-1-5-21-1750976799-1855760834-4008688005-1001\...\Run: [updateMyDrivers] - C:\Program Files (x86)\SmartTweak\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss
 
2. Starta Anteckningar.
Kopiera alla rader i rutan:

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoo...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoo...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoo...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoo...q={searchTerms}
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
2014-02-09 20:03 - 2014-01-10 18:09 - 00000000 ____D () C:\ProgramData\WPM
C:\Program Files (x86)\simplitec
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
C:\ProgramData\simplitec
C:\Users\AA\AppData\Roaming\simplitec
C:\Users\Torbjörn\AppData\Roaming\simplitec
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.

 

3. Hittade Esets skanner något som inte har tagits bort?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Tobbe_890

Hej,

 

Här är fixlog.txt-

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-02-2014
Ran by Torbjörn at 2014-02-18 19:09:29 Run:1
Running from D:\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoo...q={searchTerms}'>http://www.nationzoo...q={searchTerms}'>http://www.nationzoo...q={searchTerms}'>http://www.nationzoo...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoo...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoo...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoo...q={searchTerms}
FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
2014-02-09 20:03 - 2014-01-10 18:09 - 00000000 ____D () C:\ProgramData\WPM
C:\Program Files (x86)\simplitec
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
C:\ProgramData\simplitec
C:\Users\AA\AppData\Roaming\simplitec
C:\Users\Torbjörn\AppData\Roaming\simplitec
*****************
 
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@TrendMicro.com/FFExtension => Key deleted successfully.
C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll not found.
C:\ProgramData\WPM => Moved successfully.
"C:\Program Files (x86)\simplitec" => File/Directory not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec" => File/Directory not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec" => File/Directory not found.
"C:\ProgramData\simplitec" => File/Directory not found.
"C:\Users\AA\AppData\Roaming\simplitec" => File/Directory not found.
"C:\Users\Torbjörn\AppData\Roaming\simplitec" => File/Directory not found.
 
==== End of Fixlog ====

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Om du inte har startat om datorn sen du körde FRST så gör det och berätta sen hur den fungerar.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Tobbe_890

Hej,

Nej, det var Adwcleaner som inte fungerade. Det fungerar fortfarande inte. Men jag har ju fått bort Speedupmycomputor vilket var min fråga från början. Du behöver ju inte därför jobba mer med detta. Jag är tacksam för det jobb du lagt ner. Tror du att det finns problem kvar?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Hej!

 

Vad bra!

 

Nu återstår att avinstallera specialprogrammen.

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.
Klicka på Uninstall-knappen.

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe
Dubbelklicka på filen för att starta programmet.
Tryck på knappen CleanUp! och FRST kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar och ShortcutCleaner.

3. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/
Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



×
×
  • Skapa nytt...