Just nu i M3-nätverket
Jump to content

Newpoptab.com


OLDBOYS

Recommended Posts

Hej!

 

Sedan någon vecka har jag i IE (10.0) råkat ut för Redirection. Dvs. jag blir omdirigerad till olika reklamsiter, och får också oönskade PopUp-fönster. Detta beror naturligtvis på att jag laddat ner något. Troligen ett program som jag ville testa. Via SpyHunter (enbart sökning) och lite registerhackande trodde jag att problemet var u världen. Men icke. Ännu en sökning ger, förutom ett större antal cookies, hävdar alltså att problemet är NEWPOPTAB. I den bifogade bilden finns de tre register"platser" där problemet alltså ska finnas. Hur som helst så bifogar jag också "Addition.txt". Och här nedanför finns "FRST.txt". Jag har inte jättebrådis, utan kan leva med det här några dagar till :)

 

 

 

Med vänliga hälsningar /Benke

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-02-2016
Ran by Benke (administrator) on BENKE-OB (19-02-2016 12:14:54)
Running from C:\Gamla-HP-n\Benke\installationsprogram\Farbar-Recovery-Scan-Tool_(FRST)
Loaded Profiles: Benke (Available Profiles: Benke)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Svenska (Sverige)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nfservice.exe
(Norman Safeground AS) C:\Program Files\Norman\Nse\bin\nseupdatesvc.exe
(Norman Safeground AS) C:\Program Files\Norman\nvc\bin\nvcsvc.exe
(Norman AS) C:\Program Files\Norman\Npm\Bin\nvoy.exe
(Norman Safeground AS) C:\Program Files\Norman\Ngs\bin\nnf.exe
(Norman Safeground AS) C:\Program Files\Norman\Npf\bin\npfsvc32.exe
(Norman Safeground AS) C:\Program Files\Norman\Ngs\bin\nprosec.exe
(Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\nwscmon2.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\Zanda.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\igfxTray.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Spotify Ltd) C:\Users\Benke\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Flexera Software, Inc.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Spotify Ltd) C:\Users\Benke\AppData\Roaming\Spotify\Spotify.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 8\SnagIt32.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
() C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\ouc.exe
(Bayer Healthcare LLC) C:\Program Files (x86)\Bayer HealthCare SmartLaunch\bin\BayerHCService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\Zlh.exe
(Norman ASA) C:\Program Files\Norman\nsc\bin\noelauncher64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\zlhh.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(CryptoMill Technologies Ltd.) C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 8\TscHelp.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\SnagIt 8\SnagPriv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Wondershare) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\MediaLibServer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Spotify Ltd) C:\Users\Benke\AppData\Roaming\Spotify\Spotify.exe
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Spotify Ltd) C:\Users\Benke\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Norman Safeground AS) C:\Program Files\Norman\Npm\Bin\scheduler.exe
(Norman Safeground AS) C:\Program Files\Norman\Nig\bin\nigsvc32.exe
(Norman ASA) C:\Program Files\Norman\nsc\bin\nassvc32.exe
() C:\Program Files\Norman\Npm\Bin\njeeves2.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Norman AS) C:\Program Files\Norman\Nig\bin\niguser.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Norman AS) C:\Program Files\Norman\Npf\bin\npfuser.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-07-04] (IDT, Inc.)
HKLM\...\Run: [bLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM\...\Run: [bTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-19] (Synaptics Incorporated)
HKLM\...\Run: [igfxTray] => C:\Windows\system32\igfxtray.exe [391784 2015-06-24] ()
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-08-16] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-06-24] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-12] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493528 2013-05-21] (CyberLink Corp.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2013-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [Norman ZANDA] => C:\Program Files\Norman\Npm\Bin\ZLH.EXE [88536 2014-08-21] (Norman Safeground AS)
HKLM-x32\...\Run: [NOELauncher64] => C:\Program Files\Norman\nsc\bin\noelauncher64.exe [335688 2012-07-04] (Norman ASA)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-05-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Professional 7\RegistryController.exe [141160 2012-02-17] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [1828712 2012-02-17] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance PDF Converter Professional 7-reminder] => "C:\Program Files (x86)\Nuance\PDF Professional 7\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Converter Professional 7\Ereg\Ereg.ini"
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2014-11-21] ()
HKLM-x32\...\Run: [Wondershare Media Server] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\MediaLibServer.exe [215440 2014-11-21] (Wondershare)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [462736 2009-06-10] (The Eraser Project)
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\...\Run: [spotify Web Helper] => C:\Users\Benke\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2355312 2016-02-03] (Spotify Ltd)
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\...\Run: [HW_OPENEYE_OUC_Tele2 Mobile Partner] => C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\ouc.exe [218624 2015-04-18] ()
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-04-28] (Samsung)
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\...\Run: [spotify] => C:\Users\Benke\AppData\Roaming\Spotify\Spotify.exe [8449136 2016-02-03] (Spotify Ltd)
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\...\MountPoints2: {4c70e658-e5b8-11e4-a1f3-a08869a11a03} - G:\AutoRun.exe
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\...\MountPoints2: {4c70e666-e5b8-11e4-a1f3-a08869a11a03} - G:\AutoRun.exe
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\...\MountPoints2: {92757bcc-92cd-11e5-8f07-a08869a11a03} - G:\AutoRun.exe
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\nscrnsav.scr [205336 2015-06-16] ()
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Benke\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-09-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Benke\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-09-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Benke\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-09-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [+1TBIcon] -> {B9C55E85-DED6-4911-82F3-83CF1CAB2898} => C:\Program Files\Hewlett-Packard\HP Trust Circles\tbicon.dll [2014-03-07] (CryptoMill Technologies Ltd.)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2012-01-24] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2012-01-24] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Benke\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-09-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Benke\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-09-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Benke\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-09-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [+1TBIcon] -> {B9C55E85-DED6-4911-82F3-83CF1CAB2898} => C:\Program Files (x86)\Hewlett-Packard\HP Trust Circles\tbicon.dll [2014-03-07] (CryptoMill Technologies Ltd.)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2012-01-24] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2012-01-24] (Gladinet, INC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-04-29]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2015-11-24]
ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SnagIt 8.lnk [2015-03-24]
ShortcutTarget: SnagIt 8.lnk -> C:\Program Files (x86)\TechSmith\SnagIt 8\SnagIt32.exe (TechSmith Corporation)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [s-1-5-21-3849148887-1530255686-1543266198-1002] => hxxp://unblockservice.com/wpad.dat?d515f6b85589ed16f87141ee769d48eb5166099
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0C268D53-DD74-4D97-B6FE-746422FFD467}: [NameServer] 130.244.127.161 130.244.127.169
Tcpip\..\Interfaces\{7C7E0D24-DCC4-4929-BD0F-9151FF892E0E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F6A06A26-0B2F-4354-95B7-B23D7149DE5E}: [NameServer] 130.244.127.161 130.244.127.169
ManualProxies: 0http://unblockservice.com/wpad.dat?d515f6b85589ed16f87141ee769d48eb5166099

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://webmail.telia.com/cp/index.jsp
HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.se/
hxxps://www.facebook.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 8\DLLx64\SnagItBHO64.dll [2006-11-07] (TechSmith Corporation)
BHO: Välja bort annonscookies -> {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} -> C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll [2013-01-10] (Google Inc)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll [2006-11-07] (TechSmith Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2013-08-07] (Hewlett-Packard)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-11-21] (Wondershare)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-09] (Oracle Corporation)
BHO-x32: Välja bort annonscookies -> {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} -> C:\Program Files (x86)\Google\Advertising Cookie Opt-out\opt_out.dll [2013-01-10] (Google Inc)
BHO-x32: Inloggningshjälp för Microsoft-konto -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll [2011-07-08] (Zeon Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-09] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 8\DLLx64\SnagItIEAddin64.dll [2006-11-07] (TechSmith Corporation)
Toolbar: HKLM-x32 - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll [2006-11-07] (TechSmith Corporation)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\ZeonIEFavClient.dll [2011-07-08] (Zeon Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
Toolbar: HKU\S-1-5-21-3849148887-1530255686-1543266198-1002 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.4.0.22 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2015-03-17] (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-26] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-26] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2014-02-10] (DigitalPersona, Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-04-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: HP Client Security Manager - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2015-11-13] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2015-12-03] [not signed]
FF HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\Benke\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Benke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-19]
CHR Extension: (Google Docs) - C:\Users\Benke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-19]
CHR Extension: (Google Drive) - C:\Users\Benke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Benke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-19]
CHR Extension: (Google Search) - C:\Users\Benke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-19]
CHR Extension: (Google Sheets) - C:\Users\Benke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-19]
CHR Extension: (Google Docs Offline) - C:\Users\Benke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Benke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-10-21]
CHR Extension: (DigitalPersona Extension) - C:\Users\Benke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncffjdbbodifgldkcbhmiiljfcnbgjab [2016-01-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Benke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-19]
CHR Extension: (Gmail) - C:\Users\Benke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-19]
CHR HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2014-02-10]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BayerHealthcareService; C:\Program Files (x86)\Bayer HealthCare SmartLaunch\bin\BayerHCService.exe [162680 2013-03-12] (Bayer Healthcare LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 CreoService; C:\Program Files\Hewlett-Packard\HP Trust Circles\CreoSvc.exe [1927128 2014-03-07] (CryptoMill Technologies Ltd.)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2013-08-07] () [File not signed]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-07-15] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-07-15] (CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-08] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-08] (Dropbox, Inc.)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2014-02-10] (DigitalPersona, Inc.)
R2 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [558392 2013-08-06] (Hewlett-Packard Company)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29552 2012-01-24] (Gladinet, INC)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-05-16] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [339456 2010-11-16] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [14696 2013-07-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-06-24] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-26] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-07-26] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
R3 NASS; C:\Program Files\Norman\nsc\bin\nassvc32.exe [143176 2012-07-04] (Norman ASA)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 nfservice; C:\Program Files\Norman\Npm\Bin\nfservice.exe [196072 2015-02-17] (Norman Safeground AS)
R3 NIG; C:\Program Files\Norman\nig\bin\nigsvc32.exe [596200 2015-06-19] (Norman Safeground AS)
R3 NJeeves2; C:\Program Files\Norman\Npm\Bin\Njeeves2.exe [179080 2014-11-27] ()
R2 NNFSVC; C:\Program Files\Norman\Ngs\Bin\Nnf.exe [306360 2015-02-17] (Norman Safeground AS)
R2 Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [456664 2014-06-30] (Norman Safeground AS)
R2 NPFSvc32; C:\Program Files\Norman\npf\bin\npfsvc32.exe [408344 2014-08-05] (Norman Safeground AS)
R2 NPROSECSVC; C:\Program Files\Norman\Ngs\Bin\Nprosec.exe [140032 2014-10-15] (Norman Safeground AS)
R2 nseupdatesvc; C:\Program Files\Norman\nse\bin\nseupdatesvc.exe [261992 2015-02-17] (Norman Safeground AS)
R2 nvcsvc; C:\Program Files\Norman\nvc\bin\nvcsvc.exe [408776 2015-06-22] (Norman Safeground AS)
R2 nvoy; C:\Program Files\Norman\Npm\Bin\nvoy.exe [246560 2013-06-27] (Norman AS)
R2 NWSCMON2; C:\Program Files\Norman\Npm\Bin\nwscmon2.exe [232008 2015-09-15] (Norman Safeground AS)
R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe [135016 2012-02-17] (Nuance Communications, Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R3 Scheduler; C:\Program Files\Norman\Npm\Bin\scheduler.exe [199680 2014-06-30] (Norman Safeground AS)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-02-03] (Enigma Software Group USA, LLC.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [337920 2013-07-04] (IDT, Inc.) [File not signed]
S2 Tele2 Mobile Partner. RunOuc; C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\ouc.exe [218624 2015-04-18] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ALE_NF; C:\Windows\system32\drivers\ale7_nf64.sys [133152 2015-02-17] (Norman Safeground AS)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1385272 2013-08-08] (Motorola Solutions, Inc.)
S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [76088 2013-01-22] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink)
R2 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [65752 2013-06-13] (Hewlett-Packard Company)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-02-03] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-02-03] ()
R3 gzflt; C:\Program Files\Norman\nvc\bin\gzflt.sys [155912 2015-02-17] (BitDefender LLC)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2013-07-30] (Intel Corporation)
S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [118216 2013-09-09] (Intel Corporation)
R3 IceKore; C:\Windows\System32\DRIVERS\IceKore.sys [411608 2014-03-04] (CryptoMill Technologies Inc.)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-18] (Siliten)
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3603424 2014-04-17] (Intel Corporation)
R1 NGS; c:\program files\norman\ngs\bin\ngs64.sys [23488 2014-06-27] (Norman Safeground AS)
R1 NPROSEC; C:\Program Files\Norman\Ngs\Bin\nprosec64.sys [41536 2014-08-27] (Norman Safeground AS)
R2 nregsec; C:\Program Files\Norman\Ngs\Bin\nregsec64.sys [69328 2015-06-19] (Norman Safeground AS)
R0 PinFile; C:\Windows\System32\DRIVERS\PinFile.sys [49856 2013-07-16] (WinMagic Inc.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [418520 2013-06-17] (Realsil Semiconductor Corporation)
R0 SDDisk2K; C:\Windows\System32\DRIVERS\SDDisk2K.sys [228544 2013-07-16] (WinMagic Inc.)
R0 SDDToki; C:\Windows\System32\DRIVERS\SDDToki.sys [131264 2013-07-16] (WinMagic Inc.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-19] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\system32\drivers\Smb_driver_Intel.sys [34544 2013-08-19] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1512952 2013-08-08] (Sunplus)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-02-17] (BitDefender S.R.L.)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-21] (Windows ® Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-19 12:14 - 2016-02-19 12:14 - 00000000 ____D C:\FRST
2016-02-18 09:32 - 2016-02-19 12:11 - 00001078 _____ C:\Windows\system32dbgraw.bmp
2016-02-17 16:51 - 2016-02-17 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-14 17:19 - 2016-02-14 17:19 - 06567264 _____ (Tim Kosse) C:\Users\Benke\Downloads\FileZilla_3.15.0.2_win64-setup.exe
2016-02-12 14:51 - 2016-02-12 14:51 - 00450523 _____ C:\Users\Benke\Downloads\{20cfa369-f90c-423a-b255-75cfcc726dbf}.pdf
2016-02-07 16:42 - 2016-02-07 17:35 - 976893448 _____ C:\Users\Benke\Shanes-1965.mp4
2016-02-04 18:38 - 2016-02-04 20:36 - 1241425150 _____ C:\Users\Benke\krusse-i-amerika.mp4
2016-02-04 13:38 - 2016-02-04 13:37 - 00076084 _____ C:\Users\Benke\Desktop\Lisa-Nilsson.pdf
2016-02-04 09:20 - 2016-02-04 09:21 - 00000000 ____D C:\Users\Benke\Desktop\Jersey-Boys
2016-02-03 15:41 - 2016-02-03 15:42 - 443312406 _____ C:\Users\Benke\Desktop\backup.reg
2016-02-03 12:31 - 2016-02-03 12:31 - 00000000 _____ C:\autoexec.bat
2016-02-03 12:30 - 2016-02-03 13:01 - 00001156 _____ C:\Users\Benke\Desktop\SpyHunter.lnk
2016-02-03 12:30 - 2016-02-03 12:30 - 00003326 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2016-02-03 12:30 - 2016-02-03 12:30 - 00000000 ____D C:\Users\Benke\AppData\Roaming\Enigma Software Group
2016-02-03 12:29 - 2016-02-03 12:30 - 00000000 ____D C:\sh4ldr
2016-02-03 12:26 - 2016-02-03 12:26 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-02-03 12:25 - 2016-02-03 12:25 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-02-02 15:09 - 2016-02-02 15:09 - 00006794 _____ C:\Windows\SysWOW64\BroomData.bit
2016-02-02 15:09 - 2013-04-08 15:30 - 00022752 _____ C:\Windows\system32\PCloudBroom64.exe
2016-02-02 13:32 - 2016-02-03 08:58 - 00001283 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2016-02-02 13:32 - 2016-02-02 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2016-02-02 13:32 - 2016-02-02 13:32 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-02-02 13:32 - 2015-09-14 13:03 - 00039672 _____ C:\Windows\system32\Drivers\DasPtct.SYS
2016-02-02 13:32 - 2015-01-29 18:21 - 00050320 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2016-02-02 13:21 - 2016-02-02 13:21 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-02-02 12:53 - 2016-02-02 12:53 - 00274676 _____ C:\Users\Benke\AppData\Local\census.cache
2016-02-02 12:53 - 2016-02-02 12:53 - 00113641 _____ C:\Users\Benke\AppData\Local\ars.cache
2016-01-29 09:50 - 2016-01-29 09:50 - 00000000 ____D C:\Users\Benke\AppData\Roaming\chc
2016-01-28 14:14 - 2016-01-28 14:14 - 00000000 ____D C:\Users\Benke\Documents\Fragments
2016-01-28 14:13 - 2016-01-28 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES4
2016-01-27 07:11 - 2016-02-04 10:19 - 00000000 ____D C:\Users\Benke\Desktop\Tor Browser
2016-01-26 19:18 - 2016-01-26 19:18 - 00010316 _____ C:\Users\Benke\Desktop\WebCachV01.tmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-19 12:15 - 2014-05-18 18:44 - 00000000 ____D C:\ProgramData\Temp
2016-02-19 12:14 - 2014-03-18 18:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-19 12:01 - 2015-09-08 07:56 - 00001002 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-02-19 11:47 - 2015-09-02 07:32 - 00000000 ____D C:\Users\Benke\Desktop\SHIS-Temp_Benke_sept
2016-02-19 11:47 - 2015-02-24 17:27 - 00000000 ____D C:\Users\Benke
2016-02-19 11:27 - 2015-09-08 12:38 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-19 10:22 - 2015-04-08 17:08 - 00000000 ____D C:\Users\Benke\AppData\Local\Spotify
2016-02-19 09:59 - 2015-04-08 17:08 - 00000000 ____D C:\Users\Benke\AppData\Roaming\Spotify
2016-02-19 09:01 - 2015-09-08 07:56 - 00000998 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-02-19 08:44 - 2009-07-14 05:45 - 00026832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-19 08:44 - 2009-07-14 05:45 - 00026832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-18 23:46 - 2015-11-09 13:50 - 00002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-18 23:27 - 2015-09-08 12:38 - 00000990 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-18 09:40 - 2014-05-18 18:54 - 00667624 _____ C:\Windows\system32\perfh01D.dat
2016-02-18 09:40 - 2014-05-18 18:54 - 00144190 _____ C:\Windows\system32\perfc01D.dat
2016-02-18 09:40 - 2009-07-14 06:13 - 01590820 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-18 09:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-18 09:38 - 2015-09-08 12:49 - 00000000 ___RD C:\Users\Benke\Google Drive
2016-02-18 09:38 - 2015-02-24 19:19 - 00917666 _____ C:\Windows\SysWOW64\erbl.bin
2016-02-18 09:37 - 2015-09-08 08:02 - 00000000 ___RD C:\Users\Benke\Dropbox
2016-02-18 09:37 - 2015-09-08 07:56 - 00000000 ____D C:\Users\Benke\AppData\Local\Dropbox
2016-02-18 09:36 - 2015-11-24 11:57 - 00000000 ____D C:\Users\Benke\AppData\Local\gladinet
2016-02-18 09:33 - 2015-06-24 15:08 - 00000000 __SHD C:\Users\Benke\IntelGraphicsProfiles
2016-02-18 09:32 - 2015-02-24 18:45 - 00000000 ____D C:\Program Files\Norman
2016-02-18 09:32 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-18 09:24 - 2015-04-07 19:12 - 00000000 ____D C:\Users\Benke\AppData\Local\Eraser
2016-02-18 09:24 - 2015-02-24 19:59 - 00000211 _____ C:\Windows\SysWOW64\scurlcache.bin
2016-02-17 16:52 - 2015-09-08 07:56 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-02-17 12:45 - 2015-05-13 11:31 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBenke
2016-02-17 12:45 - 2015-05-13 11:31 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleForBenke.job
2016-02-17 07:44 - 2015-04-27 13:48 - 00000000 ____D C:\Users\Benke\AppData\Local\CrashDumps
2016-02-16 23:09 - 2015-06-02 09:42 - 00025053 _____ C:\Users\Benke\Desktop\Söndagsskolan-2.txt
2016-02-16 13:01 - 2015-03-25 14:27 - 00000000 ____D C:\Users\Benke\AppData\Local\Adobe
2016-02-16 12:59 - 2014-03-18 18:40 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-16 12:59 - 2014-03-18 18:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-16 12:59 - 2014-03-18 18:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-15 14:45 - 2015-04-22 14:14 - 00000000 ____D C:\Users\Benke\AppData\Roaming\FileZilla
2016-02-14 17:19 - 2015-03-24 18:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-02-14 17:19 - 2015-03-24 18:45 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2016-02-11 09:35 - 2015-06-15 11:44 - 00000000 ____D C:\Users\Benke\AppData\Local\CutePDF Writer
2016-02-10 13:27 - 2014-05-18 18:56 - 00000225 _____ C:\Windows\CryptoMill_CreoService.001
2016-02-10 09:37 - 2014-05-18 18:56 - 00000225 _____ C:\Windows\CryptoMill_CreoService.002
2016-02-09 18:48 - 2014-05-18 18:56 - 00000225 _____ C:\Windows\CryptoMill_CreoService.003
2016-02-09 09:18 - 2015-04-03 16:54 - 00000000 ____D C:\ProgramData\Oracle
2016-02-09 09:16 - 2015-04-03 16:54 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-09 09:15 - 2015-04-03 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 09:14 - 2015-10-13 13:48 - 00000000 ____D C:\Users\Benke\.oracle_jre_usage
2016-02-09 09:14 - 2015-04-03 16:54 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-09 07:25 - 2014-05-18 18:56 - 00000225 _____ C:\Windows\CryptoMill_CreoService.004
2016-02-07 20:51 - 2014-05-18 18:56 - 00000225 _____ C:\Windows\CryptoMill_CreoService.005
2016-02-07 19:28 - 2015-05-27 17:07 - 00000000 ____D C:\Users\Benke\GLUCOFACTS Deluxe
2016-02-07 18:16 - 2015-04-12 16:46 - 00141312 ___SH C:\Users\Benke\Thumbs.db
2016-02-01 23:40 - 2015-09-08 12:46 - 00002025 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-02-01 23:40 - 2015-09-08 12:46 - 00002023 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-02-01 23:40 - 2015-09-08 12:46 - 00002013 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-02-01 23:40 - 2015-09-08 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-02-01 23:22 - 2015-09-08 12:38 - 00003990 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-01 23:22 - 2015-09-08 12:38 - 00003738 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-29 16:06 - 2015-04-29 13:16 - 00000000 ____D C:\Users\Benke\AppData\Roaming\uTorrent
2016-01-28 17:30 - 2015-12-03 16:03 - 00000000 ____D C:\Users\Benke\AppData\LocalLow\uTorrent
2016-01-28 14:13 - 2015-03-25 14:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-25 16:15 - 2015-02-24 17:28 - 00000000 ____D C:\Users\Benke\AppData\Roaming\hpqLog

==================== Files in the root of some directories =======

2016-02-02 12:53 - 2016-02-02 12:53 - 0113641 _____ () C:\Users\Benke\AppData\Local\ars.cache
2016-02-02 12:53 - 2016-02-02 12:53 - 0274676 _____ () C:\Users\Benke\AppData\Local\census.cache
2015-05-11 06:36 - 2015-05-11 06:36 - 0000036 _____ () C:\Users\Benke\AppData\Local\housecall.guid.cache
2015-02-25 17:22 - 2015-10-27 12:26 - 0007605 _____ () C:\Users\Benke\AppData\Local\resmon.resmoncfg
2015-11-13 14:27 - 2015-11-13 14:31 - 14689586 _____ () C:\ProgramData\hpcsmmsilogs.log
2015-11-13 14:18 - 2015-11-13 14:18 - 0039952 _____ () C:\ProgramData\HPTrustCircles_Install_Log.txt
2015-04-29 13:58 - 2015-04-29 21:19 - 0006490 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Benke\AppData\Local\Temp\converter.exe
C:\Users\Benke\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Benke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzbvvcu.dll
C:\Users\Benke\AppData\Local\Temp\Extract.exe
C:\Users\Benke\AppData\Local\Temp\HPInstaller.exe
C:\Users\Benke\AppData\Local\Temp\jli9kAQcUI.exe
C:\Users\Benke\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Benke\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Benke\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Benke\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Benke\AppData\Local\Temp\k5ucfVGzE0.exe
C:\Users\Benke\AppData\Local\Temp\LGDNuBSyWd.exe
C:\Users\Benke\AppData\Local\Temp\ODEyVuQzwI.exe
C:\Users\Benke\AppData\Local\Temp\SmartLaunch.exe
C:\Users\Benke\AppData\Local\Temp\SP63598.exe
C:\Users\Benke\AppData\Local\Temp\SP65246.exe
C:\Users\Benke\AppData\Local\Temp\SP65637.exe
C:\Users\Benke\AppData\Local\Temp\SP65692.exe
C:\Users\Benke\AppData\Local\Temp\SP66562.exe
C:\Users\Benke\AppData\Local\Temp\SP69840.exe
C:\Users\Benke\AppData\Local\Temp\SP71151.exe
C:\Users\Benke\AppData\Local\Temp\SpotifyUpgrader.exe
C:\Users\Benke\AppData\Local\Temp\uninstall.exe
C:\Users\Benke\AppData\Local\Temp\Y1ygIrUHwW.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-02-18 00:35

==================== End of FRST.txt ============================

post-122929-0-76447600-1455888901_thumb.gif

Link to comment
Share on other sites

Hej Benke!
 
Addition.txt kom inte med.
Du ska inte dra ut på tiden för så länge som reklamprogrammet finns kvar i datorn tjänar dess upphovsman pengar.
 
 
1. Starta programmet Anteckningar.
Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
AutoConfigURL: [S-1-5-21-3849148887-1530255686-1543266198-1002] => hxxp://unblockservice.com/wpad.dat?d515f6b85589ed16f87141ee769d48eb5166099
ManualProxies: 0http://unblockservic...769d48eb5166099
CMD: ipconfig /flushdns

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.
Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.
Om datorn inte startas om automatiskt så gör det själv.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.
 
 
2. Utan att starta om datorn, spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på knappen Log file.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[R0].txt

Link to comment
Share on other sites

Hej Benke!

 

Addition.txt kom inte med.

Du ska inte dra ut på tiden för så länge som reklamprogrammet finns kvar i datorn tjänar dess upphovsman pengar.

 

 

1. Starta programmet Anteckningar.

Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
AutoConfigURL: [S-1-5-21-3849148887-1530255686-1543266198-1002] => hxxp://unblockservice.com/wpad.dat?d515f6b85589ed16f87141ee769d48eb5166099
ManualProxies: 0http://unblockservic...769d48eb5166099
CMD: ipconfig /flushdns

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Stäng av alla program.

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Om datorn inte startas om automatiskt så gör det själv.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

 

 

2. Utan att starta om datorn, spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på knappen Log file.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[R0].txt

Hej!

 

Jag har nu försökt följa dina anvisningar Cecilia. Se Fixloggen och AdwC-loggen här nedanför. Men det verkar inte ha bitit till 100%. Ska jag köra om procedurerna ett varv till? Notera också att SpyHunter (bifogade bilden) har synpunkter på min DNS-inställning. Något jag bör ta på allvar? Med vänlig hälsning /Benke

 

Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version:17-02-2016

Ran by Benke (2016-02-22 16:56:26) Run:1

Running from C:\Gamla-HP-n\Benke\installationsprogram\Farbar-Recovery-Scan-Tool_(FRST)

Loaded Profiles: Benke (Available Profiles: Benke)

Boot Mode: Normal

==============================================

fixlist content:

*****************

CreateRestorePoint:

CloseProcesses:

AutoConfigURL: [s-1-5-21-3849148887-1530255686-1543266198-1002] => hxxp://unblockservice.com/wpad.dat?d515f6b85589ed16f87141ee769d48eb5166099

ManualProxies: 0http://unblockservic...769d48eb5166099

CMD: ipconfig /flushdns

*****************

Restore point was successfully created.

Processes closed successfully.

HKU\S-1-5-21-3849148887-1530255686-1543266198-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value not found.

=========  ipconfig /flushdns =========

 

AdwCleaner log:

# AdwCleaner v5.036 - Logfile created 22/02/2016 at 17:56:30

# Updated 22/02/2016 by Xplode

# Database : 2016-02-22.1 [server]

# Operating system : Windows 7 Professional Service Pack 1 (x64)

# Username : Benke - BENKE-OB

# Running from : C:\Gamla-HP-n\Benke\installationsprogram\Farbar-Recovery-Scan-Tool_(FRST)\ADW-cleaner\adwcleaner_5.036.exe

# Option : Cleaning

# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\myfree codec

[-] Folder Deleted : C:\ProgramData\apn

[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec

[-] Folder Deleted : C:\Users\Benke\AppData\Local\Temp\apn

[-] Folder Deleted : C:\Users\Benke\AppData\Local\Temp\AskSearch

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}

[-] Key Deleted : HKCU\Software\APN

[-] Key Deleted : HKCU\Software\Myfree Codec

[-] Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar

[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\softonic.com

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\winamp.com

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed

:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2015 bytes] - [22/02/2016 17:56:30]

C:\AdwCleaner\AdwCleaner[s1].txt - [1967 bytes] - [22/02/2016 17:46:51]

C:\AdwCleaner\AdwCleaner[s2].txt - [2040 bytes] - [22/02/2016 17:55:24]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2234 bytes] ##########

post-122929-0-54823300-1456165589_thumb.gif

Link to comment
Share on other sites

SpyHunter tycker jag att du kan avinstallera för det är inte något särskilt bra program, men DNS-inställningarna enligt FRST-loggen ser bra ut. Eftersom jag inte vet vad SpyHunter har sparat är det svårt att veta om det är de nuvarande eller de sparade som är bra.

 

Kan fortfarande finnas kvar sånt som behöver tas bort.

 

1. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Välj alternativet Enable detection of potentially unwanted applications.

Klicka på Advanced Settings.
Ta bort bocken framför Remove found threats.
Bocka för:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

 

 

2. Starta FRST.

Bocka för Addition.txt.

Låt programmet skanna datorn och bifoga sen de två nya loggarna, FRST.txt och Addition.txt.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...