Ta bort webssearches virus

1 2

Skriv svar

2014-06-09 23:53

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

Ta bort webssearches virus

Tja jag råkade trycka ja på någon jävla förfrågning och helt plötsligt ändrades alla internet inställningar
*länk raderad av moderator*
Blev min startsida på ALLA webbläsare jag har provat gå in på kontroll panelen och tagit bort programmet, Jag har gått in på alla webbläsare och ändrat startsidan och jag har gått in på alla webbläsare och inaktivera tillägg websseraches (på Explorer går de inte ens att inaktivera eller ta bort tillägget) så jag har gjort allt jag kan tänka mig finns det någon som har något ytterligare förslag på hur jag ska få bort det. avg antivirus hittar ingenting heller

Raderat länk

Rapportera Redigera

Citera flera Citera

2014-06-10 01:56

Permalänk

CeciliaB

Medlem ★

Plats: Stockholm
Registrerad: Nov 2011

●

Pröva med att rensa med programmen Malwarebytes Anti-Mailware och AdwCleaner av Xplode.
http://general-changelog-team.fr/fr/downloads/finish/20-outil...
Stäng alla program, inklusive webbläsare, innan du startar programmet.

Rapportera Redigera

Citera flera Citera (1)

2014-06-10 13:21

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

har provat med det och andra mareware program som superantispyware men inget funkar:( går inte ens när jag återställer alla explore inställningar till 0 var är detta:(

Rapportera Redigera

Citera flera Citera

2014-06-10 13:29

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

har ändrat startsidan
tagit bort tillägg
tagit bort programmet i kontrollpanelen
kört båda superantispareware och avg
återställd alla internet inställningar till 0
inget funka

vad kan man göra??

Rapportera Redigera

Citera flera Citera

2014-06-10 13:34

Permalänk

Tea42BBS

Medlem ★

Plats: Stockholm / Vendelsö
Registrerad: Mar 2010

●

jag brukar ha mest framfång med Lavasofts AdAware, finns en gratisversion.

Min son brukar trycka "JA" alldeles för ofta och få in iLvid och FastSearch och ASK toolbar o allt annat skit som borde vara helt förbjudet

// LZ

Rapportera Redigera

Citera flera Citera

2014-06-10 13:39

Permalänk

LemonIllusion

Medlem ★

Plats: SweClockers forum
Registrerad: Aug 2012

●

Vissa sådana virus lägger till hemsidan som launchvariabel i genvägar. Får du rätt startsida om du startar med "iexplore" i kör?

Visa signatur

Spela Swemantle! Du vet att du vill.

Ibland har jag fel, men då är det någon annans fel.

Rapportera Redigera

Citera flera Citera

2014-06-10 13:53

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

Skrivet av LemonIllusion:

Vissa sådana virus lägger till hemsidan som launchvariabel i genvägar. Får du rätt startsida om du startar med "iexplore" i kör?

Gå till inlägget

Ja du är inne på rätt spår. Jag fick rätt startsida när jag startare "iexplore i kör"
Frågan är nu hur jag ska ta bort denna launchvariabel genvägen i alla andra vanliga webbläsare?

Rapportera Redigera

Citera flera Citera

2014-06-10 14:20

Permalänk

LemonIllusion

Medlem ★

Plats: SweClockers forum
Registrerad: Aug 2012

●

Skrivet av dayrider:

Ja du är inne på rätt spår. Jag fick rätt startsida när jag startare "iexplore i kör"
Frågan är nu hur jag ska ta bort denna launchvariabel genvägen i alla andra vanliga webbläsare?

Gå till inlägget

Jag vet inget lättare sätt än att redigera varje genväg manuellt.

Visa signatur

Spela Swemantle! Du vet att du vill.

Ibland har jag fel, men då är det någon annans fel.

Rapportera Redigera

Citera flera Citera

2014-06-10 14:26

Permalänk

N0iZE

Medlem

Registrerad: Sep 2012

●

Skrivet av dayrider:

Gå till inlägget

Du kan kanske återställa till en tidigare punkt?

Visa signatur

OS: MacOS/ Windows 10 Pro 64-bit MB: ASUS-Z97-A CPU: i7 4790k
NÄTAGG: EVGA SUPERNOVA G2
RAM: 32768 MiB GPU: 1070 FTW Chassi: Fractal Design R4
MBP 13" i5 | 256GB | 16GB RAM | MID 2014

Rapportera Redigera

Citera flera Citera

2014-06-10 14:28

Permalänk

upr0426

Medlem

Registrerad: Maj 2012

●

Skrivet av dayrider:

Gå till inlägget

Om du har avast!
Så kanske browser cleanup funkar.

Rapportera Redigera

Citera flera Citera

2014-06-10 14:30

Permalänk

BigganD

Medlem

Plats: Stockholm
Registrerad: Dec 2003

●

Skrivet av dayrider:

Ja du är inne på rätt spår. Jag fick rätt startsida när jag startare "iexplore i kör"
Frågan är nu hur jag ska ta bort denna launchvariabel genvägen i alla andra vanliga webbläsare?

Gå till inlägget

Prova med att höger klicka på explorer.exe --> Egenskaper, kolla vad som står på Mål:
För att det ska stå normalt "C:\Program Files\Internet Explorer\iexplore.exe"

Om det står något mer, ta bort det, sedan verkställ.

Visa signatur

Gamer: AMD RYZEN 1800,MSI X370 Gaming Pro, DDR4 32gb 2666Mhz, AMD X6900XT,OCZ Trion 240GB, Samsung SSD 830 128gb, 2TB HD, WD HD 650GB, XFX 850W HTPC: i5 2500, 16gb ram, samsung ssd 500gb, Geforce 1030

Rapportera Redigera

Citera flera Citera

2014-06-10 14:48

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

Skrivet av BigganD:

Prova med att höger klicka på explorer.exe --> Egenskaper, kolla vad som står på Mål:
För att det ska stå normalt "C:\Program Files\Internet Explorer\iexplore.exe"

Om det står något mer, ta bort det, sedan verkställ.

Gå till inlägget

Av någon anledning så funkade detta på explore men inte på chrome eller firefox

Rapportera Redigera

Citera flera Citera

2014-06-10 16:45

Permalänk

BigganD

Medlem

Plats: Stockholm
Registrerad: Dec 2003

●

Skrivet av dayrider:

Av någon anledning så funkade detta på explore men inte på chrome eller firefox

Gå till inlägget

Ja, det kan vara så att du har den i Regedit, du måste hitta den där och sedan delete (spyware). Det kan vara svårt men gå in i regedit och sök på den spyware/malware som du, om det hittar något ska du ta bort allt. Sök sedan igen och om det hittar samma igen då kan du prova med att höger klicka en i taget och klicka på, "Ändra binärdata" ta bort allt och lämna tex 12, klcik på ok. Prova att ta bort filerna igen.

Visa signatur

Rapportera Redigera

Citera flera Citera

2014-06-10 19:23

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

nej hittade inget speciellt där när jag sökte på namnet

Rapportera Redigera

Citera flera Citera

2014-06-10 19:33

Permalänk

skog1s

Medlem ★

Plats: Skåne
Registrerad: Aug 2007

●

Skrivet av dayrider:

nej hittade inget speciellt där när jag sökte på namnet

Gå till inlägget

Har du provat att köra en full scan med Malwarebytes i felsäkert läge!

Visa signatur

Pc 1--> [AsRock DualSata2][AMD4600+X2][7800GT] [Intel SSD X-25 80GB G2][1TB F3][750GB IDE][4GB XMSCorsiar]Pc 2--> [Asus Crosshair] [AMD 4800+X2] [2st 8800GT i SLI] [RAID 0 2x250GB] [6GB XMSCorsair] [Corsair HX750]Pc 3-->[HP Microserver 12TB]Pc 4--> AsRock P67 Extreme 4,i7 2600K @ 4.0 GHz,830 256GB,16GB 1600MHz, R9 290X Foto [Nikon D7000][70-300/35 1,8/18-55 [Skärmar=24",24",24" Eyefinity]

Rapportera Redigera

Citera flera Citera

2014-06-10 19:53

Permalänk

upr0426

Medlem

Registrerad: Maj 2012

●

Om det sitter kvar i registret men är avinstallerat så kanske CCLEANER register städare hjälpa.

Rapportera Redigera

Citera flera Citera

2014-06-10 20:03

Permalänk

CeciliaB

Medlem ★

Plats: Stockholm
Registrerad: Nov 2011

●

Kan ju se om FRST visar var det sitter när det gäller Chrome och Firefox.
Ladda ner Farbar Recovery Scan Tool (FRST) och spara på skrivbordet.
För 64-bitars Windows: http://download.bleepingcomputer.com/farbar/FRST64.exe
För 32-bitars Windows: http://download.bleepingcomputer.com/farbar/FRST.exe

Starta FRST.
Läs villkoren för programmet.
Klicka på Yes för att acceptera.
Klicka på Scan-knappen.
När det är klart kommer det att ha skapats två loggar FRST.txt och Addition.txt på skrivbordet.
Klistra in innehållet i loggarna direkt i ditt svar men använd SPOILER-funktionen/-taggen så att det inte blir så mycket att skrolla för dem som inte är intresserade av logginnehållet.

Rapportera Redigera

Citera flera Citera

2014-06-10 20:26

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-06-2014
Ran by Magnus (administrator) on MAGNUSA-DATOR on 10-06-2014 20:07:02
Running from C:\Users\Magnus\AppData\Local\Microsoft\Windows\INetCache\IE\ILILJYSV
Platform: Windows 8.1 Pro (Update 1) (X64) OS Language: Swedish
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan...
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan...
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how...

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\ModernMix\MMix_64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\ModernMix\MMix_32.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(SecMaker AB) C:\Program Files\Net iD\iid.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Dropbox, Inc.) C:\Users\Magnus\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Arrogant Bastard CycloneGamingMouse\hid.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\Arrogant Bastard CycloneGamingMouse\trayicon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Net iD] => C:\Program Files\Net iD\iid.exe [111872 2013-05-28] (SecMaker AB)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Net iD] => C:\Program Files (x86)\Net iD\iid.exe [104704 2013-05-28] (SecMaker AB)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Arrogant Bastard CycloneGamingMouse] => C:\Program Files (x86)\Arrogant Bastard CycloneGamingMouse\hid.exe [351232 2013-04-11] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-988201654-4036870106-4180999116-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-988201654-4036870106-4180999116-1000\...\Run: [PrSft] => C:\Users\Magnus\AppData\Roaming\svc-csnq.exe
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
IFEO\k9filter.exe: [Debugger] SVCHOST.EXE
IFEO\MpCmdRun.exe: [Debugger] SVCHOST.EXE
IFEO\MpUXSrv.exe: [Debugger] SVCHOST.EXE
IFEO\MSASCui.exe: [Debugger] SVCHOST.EXE
IFEO\msmpeng.exe: [Debugger] SVCHOST.EXE
IFEO\msseces.exe: [Debugger] SVCHOST.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Magnus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Magnus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.se.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE,sv;q=0.8,en-US;q=0.5,en;q=0.3
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.se/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1402344832&from=am...
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp&ts=1402344832&from=am...
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FlowSurf - {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} - C:\Program Files (x86)\Flowsurf\FlowSurf.dll (FlowSurf Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Magnus\AppData\Roaming\Mozilla\Firefox\Profiles\fz9m6ar3.default-1402348227421
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Homepage: www.msn.se
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 - C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npiidplg.dll (SecMaker AB)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml
FF HKLM-x32\...\Firefox\Extensions: [jid1-tofUlNEIFlkUIA@jetpack] - C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack
FF Extension: FlowSurf - C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack [2014-06-09]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Magnus\AppData\Roaming\Mozilla\Firefox\Profiles\25as1ue7.default\extensions\quick_start@gmail.com

Chrome:
=======
CHR HomePage: hxxp://istart.webssearches.com/?type=hppp&ts=1402420889&from=...
CHR StartupUrls: "hxxp://istart.webssearches.com/?type=hppp&ts=1402420889&from=..."
CHR DefaultSearchKeyword: webssearches
CHR DefaultSearchProvider: webssearches
CHR DefaultSearchURL: http://istart.webssearches.com/web/?type=dspp&ts=1402420889&f...
CHR Plugin: (Shockwave Flash) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - F:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Wajam) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll No File
CHR Plugin: (Adobe Acrobat) - F:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.170.4) - F:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll No File
CHR Plugin: (2007 Microsoft Office system) - F:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - F:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Winamp Application Detector) - F:\Program Files\Mozilla Firefox\plugins\npwachk.dll No File
CHR Plugin: (Microsoft® DRM) - F:\Program Files\Windows Media Player\npdrmv2.dll No File
CHR Plugin: (Microsoft® DRM) - F:\Program Files\Windows Media Player\npwmsdrm.dll No File
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - F:\Program Files\Windows Media Player\npdsplay.dll No File
CHR Plugin: (Google Update) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Google Earth Plugin) - F:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Panda ActiveScan 2.0) - F:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll No File
CHR Plugin: (iTunes Application Detector) - F:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Ma-Config.com plugin) - F:\Program Files\ma-config.com\nphardwaredetection.dll No File
CHR Plugin: (Silverlight Plug-In) - f:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Google Wallet) - C:\Users\Magnus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-03]

==================== Services (Whitelisted) =================

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-29] (Futuremark)
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 ModernMix; C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe [74864 2014-03-10] (Stardock Software, Inc)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]
R2 SNMP; C:\Windows\System32\snmp.exe [50688 2014-02-27] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [46080 2014-02-27] (Microsoft Corporation)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143288 2014-04-04] (Stardock Software, Inc)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe -service [X]

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-03-31] (AVG Technologies CZ, s.r.o.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
S3 ENTECH64; C:\WINDOWS\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
S3 GPUZ; C:\WINDOWS\TEMP\GPUZ.sys [27008 2014-02-07] ()
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-02-13] ()
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-16] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
S3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-06-18] (Marvell)
S3 cpuz136; \??\C:\WINDOWS\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\moderkort\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-10 20:06 - 2014-06-10 20:07 - 00000000 ____D () C:\FRST
2014-06-10 14:51 - 2014-06-10 19:56 - 00001022 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 14:51 - 2014-06-10 19:23 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-10 14:51 - 2014-06-10 19:21 - 00001018 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-10 14:51 - 2014-06-10 14:51 - 00003994 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-10 14:51 - 2014-06-10 14:51 - 00003758 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-10 14:51 - 2014-06-10 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-10 14:50 - 2014-06-10 14:51 - 00000000 ____D () C:\Users\Magnus\AppData\Local\Deployment
2014-06-10 14:24 - 2014-06-10 14:30 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\Lavasoft
2014-06-10 14:00 - 2014-06-10 14:00 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\LavasoftStatistics
2014-06-10 14:00 - 2014-06-10 14:00 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-10 13:59 - 2014-06-10 13:59 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-10 12:32 - 2014-06-10 14:39 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\SUPERAntiSpyware.com
2014-06-10 00:05 - 2014-06-10 00:05 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-06-10 00:05 - 2014-06-10 00:05 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-06-09 23:17 - 2014-06-10 14:39 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-09 23:17 - 2014-06-10 00:05 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-09 23:16 - 2014-06-09 23:16 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Magnus\Downloads\spybot-2.3.exe
2014-06-09 22:14 - 2014-06-10 14:39 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-09 22:14 - 2014-06-10 14:39 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-09 22:14 - 2014-06-09 22:14 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\SupTab
2014-06-09 22:14 - 2014-06-09 22:14 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-09 22:13 - 2014-06-10 14:39 - 00000000 ____D () C:\Users\Magnus\AppData\Local\9068
2014-06-09 22:13 - 2014-06-10 14:39 - 00000000 ____D () C:\Program Files (x86)\Flowsurf
2014-06-09 22:13 - 2014-06-09 22:13 - 00003086 _____ () C:\WINDOWS\System32\Tasks\fsupdate
2014-05-31 22:35 - 2014-05-31 22:35 - 00001985 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-05-31 22:34 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2014-05-27 19:38 - 2014-06-10 14:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-26 22:10 - 2014-05-26 22:10 - 00002149 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-05-26 22:10 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-05-26 22:09 - 2014-06-10 14:39 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-05-26 22:08 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-05-26 22:08 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433788.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433788.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00416712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00382240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00335704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-05-26 22:08 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-05-20 14:23 - 2014-05-20 14:23 - 00000000 __SHD () C:\Users\alla utom jag\AppData\Local\EmieUserList
2014-05-20 14:23 - 2014-05-20 14:23 - 00000000 __SHD () C:\Users\alla utom jag\AppData\Local\EmieSiteList
2014-05-20 14:21 - 2014-05-20 14:21 - 00000000 ____D () C:\Users\alla utom jag\AppData\Roaming\AVG2014
2014-05-20 14:21 - 2014-05-20 14:21 - 00000000 ____D () C:\Users\alla utom jag\AppData\Local\Avg2014
2014-05-18 22:18 - 2014-05-18 22:18 - 00045400 _____ () C:\WINDOWS\SysWOW64\DiscHandler.exe
2014-05-15 23:49 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-05-15 23:49 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-05-14 09:28 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-14 09:28 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-14 09:28 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-05-14 09:28 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-05-14 09:28 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-05-14 09:28 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-05-14 09:28 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-05-14 09:28 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-05-14 09:28 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-05-14 09:28 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-05-14 09:28 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-05-14 09:28 - 2014-04-11 05:36 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-05-14 09:28 - 2014-04-11 05:24 - 13288960 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-05-14 09:28 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-05-14 09:28 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 09:28 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-05-14 09:28 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-14 09:28 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-05-14 09:28 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-05-14 09:28 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-05-14 09:28 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-05-14 09:28 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-05-14 09:28 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-05-14 09:28 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-05-14 09:28 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-05-14 09:28 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-05-14 09:28 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-05-14 09:28 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-05-14 09:28 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-05-14 09:28 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-05-14 09:28 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-05-14 09:28 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-05-14 09:28 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-05-14 09:28 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-05-14 09:28 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-05-14 09:28 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-05-14 09:27 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-05-14 09:27 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-05-14 09:27 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-05-14 09:27 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-05-14 09:27 - 2014-03-27 11:12 - 21225584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-05-14 09:27 - 2014-03-27 09:48 - 18679728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 04374528 _____ () C:\WINDOWS\system32\ffdshow.ax
2014-05-13 17:05 - 2014-05-13 17:05 - 04009984 _____ () C:\WINDOWS\system32\ffmpeg.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00474624 _____ () C:\WINDOWS\system32\ff_kernelDeint.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00127488 _____ () C:\WINDOWS\system32\ff_vfw.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 01532928 _____ () C:\WINDOWS\system32\ff_samplerate.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00631296 _____ () C:\WINDOWS\system32\TomsMoComp_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00222720 _____ () C:\WINDOWS\system32\ff_libdts.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00190464 _____ () C:\WINDOWS\system32\libmpeg2_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00183296 _____ () C:\WINDOWS\system32\ff_unrar.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00156672 _____ () C:\WINDOWS\system32\ff_libmad.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00116224 _____ () C:\WINDOWS\system32\ff_liba52.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00114688 _____ () C:\WINDOWS\system32\ff_wmv9.dll
2014-05-13 17:02 - 2014-05-13 17:02 - 03916288 _____ () C:\WINDOWS\SysWOW64\ffmpeg.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 03502592 _____ () C:\WINDOWS\SysWOW64\ffdshow.ax
2014-05-13 17:01 - 2014-05-13 17:01 - 00271360 _____ () C:\WINDOWS\SysWOW64\TomsMoComp_ff.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 00112640 _____ () C:\WINDOWS\SysWOW64\ff_vfw.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 01525760 _____ () C:\WINDOWS\SysWOW64\ff_samplerate.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00211968 _____ () C:\WINDOWS\SysWOW64\ff_libdts.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00157184 _____ () C:\WINDOWS\SysWOW64\ff_unrar.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00147456 _____ () C:\WINDOWS\SysWOW64\ff_libmad.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00136704 _____ () C:\WINDOWS\SysWOW64\libmpeg2_ff.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00114688 _____ () C:\WINDOWS\SysWOW64\ff_liba52.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00099840 _____ () C:\WINDOWS\SysWOW64\ff_wmv9.dll

==================== One Month Modified Files and Folders =======

2014-06-10 20:07 - 2014-06-10 20:06 - 00000000 ____D () C:\FRST
2014-06-10 20:07 - 2013-11-16 00:26 - 00000000 ____D () C:\Users\Magnus\AppData\Local\Temp
2014-06-10 20:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-06-10 19:56 - 2014-06-10 14:51 - 00001022 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 19:55 - 2013-03-15 21:58 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\Skype
2014-06-10 19:51 - 2014-02-04 15:17 - 00005046 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MAGNUSA-DATOR-Magnus MagnusA-Dator
2014-06-10 19:50 - 2013-06-09 19:23 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-06-10 19:42 - 2013-11-16 00:31 - 01412353 _____ () C:\WINDOWS\WindowsUpdate.log
2014-06-10 19:35 - 2013-03-15 18:50 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-988201654-4036870106-4180999116-1000
2014-06-10 19:28 - 2013-09-30 06:14 - 01740478 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-06-10 19:28 - 2013-09-30 05:57 - 00732588 _____ () C:\WINDOWS\system32\perfh01D.dat
2014-06-10 19:28 - 2013-09-30 05:57 - 00151960 _____ () C:\WINDOWS\system32\perfc01D.dat
2014-06-10 19:24 - 2013-11-16 00:39 - 00003948 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F27DEE42-88FC-44C2-A198-074C5B2E3460}
2014-06-10 19:23 - 2014-06-10 14:51 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-10 19:23 - 2013-06-09 22:13 - 00000000 ____D () C:\Users\Magnus\AppData\Local\Google
2014-06-10 19:21 - 2014-06-10 14:51 - 00001018 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-10 19:21 - 2014-05-06 23:25 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\DropboxMaster
2014-06-10 19:21 - 2013-12-31 02:15 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-10 19:21 - 2013-11-16 00:35 - 00000000 __RDO () C:\Users\Magnus\SkyDrive
2014-06-10 19:21 - 2013-09-29 21:05 - 00015578 _____ () C:\WINDOWS\PFRO.log
2014-06-10 19:21 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-06-10 19:21 - 2013-03-16 00:13 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\Dropbox
2014-06-10 19:21 - 2012-09-24 14:19 - 00000000 ___RD () C:\Users\Magnus\Dropbox
2014-06-10 19:12 - 2014-02-06 12:34 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-10 14:51 - 2014-06-10 14:51 - 00003994 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-10 14:51 - 2014-06-10 14:51 - 00003758 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-10 14:51 - 2014-06-10 14:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-10 14:51 - 2014-06-10 14:50 - 00000000 ____D () C:\Users\Magnus\AppData\Local\Deployment
2014-06-10 14:51 - 2013-07-24 20:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-10 14:49 - 2014-05-27 19:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-10 14:39 - 2014-06-10 12:32 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\SUPERAntiSpyware.com
2014-06-10 14:39 - 2014-06-09 23:17 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-10 14:39 - 2014-06-09 22:14 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-10 14:39 - 2014-06-09 22:14 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-10 14:39 - 2014-06-09 22:13 - 00000000 ____D () C:\Users\Magnus\AppData\Local\9068
2014-06-10 14:39 - 2014-06-09 22:13 - 00000000 ____D () C:\Program Files (x86)\Flowsurf
2014-06-10 14:39 - 2014-05-26 22:09 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-06-10 14:39 - 2013-10-30 21:10 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\Arrogant Bastard Cyclone
2014-06-10 14:39 - 2013-10-30 21:10 - 00000000 ____D () C:\Program Files (x86)\Arrogant Bastard CycloneGamingMouse
2014-06-10 14:39 - 2013-07-29 11:45 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\iid
2014-06-10 14:39 - 2013-07-29 11:45 - 00000000 ____D () C:\Program Files\Net iD
2014-06-10 14:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\registration
2014-06-10 14:32 - 2013-11-16 00:49 - 00001416 _____ () C:\Users\Magnus\Desktop\Internet Explorer.lnk
2014-06-10 14:30 - 2014-06-10 14:24 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\Lavasoft
2014-06-10 14:00 - 2014-06-10 14:00 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\LavasoftStatistics
2014-06-10 14:00 - 2014-06-10 14:00 - 00000000 ____D () C:\Program Files\Lavasoft
2014-06-10 13:59 - 2014-06-10 13:59 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-06-10 13:06 - 2014-02-06 12:36 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-10 12:51 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-06-10 00:05 - 2014-06-10 00:05 - 00000085 _____ () C:\WINDOWS\wininit.ini
2014-06-10 00:05 - 2014-06-10 00:05 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-06-10 00:05 - 2014-06-09 23:17 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-09 23:16 - 2014-06-09 23:16 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Magnus\Downloads\spybot-2.3.exe
2014-06-09 22:14 - 2014-06-09 22:14 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\SupTab
2014-06-09 22:14 - 2014-06-09 22:14 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-09 22:13 - 2014-06-09 22:13 - 00003086 _____ () C:\WINDOWS\System32\Tasks\fsupdate
2014-06-09 22:13 - 2013-11-16 00:33 - 00001670 _____ () C:\Users\Magnus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-09 11:53 - 2013-03-15 18:39 - 00000000 ____D () C:\Users\Magnus\AppData\Local\Packages
2014-06-09 10:38 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-06-07 01:51 - 2013-08-08 20:58 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\uTorrent
2014-06-07 01:49 - 2013-08-29 16:31 - 00000000 ____D () C:\Users\Magnus\Documents\studier
2014-06-06 23:38 - 2013-12-30 13:18 - 00001082 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-06-06 23:38 - 2013-12-30 13:18 - 00000027 _____ () C:\Program Files\plugins.dat
2014-05-31 22:35 - 2014-05-31 22:35 - 00001985 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-05-31 22:35 - 2014-01-15 20:15 - 00000000 ____D () C:\Users\Magnus\AppData\Local\Downloaded Installations
2014-05-31 22:33 - 2013-08-22 16:46 - 00349083 _____ () C:\WINDOWS\setupact.log
2014-05-31 22:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-29 20:05 - 2013-03-23 20:16 - 00000000 ____D () C:\Users\Magnus\AppData\Local\PokerStars.EU
2014-05-29 20:05 - 2013-03-23 20:16 - 00000000 ____D () C:\Program Files (x86)\PokerStars.EU
2014-05-28 10:21 - 2013-12-02 17:23 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-28 10:21 - 2013-03-15 18:40 - 00000000 ___RD () C:\Users\Magnus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-26 22:10 - 2014-05-26 22:10 - 00002149 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-05-26 22:10 - 2014-01-09 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-26 22:10 - 2013-12-31 02:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-26 15:42 - 2013-11-17 20:47 - 00064000 ___SH () C:\Users\Magnus\Desktop\Thumbs.db
2014-05-23 17:43 - 2014-02-04 15:06 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-22 13:42 - 2013-04-09 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-05-20 22:38 - 2014-03-03 00:08 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-20 22:38 - 2013-03-15 21:57 - 00000000 ____D () C:\ProgramData\Skype
2014-05-20 18:12 - 2013-11-16 00:26 - 00000000 ____D () C:\Users\alla utom jag\AppData\Local\Temp
2014-05-20 17:16 - 2013-04-27 09:56 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-988201654-4036870106-4180999116-1003
2014-05-20 15:54 - 2013-12-01 21:09 - 00003976 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A6539A7D-11C4-4DD3-B802-0A8E08B1106A}
2014-05-20 14:23 - 2014-05-20 14:23 - 00000000 __SHD () C:\Users\alla utom jag\AppData\Local\EmieUserList
2014-05-20 14:23 - 2014-05-20 14:23 - 00000000 __SHD () C:\Users\alla utom jag\AppData\Local\EmieSiteList
2014-05-20 14:21 - 2014-05-20 14:21 - 00000000 ____D () C:\Users\alla utom jag\AppData\Roaming\AVG2014
2014-05-20 14:21 - 2014-05-20 14:21 - 00000000 ____D () C:\Users\alla utom jag\AppData\Local\Avg2014
2014-05-20 14:20 - 2014-02-06 12:15 - 00000000 ____D () C:\Users\alla utom jag\AppData\Local\NVIDIA Corporation
2014-05-20 14:20 - 2013-03-16 01:39 - 00000000 ___RD () C:\Users\alla utom jag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-20 14:20 - 2013-03-16 01:39 - 00000000 ___RD () C:\Users\alla utom jag\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-20 04:44 - 2014-05-26 22:08 - 31387936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 24025376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 17561544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 16003912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 12688328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-05-26 22:08 - 11644928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 11599072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 09735256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 09697640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 03141976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 02953672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 02785568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 02412376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 01889112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 01541576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00895776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00892704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00867784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00861128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00837056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00416712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00382240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00354016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00335704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00166568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-05-20 04:44 - 2014-05-26 22:08 - 00146480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-05-20 04:44 - 2014-01-09 18:03 - 14434704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2014-01-09 18:03 - 02730208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2013-12-31 02:14 - 18531568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2013-12-31 02:14 - 03109248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-05-20 04:44 - 2013-12-31 02:14 - 00952952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-05-20 04:44 - 2013-12-31 02:14 - 00026069 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-05-20 04:44 - 2013-10-27 10:12 - 17480432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-05-20 03:25 - 2013-12-31 02:15 - 06769096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-05-20 03:25 - 2013-12-31 02:15 - 03514144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-05-20 03:25 - 2013-12-31 02:15 - 02560968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-05-20 03:25 - 2013-12-31 02:15 - 00927520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-05-20 03:25 - 2013-12-31 02:15 - 00387528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-05-20 03:25 - 2013-12-31 02:15 - 00062808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-05-20 01:10 - 2014-05-26 22:10 - 00601432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-05-18 22:18 - 2014-05-18 22:18 - 00045400 _____ () C:\WINDOWS\SysWOW64\DiscHandler.exe
2014-05-18 18:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-05-16 11:30 - 2013-03-18 21:28 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-15 23:45 - 2013-03-15 18:40 - 00000000 ___RD () C:\Users\Magnus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 23:44 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-05-15 23:44 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 23:44 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 23:44 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-05-15 23:44 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-05-15 23:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 23:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 01:49 - 2013-12-31 02:15 - 03774821 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-05-14 09:46 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-05-14 09:45 - 2013-07-12 19:32 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-05-14 09:45 - 2013-03-15 19:11 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-05-13 22:50 - 2013-06-09 19:23 - 00003756 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-05-13 17:05 - 2014-05-13 17:05 - 04374528 _____ () C:\WINDOWS\system32\ffdshow.ax
2014-05-13 17:05 - 2014-05-13 17:05 - 04009984 _____ () C:\WINDOWS\system32\ffmpeg.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00474624 _____ () C:\WINDOWS\system32\ff_kernelDeint.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00127488 _____ () C:\WINDOWS\system32\ff_vfw.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 01532928 _____ () C:\WINDOWS\system32\ff_samplerate.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00631296 _____ () C:\WINDOWS\system32\TomsMoComp_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00222720 _____ () C:\WINDOWS\system32\ff_libdts.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00190464 _____ () C:\WINDOWS\system32\libmpeg2_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00183296 _____ () C:\WINDOWS\system32\ff_unrar.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00156672 _____ () C:\WINDOWS\system32\ff_libmad.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00116224 _____ () C:\WINDOWS\system32\ff_liba52.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00114688 _____ () C:\WINDOWS\system32\ff_wmv9.dll
2014-05-13 17:02 - 2014-05-13 17:02 - 03916288 _____ () C:\WINDOWS\SysWOW64\ffmpeg.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 03502592 _____ () C:\WINDOWS\SysWOW64\ffdshow.ax
2014-05-13 17:01 - 2014-05-13 17:01 - 00271360 _____ () C:\WINDOWS\SysWOW64\TomsMoComp_ff.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 00112640 _____ () C:\WINDOWS\SysWOW64\ff_vfw.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 01525760 _____ () C:\WINDOWS\SysWOW64\ff_samplerate.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00211968 _____ () C:\WINDOWS\SysWOW64\ff_libdts.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00157184 _____ () C:\WINDOWS\SysWOW64\ff_unrar.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00147456 _____ () C:\WINDOWS\SysWOW64\ff_libmad.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00136704 _____ () C:\WINDOWS\SysWOW64\libmpeg2_ff.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00114688 _____ () C:\WINDOWS\SysWOW64\ff_liba52.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00099840 _____ () C:\WINDOWS\SysWOW64\ff_wmv9.dll

Files to move or delete:
====================
C:\Users\Magnus\GL4JavbJauGljJNI14.dll
C:\Users\Magnus\jagex_cl_runescape_LIVE.dat
C:\Users\Magnus\jagex_runescape_preferences.dat
C:\Users\Magnus\jagex_runescape_preferences2.dat
C:\Users\Magnus\jagex__preferences3.dat

Some content of TEMP:
====================
C:\Users\Magnus\AppData\Local\Temp\BackupSetup.exe
C:\Users\Magnus\AppData\Local\Temp\devcon64.exe
C:\Users\Magnus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjfgcfm.dll
C:\Users\Magnus\AppData\Local\Temp\Execute2App.exe
C:\Users\Magnus\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Magnus\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Magnus\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\Magnus\AppData\Local\Temp\msvcp90.dll
C:\Users\Magnus\AppData\Local\Temp\msvcr90.dll
C:\Users\Magnus\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Magnus\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Magnus\AppData\Local\Temp\nvStInst.exe
C:\Users\Magnus\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Magnus\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Magnus\AppData\Local\Temp\SETUP_AFTERBURNER.EXE
C:\Users\Magnus\AppData\Local\Temp\sonarinst.exe
C:\Users\Magnus\AppData\Local\Temp\SRLDetectionLibrary8486241490261656319.dll
C:\Users\Magnus\AppData\Local\Temp\ubi2188.tmp.exe
C:\Users\Magnus\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Magnus\AppData\Local\Temp\vlc-2.1.3-win32.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-10 19:35

==================== End Of Log ============================

Dold text

Rapportera Redigera

Citera flera Citera

2014-06-10 20:26

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2014
Ran by Magnus at 2014-06-10 20:07:17
Running from C:\Users\Magnus\AppData\Local\Microsoft\Windows\INetCache\IE\ILILJYSV
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30740 - BitTorrent Inc.)
24hPoker (HKLM-x32\...\24hPoker (Poker)) (Version: 16.6.2.11243 - )
3DMark (HKLM-x32\...\{e1e3b41b-1078-4885-a74f-393ca384b1aa}) (Version: 1.2.250.0 - Futuremark)
3DMark (Version: 1.2.250.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.0.1.1 - Futuremark Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
aMSN 0.98.9 (HKLM-x32\...\aMSN) (Version: - )
Arrogant Bastard Cyclone Gaming Mouse (HKLM-x32\...\{9861FCCC-9EE4-4D75-B28C-7610D9D65CB8}}_is1) (Version: - )
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
BankID säkerhetsprogram (HKLM-x32\...\{2D6973ED-BBF2-434E-993C-37E05087B8C8}) (Version: 5.1.3.2 - Finansiell ID-Teknik BID AB)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version: - WB Games Montreal)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.1.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - )
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
EASEUS Partition Master 9.1.1 Home Edition (HKLM-x32\...\EASEUS Partition Master Home Edition_is1) (Version: - EASEUS)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
ExitWindows (HKCU\...\e27f718c5dc2bef9) (Version: 1.0.0.28 - ExitWindows)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Media Player Codec Pack 4.3.1 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.3.1 - Media Player Codec Pack) <==== ATTENTION
Microsoft Office 365 - sv-se (HKLM\...\O365HomePremRetail - sv-se) (Version: 15.0.4615.1002 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041D-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI GamingApp (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 1.0.0.16 - MSI)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Net iD 5.7.1 (32-bit Edition) (HKLM-x32\...\iid) (Version: 5.7.1.15 - SecMaker AB)
Net iD 5.7.1 (HKLM\...\iid) (Version: 5.7.1.15 - SecMaker AB)
Nordea NCR1 Installationspaket (HKLM-x32\...\{CD9A35D4-8A81-4188-98AF-14D759083FB4}) (Version: 1.00.000 - Todos Data System AB)
NVIDIA 3D Vision drivrutin 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision drivrutin för styrenhet 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafikdrivrutin 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD audiodrivrutin 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX systemprogramvara 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
NVIDIAs kontrollpanel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA-uppdatering 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4615.1002 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{DD21E907-9A2A-44B8-A12E-13691E166664}) (Version: 1.0.30.1003 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14055.3 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpellRight (HKLM-x32\...\SpellRight) (Version: - )
Star Swarm Benchmark (HKLM-x32\...\Steam App 267130) (Version: - Oxide Games)
Stardock ModernMix (HKLM-x32\...\Stardock ModernMix) (Version: 1.15 - Stardock Software, Inc.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.41 - Stardock Software, Inc.)
Stava Rex (HKLM-x32\...\Stava Rex ) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Svenska Spels Poker (HKLM-x32\...\Svenska Spels Poker ) (Version: - Boss Media AB)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25790 - TeamViewer)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.00.1000 - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

==================== Restore Points =========================

28-05-2014 10:03:01 Schemalagd kontrollpunkt
31-05-2014 20:34:52 Installed Samsung Kies3
09-06-2014 08:39:01 Schemalagd kontrollpunkt
10-06-2014 11:59:23 AA11
10-06-2014 12:38:05 Återställningsåtgärd

==================== Hosts content: ==========================

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {11B02D30-D2C7-4421-AE62-0CCA9BFF3320} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {15213878-F37E-41C2-ACC2-82F35B4B755D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {408FDD15-410E-45CA-8AB2-A743CCD29399} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-10] (Google Inc.)
Task: {413D3F39-BEDA-48C4-B6E6-9B2AF30EDC68} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MAGNUSA-DATOR-Magnus MagnusA-Dator => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-05-23] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5FAA95F8-7E95-493D-BF14-3231CDEC4F67} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F2C9564-43A1-4FF7-91C7-138B4B6D8148} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-05-23] (Microsoft Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9CD71FE1-D573-4DAB-BDF6-E7502E2B6DE0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A7AE21E4-DDBE-4A64-AADB-6008FFC33B88} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {ADC1E827-EFE0-47E8-A6F0-DB9BB81F0A70} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {BE1D812C-DA4C-458A-BA49-14CDD78A040B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-05-14] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F2F2C7A6-430E-4D10-9D3B-40A5F4A45DB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-10] (Google Inc.)
Task: {F5937C7B-6F28-448C-A088-47F84308D79E} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {FD467070-2353-4A7A-8B1B-800F4023818A} - System32\Tasks\fsupdate => C:\PROGRA~2\Flowsurf\fsupd.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-12-31 02:15 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-23 17:42 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-02-04 15:06 - 2014-04-15 03:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-06-12 22:58 - 2013-06-12 22:58 - 00048248 _____ () C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
2013-08-08 15:35 - 2013-08-08 15:35 - 00283648 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2013-10-30 21:10 - 2013-04-11 17:42 - 00351232 _____ () C:\Program Files (x86)\Arrogant Bastard CycloneGamingMouse\hid.exe
2013-10-30 21:10 - 2012-11-29 16:02 - 00282112 _____ () C:\Program Files (x86)\Arrogant Bastard CycloneGamingMouse\trayicon.exe
2014-04-11 22:01 - 2014-04-11 22:01 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-06-10 19:21 - 2014-06-10 19:21 - 00043008 _____ () c:\users\magnus\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjfgcfm.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Magnus\AppData\Roaming\Dropbox\bin\libcef.dll
2013-10-30 21:10 - 2013-01-15 19:06 - 00061952 _____ () C:\Program Files (x86)\Arrogant Bastard CycloneGamingMouse\HidDevice.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Magnus\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (06/10/2014 02:48:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: IEXPLORE.EXE, version 11.0.9600.17037, tidsstämpel 0x5312c30a
, felet uppstod i modulen med namn: Flash.ocx, version 13.0.0.214, tidsstämpel 0x5359d1d9
Undantagskod: 0xc0000005
Felförskjutning: 0x003d0160
Process-ID: 0x17f4
Programmets starttid: 0xIEXPLORE.EXE0
Sökväg till program: IEXPLORE.EXE1
Sökväg till modul: IEXPLORE.EXE2
Rapport-ID: IEXPLORE.EXE3
Fullständigt namn på felaktigt paket: IEXPLORE.EXE4
Program-ID relativt till felaktigt paket: IEXPLORE.EXE5

Error: (06/10/2014 02:40:38 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Ett ospecificerat fel uppstod under systemåterställningen: (Schemalagd kontrollpunkt). Ytterligare information: 0x80070005.

Error: (06/10/2014 02:38:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.

System Error:
Det går inte att hitta filen.
.

Error: (06/10/2014 02:38:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Åtkomst nekad.
.

Error: (06/10/2014 01:59:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.

System Error:
Det går inte att hitta filen.
.

Error: (06/10/2014 01:59:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Åtkomst nekad.
.

Error: (06/10/2014 01:15:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: nvxdsync.exe, version 8.17.13.3788, tidsstämpel 0x537a994a
, felet uppstod i modulen med namn: nvxdsync.exe, version 8.17.13.3788, tidsstämpel 0x537a994a
Undantagskod: 0xc0000005
Felförskjutning: 0x00000000000499a9
Process-ID: 0x45c
Programmets starttid: 0xnvxdsync.exe0
Sökväg till program: nvxdsync.exe1
Sökväg till modul: nvxdsync.exe2
Rapport-ID: nvxdsync.exe3
Fullständigt namn på felaktigt paket: nvxdsync.exe4
Program-ID relativt till felaktigt paket: nvxdsync.exe5

Error: (06/09/2014 11:19:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: SDFSSvc.exe, version 2.3.39.217, tidsstämpel 0x535a5114
, felet uppstod i modulen med namn: unknown, version 0.0.0.0, tidsstämpel 0x00000000
Undantagskod: 0xc0000005
Felförskjutning: 0x00000000
Process-ID: 0x13d8
Programmets starttid: 0xSDFSSvc.exe0
Sökväg till program: SDFSSvc.exe1
Sökväg till modul: SDFSSvc.exe2
Rapport-ID: SDFSSvc.exe3
Fullständigt namn på felaktigt paket: SDFSSvc.exe4
Program-ID relativt till felaktigt paket: SDFSSvc.exe5

Error: (06/09/2014 11:18:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: SDFiles.exe, version 2.3.39.135, tidsstämpel 0x535a5153
, felet uppstod i modulen med namn: unknown, version 0.0.0.0, tidsstämpel 0x00000000
Undantagskod: 0xc0000005
Felförskjutning: 0x00000000
Process-ID: 0x1448
Programmets starttid: 0xSDFiles.exe0
Sökväg till program: SDFiles.exe1
Sökväg till modul: SDFiles.exe2
Rapport-ID: SDFiles.exe3
Fullständigt namn på felaktigt paket: SDFiles.exe4
Program-ID relativt till felaktigt paket: SDFiles.exe5

Error: (06/09/2014 11:05:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: nvxdsync.exe, version 8.17.13.3788, tidsstämpel 0x537a994a
, felet uppstod i modulen med namn: nvxdsync.exe, version 8.17.13.3788, tidsstämpel 0x537a994a
Undantagskod: 0xc0000005
Felförskjutning: 0x00000000000499a9
Process-ID: 0x454
Programmets starttid: 0xnvxdsync.exe0
Sökväg till program: nvxdsync.exe1
Sökväg till modul: nvxdsync.exe2
Rapport-ID: nvxdsync.exe3
Fullständigt namn på felaktigt paket: nvxdsync.exe4
Program-ID relativt till felaktigt paket: nvxdsync.exe5

System errors:
=============
Error: (06/10/2014 07:21:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten Windows Defender Service kunde inte startas på grund av följande fel:
%%1053

Error: (06/10/2014 07:21:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Windows Defender Service skulle ansluta.

Error: (06/10/2014 07:21:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten AMD FUEL Service kunde inte startas på grund av följande fel:
%%1053

Error: (06/10/2014 07:21:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten AMD FUEL Service skulle ansluta.

Error: (06/10/2014 07:21:25 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (06/10/2014 07:21:24 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Den här datorn är konfigurerad som medlem i en arbetsgrupp,
och inte som medlem i en domän. Tjänsten Netlogon behöver inte vara igång
i den här konfigurationen.

Error: (06/10/2014 07:21:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten WindowsProtectManger Service kunde inte startas på grund av följande fel:
%%2

Error: (06/10/2014 02:50:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten Windows Defender Service kunde inte startas på grund av följande fel:
%%1053

Error: (06/10/2014 02:50:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Windows Defender Service skulle ansluta.

Error: (06/10/2014 02:50:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten AMD FUEL Service kunde inte startas på grund av följande fel:
%%1053

Microsoft Office Sessions:
=========================
Error: (06/10/2014 02:48:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.170375312c30aFlash.ocx13.0.0.2145359d1d9c0000005003d016017f401cf84aa142da412C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx777558e7-f09d-11e3-bf46-d43d7ef32bf5

Error: (06/10/2014 02:40:38 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Schemalagd kontrollpunkt0x80070005

Error: (06/10/2014 02:38:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.

System Error:
Det går inte att hitta filen.

Error: (06/10/2014 02:38:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Åtkomst nekad.

Error: (06/10/2014 01:59:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.

System Error:
Det går inte att hitta filen.

Error: (06/10/2014 01:59:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Åtkomst nekad.

Error: (06/10/2014 01:15:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvxdsync.exe8.17.13.3788537a994anvxdsync.exe8.17.13.3788537a994ac000000500000000000499a945c01cf849d53984d8bC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe956968d4-f090-11e3-bf44-d43d7ef32bf5

Error: (06/09/2014 11:19:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDFSSvc.exe2.3.39.217535a5114unknown0.0.0.000000000c00000050000000013d801cf842849eb59b8C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exeunknownca07df2f-f01b-11e3-bf40-d43d7ef32bf5

Error: (06/09/2014 11:18:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SDFiles.exe2.3.39.135535a5153unknown0.0.0.000000000c000000500000000144801cf84285fc3303dC:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exeunknowna1f1ad5a-f01b-11e3-bf40-d43d7ef32bf5

Error: (06/09/2014 11:05:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvxdsync.exe8.17.13.3788537a994anvxdsync.exe8.17.13.3788537a994ac000000500000000000499a945401cf842686458e93C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exec80be62c-f019-11e3-bf40-d43d7ef32bf5

CodeIntegrity Errors:
===================================
Date: 2014-02-05 18:01:34.017
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-05 18:01:34.017
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-05 18:01:31.986
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-05 18:01:31.970
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-04 22:05:56.767
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-04 22:05:56.751
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-04 22:05:55.314
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-04 22:05:55.298
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-04 21:58:29.382
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2014-02-04 21:58:29.351
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Percentage of memory in use: 12%
Total physical RAM: 16328.01 MB
Available physical RAM: 14271.22 MB
Total Pagefile: 18760.01 MB
Available Pagefile: 16443 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:44.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:596.15 GB) (Free:323.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: BF8DCEF2)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 519E519D)
Partition 1: (Not Active) - (Size=596 GB) - (Type=OF Extended)

==================== End Of Log ============================

Dold text

Rapportera Redigera

Citera flera Citera

2014-06-10 20:34

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

Skrivet av skog1s:

Har du provat att köra en full scan med Malwarebytes i felsäkert läge!

Gå till inlägget

försökt hjälpte inte

Rapportera Redigera

Citera flera Citera

2014-06-10 21:07

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

Skrivet av N0iZE:

Du kan kanske återställa till en tidigare punkt?

Gå till inlägget

provat men utan resultat

Rapportera Redigera

Citera flera Citera

2014-06-10 21:09

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

Har nu provat alla metoder som ni har postat i denna tråd. har kommit en bit på vägen. Explore verka vara fixat men inte de andra webbläsarna och viruset/marware ligger säkert fortfarande någonstans kvar. så jag är tacksam för mera svar men stort tack till er som redan försökt hjälp mig

PS vad kan ett sånt virus/marware ställa till med om man inte lyckas få bort det utöver att den ändrar startsida?

Rapportera Redigera

Citera flera Citera

2014-06-10 21:41

Permalänk

CeciliaB

Medlem ★

Plats: Stockholm
Registrerad: Nov 2011

●

Är Media Player Codec Pack installerat nyligen?
Jag undrar med tanke på åsikterna på http://download.cnet.com/Media-Player-Codec-Pack/3000-13632_4...

Ladda ner och spara FRST på skrivbordet. Det är viktigt för att nedanstående ska fungera.

Starta Anteckningar.
Kopiera alla rader i rutan:

AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
IFEO\k9filter.exe: [Debugger] SVCHOST.EXE
IFEO\MpCmdRun.exe: [Debugger] SVCHOST.EXE
IFEO\MpUXSrv.exe: [Debugger] SVCHOST.EXE
IFEO\MSASCui.exe: [Debugger] SVCHOST.EXE
IFEO\msmpeng.exe: [Debugger] SVCHOST.EXE
IFEO\msseces.exe: [Debugger] SVCHOST.EXE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type...250502EQ120BGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type...250502EQ120BGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: FlowSurf - {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} - C:\Program Files (x86)\Flowsurf\FlowSurf.dll (FlowSurf Inc.)
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF HKLM-x32\...\Firefox\Extensions: [jid1-tofUlNEIFlkUIA@jetpack] - C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack
FF Extension: FlowSurf - C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack [2014-06-09]
S2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe -service [X]
2014-06-09 22:14 - 2014-06-10 14:39 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-09 22:14 - 2014-06-10 14:39 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-09 22:14 - 2014-06-09 22:14 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\SupTab
2014-06-09 22:14 - 2014-06-09 22:14 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-09 22:13 - 2014-06-10 14:39 - 00000000 ____D () C:\Users\Magnus\AppData\Local\9068
2014-06-09 22:13 - 2014-06-10 14:39 - 00000000 ____D () C:\Program Files (x86)\Flowsurf
2014-06-09 22:13 - 2014-06-09 22:13 - 00003086 _____ () C:\WINDOWS\System32\Tasks\fsupdate
Task: {FD467070-2353-4A7A-8B1B-800F4023818A} - System32\Tasks\fsupdate => C:\PROGRA~2\Flowsurf\fsupd.exe

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.

Se till att gå igenom Chrome och få bort följande:
CHR HomePage: hxxp://istart.webssearches.com/?type=hppp&ts=1402420889&from=...
CHR StartupUrls: "hxxp://istart.webssearches.com/?type=hppp&ts=1402420889&from=..."
CHR DefaultSearchKeyword: webssearches
CHR DefaultSearchProvider: webssearches
CHR DefaultSearchURL: http://istart.webssearches.com/web/?type=dspp&ts=1402420889&f...
CHR Plugin: (Wajam) - F:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll No File

Kontrollera genvägen till Internet Explorer i start-menyn så att inget är påhängt i dess Mål-ruta:

Rapportera Redigera

Citera flera Citera

2014-06-10 22:23

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

står no fixlist.txt. find vet inte vad som är felet den ligger på skrivbordet bland de andra

Rapportera Redigera

Citera flera Citera

2014-06-10 23:44

Permalänk

CeciliaB

Medlem ★

Plats: Stockholm
Registrerad: Nov 2011

●

Ligger FRST på skrivbordet?

Rapportera Redigera

Citera flera Citera

2014-06-11 10:38

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

Skrivet av CeciliaB:

Ligger FRST på skrivbordet?

Gå till inlägget

Nu funka det problemet var att den bara fick heta fixlist och vara ett text dokument medans jag döpde den till fixlist.txt. aja här är den

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-06-2014
Ran by Magnus at 2014-06-11 10:36:37 Run:1
Running from C:\Users\Magnus\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
IFEO\k9filter.exe: [Debugger] SVCHOST.EXE
IFEO\MpCmdRun.exe: [Debugger] SVCHOST.EXE
IFEO\MpUXSrv.exe: [Debugger] SVCHOST.EXE
IFEO\MSASCui.exe: [Debugger] SVCHOST.EXE
IFEO\msmpeng.exe: [Debugger] SVCHOST.EXE
IFEO\msseces.exe: [Debugger] SVCHOST.EXE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type...250502EQ120BGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type...250502EQ120BGN
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?type=ds&ts=1402344832&fro...
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: FlowSurf - {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} - C:\Program Files (x86)\Flowsurf\FlowSurf.dll (FlowSurf Inc.)
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF HKLM-x32\...\Firefox\Extensions: [jid1-tofUlNEIFlkUIA@jetpack] - C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack
FF Extension: FlowSurf - C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack [2014-06-09]
S2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe -service [X]
2014-06-09 22:14 - 2014-06-10 14:39 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-09 22:14 - 2014-06-10 14:39 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-09 22:14 - 2014-06-09 22:14 - 00000000 ____D () C:\Users\Magnus\AppData\Roaming\SupTab
2014-06-09 22:14 - 2014-06-09 22:14 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-09 22:13 - 2014-06-10 14:39 - 00000000 ____D () C:\Users\Magnus\AppData\Local\9068
2014-06-09 22:13 - 2014-06-10 14:39 - 00000000 ____D () C:\Program Files (x86)\Flowsurf
2014-06-09 22:13 - 2014-06-09 22:13 - 00003086 _____ () C:\WINDOWS\System32\Tasks\fsupdate
Task: {FD467070-2353-4A7A-8B1B-800F4023818A} - System32\Tasks\fsupdate => C:\PROGRA~2\Flowsurf\fsupd.exe
*****************

"C:\PROGRA~2\SupTab\SEARCH~2.DLL" => Value Data not found.
"C:\PROGRA~2\SupTab\SEARCH~1.DLL" => Value Data not found.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\k9filter.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MpCmdRun.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MpUXSrv.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MSASCui.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msmpeng.exe' => Key deleted successfully.
'HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msseces.exe' => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}'=> Key not found.
'HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}'=> Key not found.
'HKCR\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}'=> Key not found.
'HKCR\Wow6432Node\CLSID\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}'=> Key not found.
Firefox DefaultSearchEngine deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\jid1-tofUlNEIFlkUIA@jetpack => Value not found.
C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack not found.
WindowsProtectManger => Service not found.
C:\ProgramData\IePluginServices => Moved successfully.
C:\Program Files (x86)\SupTab => Moved successfully.
C:\Users\Magnus\AppData\Roaming\SupTab => Moved successfully.
C:\ProgramData\WindowsProtectManger => Moved successfully.
C:\Users\Magnus\AppData\Local\9068 => Moved successfully.
"C:\Program Files (x86)\Flowsurf" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\fsupdate" => File/Directory not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD467070-2353-4A7A-8B1B-800F4023818A}'=> Key not found.
C:\Windows\System32\Tasks\fsupdate not found.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\fsupdate'=> Key not found.

==== End of Fixlog ====

Dold text

Rapportera Redigera

Citera flera Citera

2014-06-11 10:48

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

Firefox får rätt startsida nu är det bara chrome som fortfarande inte får det

Rapportera Redigera

Citera flera Citera

2014-06-11 20:52

Permalänk

CeciliaB

Medlem ★

Plats: Stockholm
Registrerad: Nov 2011

●

Utmärkt!

Har du lyckats ändra alla Chrome-inställningarna jag nämnde?

Rapportera Redigera

Citera flera Citera (1)

2014-06-11 21:52

Permalänk

dayrider

Medlem

Plats: Eskilstuna
Registrerad: Dec 2013

●

Skrivet av CeciliaB:

Utmärkt!

Har du lyckats ändra alla Chrome-inställningarna jag nämnde?

Gå till inlägget

Jo nu är alla startsidor återställda:)
Hoppas viruset/marware är helt borta nu så de inte ligger och gömmer sig i bakgrunden på något sätt

Rapportera Redigera

Citera flera Citera

2014-06-11 23:27

Permalänk

CeciliaB

Medlem ★

Plats: Stockholm
Registrerad: Nov 2011

●

Jag håller tummarna!

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.
Klicka på Uninstall-knappen.

Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe
Starta programmet.
Tryck på knappen CleanUp! och FRST kommer att avinstalleras efter en omstart av datorn.

Du kan få en extra kontroll genom att skanna datorn online på http://www.eset.com/onlinescan/
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Avbocka alternativet Remove found threats (falsklarm förekommer så bäst att inte låta skannern ta bort det den hittar utan göra det själv i stället).
Bocka för Scan Archives

Klicka på Advanced Settings
Bocka för:
Scan for potentially unwanted applications
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar om du vill att jag tittar på det, annars tar du själv bort de filer du inte vill ha kvar i datorn.

Rapportera Redigera

Citera flera Citera

1 2

Skriv svar

Ta bort webssearches virus

Ta bort webssearches virus

Externa nyheter