Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91804 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

malsign.systweak.44F - keeps coming back? [Solved]


  • This topic is locked This topic is locked
47 replies to this topic

#31 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 06 August 2014 - 07:12 AM

Curt, reopened the thread for you, explain to me whats going on ?


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.

    Advertisements

Register to Remove


#32 Bally

Bally

    Authentic Member

  • Authentic Member
  • PipPip
  • 56 posts

Posted 06 August 2014 - 09:00 AM

... hi again Ken, I see you've reopened my orig. thread... thx! There are two (2) problems, as follows;

(1) that nasty little file "PUP.Optional.MySearchDial.A" keeps replicating itself after having deleted it three times with Malwarebytes Anti-Malware;

(2) my computer wants to reboot when shutting down. I have definitely selected the shutdown option (not reboot); and, therefore, am doing a hot shutdown just before it wants to begin rebooting? Strange! Will await your reply here before moving on to your other e-mails, which relates to the Dell cokputer.

Best Regards, Curt



#33 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 06 August 2014 - 09:13 AM

Lets run AdwCleaner again and see what it comes up with, as far as your computer rebooting , it may be a windows thing, lets do them one at a time

 

 

With delfix most likely AdwCleaner has been removed so lets do a clean download

 

-AdwCleaner-by Xplode
 
Click on this link to download : ADWCleaner
Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.
 
Do not click on any links in the top Advertisment.
 
  •  
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
 

 


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#34 Bally

Bally

    Authentic Member

  • Authentic Member
  • PipPip
  • 56 posts

Posted 06 August 2014 - 10:21 AM

Ken here is the last AdwCleaner run and picked-up from the C:\drive.

 

# AdwCleaner v3.302 - Report created 06/08/2014 at 18:12:37
# Updated 30/07/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Richard - TN
# Running from : C:\Documents and Settings\Richard\Skrivbord\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Documents and Settings\IVAB\Application Data\Mozilla\Firefox\Profiles\9xjugkxy.default\prefs.js ]
 
 
[ File : C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\t91cmnax.default\prefs.js ]
 
 
-\\ Google Chrome v36.0.1985.125
 
[ File : C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [22028 octets] - [03/10/2013 16:53:04]
AdwCleaner[R1].txt - [16879 octets] - [03/10/2013 23:08:05]
AdwCleaner[R2].txt - [1260 octets] - [04/10/2013 00:15:05]
AdwCleaner[R3].txt - [2998 octets] - [10/10/2013 21:12:35]
AdwCleaner[R4].txt - [6761 octets] - [01/08/2014 22:56:33]
AdwCleaner[R5].txt - [5604 octets] - [02/08/2014 08:52:15]
AdwCleaner[R6].txt - [2527 octets] - [06/08/2014 17:37:40]
AdwCleaner[R7].txt - [1778 octets] - [06/08/2014 17:53:34]
AdwCleaner[R8].txt - [1898 octets] - [06/08/2014 18:09:24]
AdwCleaner[S0].txt - [16674 octets] - [03/10/2013 23:10:33]
AdwCleaner[S1].txt - [3089 octets] - [10/10/2013 21:17:17]
AdwCleaner[S2].txt - [6597 octets] - [02/08/2014 08:58:36]
AdwCleaner[S3].txt - [2600 octets] - [06/08/2014 17:42:06]
AdwCleaner[S4].txt - [1839 octets] - [06/08/2014 17:59:05]
AdwCleaner[S5].txt - [1819 octets] - [06/08/2014 18:12:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1879 octets] ##########
 
-END-


#35 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 06 August 2014 - 11:20 AM

I dont see MySearchDial listed, where do you see it , is it popping up in your browser, if so which one ?


Jeffce_zpsa19ee2e6.png

 

 

 

Want to help others, Join our Malware Removal Classroom  HERE

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif

 

Find us on Facebook
Please LIKE and SHARE

 

 

Just a reminder that threads will be closed if no reply in 3 days.


#36 Bally

Bally

    Authentic Member

  • Authentic Member
  • PipPip
  • 56 posts

Posted 06 August 2014 - 01:56 PM

In answer to your last question... the browser is Chrome. After running the AdwCleaner again, believe I provided you with a log. I then ran Malwarebytes again and the pest file  "MySearchDial" is still there, I copied this log prior to quarantining again, but if I run it again.... "Its Bacccckkkkkkkk!"
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 8/6/2014
Scan Time: 9:23:37 PM
Logfile: Malwarebytes Log.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.06.07
Rootkit Database: v2014.08.04.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Richard
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 429939
Time Elapsed: 27 min, 41 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.MySearchDial.A, C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://start.mysearc...r=679293142&ir=" ],), ,[94cb11b2d1aad5613b4a13e2fb09ab55]
 
Physical Sectors: 0
(No malicious items detected)
 
(end)


#37 ken545

ken545

    Forum God

  • Classroom Teacher
  • 23,207 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 06 August 2014 - 02:05 PM

Lets run SystemLook again

 

Download and Run SystemLook
 
Please download SystemLook from one of the links below and save it to your Desktop.
 
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
  • :folderfind
    mysearchdial
    :filefind
    mysearchdial
    :regfind
    mysearchdial
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  • Note: The log can also be found on your Desktop entitled SystemLook.txt

    Jeffce_zpsa19ee2e6.png

     

     

     

    Want to help others, Join our Malware Removal Classroom  HERE

    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif

     

    Find us on Facebook
    Please LIKE and SHARE

     

     

    Just a reminder that threads will be closed if no reply in 3 days.


    #38 Bally

    Bally

      Authentic Member

    • Authentic Member
    • PipPip
    • 56 posts

    Posted 06 August 2014 - 03:01 PM

    Ken... looking at the info from this log, it appears this pesty bug is ducking out being found by programs other than Malwarebytes?
     
    SystemLook 30.07.11 by jpshortstuff
    Log created at 23:03 on 06/08/2014 by Richard
    Administrator - Elevation successful
     
    ========== folderfind ==========
     
    Searching for "mysearchdial"
    No folders found.
     
    ========== filefind ==========
     
    Searching for "mysearchdial"
    No files found.
     
    ========== regfind ==========
     
    Searching for "mysearchdial"
    No data found.
     
    -= EOF =-


    #39 ken545

    ken545

      Forum God

    • Classroom Teacher
    • 23,207 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 06 August 2014 - 03:02 PM

    Lets run Combofix and see if it finds and removes it

     

    Download ComboFix from one of these locations:
     
     
     
    * IMPORTANT !!! Save ComboFix.exe to your Desktop
     
     
    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • See this Link  for programs that need to be disabled and instruction on how to disable them.
  • Remember to re-enable them when we're done.
  •  
  • Double click on ComboFix.exe & follow the prompts.
  •  
     
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.  It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. 
  •  
     
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  •  
     
    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
     
     

    RC1.png

     
     
    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    RC2-1.png

     
    Click on Yes, to continue scanning for malware.
     
    When finished, it shall produce a log for you.  Please include the C:\ComboFix.txt in your next reply.
     
    *If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.

    Jeffce_zpsa19ee2e6.png

     

     

     

    Want to help others, Join our Malware Removal Classroom  HERE

    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif

     

    Find us on Facebook
    Please LIKE and SHARE

     

     

    Just a reminder that threads will be closed if no reply in 3 days.


    #40 Bally

    Bally

      Authentic Member

    • Authentic Member
    • PipPip
    • 56 posts

    Posted 06 August 2014 - 05:29 PM

    Ken... the following is the ConboFix log. I had to run the program twice expecting the log file to be in C:\ComboFix, after closing the open file on completing, but it wasn't there! As I recall the first time the pgrm. deleted 1-file + 4-or-5 folders? I had to run it a second time to copy the log file (shown below);

     

    ComboFix 14-08-06.02 - Richard 08/07/2014   1:11.2.1 - x86
    Microsoft Windows XP Professional  5.1.2600.3.1252.1.1053.18.1470.747 [GMT 2:00]
    Running from: c:\documents and settings\Richard\Skrivbord\ComboFix.exe
    AV: AVG Internet Security 2014 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    FW: AVG Internet Security 2014 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
     * Created a new restore point
    .
    .
    (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program\INSTALL.LOG
    c:\windows\wininit.ini
    .
    .
    (((((((((((((((((((((((((   Files Created from 2014-07-06 to 2014-08-06  )))))))))))))))))))))))))))))))
    .
    .
    2014-08-04 18:23 . 2008-04-14 19:34 21504 ----a-w- c:\windows\system32\hidserv.dll
    2014-08-04 18:23 . 2008-04-14 19:34 21504 ----a-w- c:\windows\system32\dllcache\hidserv.dll
    2014-08-04 07:12 . 2014-08-04 07:12 2812 ----a-w- c:\windows\Regfix.reg
    2014-08-04 07:02 . 2014-08-04 07:02 -------- d-----w- C:\RegBackup
    2014-08-04 06:54 . 2014-08-04 06:54 -------- d-----w- c:\program\Tweaking.com
    2014-08-02 17:46 . 2014-08-04 07:47 -------- d-----w- C:\FRST
    2014-08-02 06:53 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
    2014-08-01 21:17 . 2014-08-01 21:17 -------- d-----w- c:\program\Malwarebytes Anti-Malware
    2014-08-01 21:17 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
    2014-07-25 08:08 . 2014-07-25 08:08 -------- d-----w- c:\documents and settings\Richard\Lokala inställningar\Application Data\Skype
    2014-07-25 08:08 . 2014-07-25 08:08 -------- d-----w- c:\program\Delade filer\Skype
    2014-07-22 12:47 . 2010-02-10 19:20 593920 ------w- c:\windows\system32\ati2sgag.exe
    2014-07-22 12:44 . 2014-07-22 12:44 -------- d-----w- C:\ATI
    2014-07-22 05:55 . 2014-07-22 05:56 -------- d-----w- C:\f18b8596a63f2776389f
    2014-07-22 05:22 . 2014-07-22 08:58 -------- d-----w- C:\0d608be659421094a8274931cdb6
    2014-07-21 21:45 . 2014-07-21 21:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
    2014-07-21 20:14 . 2014-07-21 21:01 -------- d-----w- C:\d80b9deb1c60777af7
    2014-07-20 22:23 . 2014-07-20 22:23 -------- d-----w- c:\documents and settings\LocalService\Lokala inställningar\Application Data\AVG
    2014-07-20 22:23 . 2014-07-20 22:23 -------- d-----w- c:\documents and settings\LocalService\Application Data\AVG
    2014-07-20 22:01 . 2014-07-20 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Avg_Update_0614t
    2014-07-19 22:22 . 2014-07-14 10:26 36152 ----a-w- c:\windows\system32\TURegOpt.exe
    2014-07-19 22:21 . 2014-07-19 22:21 -------- d-----w- c:\documents and settings\Richard\Lokala inställningar\Application Data\AVG
    2014-07-19 22:21 . 2014-07-19 22:21 -------- d-----w- c:\documents and settings\Richard\Application Data\AVG
    2014-07-19 22:17 . 2014-07-19 22:29 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
    2014-07-19 22:17 . 2014-07-19 22:22 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG
    2014-07-19 15:54 . 2014-07-19 15:54 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\AVG2014
    2014-07-19 15:53 . 2014-07-19 15:53 -------- d-----w- c:\documents and settings\Richard\Application Data\TuneUp Software
    2014-07-19 15:53 . 2014-07-19 15:54 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG2014
    2014-07-19 15:53 . 2014-07-19 15:53 -------- d-----w- C:\$AVG
    2014-07-19 15:52 . 2014-07-19 22:21 -------- d-----w- c:\program\AVG
    2014-07-19 15:39 . 2014-07-19 19:28 -------- d-----w- c:\documents and settings\Richard\Lokala inställningar\Application Data\Avg2014
    2014-07-19 15:39 . 2014-08-06 22:51 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
    2014-07-19 15:39 . 2014-07-19 15:39 -------- d-----w- c:\documents and settings\Richard\Lokala inställningar\Application Data\MFAData
    2014-07-19 01:37 . 2014-07-02 03:11 8217224 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DABB108E-B171-4ACF-B9AB-04B955D4A473}\mpengine.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2014-08-06 22:45 . 2014-01-23 16:25 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2014-07-09 11:29 . 2012-04-12 04:55 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2014-07-09 11:29 . 2012-02-01 06:19 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2014-06-30 10:43 . 2014-06-30 10:43 121624 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
    2014-06-17 14:22 . 2014-06-17 14:22 188696 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2014-06-17 14:21 . 2014-06-17 14:21 197400 ----a-w- c:\windows\system32\drivers\avgtdix.sys
    2014-06-17 14:18 . 2014-06-17 14:18 241944 ----a-w- c:\windows\system32\drivers\avglogx.sys
    2014-06-17 14:17 . 2014-06-17 14:17 147736 ----a-w- c:\windows\system32\drivers\avgidshx.sys
    2014-06-17 14:17 . 2014-06-17 14:17 190232 ----a-w- c:\windows\system32\drivers\avgidsdriverlx.sys
    2014-06-17 14:06 . 2014-06-17 14:06 98584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
    2014-06-17 14:06 . 2014-06-17 14:06 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
    2014-06-17 14:06 . 2014-06-17 14:06 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
    2014-05-12 05:26 . 2014-01-23 16:23 53208 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2014-01-02 22:45 . 2014-01-02 22:44 4216840 ----a-w- c:\program\Delade filer\vcredist.exe
    .
    .
    (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown 
    REGEDIT4
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program\Yahoo!\Companion\Installs\cpn0\yt.dll" [2013-08-07 1561880]
    .
    [HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
    [HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
    [HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
    [HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
    @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
    @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
    @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
    @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
    2014-06-24 22:04 131480 ----a-w- c:\documents and settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\a_MiMediaFiles_MonitoredFolder]
    @="{C00213B1-77A8-4F0E-B740-0B36FBF7FAE7}"
    [HKEY_CLASSES_ROOT\CLSID\{C00213B1-77A8-4F0E-B740-0B36FBF7FAE7}]
    2012-06-15 19:18 730552 ----a-w- c:\program\MiMedia LLC\MiMedia\MiMedia_ShellExtensions.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\a_MiMediaFiles_SynchronizationPending]
    @="{FAD5EA38-2D1D-485D-9B07-D35EB72B922E}"
    [HKEY_CLASSES_ROOT\CLSID\{FAD5EA38-2D1D-485D-9B07-D35EB72B922E}]
    2012-06-15 19:18 730552 ----a-w- c:\program\MiMedia LLC\MiMedia\MiMedia_ShellExtensions.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\a_MiMediaFiles_Synchronized]
    @="{69DE75F6-60E6-4E55-B416-171941A5C73E}"
    [HKEY_CLASSES_ROOT\CLSID\{69DE75F6-60E6-4E55-B416-171941A5C73E}]
    2012-06-15 19:18 730552 ----a-w- c:\program\MiMedia LLC\MiMedia\MiMedia_ShellExtensions.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Skype"="c:\program\Skype\Phone\Skype.exe" [2014-07-02 21650536]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Share-to-Web Namespace Daemon"="c:\program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2001-07-03 57344]
    "SetRefresh"="c:\program\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
    "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168]
    "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168]
    "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-13 59392]
    "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-13 208952]
    "ATIPTA"="c:\program\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-13 344064]
    "WD Button Manager"="WDBtnMgr.exe" [2012-08-05 364544]
    "IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-08-04 44032]
    "AVG_UI"="c:\program\AVG\AVG2014\avgui.exe" [2014-07-10 5187088]
    "iTunesHelper"="c:\program\iTunes\iTunesHelper.exe" [2014-07-08 152392]
    "Adobe ARM"="c:\program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "PromoteInstaller"="c:\documents and settings\All Users\Application Data\Promote Installer\Starter.exe" [2014-08-06 1629848]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
    .
    c:\documents and settings\Richard\Start-meny\Program\Autostart\
    Övervaka bläckvarningar - HP Deskjet 2510 series.lnk - c:\windows\system32\RunDll32.exe "c:\program\HP\HP Deskjet 2510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN32L3HHX105QX;CONNECTION=USB;MONITOR=1; [2004-8-4 33280]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoWelcomeScreen"= 1 (0x1)
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "DisablePersonalDirChange"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
    2011-09-27 19:03 66328 ----a-w- c:\program\Delade filer\LogiShrd\Bluetooth\LBTWLgn.dll
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ   autocheck autochk *\0c:\program\AVG\AVG2014\avgrsx.exe /sync /restart
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^Richard^Start-meny^Program^Autostart^Dropbox.lnk]
    path=c:\documents and settings\Richard\Start-meny\Program\Autostart\Dropbox.lnk
    backup=c:\windows\pss\Dropbox.lnkStartup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^Richard^Start-meny^Program^Autostart^Övervaka bläckvarningar - HP Deskjet 2510 series.lnk]
    path=c:\documents and settings\Richard\Start-meny\Program\Autostart\Övervaka bläckvarningar - HP Deskjet 2510 series.lnk
    backup=c:\windows\pss\Övervaka bläckvarningar - HP Deskjet 2510 series.lnkStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\3A1FA4C4CF1332A1DEC3D85002C2EACB5FFD419D._service_run]
    2014-07-15 09:24 860488 ----a-w- c:\program\Google\Chrome\Application\chrome.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
    2013-11-21 16:57 959904 ----a-w- c:\program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
    2008-04-14 20:35 15360 ----a-w- c:\windows\system32\ctfmon.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
    2011-10-07 09:40 1387288 ----a-w- c:\program\Logitech\SetPointP\SetPoint.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]
    2010-04-28 05:44 647528 ----a-w- c:\program\Windows Live\Family Safety\fsui.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
    2012-10-25 09:58 116648 ----atw- c:\documents and settings\Richard\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
    2011-08-01 13:56 1821576 ----a-w- c:\program\Microsoft IntelliPoint\ipoint.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
    2002-11-14 12:39 28672 ----a-w- c:\program\Delade filer\Microsoft Shared\Works Shared\WkUFind.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    2008-04-14 20:35 1695232 ----a-w- c:\program\Messenger\msmsgs.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
    2009-03-05 15:07 2260480 --sha-r- c:\program\Spybot - Search & Destroy\TeaTimer.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "YahooAUService"=2 (0x2)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Documents and Settings\\IVAB\\temp\\TeamViewer\\Version5\\TeamViewer.exe"=
    "c:\\Program\\Windows Live\\Sync\\WindowsLiveSync.exe"=
    "c:\\WINDOWS\\system32\\msiexec.exe"=
    "c:\\Documents and Settings\\Richard\\Lokala inställningar\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
    "c:\\Documents and Settings\\Richard\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
    "c:\\Documents and Settings\\Richard\\Application Data\\uTorrent\\uTorrent.exe"=
    "c:\\WINDOWS\\system32\\dpvsetup.exe"=
    "c:\\Program\\AVG\\AVG2014\\avgnsx.exe"=
    "c:\\Program\\AVG\\AVG2014\\avgdiagex.exe"=
    "c:\\Program\\AVG\\AVG2014\\avgmfapx.exe"=
    "c:\\Program\\AVG\\AVG2014\\avgemcx.exe"=
    "c:\\Program\\Google\\Chrome\\Application\\chrome.exe"=
    "c:\\Program\\Bonjour\\mDNSResponder.exe"=
    "c:\\Program\\iTunes\\iTunes.exe"=
    "c:\\Program\\Skype\\Phone\\Skype.exe"=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3233:UDP"= 3233:UDP:Windows Media Format SDK (iexplore.exe)
    "3232:UDP"= 3232:UDP:Windows Media Format SDK (iexplore.exe)
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [6/17/2014 4:17 PM 147736]
    R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [6/17/2014 4:18 PM 241944]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [6/17/2014 4:06 PM 27416]
    R0 SI3112r;ATI-4379 Serial ATA Controller;c:\windows\system32\drivers\SI3112r.sys [1/12/2006 12:56 PM 116264]
    R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [6/30/2014 12:43 PM 121624]
    R1 AVGIDSDriverl;AVGIDSDriverl;c:\windows\system32\drivers\avgidsdriverlx.sys [6/17/2014 4:17 PM 190232]
    R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [6/17/2014 4:06 PM 21272]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [6/17/2014 4:22 PM 188696]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [6/17/2014 4:21 PM 197400]
    R1 cbfs3;cbfs3;c:\windows\system32\drivers\cbfs3.sys [6/28/2012 11:16 PM 299280]
    R2 avgfws;AVG Firewall;c:\program\AVG\AVG2014\avgfws.exe [7/10/2014 3:32 PM 1417160]
    R2 avgwd;AVG WatchDog;c:\program\AVG\AVG2014\avgwdsvc.exe [7/10/2014 3:23 PM 289328]
    R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [7/21/2013 5:50 AM 12184]
    R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [7/14/2014 12:26 PM 1858360]
    R2 WINZIPSSDiskOptimizer;WINZIPSSDiskOptimizer;c:\program\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe [12/30/2013 12:19 AM 267384]
    R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [1/12/2012 8:52 PM 30944]
    R3 BBUpdate;BBUpdate;c:\program\Microsoft\BingBar\7.3.107.0\SeaPort.EXE [8/30/2013 7:26 PM 240288]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [6/23/2014 8:44 AM 12320]
    R3 XIRLINK;IBM PC Camera;c:\windows\system32\drivers\C-itnt.sys [8/2/2013 8:22 PM 443833]
    S2 AVGIDSAgent;AVGIDSAgent;c:\program\AVG\AVG2014\avgidsagent.exe [7/10/2014 3:34 PM 3244048]
    S2 BBSvc;BingBar Service;c:\program\Microsoft\BingBar\7.3.107.0\BBSvc.EXE [8/30/2013 7:26 PM 193696]
    S2 MBAMScheduler;MBAMScheduler;c:\program\Malwarebytes Anti-Malware\mbamscheduler.exe [8/1/2014 11:17 PM 1809720]
    S2 MBAMService;MBAMService;c:\program\Malwarebytes Anti-Malware\mbamservice.exe [8/1/2014 11:17 PM 860472]
    S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [1/12/2012 8:52 PM 30944]
    S3 cpuz134;cpuz134;\??\c:\docume~1\Richard\LOKALA~1\Temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\Richard\LOKALA~1\Temp\cpuz134\cpuz134_x32.sys [?]
    S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [12/31/2013 9:15 PM 23456]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8/1/2014 11:17 PM 23256]
    S3 MFE_RR;MFE_RR;\??\c:\docume~1\Richard\LOKALA~1\Temp\mfe_rr.sys --> c:\docume~1\Richard\LOKALA~1\Temp\mfe_rr.sys [?]
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - CBFS3
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ   Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ   hpqcxs08 hpqddsvc
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2014-07-19 20:20 1104200 ----a-w- c:\program\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2014-08-06 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 11:29]
    .
    2014-08-04 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
    .
    2014-08-06 c:\windows\Tasks\AVG_SYS_TASK_0614t_RUN.job
    - c:\documents and settings\All Users\Application Data\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe [2014-07-20 08:01]
    .
    2014-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program\Google\Update\GoogleUpdate.exe [2011-10-21 09:35]
    .
    2014-08-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program\Google\Update\GoogleUpdate.exe [2011-10-21 09:35]
    .
    2014-08-06 c:\windows\Tasks\HP Photo Creations Communicator.job
    - c:\documents and settings\All Users\Application Data\HP Photo Creations\Communicator.exe [2013-06-10 21:00]
    .
    2014-08-06 c:\windows\Tasks\Microsoft Windows XP - Inloggningsmeddelande gällande när tjänsten upphör.job
    - c:\windows\system32\xp_eos.exe [2014-03-11 23:28]
    .
    2014-07-08 c:\windows\Tasks\Microsoft Windows XP - Månatligt meddelande gällande när tjänsten upphör.job
    - c:\windows\system32\xp_eos.exe [2014-03-11 23:28]
    .
    2014-07-21 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
    - c:\program\Microsoft IntelliPoint\ipoint.exe [2011-08-01 13:56]
    .
    2014-08-06 c:\windows\Tasks\User_Feed_Synchronization-{7B8AB321-E309-49ED-B138-2D1AD3B32EF0}.job
    - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
    .
    2014-08-06 c:\windows\Tasks\User_Feed_Synchronization-{F881C789-9CA0-4738-AD4E-3E39BFF011E2}.job
    - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
    .
    .
    ------- Supplementary Scan -------
    .
    mStart Page = hxxp://www.google.com
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com
    TCP: DhcpNameServer = 192.168.1.1
    DPF: {01892B12-4ABE-47E8-B7C1-4692F0B74024} - hxxp://viewer.akopia.se/IGC/BravaClientX.cab
    DPF: {8500E785-8A89-4633-BB72-C982B0133501} - hxxp://system.arkitektkopia.se/login/documentpool/(S(2vuytnb3t3zi5qurbh5h5yyp))/AKFileUpload2.cab
    DPF: {E76A19A9-B579-4FF7-8857-7D79B22F8D45} - hxxp://viewer.byggnet.com/IGC/BravaClientX.cab
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2014-08-07 01:26
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...  
    .
    scanning hidden autostart entries ... 
    .
    scanning hidden files ...  
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•6~*]
    "D1400E0900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'winlogon.exe'(1948)
    c:\windows\system32\Ati2evxx.dll
    c:\program\delade filer\logishrd\bluetooth\LBTWlgn.dll
    c:\windows\system32\CbFsNetRdr3.dll
    .
    Completion time: 2014-08-07  01:30:15
    ComboFix-quarantined-files.txt  2014-08-06 23:30
    ComboFix2.txt  2014-08-06 22:39
    .
    Pre-Run: 18,486,460,416 byte ledigt
    Post-Run: 18,469,556,224 byte ledigt
    .
    WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
    .
    - - End Of File - - 6332E6B7127DB0C55FBD6F93DC33E35F
    E5FA06ACA0D60BA9C870D0EF3D9898C9
     
    -END-

      Advertisements

    Register to Remove


    #41 ken545

    ken545

      Forum God

    • Classroom Teacher
    • 23,207 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 06 August 2014 - 06:27 PM

    Curt, I wish I could have seen the log from the first run to see what was removed, i know sometimes this is daunting but its imperative that I see the reports.  I see nothing in this log related to MySearchDial, did you remember seeing it in the log from the first run ?  Can you go to My Computer > your C: drive and see if the original log is there

     

    Lets go ahead and run a scan with FRST, you will most likely have to download it again

     

    You will need FRST, not FRST64

     

     

    Please download Farbar Recovery Scan Tool and save it to your desktop.
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
     
    How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
    A simple way to check your system: Start --> Computer (right click) --> Properties
     
     
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please make sure All Users is checked
  • Do not check 
  • *List BCD
    *Drivers MD5
    *Shortcut txt
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

    Jeffce_zpsa19ee2e6.png

     

     

     

    Want to help others, Join our Malware Removal Classroom  HERE

    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif

     

    Find us on Facebook
    Please LIKE and SHARE

     

     

    Just a reminder that threads will be closed if no reply in 3 days.


    #42 Bally

    Bally

      Authentic Member

    • Authentic Member
    • PipPip
    • 56 posts

    Posted 07 August 2014 - 03:02 AM

    Ken... I went to the C:\drive, but there wasn't even an empty folder shown there anymore? When I stated, on ComboFix finished (1st run) and viewing 1-file _ 4-folders scheduled being deleted, I was watching the "blue screen" prior to the program finishing its tasks and producing the .txt file. My recall of watching the blue screen, I can definitely say, "the MySearchDial file was NOT there", being as I was intently looking for it at that moment! The deleted file was a Windows file, as for the folders I can't recall, but there was nothing to MySearchDial was among those 4-folders.

     

    It's strange that the ONLY program that seems to be able to identify this bug is Malwarebytes Anti-Malware? And I haven't run it since ComboFix was run.

    Below are the FRST + Addition files;

     

    FRST

     

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:5-08-2014
    Ran by Richard (administrator) on TN on 07-08-2014 10:59:16
    Running from C:\Documents and Settings\Richard\Skrivbord
    Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Svenska
    Internet Explorer Version 8
    Boot Mode: Normal
     
    The only official download link for FRST:
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgrsx.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgcsrvx.exe
    (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
    (Apple Inc.) C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgfws.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgwdsvc.exe
    (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
    (Apple Inc.) C:\Program\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program\Windows Live\Family Safety\fsssvc.exe
    (Oracle Corporation) C:\Program\Java\jre7\bin\jqs.exe
    (Malwarebytes Corporation) C:\Program\Malwarebytes Anti-Malware\mbamscheduler.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgnsx.exe
    (Malwarebytes Corporation) C:\Program\Malwarebytes Anti-Malware\mbamservice.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgemcx.exe
    (AVG) C:\Program\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
    (Malwarebytes Corporation) C:\Program\Malwarebytes Anti-Malware\mbam.exe
    (WinZip Computing, S.L. (WinZip Computing)) C:\Program\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
    (Hewlett-Packard) C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    () C:\Program\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
    (ATI Technologies, Inc.) C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe
    (Western Digital Technologies, Inc.) C:\WINDOWS\system32\WDBtnMgr.exe
    (AVG) C:\Program\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgui.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgcsrvx.exe
    (Apple Inc.) C:\Program\iTunes\iTunesHelper.exe
    (Skype Technologies S.A.) C:\Program\Skype\Phone\Skype.exe
    (Google Inc.) C:\Program\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
    (Apple Inc.) C:\Program\iPod\bin\iPodService.exe
    (Google Inc.) C:\Program\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation.) C:\Program\Microsoft\BingBar\7.3.107.0\SeaPort.EXE
    (Google Inc.) C:\Program\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
    Winlogon\Notify\LBTWlgn: c:\program\delade filer\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
    HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
    HKU\S-1-5-21-280907462-213740653-3875255159-1148\...\Run: [Skype] => C:\Program\Skype\Phone\Skype.exe [21650536 2014-07-02] (Skype Technologies S.A.)
    HKU\S-1-5-21-280907462-213740653-3875255159-1148\...\Run: [3A1FA4C4CF1332A1DEC3D85002C2EACB5FFD419D._service_run] => C:\Program\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
    HKU\S-1-5-21-280907462-213740653-3875255159-1148\...\Policies\Explorer: [DisablePersonalDirChange] 1
    Startup: C:\Documents and Settings\Richard\Start-meny\Program\Autostart\Övervaka bläckvarningar - HP Deskjet 2510 series.lnk
    ShortcutTarget: Övervaka bläckvarningar - HP Deskjet 2510 series.lnk -> C:\Program\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
    ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: a_MiMediaFiles_MonitoredFolder -> {C00213B1-77A8-4F0E-B740-0B36FBF7FAE7} => C:\Program\MiMedia LLC\MiMedia\MiMedia_ShellExtensions.dll (MiMedia)
    ShellIconOverlayIdentifiers: a_MiMediaFiles_SynchronizationPending -> {FAD5EA38-2D1D-485D-9B07-D35EB72B922E} => C:\Program\MiMedia LLC\MiMedia\MiMedia_ShellExtensions.dll (MiMedia)
    ShellIconOverlayIdentifiers: a_MiMediaFiles_Synchronized -> {69DE75F6-60E6-4E55-B416-171941A5C73E} => C:\Program\MiMedia LLC\MiMedia\MiMedia_ShellExtensions.dll (MiMedia)
    BootExecute: autocheck autochk * C:\Program\AVG\AVG2014\avgrsx.exe /sync /restart
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://bay179.mail....il/?fid=flinbox
    HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
    URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
    BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
    BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKCU - &Adress - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
    Toolbar: HKCU - &Länkar - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
    Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
    DPF: {01892B12-4ABE-47E8-B7C1-4692F0B74024} http://viewer.akopia...ravaClientX.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
    DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} http://server/connec...uter/nshelp.dll
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpdetect118.cab
    DPF: {8500E785-8A89-4633-BB72-C982B0133501} http://system.arkite...FileUpload2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab
    DPF: {E76A19A9-B579-4FF7-8857-7D79B22F8D45} http://viewer.byggne...ravaClientX.cab
    Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
    Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
    Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    Winsock: Catalog5 04 C:\Program\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
     
    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\t91cmnax.default
    FF DefaultSearchEngine: Google
    FF SelectedSearchEngine: Google
    FF Homepage: hxxp://www.msnbc.msn.com/
    FF Keyword.URL: user_pref("keyword.URL", "");
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin: Adobe Reader -> C:\Program\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\Richard\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Documents and Settings\Richard\Application Data\Mozilla\plugins\npo1d.dll (Google)
    FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Documents and Settings\Richard\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Richard\Application Data\mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Richard\Application Data\mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Richard\Application Data\mozilla\plugins\npo1d.dll (Google)
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-22]
     
    Chrome: 
    =======
    CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyCtCyByD0FyByEyEtByEzz0DyEtN0D0Tzu0SzztByEtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0CyD0EyDtCtA0BtGyC0BtB0CtG0FtD0CzytG0C0D0DtBtGtC0EyC0EyDyCzytCyB0A0A0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0F0Bzz0FtBtAyBtGtBtBzz0BtGtA0AyC0EtGyC0CtCtAtGyB0CyB0B0FtDtA0DzyzzyB0F2Q&cr=679293142&ir="
    CHR Plugin: (Shockwave Flash) - C:\Program\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
    CHR Plugin: (Google Talk Plugin) - C:\Documents and Settings\Richard\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
    CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Documents and Settings\Richard\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Documents and Settings\Richard\Application Data\Mozilla\plugins\npo1d.dll (Google)
    CHR Plugin: (Adobe Acrobat) - C:\Program\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Microsoft® DRM) - C:\Program\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
    CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
    CHR Plugin: (Microsoft® DRM) - C:\Program\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
    CHR Plugin: (Google Update) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
    CHR Plugin: (Google Earth Plugin) - C:\Program\Google\Google Earth\plugin\npgeplugin.dll (Google)
    CHR Plugin: (Java™ Platform SE 7 U11) - C:\Program\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    CHR Plugin: (Silverlight Plug-In) - C:\Program\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
    CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    CHR Plugin: (Windows Live® Photo Gallery) - C:\Program\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
    CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    CHR Extension: (Google Docs) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-06]
    CHR Extension: (Google Drive) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-06]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
    CHR Extension: (YouTube) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-06]
    CHR Extension: (Google Search) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-06]
    CHR Extension: (Google Wallet) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
    CHR Extension: (Gmail) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-06]
    CHR HKLM\...\Chrome\Extension: [aicjcijfbjpmgnlbojmcnflkgeecpfnn] - C:\Documents and Settings\All Users\Application Data\ADDICT-THING\aicjcijfbjpmgnlbojmcnflkgeecpfnn.crx [2013-06-06]
     
    ========================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 Apple Mobile Device; C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-06-12] (Apple Inc.)
    R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
    S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] () [File not signed]
    R2 avgfws; C:\Program\AVG\AVG2014\avgfws.exe [1417160 2014-07-10] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
    S2 BBSvc; C:\Program\Microsoft\BingBar\7.3.107.0\BBSvc.exe [193696 2013-08-30] (Microsoft Corporation.)
    R3 BBUpdate; C:\Program\Microsoft\BingBar\7.3.107.0\SeaPort.exe [240288 2013-08-30] (Microsoft Corporation.)
    R2 Bonjour Service; C:\Program\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
    R2 fsssvc; C:\Program\Windows Live\Family Safety\fsssvc.exe [704872 2010-04-28] (Microsoft Corporation)
    S2 gupdate; C:\Program\Google\Update\GoogleUpdate.exe [136176 2011-10-21] (Google Inc.)
    S3 gupdatem; C:\Program\Google\Update\GoogleUpdate.exe [136176 2011-10-21] (Google Inc.)
    S3 hpqcxs08; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
    S2 hpqddsvc; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
    R3 iPod Service; C:\Program\iPod\bin\iPodService.exe [553288 2014-07-08] (Apple Inc.)
    R2 JavaQuickStarterService; C:\Program\Java\jre7\bin\jqs.exe [170912 2013-01-29] (Oracle Corporation)
    S3 LBTServ; C:\Program\Delade filer\LogiShrd\Bluetooth\lbtserv.exe [295192 2011-09-27] (Logitech, Inc.)
    R2 MBAMScheduler; C:\Program\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    S2 MsMpSvc; c:\Program\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
    S2 Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
    S3 ose; C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
    S2 Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
    R2 TuneUp.UtilitiesSvc; C:\Program\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1858360 2014-07-14] (AVG)
    R2 WINZIPSSDiskOptimizer; C:\Program\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe [267384 2013-07-15] (WinZip Computing, S.L. (WinZip Computing))
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
    R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2278784 2004-09-21] (Realtek Semiconductor Corp.)
    R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
    R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2005-03-09] (Advanced Micro Devices)
    R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
    R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
    R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
    S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [190232 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
    S3 Blfp; C:\WINDOWS\System32\DRIVERS\baspxp32.sys [65664 2005-03-04] (Broadcom Corporation)
    R1 cbfs3; C:\WINDOWS\system32\drivers\cbfs3.sys [299280 2012-05-25] (EldoS Corporation)
    S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
    S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2013-12-31] (Phoenix Technologies) [File not signed]
    R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54760 2010-04-28] (Microsoft Corporation)
    S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-03] (Intel® Corporation)
    S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2004-08-03] (Intel® Corporation)
    S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2004-08-03] (Intel® Corporation)
    S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2004-08-03] (Intel® Corporation)
    S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-03] (Intel® Corporation)
    S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-03] (Intel® Corporation)
    S3 iAimFP5; C:\WINDOWS\System32\DRIVERS\wADV07nt.sys [11807 2004-08-03] (Intel® Corporation)
    S3 iAimFP6; C:\WINDOWS\System32\DRIVERS\wADV08nt.sys [11295 2004-08-03] (Intel® Corporation)
    S3 iAimFP7; C:\WINDOWS\System32\DRIVERS\wADV09nt.sys [11871 2004-08-03] (Intel® Corporation)
    S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2004-08-03] (Intel® Corporation)
    S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2004-08-03] (Intel® Corporation)
    S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2004-08-03] (Intel® Corporation)
    S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-03] (Intel® Corporation)
    S3 iAimTV5; C:\WINDOWS\System32\DRIVERS\wATV10nt.sys [25471 2004-08-03] (Intel® Corporation)
    S3 iAimTV6; C:\WINDOWS\System32\DRIVERS\wATV06nt.sys [22271 2004-08-03] (Intel® Corporation)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-07] (Malwarebytes Corporation)
    R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
    S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
    S3 OmniDrv; C:\WINDOWS\System32\DRIVERS\OmniDrv.sys [30976 2004-01-05] (Ideazon) [File not signed]
    S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [46720 2008-04-14] (Microsoft Corporation)
    R0 SI3112r; C:\WINDOWS\System32\DRIVERS\SI3112r.sys [116264 2007-08-29] (Silicon Image, Inc)
    R0 SiFilter; C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys [19240 2007-08-29] (Silicon Image, Inc)
    S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [32768 2012-03-26] (AnchorFree Inc)
    R3 TuneUpUtilitiesDrv; C:\Program\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2014-06-23] (TuneUp Software)
    R3 XIRLINK; C:\WINDOWS\System32\DRIVERS\C-itnt.sys [443833 2000-05-12] (Xirlink, Inc) [File not signed]
    S4 adpu320; \SystemRoot\system32\DRIVERS\adpu320.sys [X]
    S3 catchme; \??\C:\DOCUME~1\Richard\LOKALA~1\Temp\catchme.sys [X]
    S3 cpuz134; \??\C:\DOCUME~1\Richard\LOKALA~1\Temp\cpuz134\cpuz134_x32.sys [X]
    S3 MFE_RR; \??\C:\DOCUME~1\Richard\LOKALA~1\Temp\mfe_rr.sys [X]
    U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
    S4 Symmpi; \SystemRoot\system32\DRIVERS\symmpi.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-08-07 10:59 - 2014-08-07 11:00 - 00027291 _____ () C:\Documents and Settings\Richard\Skrivbord\FRST.txt
    2014-08-07 10:48 - 2014-08-07 10:48 - 01084928 _____ (Farbar) C:\Documents and Settings\Richard\Skrivbord\FRST.exe
    2014-08-07 01:30 - 2014-08-07 01:30 - 00024995 _____ () C:\ComboFix.txt
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\Richard.TN\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\NetworkService\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\LocalService\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\Administratör\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\__sbs_netsetup__\Lokala inställningar\temp
    2014-08-07 01:07 - 2014-08-07 01:07 - 00000000 _RSHD () C:\cmdcons
    2014-08-07 00:41 - 2014-08-07 00:41 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080714-01.dmp
    2014-08-07 00:39 - 2014-08-07 11:02 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\temp
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
    2014-08-07 00:13 - 2014-08-07 00:13 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
    2014-08-06 23:55 - 2014-08-06 23:55 - 00000327 _____ () C:\Boot.bak
    2014-08-06 23:55 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
    2014-08-06 23:50 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
    2014-08-06 23:50 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
    2014-08-06 23:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
    2014-08-06 23:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
    2014-08-06 23:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
    2014-08-06 23:50 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
    2014-08-06 23:50 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
    2014-08-06 23:50 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
    2014-08-06 23:50 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe
    2014-08-06 23:49 - 2014-08-07 01:30 - 00000000 ____D () C:\Qoobox
    2014-08-06 23:48 - 2014-08-07 00:36 - 00000000 ____D () C:\WINDOWS\erdnt
    2014-08-06 23:42 - 2014-08-06 23:44 - 05568206 ____R (Swearware) C:\Documents and Settings\Richard\Skrivbord\ComboFix.exe
    2014-08-06 18:15 - 2014-08-06 18:15 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-05.dmp
    2014-08-06 18:01 - 2014-08-06 18:01 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-04.dmp
    2014-08-06 17:45 - 2014-08-06 17:45 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-03.dmp
    2014-08-06 16:45 - 2014-08-06 16:45 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-02.dmp
    2014-08-06 11:35 - 2014-08-06 11:35 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-01.dmp
    2014-08-05 20:58 - 2014-08-05 20:58 - 00001642 _____ () C:\Malwarebytes.txt
    2014-08-05 15:36 - 2014-08-05 15:36 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080514-02.dmp
    2014-08-05 08:13 - 2014-08-05 08:13 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080514-01.dmp
    2014-08-05 01:35 - 2014-08-05 01:35 - 00128197 _____ () C:\Documents and Settings\Richard\Skrivbord\BIG SUR GEORGE.celtx
    2014-08-04 20:25 - 2014-08-04 20:25 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080414-03.dmp
    2014-08-04 20:23 - 2008-04-14 21:34 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv.dll
    2014-08-04 20:23 - 2008-04-14 21:34 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidserv.dll
    2014-08-04 11:36 - 2014-08-04 11:36 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080414-02.dmp
    2014-08-04 09:12 - 2014-08-04 09:12 - 00002812 _____ () C:\WINDOWS\Regfix.reg
    2014-08-04 09:02 - 2014-08-04 09:02 - 00000000 ____D () C:\RegBackup
    2014-08-04 09:01 - 2014-08-04 09:27 - 00001820 _____ () C:\Documents and Settings\All Users\Skrivbord\Tweaking.com - Registry Backup.lnk
    2014-08-04 09:01 - 2014-08-04 09:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Tweaking.com
    2014-08-04 08:54 - 2014-08-04 08:54 - 00000000 ____D () C:\Program\Tweaking.com
    2014-08-04 08:50 - 2014-08-04 08:52 - 04057608 _____ () C:\Documents and Settings\Richard\Skrivbord\tweaking.com_registry_backup_setup.exe
    2014-08-04 02:59 - 2014-08-04 02:59 - 00114688 _____ () C:\WINDOWS\Minidump\Mini080414-01.dmp
    2014-08-03 10:03 - 2014-08-03 10:03 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080314-03.dmp
    2014-08-03 02:26 - 2014-08-03 02:26 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080314-02.dmp
    2014-08-03 01:26 - 2014-08-03 01:26 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080314-01.dmp
    2014-08-02 19:46 - 2014-08-07 10:59 - 00000000 ____D () C:\FRST
    2014-08-02 10:16 - 2014-08-02 10:16 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080214-03.dmp
    2014-08-02 09:03 - 2014-08-02 09:03 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080214-02.dmp
    2014-08-02 08:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
    2014-08-02 01:51 - 2014-08-02 01:51 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080214-01.dmp
    2014-08-01 23:17 - 2014-08-01 23:17 - 00000733 _____ () C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk
    2014-08-01 23:17 - 2014-08-01 23:17 - 00000000 ____D () C:\Program\Malwarebytes Anti-Malware
    2014-08-01 23:17 - 2014-08-01 23:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes Anti-Malware
    2014-08-01 23:17 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2014-07-31 19:52 - 2014-08-07 02:16 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\Malware Tools
    2014-07-31 12:43 - 2014-07-31 12:43 - 00000000 _____ () C:\SophosBootTasks.txt
    2014-07-25 23:24 - 2014-07-25 23:24 - 00000000 ____H () C:\Documents and Settings\Richard\Mina dokument\Default.rdp
    2014-07-25 10:08 - 2014-07-31 18:25 - 00002227 _____ () C:\Documents and Settings\All Users\Skrivbord\Skype.lnk
    2014-07-25 10:08 - 2014-07-25 10:08 - 00000000 ____D () C:\Program\Delade filer\Skype
    2014-07-25 10:08 - 2014-07-25 10:08 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Skype
    2014-07-25 10:08 - 2014-07-25 10:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Skype
    2014-07-22 14:47 - 2010-02-10 21:20 - 00593920 ____N () C:\WINDOWS\system32\ati2sgag.exe
    2014-07-22 14:44 - 2014-07-22 14:44 - 00000000 ____D () C:\ATI
    2014-07-22 07:56 - 2014-07-22 14:56 - 00001084 _____ () C:\WINDOWS\spupdsvc.log
    2014-07-22 07:55 - 2014-07-22 07:56 - 00000000 ____D () C:\f18b8596a63f2776389f
    2014-07-22 07:22 - 2014-07-22 10:58 - 00000000 ____D () C:\0d608be659421094a8274931cdb6
    2014-07-22 00:33 - 2014-07-22 00:33 - 00001510 _____ () C:\Documents and Settings\All Users\Skrivbord\iTunes.lnk
    2014-07-22 00:33 - 2014-07-22 00:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\iTunes
    2014-07-22 00:32 - 2014-07-22 00:33 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2014-07-22 00:32 - 2014-07-22 00:32 - 00000000 ____D () C:\Program\iPod
    2014-07-21 23:53 - 2014-07-24 20:20 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\Apple Computer
    2014-07-21 23:53 - 2014-07-21 23:53 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Apple Computer
    2014-07-21 23:49 - 2014-07-22 00:33 - 00000000 ____D () C:\Program\iTunes
    2014-07-21 23:49 - 2014-07-22 00:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple Computer
    2014-07-21 23:47 - 2014-08-04 10:18 - 00000272 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2014-07-21 23:47 - 2014-07-21 23:47 - 00001830 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Apple Software Update.lnk
    2014-07-21 23:47 - 2014-07-21 23:47 - 00000000 ____D () C:\Program\Apple Software Update
    2014-07-21 23:47 - 2014-07-21 23:47 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Apple
    2014-07-21 23:47 - 2014-07-21 23:47 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Apple Computer
    2014-07-21 23:46 - 2013-03-18 16:51 - 06112864 _____ (Apple, Inc.) C:\WINDOWS\system32\usbaaplrc.dll
    2014-07-21 23:46 - 2013-03-18 16:51 - 00045056 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl.sys
    2014-07-21 23:45 - 2014-07-22 00:32 - 00000000 ____D () C:\Program\Delade filer\Apple
    2014-07-21 23:45 - 2014-07-21 23:47 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple
    2014-07-21 23:45 - 2014-07-21 23:45 - 00000000 ____D () C:\Program\Bonjour
    2014-07-21 22:14 - 2014-07-21 23:01 - 00000000 ____D () C:\d80b9deb1c60777af7
    2014-07-21 00:23 - 2014-07-21 00:23 - 00000000 ____D () C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\AVG
    2014-07-21 00:23 - 2014-07-21 00:23 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\AVG
    2014-07-21 00:01 - 2014-08-07 10:04 - 00000626 _____ () C:\WINDOWS\Tasks\AVG_SYS_TASK_0614t_RUN.job
    2014-07-21 00:01 - 2014-07-21 00:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avg_Update_0614t
    2014-07-20 09:17 - 2014-07-20 09:17 - 00000000 ____D () C:\Documents and Settings\Richard\Mina dokument\Ny mapp
    2014-07-20 02:41 - 2014-07-20 02:41 - 00002876 _____ () C:\WINDOWS\DPINST.LOG
    2014-07-20 00:43 - 2014-08-04 21:16 - 00000397 _____ () C:\WINDOWS\setupact.log
    2014-07-20 00:43 - 2014-07-20 00:43 - 00000000 _____ () C:\WINDOWS\setuperr.log
    2014-07-20 00:22 - 2014-08-07 02:30 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
    2014-07-20 00:22 - 2014-07-20 00:22 - 00001689 _____ () C:\Documents and Settings\All Users\Start-meny\Program\AVG PC TuneUp 2014.lnk
    2014-07-20 00:22 - 2014-07-20 00:22 - 00001689 _____ () C:\Documents and Settings\All Users\Skrivbord\AVG 1-Click Maintenance.lnk
    2014-07-20 00:22 - 2014-07-20 00:22 - 00001683 _____ () C:\Documents and Settings\All Users\Skrivbord\AVG PC TuneUp 2014.lnk
    2014-07-20 00:22 - 2014-07-20 00:22 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\AVG PC TuneUp 2014
    2014-07-20 00:22 - 2014-07-14 12:26 - 00036152 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
    2014-07-20 00:21 - 2014-07-20 00:21 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\AVG
    2014-07-20 00:21 - 2014-07-20 00:21 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\AVG
    2014-07-20 00:17 - 2014-07-20 00:29 - 00000000 __SHD () C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
    2014-07-20 00:17 - 2014-07-20 00:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG
    2014-07-19 21:23 - 2014-07-19 21:23 - 00000494 _____ () C:\Documents and Settings\Richard\Skrivbord\Data Safe.lnk
    2014-07-19 21:22 - 2014-07-19 21:23 - 209715200 _____ () C:\Documents and Settings\Richard\Mina dokument\Data Safe.avgfv
    2014-07-19 17:55 - 2014-07-19 17:55 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\AVG2014
    2014-07-19 17:54 - 2014-07-19 21:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\AVG
    2014-07-19 17:54 - 2014-07-19 17:54 - 00000670 _____ () C:\Documents and Settings\All Users\Skrivbord\AVG 2014.lnk
    2014-07-19 17:53 - 2014-07-19 17:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
    2014-07-19 17:53 - 2014-07-19 17:53 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\TuneUp Software
    2014-07-19 17:53 - 2014-07-19 17:53 - 00000000 ____D () C:\$AVG
    2014-07-19 17:52 - 2014-07-20 00:21 - 00000000 ____D () C:\Program\AVG
    2014-07-19 17:39 - 2014-08-07 10:51 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
    2014-07-19 17:39 - 2014-07-19 21:28 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Avg2014
    2014-07-19 17:39 - 2014-07-19 17:39 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\MFAData
    2014-07-19 02:28 - 2014-08-04 20:23 - 00520783 _____ () C:\WINDOWS\setupapi.log
    2014-07-15 14:40 - 2014-07-15 14:40 - 00031768 _____ () C:\Documents and Settings\Richard\Skrivbord\THE FIX'IT MAN.celtx
    2014-07-12 23:22 - 2014-07-12 23:22 - 00000427 _____ () C:\Billy Wilder.jpg.lnk5z651
    2014-07-12 14:59 - 2014-07-12 14:59 - 00000624 _____ () C:\Robert MacLean, his brief history.pdf.lnky4355
    2014-07-12 14:58 - 2014-07-12 14:58 - 00000506 _____ () C:\Romantic comedy Pas de deux.zip.lnkhs605
    2014-07-11 17:02 - 2014-07-11 17:02 - 00000384 _____ () C:\agent.pdf.lnk5z1020
    2014-07-11 14:03 - 2014-07-11 14:03 - 00000614 _____ () C:\Dancing Israeli's (3-of-the-5).jpeg.lnky4162
    2014-07-11 13:26 - 2014-07-11 13:26 - 00000549 _____ () C:\Sword rear Ninga #1.jpg.lnkht318
    2014-07-11 13:03 - 2014-07-11 13:03 - 00000584 _____ () C:\Ridley Scott & Camera #02.jpg.lnkyk287
    2014-07-11 12:58 - 2014-07-11 12:58 - 00000529 _____ () C:\Film Crew #03.jpeg.lnkhs209
    2014-07-11 12:44 - 2014-07-11 12:54 - 00000629 _____ () C:\Film Crew #10 (It's Who You Know).jpeg.lnkui256
    2014-07-10 12:38 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Richard\Skrivbord\TDSSKiller.exe
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-08-07 11:02 - 2014-08-07 00:39 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\temp
    2014-08-07 11:01 - 2012-06-03 17:20 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\Skype
    2014-08-07 11:01 - 2009-09-03 07:53 - 00000410 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{7B8AB321-E309-49ED-B138-2D1AD3B32EF0}.job
    2014-08-07 11:00 - 2014-08-07 10:59 - 00027291 _____ () C:\Documents and Settings\Richard\Skrivbord\FRST.txt
    2014-08-07 10:59 - 2014-08-02 19:46 - 00000000 ____D () C:\FRST
    2014-08-07 10:59 - 2010-08-24 11:09 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord
    2014-08-07 10:51 - 2014-07-19 17:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
    2014-08-07 10:51 - 2012-08-06 08:58 - 00000414 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{F881C789-9CA0-4738-AD4E-3E39BFF011E2}.job
    2014-08-07 10:48 - 2014-08-07 10:48 - 01084928 _____ (Farbar) C:\Documents and Settings\Richard\Skrivbord\FRST.exe
    2014-08-07 10:30 - 2013-06-10 22:57 - 00000494 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
    2014-08-07 10:25 - 2012-04-12 06:55 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2014-08-07 10:20 - 2004-09-06 08:21 - 01411857 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-08-07 10:17 - 2011-10-21 11:35 - 00000876 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2014-08-07 10:15 - 2010-12-22 11:22 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
    2014-08-07 10:08 - 2014-01-23 18:25 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2014-08-07 10:06 - 2004-09-06 08:16 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
    2014-08-07 10:05 - 2014-03-12 02:17 - 00000226 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP - Inloggningsmeddelande gällande när tjänsten upphör.job
    2014-08-07 10:05 - 2011-10-21 11:35 - 00000872 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2014-08-07 10:05 - 2004-09-06 09:46 - 00000159 _____ () C:\WINDOWS\wiadebug.log
    2014-08-07 10:05 - 2004-09-06 09:46 - 00000048 _____ () C:\WINDOWS\wiaservc.log
    2014-08-07 10:04 - 2014-07-21 00:01 - 00000626 _____ () C:\WINDOWS\Tasks\AVG_SYS_TASK_0614t_RUN.job
    2014-08-07 10:04 - 2004-09-06 08:21 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-08-07 02:30 - 2014-07-20 00:22 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
    2014-08-07 02:30 - 2004-09-06 08:21 - 00032578 _____ () C:\WINDOWS\SchedLgU.Txt
    2014-08-07 02:29 - 2010-08-24 11:09 - 00000304 ___SH () C:\Documents and Settings\Richard\ntuser.ini
    2014-08-07 02:29 - 2010-08-24 11:09 - 00000000 ____D () C:\Documents and Settings\Richard
    2014-08-07 02:16 - 2014-07-31 19:52 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\Malware Tools
    2014-08-07 01:30 - 2014-08-07 01:30 - 00024995 _____ () C:\ComboFix.txt
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\Richard.TN\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\NetworkService\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\LocalService\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\Administratör\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\__sbs_netsetup__\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-06 23:49 - 00000000 ____D () C:\Qoobox
    2014-08-07 01:30 - 2010-08-27 10:50 - 00000000 ___HD () C:\Documents and Settings\Richard.TN\Lokala inställningar
    2014-08-07 01:30 - 2008-10-28 18:26 - 00000000 ___HD () C:\Documents and Settings\__sbs_netsetup__\Lokala inställningar
    2014-08-07 01:30 - 2006-07-03 22:29 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Lokala inställningar
    2014-08-07 01:30 - 2006-07-03 22:29 - 00000000 ___HD () C:\Documents and Settings\LocalService\Lokala inställningar
    2014-08-07 01:30 - 2006-07-03 22:29 - 00000000 ___HD () C:\Documents and Settings\Administratör\Lokala inställningar
    2014-08-07 01:26 - 2004-09-06 09:43 - 00000227 _____ () C:\WINDOWS\system.ini
    2014-08-07 01:25 - 2006-07-03 22:29 - 00000000 ___RD () C:\Program
    2014-08-07 01:21 - 2006-07-03 22:30 - 00000000 ____D () C:\Program\Delade filer
    2014-08-07 01:07 - 2014-08-07 01:07 - 00000000 _RSHD () C:\cmdcons
    2014-08-07 01:07 - 2004-09-06 07:47 - 00000327 __RSH () C:\boot.ini
    2014-08-07 00:41 - 2014-08-07 00:41 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080714-01.dmp
    2014-08-07 00:41 - 2010-09-02 23:53 - 00000000 ____D () C:\WINDOWS\Minidump
    2014-08-07 00:39 - 2010-08-24 11:09 - 00000000 ___HD () C:\Documents and Settings\Richard\Lokala inställningar
    2014-08-07 00:36 - 2014-08-06 23:48 - 00000000 ____D () C:\WINDOWS\erdnt
    2014-08-07 00:15 - 2004-09-06 17:22 - 46137344 _____ () C:\WINDOWS\system32\config\software.bak
    2014-08-07 00:15 - 2004-09-06 08:21 - 05767168 _____ () C:\WINDOWS\system32\config\system.bak
    2014-08-07 00:15 - 2004-09-06 08:21 - 05242880 _____ () C:\WINDOWS\system32\config\default.bak
    2014-08-07 00:15 - 2004-09-06 08:21 - 00524288 _____ () C:\WINDOWS\system32\config\SECURITY.bak
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
    2014-08-07 00:13 - 2014-08-07 00:13 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
    2014-08-06 23:55 - 2014-08-06 23:55 - 00000327 _____ () C:\Boot.bak
    2014-08-06 23:44 - 2014-08-06 23:42 - 05568206 ____R (Swearware) C:\Documents and Settings\Richard\Skrivbord\ComboFix.exe
    2014-08-06 18:31 - 2013-10-03 16:49 - 00000000 ____D () C:\AdwCleaner
    2014-08-06 18:15 - 2014-08-06 18:15 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-05.dmp
    2014-08-06 18:01 - 2014-08-06 18:01 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-04.dmp
    2014-08-06 17:45 - 2014-08-06 17:45 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-03.dmp
    2014-08-06 16:45 - 2014-08-06 16:45 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-02.dmp
    2014-08-06 11:35 - 2014-08-06 11:35 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-01.dmp
    2014-08-05 21:12 - 2011-07-05 15:06 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\vlc
    2014-08-05 20:58 - 2014-08-05 20:58 - 00001642 _____ () C:\Malwarebytes.txt
    2014-08-05 20:07 - 2012-05-18 00:01 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\My Desktop Photos
    2014-08-05 18:02 - 2013-11-30 21:10 - 00001039 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Express Burn.lnk
    2014-08-05 18:02 - 2013-11-30 21:09 - 00001041 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Disketch Disc Label Software.lnk
    2014-08-05 15:36 - 2014-08-05 15:36 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080514-02.dmp
    2014-08-05 08:13 - 2014-08-05 08:13 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080514-01.dmp
    2014-08-05 01:35 - 2014-08-05 01:35 - 00128197 _____ () C:\Documents and Settings\Richard\Skrivbord\BIG SUR GEORGE.celtx
    2014-08-05 01:00 - 2012-11-16 18:00 - 00000000 ____D () C:\Program\Celtx
    2014-08-04 21:16 - 2014-07-20 00:43 - 00000397 _____ () C:\WINDOWS\setupact.log
    2014-08-04 20:25 - 2014-08-04 20:25 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080414-03.dmp
    2014-08-04 20:23 - 2014-07-19 02:28 - 00520783 _____ () C:\WINDOWS\setupapi.log
    2014-08-04 17:11 - 2013-06-10 00:47 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\SCRIPTS & TREATMENTS
    2014-08-04 16:59 - 2012-08-05 23:43 - 00000000 ____D () C:\unzipped
    2014-08-04 11:36 - 2014-08-04 11:36 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080414-02.dmp
    2014-08-04 10:18 - 2014-07-21 23:47 - 00000272 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2014-08-04 09:27 - 2014-08-04 09:01 - 00001820 _____ () C:\Documents and Settings\All Users\Skrivbord\Tweaking.com - Registry Backup.lnk
    2014-08-04 09:27 - 2006-07-03 22:30 - 00000000 ____D () C:\WINDOWS\repair
    2014-08-04 09:27 - 2006-07-03 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Skrivbord
    2014-08-04 09:12 - 2014-08-04 09:12 - 00002812 _____ () C:\WINDOWS\Regfix.reg
    2014-08-04 09:02 - 2014-08-04 09:02 - 00000000 ____D () C:\RegBackup
    2014-08-04 09:02 - 2006-07-03 22:30 - 00000000 ____D () C:\WINDOWS\Registration
    2014-08-04 09:01 - 2014-08-04 09:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Tweaking.com
    2014-08-04 09:01 - 2006-07-03 22:29 - 00000000 ___RD () C:\Documents and Settings\All Users\Start-meny\Program
    2014-08-04 08:54 - 2014-08-04 08:54 - 00000000 ____D () C:\Program\Tweaking.com
    2014-08-04 08:52 - 2014-08-04 08:50 - 04057608 _____ () C:\Documents and Settings\Richard\Skrivbord\tweaking.com_registry_backup_setup.exe
    2014-08-04 02:59 - 2014-08-04 02:59 - 00114688 _____ () C:\WINDOWS\Minidump\Mini080414-01.dmp
    2014-08-03 10:03 - 2014-08-03 10:03 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080314-03.dmp
    2014-08-03 09:32 - 2006-07-03 22:29 - 00000000 ____D () C:\i386
    2014-08-03 02:26 - 2014-08-03 02:26 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080314-02.dmp
    2014-08-03 01:26 - 2014-08-03 01:26 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080314-01.dmp
    2014-08-02 10:16 - 2014-08-02 10:16 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080214-03.dmp
    2014-08-02 09:03 - 2014-08-02 09:03 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080214-02.dmp
    2014-08-02 09:00 - 2011-09-12 11:02 - 00000000 ___RD () C:\Documents and Settings\Richard\Mina dokument
    2014-08-02 01:51 - 2014-08-02 01:51 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080214-01.dmp
    2014-08-01 23:17 - 2014-08-01 23:17 - 00000733 _____ () C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk
    2014-08-01 23:17 - 2014-08-01 23:17 - 00000000 ____D () C:\Program\Malwarebytes Anti-Malware
    2014-08-01 23:17 - 2014-08-01 23:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes Anti-Malware
    2014-08-01 23:17 - 2012-05-18 08:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2014-07-31 19:52 - 2013-09-05 12:36 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\JAGAN (MASTER FILE)
    2014-07-31 18:41 - 2006-07-03 13:53 - 00002477 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Microsoft Word.lnk
    2014-07-31 18:25 - 2014-07-25 10:08 - 00002227 _____ () C:\Documents and Settings\All Users\Skrivbord\Skype.lnk
    2014-07-31 12:43 - 2014-07-31 12:43 - 00000000 _____ () C:\SophosBootTasks.txt
    2014-07-30 19:55 - 2012-05-26 12:54 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\uTorrent
    2014-07-28 19:25 - 2014-05-19 12:47 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\SCRIPT DEVELOPMENT
    2014-07-28 14:04 - 2013-07-02 10:24 - 00000372 _____ () C:\Documents and Settings\Richard\Mina dokument\spider.sav
    2014-07-26 22:36 - 2013-09-01 13:11 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\HOLLY FARM PRODUCTIONS
    2014-07-25 23:24 - 2014-07-25 23:24 - 00000000 ____H () C:\Documents and Settings\Richard\Mina dokument\Default.rdp
    2014-07-25 23:20 - 2010-08-24 11:09 - 00000000 ___RD () C:\Documents and Settings\Richard\Start-meny\Program\Autostart
    2014-07-25 21:17 - 2013-05-17 00:54 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\Dropbox
    2014-07-25 19:20 - 2013-12-28 05:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
    2014-07-25 19:20 - 2013-12-27 23:17 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\mbar
    2014-07-25 10:37 - 2012-09-30 00:43 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\Audacity
    2014-07-25 10:08 - 2014-07-25 10:08 - 00000000 ____D () C:\Program\Delade filer\Skype
    2014-07-25 10:08 - 2014-07-25 10:08 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Skype
    2014-07-25 10:08 - 2014-07-25 10:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Skype
    2014-07-25 10:08 - 2013-01-27 12:03 - 00000000 ___RD () C:\Program\Skype
    2014-07-25 10:08 - 2012-06-03 17:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
    2014-07-24 20:34 - 2013-07-12 16:44 - 00000000 ___RD () C:\Documents and Settings\Richard\Mina dokument\Mina bilder
    2014-07-24 20:20 - 2014-07-21 23:53 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\Apple Computer
    2014-07-24 15:30 - 2013-05-17 01:47 - 00001020 _____ () C:\Documents and Settings\Richard\Skrivbord\Dropbox.lnk
    2014-07-24 15:30 - 2013-05-17 00:56 - 00000000 ____D () C:\Documents and Settings\Richard\Start-meny\Program\Dropbox
    2014-07-24 15:25 - 2013-05-26 09:15 - 00002347 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Adobe Reader XI.lnk
    2014-07-24 00:04 - 2013-05-31 09:19 - 00000000 ____D () C:\Program\Microsoft Silverlight
    2014-07-23 23:52 - 2013-05-31 09:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Microsoft Silverlight
    2014-07-23 19:46 - 2006-07-03 22:30 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
    2014-07-23 19:11 - 2004-09-06 08:05 - 00542224 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-07-23 19:11 - 2004-09-06 08:05 - 00413416 _____ () C:\WINDOWS\system32\perfh01D.dat
    2014-07-23 19:11 - 2004-09-06 08:05 - 00068066 _____ () C:\WINDOWS\system32\perfc01D.dat
    2014-07-23 17:51 - 2010-09-06 09:45 - 00031080 ____C () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\GDIPFONTCACHEV1.DAT
    2014-07-22 14:56 - 2014-07-22 07:56 - 00001084 _____ () C:\WINDOWS\spupdsvc.log
    2014-07-22 14:53 - 2004-09-06 08:21 - 00036864 _____ () C:\WINDOWS\system32\config\SAM.bak
    2014-07-22 14:53 - 2004-09-06 08:02 - 00153176 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
    2014-07-22 14:49 - 2013-07-21 14:15 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\ATI
    2014-07-22 14:49 - 2013-07-21 14:15 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\ATI
    2014-07-22 14:44 - 2014-07-22 14:44 - 00000000 ____D () C:\ATI
    2014-07-22 10:58 - 2014-07-22 07:22 - 00000000 ____D () C:\0d608be659421094a8274931cdb6
    2014-07-22 07:57 - 2010-12-22 11:13 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
    2014-07-22 07:56 - 2014-07-22 07:55 - 00000000 ____D () C:\f18b8596a63f2776389f
    2014-07-22 00:33 - 2014-07-22 00:33 - 00001510 _____ () C:\Documents and Settings\All Users\Skrivbord\iTunes.lnk
    2014-07-22 00:33 - 2014-07-22 00:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\iTunes
    2014-07-22 00:33 - 2014-07-22 00:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2014-07-22 00:33 - 2014-07-21 23:49 - 00000000 ____D () C:\Program\iTunes
    2014-07-22 00:32 - 2014-07-22 00:32 - 00000000 ____D () C:\Program\iPod
    2014-07-22 00:32 - 2014-07-21 23:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple Computer
    2014-07-22 00:32 - 2014-07-21 23:45 - 00000000 ____D () C:\Program\Delade filer\Apple
    2014-07-21 23:53 - 2014-07-21 23:53 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Apple Computer
    2014-07-21 23:47 - 2014-07-21 23:47 - 00001830 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Apple Software Update.lnk
    2014-07-21 23:47 - 2014-07-21 23:47 - 00000000 ____D () C:\Program\Apple Software Update
    2014-07-21 23:47 - 2014-07-21 23:47 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Apple
    2014-07-21 23:47 - 2014-07-21 23:47 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Apple Computer
    2014-07-21 23:47 - 2014-07-21 23:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple
    2014-07-21 23:45 - 2014-07-21 23:45 - 00000000 ____D () C:\Program\Bonjour
    2014-07-21 23:01 - 2014-07-21 22:14 - 00000000 ____D () C:\d80b9deb1c60777af7
    2014-07-21 22:09 - 2010-08-26 09:01 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
    2014-07-21 02:59 - 2012-08-14 23:23 - 00000270 _____ () C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
    2014-07-21 00:23 - 2014-07-21 00:23 - 00000000 ____D () C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\AVG
    2014-07-21 00:23 - 2014-07-21 00:23 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\AVG
    2014-07-21 00:01 - 2014-07-21 00:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avg_Update_0614t
    2014-07-20 18:21 - 2014-05-19 19:33 - 00000000 ____D () C:\Documents and Settings\Richard\Mina dokument\CURT'S MEDICAL FILE
    2014-07-20 10:09 - 2004-09-06 07:52 - 00000749 ___RH () C:\WINDOWS\WindowsShell.Manifest
    2014-07-20 10:09 - 2004-09-06 07:52 - 00000749 ___RH () C:\WINDOWS\system32\wuaucpl.cpl.manifest
    2014-07-20 10:09 - 2004-09-06 07:52 - 00000749 ___RH () C:\WINDOWS\system32\sapi.cpl.manifest
    2014-07-20 10:09 - 2004-09-06 07:52 - 00000749 ___RH () C:\WINDOWS\system32\nwc.cpl.manifest
    2014-07-20 10:09 - 2004-09-06 07:52 - 00000749 ___RH () C:\WINDOWS\system32\ncpa.cpl.manifest
    2014-07-20 10:09 - 2004-09-06 07:52 - 00000749 ___RH () C:\WINDOWS\system32\cdplayer.exe.manifest
    2014-07-20 09:17 - 2014-07-20 09:17 - 00000000 ____D () C:\Documents and Settings\Richard\Mina dokument\Ny mapp
    2014-07-20 09:16 - 2012-10-04 17:16 - 00000000 ____D () C:\Intel Desktop Board
    2014-07-20 02:56 - 2010-08-24 11:09 - 00000000 ___RD () C:\Documents and Settings\Richard\Start-meny
    2014-07-20 02:41 - 2014-07-20 02:41 - 00002876 _____ () C:\WINDOWS\DPINST.LOG
    2014-07-20 00:43 - 2014-07-20 00:43 - 00000000 _____ () C:\WINDOWS\setuperr.log
    2014-07-20 00:29 - 2014-07-20 00:17 - 00000000 __SHD () C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
    2014-07-20 00:29 - 2013-05-18 14:40 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\HpUpdate
    2014-07-20 00:28 - 2013-06-14 01:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Plot Control
    2014-07-20 00:28 - 2006-07-03 15:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Lotus SmartSuite
    2014-07-20 00:22 - 2014-07-20 00:22 - 00001689 _____ () C:\Documents and Settings\All Users\Start-meny\Program\AVG PC TuneUp 2014.lnk
    2014-07-20 00:22 - 2014-07-20 00:22 - 00001689 _____ () C:\Documents and Settings\All Users\Skrivbord\AVG 1-Click Maintenance.lnk
    2014-07-20 00:22 - 2014-07-20 00:22 - 00001683 _____ () C:\Documents and Settings\All Users\Skrivbord\AVG PC TuneUp 2014.lnk
    2014-07-20 00:22 - 2014-07-20 00:22 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\AVG PC TuneUp 2014
    2014-07-20 00:22 - 2014-07-20 00:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG
    2014-07-20 00:21 - 2014-07-20 00:21 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\AVG
    2014-07-20 00:21 - 2014-07-20 00:21 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\AVG
    2014-07-20 00:21 - 2014-07-19 17:52 - 00000000 ____D () C:\Program\AVG
    2014-07-20 00:14 - 2010-08-24 11:09 - 00000000 ___RD () C:\Documents and Settings\Richard\Start-meny\Program
    2014-07-19 22:57 - 2013-06-06 01:08 - 00001753 _____ () C:\Documents and Settings\All Users\Skrivbord\Google Chrome.lnk
    2014-07-19 22:44 - 2011-02-11 13:43 - 00000000 ____D () C:\Program\PDFCreator
    2014-07-19 22:22 - 2014-04-28 15:36 - 00000000 ____D () C:\Program\Advanced Disk Recovery
    2014-07-19 21:59 - 2014-04-28 15:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Advanced Disk Recovery
    2014-07-19 21:28 - 2014-07-19 17:39 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Avg2014
    2014-07-19 21:23 - 2014-07-19 21:23 - 00000494 _____ () C:\Documents and Settings\Richard\Skrivbord\Data Safe.lnk
    2014-07-19 21:23 - 2014-07-19 21:22 - 209715200 _____ () C:\Documents and Settings\Richard\Mina dokument\Data Safe.avgfv
    2014-07-19 21:23 - 2010-08-24 11:09 - 00000000 ___RD () C:\Documents and Settings\Richard\Favoriter
    2014-07-19 21:03 - 2014-07-19 17:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\AVG
    2014-07-19 20:54 - 2012-05-13 14:33 - 00001912 _____ () C:\WINDOWS\epplauncher.mif
    2014-07-19 20:54 - 2012-05-13 14:32 - 00000000 ____D () C:\Program\Microsoft Security Client
    2014-07-19 17:55 - 2014-07-19 17:55 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\AVG2014
    2014-07-19 17:54 - 2014-07-19 17:54 - 00000670 _____ () C:\Documents and Settings\All Users\Skrivbord\AVG 2014.lnk
    2014-07-19 17:54 - 2014-07-19 17:53 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
    2014-07-19 17:53 - 2014-07-19 17:53 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\TuneUp Software
    2014-07-19 17:53 - 2014-07-19 17:53 - 00000000 ____D () C:\$AVG
    2014-07-19 17:39 - 2014-07-19 17:39 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\MFAData
    2014-07-19 03:30 - 2013-06-14 01:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
    2014-07-19 00:09 - 2012-09-30 13:40 - 00000000 ____D () C:\Program\Free Scan to PDF
    2014-07-18 23:51 - 2008-11-13 11:00 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Norton
    2014-07-18 23:50 - 2006-07-03 15:44 - 00000000 ____D () C:\Program\lotus
    2014-07-18 23:50 - 2006-07-03 13:40 - 00000000 ____D () C:\Documents and Settings\IVAB\Lokala inställningar\Temp
    2014-07-15 14:40 - 2014-07-15 14:40 - 00031768 _____ () C:\Documents and Settings\Richard\Skrivbord\THE FIX'IT MAN.celtx
    2014-07-15 07:23 - 2013-08-02 23:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2014-07-14 12:26 - 2014-07-20 00:22 - 00036152 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
    2014-07-12 23:22 - 2014-07-12 23:22 - 00000427 _____ () C:\Billy Wilder.jpg.lnk5z651
    2014-07-12 14:59 - 2014-07-12 14:59 - 00000624 _____ () C:\Robert MacLean, his brief history.pdf.lnky4355
    2014-07-12 14:58 - 2014-07-12 14:58 - 00000506 _____ () C:\Romantic comedy Pas de deux.zip.lnkhs605
    2014-07-11 17:02 - 2014-07-11 17:02 - 00000384 _____ () C:\agent.pdf.lnk5z1020
    2014-07-11 14:03 - 2014-07-11 14:03 - 00000614 _____ () C:\Dancing Israeli's (3-of-the-5).jpeg.lnky4162
    2014-07-11 13:26 - 2014-07-11 13:26 - 00000549 _____ () C:\Sword rear Ninga #1.jpg.lnkht318
    2014-07-11 13:03 - 2014-07-11 13:03 - 00000584 _____ () C:\Ridley Scott & Camera #02.jpg.lnkyk287
    2014-07-11 12:58 - 2014-07-11 12:58 - 00000529 _____ () C:\Film Crew #03.jpeg.lnkhs209
    2014-07-11 12:54 - 2014-07-11 12:44 - 00000629 _____ () C:\Film Crew #10 (It's Who You Know).jpeg.lnkui256
    2014-07-10 12:38 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Richard\Skrivbord\TDSSKiller.exe
    2014-07-09 13:29 - 2012-04-12 06:55 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
    2014-07-09 13:29 - 2012-02-01 08:19 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
    2014-07-08 15:49 - 2014-07-07 18:50 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\Real
    2014-07-08 15:48 - 2014-07-07 17:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Real
    2014-07-08 15:00 - 2014-03-12 02:17 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP - Månatligt meddelande gällande när tjänsten upphör.job
     
    Some content of TEMP:
    ====================
    C:\Documents and Settings\IVAB\Lokala inställningar\temp\applnch.exe
    C:\Documents and Settings\IVAB\Lokala inställningar\temp\UninstallRC.dll
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
     
    ==================== End Of Log ============================
     
    ADDITION
     
    Additional scan result of Farbar Recovery Scan Tool (x86) Version:5-08-2014
    Ran by Richard at 2014-08-07 11:03:10
    Running from C:\Documents and Settings\Richard\Skrivbord
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: AVG Internet Security 2014 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    FW: AVG Internet Security 2014 (Disabled) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
    32 Bit HP BiDi Channel Components Installer (Version: 1.1.0.2 - Hewlett-Packard) Hidden
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
    Adobe AIR (Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
    Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
    Adobe Download Assistant (Version: 1.2.3 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
    Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.07) - Svenska (HKLM\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
    Advanced Disk Recovery (HKLM\...\{2AA44AF4-C116-4219-B800-4573E7E6D421}_is1) (Version: 2.5.500.15827 - Systweak Software)
    AMD Catalyst Install Manager (HKLM\...\{FF04A145-FEA7-82F6-F16D-0B0CB31046F4}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
    Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
    Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )
    ATI Control Panel (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5166 - )
    ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.593.100-100210a-095952E-ATI - )
    Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
    AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4744 - AVG Technologies)
    AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
    AVG 2014 (Version: 14.0.4744 - AVG Technologies) Hidden
    AVG PC TuneUp 2014 (en-GB) (Version: 14.0.1001.519 - AVG) Hidden
    AVG PC TuneUp 2014 (HKLM\...\AVG PC TuneUp) (Version: 14.0.1001.519 - AVG)
    AVG PC TuneUp 2014 (Version: 14.0.1001.519 - AVG) Hidden
    Bing Bar (HKLM\...\{71D30D86-88C0-4A6E-8A9B-5403A8A5D6D4}) (Version: 7.3.107.0 - Microsoft Corporation)
    Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
    Broadcom Management Programs (HKLM\...\{058B32E2-6310-4359-B2D4-1988390C3B83}) (Version: 8.19.02 - Broadcom Corporation)
    BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
    Celtx (2.9.7) (HKLM\...\Celtx (2.9.7)) (Version: 2.9.7 (en-US) - Greyfirst)
    Compatibility Pack för Office 2007-systemet (HKLM\...\{90120000-0020-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Convert Audio Free FLAC to MP3 version 1.0 (HKLM\...\Convert Audio Free FLAC to MP3_is1) (Version: 1.0 - )
    Destination Component (Version: 100.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
    DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
    Dragon Point & Speak (HKLM\...\Dragon Point & Speak) (Version:  - )
    DriverTuner 3.1.0.0 (HKLM\...\{520C1D80-935C-42B9-9340-E883849D804F}_is1) (Version: 3.1.0.0 - LionSea SoftWare)
    Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
    FairStars CD Ripper 1.52 (HKLM\...\FairStars CD Ripper_is1) (Version:  - FairStars Soft)
    Free Scan to PDF 6.3.5 (HKLM\...\Free Scan to PDF_is1) (Version:  - PDFSpin Co., Ltd.)
    Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
    Google Earth (HKLM\...\{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}) (Version: 4.3.7284.3916 - Google)
    Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google SketchUp 8 (HKLM\...\{D22002ED-EE2A-4CB1-A63D-430E62A2E8D8}) (Version: 3.0.4811 - Google, Inc.)
    Google Talk Plugin (HKLM\...\{2A83AD05-56E6-3FBD-8752-B4143162EF59}) (Version: 4.9.1.16010 - Google)
    Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
    Grundläggande enhetsprogramvara för HP Deskjet 2510 series (HKLM\...\{D5B29A2F-670B-4B5C-8E6B-CB611A6914DB}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
    Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
    HP Color LaserJet CM2320 MFP Series 2.0 (HKLM\...\{ECF3E482-9188-4e29-9C31-E02FD8DC74C0}) (Version: 2.0 - HP)
    HP Deskjet 2510 series Hjälp (HKLM\...\{66EE6223-201D-4776-A4EC-CD7574FF8754}) (Version: 27.0.0 - Hewlett Packard)
    HP Deskjet 2510 series Setup Guide (HKLM\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
    HP Help and Support (HKLM\...\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}) (Version: 3.100.12.02 - )
    HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
    HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.11502 - HP)
    HP Precisionscan Pro 3.1 (HKLM\...\{6B36DEBF-27D0-4B1E-858D-D397091C6C7D}) (Version: 3.1.4.0000 - Hewlett-Packard)
    HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
    HP Share-to-Web (HKLM\...\{748F4870-8350-11D3-B0BF-080009FB4A19}) (Version:  - )
    HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
    HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
    hppCLJCM2320 (Version: 001.000.00071 - Hewlett-Packard) Hidden
    hppFaxUtilityCM2320 (Version: 001.000.00069 - Ditt företagsnamn) Hidden
    hppManualsCM2320 (Version: 001.000.00071 - Ditt företagsnamn) Hidden
    hppQFolderCM2320 (Version: 1.00.0000 - Hewlett-Packard) Hidden
    hppscanCM2320 (Version: 001.000.00071 - Hewlett-Packard) Hidden
    hppScanToCM2320 (Version: 001.000.00068 - Ditt företagsnamn) Hidden
    InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.417 - InterVideo Inc.)
    iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
    J2SE Runtime Environment 5.0 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150000}) (Version: 1.5.0 - Sun Microsystems, Inc.)
    Java 7 Update 11 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217011FF}) (Version: 7.0.110 - Oracle)
    Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Microsoft .NET Framework 1.1 Swedish Language Pack (HKLM\...\{992A2DB1-4ABC-4738-BD71-045C5FFE00D1}) (Version: 1.1.4322 - Microsoft)
    Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - SVE (HKLM\...\{7FBF377B-21EB-381B-BDC4-8935957E7FCF}) (Version: 2.1.21022 - Microsoft Corporation)
    Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - SVE (HKLM\...\{F997D0C2-CB08-3EE1-AF54-F2BA00CCB819}) (Version: 3.1.21022 - Microsoft Corporation)
    Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
    Microsoft .NET Framework 3.5 Language Pack - sve (Version: 3.5.21022 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Client Profile Language Pack - SVE (HKLM\...\Microsoft .NET Framework 4 Client Profile SVE Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile SVE Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Extended Language Pack - SVE (HKLM\...\Microsoft .NET Framework 4 Extended SVE Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Extended SVE Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft ActiveX Control Pad (HKLM\...\ActiveXControlPad) (Version:  - )
    Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
    Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
    Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
    Microsoft IE ActiveX Analyzer (HKLM\...\{F206B8BB-D34E-47B3-A8EF-B475EED73A64}) (Version: 1.5.0 - Microsoft Corporation)
    Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
    Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
    Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
    Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
    Microsoft Office Live Add-in 1.3 (HKLM\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
    Microsoft Office Outlook 2003 (HKLM\...\{90E0041D-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
    Microsoft Office XP Professional (HKLM\...\{9011041D-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
    Microsoft Picture It! Express 7.0 (HKLM\...\{369B36BE-3D64-4641-9AEA-808D436FE130}) (Version: 7.0.0.0000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
    Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
    Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    MiMedia (HKLM\...\MiMedia) (Version: 1.0.66.3574 - MiMedia, LLC)
    MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
    ooVoo (HKLM\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.9060 - ooVoo LLC.)
    PC Connectivity Solution (HKLM\...\{83258E90-1F76-4E13-9F60-A0F8ED41E76F}) (Version: 8.22.7.0 - Nokia)
    PDF to Word (HKLM\...\{E6CBC979-E613-49E6-A37B-3C342DE35235}_is1) (Version:  - Quick PDF)
    Produktförbättringsstudie för HP Deskjet 2510 series (HKLM\...\{AA486258-4524-4587-981C-ED774C047A9F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
    Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version:  - )
    Säkerhetsuppdatering för Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 7 (KB938127) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows Internet Explorer 7 (KB942615) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows Internet Explorer 7 (KB944533) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows Internet Explorer 7 (KB950759) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows Internet Explorer 7 (KB953838) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows Internet Explorer 7 (KB956390) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows Internet Explorer 7 (KB958215) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows Internet Explorer 7 (KB960714) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows Internet Explorer 7 (KB961260) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows Internet Explorer 7 (KB963027) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows Internet Explorer 7 (KB969897) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows Internet Explorer 7 (KB972260) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2744842) (HKLM\...\KB2744842-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2838727) (HKLM\...\KB2838727-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2846071) (HKLM\...\KB2846071-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2862772) (HKLM\...\KB2862772-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2870699) (HKLM\...\KB2870699-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2879017) (HKLM\...\KB2879017-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2888505) (HKLM\...\KB2888505-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2898785) (HKLM\...\KB2898785-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2909921) (HKLM\...\KB2909921-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2925418) (HKLM\...\KB2925418-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2964358) (HKLM\...\KB2964358-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Media Player (KB2834904) (HKLM\...\KB2834904_WM11) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Media Player (KB979402) (HKLM\...\KB979402_WM9) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows Media Player 9 (KB917734) (HKLM\...\KB917734_WMP9) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2279986) (HKLM\...\KB2279986) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2296199) (HKLM\...\KB2296199) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2436673) (HKLM\...\KB2436673) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2503658) (HKLM\...\KB2503658) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2503665) (HKLM\...\KB2503665) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2506223) (HKLM\...\KB2506223) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2511455) (HKLM\...\KB2511455) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2524375) (HKLM\...\KB2524375) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2536276) (HKLM\...\KB2536276) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2544893) (HKLM\...\KB2544893) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2555917) (HKLM\...\KB2555917) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2621440) (HKLM\...\KB2621440) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2633171) (HKLM\...\KB2633171) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2639417) (HKLM\...\KB2639417) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2641653) (HKLM\...\KB2641653) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2647518) (HKLM\...\KB2647518) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2660465) (HKLM\...\KB2660465) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2709162) (HKLM\...\KB2709162) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2718523) (HKLM\...\KB2718523) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2724197) (HKLM\...\KB2724197) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2753842) (HKLM\...\KB2753842) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2761226) (HKLM\...\KB2761226) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2778344) (HKLM\...\KB2778344) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2779030) (HKLM\...\KB2779030) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2799494) (HKLM\...\KB2799494) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2808735) (HKLM\...\KB2808735) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2813170) (HKLM\...\KB2813170) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB923789) (HKLM\...\KB923789) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB938464) (HKLM\...\KB938464) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB938464-v2) (HKLM\...\KB938464-v2) (Version: 2 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB951376) (HKLM\...\KB951376) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB951698) (HKLM\...\KB951698) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB953839) (HKLM\...\KB953839) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB954211) (HKLM\...\KB954211) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB954459) (HKLM\...\KB954459) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB954600) (HKLM\...\KB954600) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB956391) (HKLM\...\KB956391) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB956841) (HKLM\...\KB956841) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB957095) (HKLM\...\KB957095) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB958690) (HKLM\...\KB958690) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB960715) (HKLM\...\KB960715) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB961371) (HKLM\...\KB961371) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB961373) (HKLM\...\KB961373) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB968537) (HKLM\...\KB968537) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB969898) (HKLM\...\KB969898) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB973346) (HKLM\...\KB973346) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden
    Säkerhetsuppdatering för Windows XP (KB977165) (HKLM\...\KB977165) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB981957) (HKLM\...\KB981957) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
    Säkerhetsuppdatering för Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)
    Scan (Version: 10.1.0.0 - Hewlett-Packard) Hidden
    Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
    Sentinel System Driver Installer 7.5.0 (HKLM\...\{FAEE61D3-2A5E-4F7F-926F-77AAC08CE4DD}) (Version: 7.5.0 - SafeNet, Inc.)
    Skuggkopieklient (HKLM\...\{23E5032B-56CA-4C19-A72E-B50161DB82CA}) (Version: 5.2.01 - Microsoft)
    Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
    Snabbkorrigering för Windows Internet Explorer 7 (KB947864) (Version: 1 - Microsoft Corporation) Hidden
    Snabbkorrigering för Windows XP (KB2158563) (HKLM\...\KB2158563) (Version: 1 - Microsoft Corporation)
    Snabbkorrigering för Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)
    Snabbkorrigering för Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
    Snabbkorrigering för Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
    Snabbkorrigering för Windows XP (KB2756822) (HKLM\...\KB2756822) (Version: 1 - Microsoft Corporation)
    Snabbkorrigering för Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
    Snabbkorrigering för Windows XP (KB942288-v3) (HKLM\...\KB942288-v3) (Version: 3 - Microsoft Corporation)
    Snabbkorrigering för Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
    Snabbkorrigering för Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
    Snabbkorrigering för Windows XP (KB970653-v3) (HKLM\...\KB970653-v3) (Version: 3 - Microsoft Corporation)
    Snabbkorrigering för Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)
    Snabbkorrigering för Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)
    Snabbkorrigering för Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
    Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
    Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
    TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
    Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939v3) (Version: 3 - Microsoft Corporation)
    Uppdatering för Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
    Uppdatering för Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
    Uppdatering för Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
    Uppdatering för Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
    Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
    WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
    Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
    Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
    Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
    Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
    Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden
    Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
    Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
    Windows Live Photo Gallery (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
    Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    Windows Live Writer (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
    Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
    Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
    Windows PowerShell™ 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)
    Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.175804 - Microsoft Corporation)
    Windows-drivrutinspaket - Advanced Micro Devices, Inc System  (03/16/2011 5.12.0.0015) (HKLM\...\A3A37EC031F134EDD1E9DB40819B1EAD0DB7C844) (Version: 03/16/2011 5.12.0.0015 - Advanced Micro Devices, Inc)
    WinZip (HKLM\...\WinZip) (Version:  8.1  (4331) - WinZip Computing, Inc.)
    WinZip System Utilities Suite (HKLM\...\{73370408-B80E-4509-B9AF-957E2E0F512F}_is1) (Version: 2.0.648.13214 - WinZip Computing, S.L. (WinZip Computing))
    XML Paper Specification Shared Components Language Pack 1.0 (Version:  - Microsoft Corporation) Hidden
    Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Documents and Settings\Richard\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Google Talk Plugin\googletalkax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{9793fbbf-e9db-3b01-b322-3430cbcf3cd5}\InprocServer32 -> C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Google Talk Plugin\gtpo3d_host.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.22.3\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Google Talk Plugin\o1dax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{E69341A3-E6D2-4175-B60C-C9D3D6FA40F6}\localserver32 -> C:\Documents and Settings\Richard\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.22.3\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-280907462-213740653-3875255159-1148_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
     
    ==================== Restore Points  =========================
     
    18-07-2014 21:47:12 PC Cleaner - Restore Point Before Cleaning
    18-07-2014 21:52:11 Plot Control 2.0
    19-07-2014 01:37:16 Software Distribution Service 3.0
    19-07-2014 15:52:17 Installed AVG 2014
    19-07-2014 15:52:49 Installed AVG 2014
    19-07-2014 22:21:26 AVG PC TuneUp 2014 installerades
    20-07-2014 23:16:31 Systemkontrollpunkt
    21-07-2014 19:59:07 Installed Microsoft Fix it 50043
    21-07-2014 21:47:48 Installed iTunes
    22-07-2014 01:00:27 Software Distribution Service 3.0
    22-07-2014 05:26:15 Installed Microsoft Fix it 50043
    22-07-2014 05:56:02 Installed Windows KB954550-v5.
    22-07-2014 05:56:15 Skrivardrivrutinen Microsoft XPS Document Writer installerad
    22-07-2014 05:56:30 Skrivardrivrutinen Microsoft XPS Document Writer installerad
    23-07-2014 15:54:02 Software Distribution Service 3.0
    23-07-2014 16:04:42 Software Distribution Service 3.0
    23-07-2014 16:26:56 Software Distribution Service 3.0
    23-07-2014 21:51:02 Software Distribution Service 3.0
    24-07-2014 23:13:00 Systemkontrollpunkt
    26-07-2014 21:19:43 Systemkontrollpunkt
    28-07-2014 18:29:19 OTL Restore Point - 7/28/2014 8:29:10 PM
    29-07-2014 22:07:53 Systemkontrollpunkt
    30-07-2014 22:12:06 Systemkontrollpunkt
    31-07-2014 11:22:50 Removed Sophos Virus Removal Tool.
    01-08-2014 17:30:21 Systemkontrollpunkt
    02-08-2014 19:10:18 Systemkontrollpunkt
    03-08-2014 20:06:16 Systemkontrollpunkt
    04-08-2014 20:29:49 Systemkontrollpunkt
    05-08-2014 20:41:22 Systemkontrollpunkt
    06-08-2014 23:00:48 ComboFix created restore point
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2004-08-04 04:00 - 2014-08-07 01:25 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
    127.0.0.1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program\Apple Software Update\SoftwareUpdate.exe
    Task: C:\WINDOWS\Tasks\AVG_SYS_TASK_0614t_RUN.job => C:\Documents and Settings\All Users\Application Data\Avg_Update_0614t\AVG-Secure-Search-Update_0614t.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Documents and Settings\All Users\Application Data\HP Photo Creations\Communicator.exe
    Task: C:\WINDOWS\Tasks\Microsoft Windows XP - Inloggningsmeddelande gällande när tjänsten upphör.job => C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\Microsoft Windows XP - Månatligt meddelande gällande när tjänsten upphör.job => C:\WINDOWS\system32\xp_eos.exe
    Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job => C:\Program\Microsoft IntelliPoint\ipoint.exe
    Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{7B8AB321-E309-49ED-B138-2D1AD3B32EF0}.job => C:\WINDOWS\system32\msfeedssync.exe
    Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{F881C789-9CA0-4738-AD4E-3E39BFF011E2}.job => C:\WINDOWS\system32\msfeedssync.exe
     
    ==================== Loaded Modules (whitelisted) =============
     
    2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program\Delade filer\Apple\Apple Application Support\zlib1.dll
    2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program\Delade filer\Apple\Apple Application Support\libxml2.dll
    2012-06-15 21:18 - 2012-06-15 21:18 - 00453560 _____ () C:\Program\MiMedia LLC\MiMedia\sqlite3.dll
    2014-07-14 12:26 - 2014-07-14 12:26 - 00357176 _____ () C:\Program\AVG\AVG PC TuneUp\tuavgx.dll
    2013-05-24 13:18 - 2001-07-03 09:17 - 00024576 _____ () C:\Program\Hewlett-Packard\HP Share-to-Web\HPGS2WNFPS.DLL
    2013-05-24 13:18 - 2001-07-03 09:17 - 00065536 _____ () C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
    2004-08-04 04:00 - 2008-04-14 22:34 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
    2014-07-19 22:56 - 2014-07-15 11:24 - 08537928 _____ () C:\Program\Google\Chrome\Application\36.0.1985.125\pdf.dll
    2014-07-19 22:56 - 2014-07-15 11:24 - 00353096 _____ () C:\Program\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
    2014-07-19 22:56 - 2014-07-15 11:24 - 01732936 _____ () C:\Program\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
    2014-04-14 12:49 - 2014-02-10 13:44 - 04592128 _____ () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
    2014-04-14 12:49 - 2014-02-10 13:44 - 00112128 _____ () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
     
    ==================== EXE Association (whitelisted) =============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== MSCONFIG/TASK MANAGER disabled items =========
     
    (Currently there is no automatic fix for this section.)
     
    MSCONFIG\startupfolder: C:^Documents and Settings^Richard^Start-meny^Program^Autostart^Dropbox.lnk => C:\WINDOWS\pss\Dropbox.lnkStartup
    MSCONFIG\startupfolder: C:^Documents and Settings^Richard^Start-meny^Program^Autostart^Övervaka bläckvarningar - HP Deskjet 2510 series.lnk => C:\WINDOWS\pss\Övervaka bläckvarningar - HP Deskjet 2510 series.lnkStartup
    MSCONFIG\startupreg: 3A1FA4C4CF1332A1DEC3D85002C2EACB5FFD419D._service_run => "C:\Program\Google\Chrome\Application\chrome.exe" --type=service
    MSCONFIG\startupreg: Adobe ARM => "C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
    MSCONFIG\startupreg: EvtMgr6 => C:\Program\Logitech\SetPointP\SetPoint.exe /launchGaming
    MSCONFIG\startupreg: fssui => "C:\Program\Windows Live\Family Safety\fsui.exe" -autorun
    MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe" /c
    MSCONFIG\startupreg: IntelliPoint => "C:\Program\Microsoft IntelliPoint\ipoint.exe"
    MSCONFIG\startupreg: Microsoft Works Update Detection => C:\Program\Delade filer\Microsoft Shared\Works Shared\WkUFind.exe
    MSCONFIG\startupreg: MSMSGS => "C:\Program\Messenger\msmsgs.exe" /background
    MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program\Spybot - Search & Destroy\TeaTimer.exe
     
    ==================== Faulty Device Manager Devices =============
     
    Name: PS/2-kompatibel mus
    Description: PS/2-kompatibel mus
    Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
    Manufacturer: Microsoft
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.
     
    Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
    Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
    Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
    Manufacturer: (Standardtangentbord)
    Service: i8042prt
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (08/07/2014 10:04:49 AM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Det går inte att läsa domänkontrollantens namn på nätverket. (Den angivna domänen finns inte eller kunde inte kontaktas. ). Grupprinciper kommer inte att behandlas.
     
    Error: (08/07/2014 10:04:33 AM) (Source: AutoEnrollment) (EventID: 15) (User: )
    Description: Automatisk registrering för certifikat för lokalt systemkonto kunde inte kontakta Active Directory (0x8007054b). Den angivna domänen finns inte eller kunde inte kontaktas.
    . Registrering kommer inte att ske.
     
    Error: (08/07/2014 10:04:28 AM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Det går inte att läsa domänkontrollantens namn på nätverket. (Den angivna domänen finns inte eller kunde inte kontaktas. ). Grupprinciper kommer inte att behandlas.
     
    Error: (08/07/2014 00:42:14 AM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Det går inte att läsa domänkontrollantens namn på nätverket. (Den angivna domänen finns inte eller kunde inte kontaktas. ). Grupprinciper kommer inte att behandlas.
     
    Error: (08/07/2014 00:41:57 AM) (Source: AutoEnrollment) (EventID: 15) (User: )
    Description: Automatisk registrering för certifikat för lokalt systemkonto kunde inte kontakta Active Directory (0x8007054b). Den angivna domänen finns inte eller kunde inte kontaktas.
    . Registrering kommer inte att ske.
     
    Error: (08/07/2014 00:41:56 AM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Det går inte att läsa domänkontrollantens namn på nätverket. (Den angivna domänen finns inte eller kunde inte kontaktas. ). Grupprinciper kommer inte att behandlas.
     
    Error: (08/07/2014 00:16:48 AM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Det går inte att läsa domänkontrollantens namn på nätverket. (Den angivna domänen finns inte eller kunde inte kontaktas. ). Grupprinciper kommer inte att behandlas.
     
    Error: (08/07/2014 00:16:25 AM) (Source: AutoEnrollment) (EventID: 15) (User: )
    Description: Automatisk registrering för certifikat för lokalt systemkonto kunde inte kontakta Active Directory (0x8007054b). Den angivna domänen finns inte eller kunde inte kontaktas.
    . Registrering kommer inte att ske.
     
    Error: (08/07/2014 00:16:22 AM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Det går inte att läsa domänkontrollantens namn på nätverket. (Den angivna domänen finns inte eller kunde inte kontaktas. ). Grupprinciper kommer inte att behandlas.
     
    Error: (08/06/2014 06:16:22 PM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Det går inte att läsa domänkontrollantens namn på nätverket. (Den angivna domänen finns inte eller kunde inte kontaktas. ). Grupprinciper kommer inte att behandlas.
     
     
    System errors:
    =============
    Error: (08/07/2014 10:07:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: En timeout (30000 ms) inträffade vid väntan på transaktionssvar från tjänsten MBAMService.
     
    Error: (08/07/2014 10:06:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start: 
    i8042prt
     
    Error: (08/07/2014 10:05:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: Tjänsten Pml Driver HPZ12 avbröts med följande fel: 
    %%2
     
    Error: (08/07/2014 10:05:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: Tjänsten Net Driver HPZ12 avbröts med följande fel: 
    %%2
     
    Error: (08/07/2014 10:05:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: Tjänsten Tjänsten HP CUE DeviceDiscovery avbröts med följande fel: 
    %%2
     
    Error: (08/07/2014 10:05:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Tjänsten Microsoft Antimalware Service kunde inte startas på grund av följande fel: 
    %%1053
     
    Error: (08/07/2014 10:05:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Microsoft Antimalware Service ska ansluta.
     
    Error: (08/07/2014 10:04:28 AM) (Source: NETLOGON) (EventID: 5719) (User: )
    Description: Det finns ingen domänkontrollant tillgänglig för domän IVABHLM p g a följande: 
    %%1311.
     
    Kontrollera att datorn är ansluten till nätverket och försök igen.
    Kontakta domänadministratören om problemet kvarstår.
     
    Error: (08/07/2014 01:26:00 AM) (Source: PlugPlayManager) (EventID: 12) (User: )
    Description: Enheten cbfs3 (Root\LEGACY_CBFS3\0000) togs bort från datorn utan att först förberedas för borttagning.
     
    Error: (08/07/2014 01:20:44 AM) (Source: PlugPlayManager) (EventID: 12) (User: )
    Description: Enheten cbfs3 (Root\LEGACY_CBFS3\0000) togs bort från datorn utan att först förberedas för borttagning.
     
     
    Microsoft Office Sessions:
    =========================
    Error: (08/07/2014 10:04:49 AM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Den angivna domänen finns inte eller kunde inte kontaktas.
     
    Error: (08/07/2014 10:04:33 AM) (Source: AutoEnrollment) (EventID: 15) (User: )
    Description: lokalt systemkonto0x8007054bDen angivna domänen finns inte eller kunde inte kontaktas.
     
    Error: (08/07/2014 10:04:28 AM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Den angivna domänen finns inte eller kunde inte kontaktas.
     
    Error: (08/07/2014 00:42:14 AM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Den angivna domänen finns inte eller kunde inte kontaktas.
     
    Error: (08/07/2014 00:41:57 AM) (Source: AutoEnrollment) (EventID: 15) (User: )
    Description: lokalt systemkonto0x8007054bDen angivna domänen finns inte eller kunde inte kontaktas.
     
    Error: (08/07/2014 00:41:56 AM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Den angivna domänen finns inte eller kunde inte kontaktas.
     
    Error: (08/07/2014 00:16:48 AM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Den angivna domänen finns inte eller kunde inte kontaktas.
     
    Error: (08/07/2014 00:16:25 AM) (Source: AutoEnrollment) (EventID: 15) (User: )
    Description: lokalt systemkonto0x8007054bDen angivna domänen finns inte eller kunde inte kontaktas.
     
    Error: (08/07/2014 00:16:22 AM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Den angivna domänen finns inte eller kunde inte kontaktas.
     
    Error: (08/06/2014 06:16:22 PM) (Source: Userenv) (EventID: 1054) (User: NT INSTANS)
    Description: Den angivna domänen finns inte eller kunde inte kontaktas.
     
     
    ==================== Memory info =========================== 
     
    Percentage of memory in use: 69%
    Total physical RAM: 1470.48 MB
    Available physical RAM: 447.1 MB
    Total Pagefile: 1992.59 MB
    Available Pagefile: 705.02 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1938.37 MB
     
    ==================== Drives ================================
     
    Drive c: () (Fixed) (Total:74.53 GB) (Free:17.22 GB) NTFS ==>[Drive with boot components (Windows XP)]
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 75 GB) (Disk ID: ECF3ECF3)
    Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================


    #43 ken545

    ken545

      Forum God

    • Classroom Teacher
    • 23,207 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 07 August 2014 - 04:15 AM

    Hi Curt,

     

    I still see it on your FRST log, lets do a few things

     

     
     
     
     
    •  
    • Open Chrome
    • Click the Chrome menu Clipboard01_zps2e55f676.jpgon the browser toolbar.
    • Click on Settings
    • Then Manage Search Engines
    • Highlite MySearchDial and select Delete
     
     
    •  
    • Click the Chrome menu Clipboard01_zps2e55f676.jpgon the browser toolbar.
    • Click on Settings
    • Open a specific page or set of pages.
    • Set Pages
    • Remove MySearchDial if present
    • You can copy and paste the url from a page you like or if you have that page open select use current
    • OK your way out and close chome.
    • Reopen Chrome and make sure your start page is the one you want
     
     
     
     
     

    Open notepad (Start =>All Programs => Accessories => Notepad).
    Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
    Save it to the same directory as frst.exe (or frst64.exe) as fixlist.txt. (it has to be right next to FRST/64)
     
    Start
    CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyCtCyByD0FyByEyEtByEzz0DyEtN0D0Tzu0SzztByEtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0CyD0EyDtCtA0BtGyC0BtB0CtG0FtD0CzytG0C0D0DtBtGtC0EyC0EyDyCzytCyB0A0A0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0F0Bzz0FtBtAyBtGtBtBzz0BtGtA0AyC0EtGyC0CtCtAtGyB0CyB0B0FtDtA0DzyzzyB0F2Q&cr=679293142&ir="
    S3 catchme; \??\C:\DOCUME~1\Richard\LOKALA~1\Temp\catchme.sys [X]
    S3 cpuz134; \??\C:\DOCUME~1\Richard\LOKALA~1\Temp\cpuz134\cpuz134_x32.sys [X]
    S3 MFE_RR; \??\C:\DOCUME~1\Richard\LOKALA~1\Temp\mfe_rr.sys [X]
    End
     

     

     
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
     
    Then open FRST/FRST64 and click on fix
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
     
     
     
    Then run a new scan with FRST and post the log, I wont need the additions this time

     


    Jeffce_zpsa19ee2e6.png

     

     

     

    Want to help others, Join our Malware Removal Classroom  HERE

    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif

     

    Find us on Facebook
    Please LIKE and SHARE

     

     

    Just a reminder that threads will be closed if no reply in 3 days.


    #44 Bally

    Bally

      Authentic Member

    • Authentic Member
    • PipPip
    • 56 posts

    Posted 07 August 2014 - 05:32 AM

    Ken. . . went into Chrome settings and note that I'd deleted the MySearchDial from the search engine directory, as you'd previously instructed. Then entered the Set Pages directory, it was there (only one) and removed it as instructed. Then ran the FRST and entered the code on Notepad and it was accepted. Below is the fixlog.txt file generated after entering the code; and below that the new FRST file.

     

    FRST fixlog.txt

     

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:5-08-2014
    Ran by Richard at 2014-08-07 13:29:38 Run:2
    Running from C:\Documents and Settings\Richard\Skrivbord
    Boot Mode: Normal
     
    ==============================================
     
    Content of fixlist:
    *****************
    Start
    CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyCtCyByD0FyByEyEtByEzz0DyEtN0D0Tzu0SzztByEtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0CyD0EyDtCtA0BtGyC0BtB0CtG0FtD0CzytG0C0D0DtBtGtC0EyC0EyDyCzytCyB0A0A0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0F0Bzz0FtBtAyBtGtBtBzz0BtGtA0AyC0EtGyC0CtCtAtGyB0CyB0B0FtDtA0DzyzzyB0F2Q&cr=679293142&ir="
    S3 catchme; \??\C:\DOCUME~1\Richard\LOKALA~1\Temp\catchme.sys [X]
    S3 cpuz134; \??\C:\DOCUME~1\Richard\LOKALA~1\Temp\cpuz134\cpuz134_x32.sys [X]
    S3 MFE_RR; \??\C:\DOCUME~1\Richard\LOKALA~1\Temp\mfe_rr.sys [X]
    End
    *****************
     
    CHR StartupUrls: "hxxp://start.mysearchdial.com/?f=1&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1QzutDtDtCyCtCyByD0FyByEyEtByEzz0DyEtN0D0Tzu0SzztByEtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StA0CyD0EyDtCtA0BtGyC0BtB0CtG0FtD0CzytG0C0D0DtBtGtC0EyC0EyDyCzytCyB0A0A0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0F0Bzz0FtBtAyBtGtBtBzz0BtGtA0AyC0EtGyC0CtCtAtGyB0CyB0B0FtDtA0DzyzzyB0F2Q&cr=679293142&ir=" ==> The Chrome "Settings" can be used to fix the entry.
    catchme => Service deleted successfully.
    cpuz134 => Service deleted successfully.
    MFE_RR => Service deleted successfully.
     
    ==== End of Fixlog ====
     
    FRST (after code had been entered)
     
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:5-08-2014
    Ran by Richard (administrator) on TN on 07-08-2014 13:32:02
    Running from C:\Documents and Settings\Richard\Skrivbord
    Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Svenska
    Internet Explorer Version 8
    Boot Mode: Normal
     
    The only official download link for FRST:
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgrsx.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgcsrvx.exe
    (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
    (Apple Inc.) C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgfws.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgwdsvc.exe
    (ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
    (Apple Inc.) C:\Program\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program\Windows Live\Family Safety\fsssvc.exe
    (Oracle Corporation) C:\Program\Java\jre7\bin\jqs.exe
    (Malwarebytes Corporation) C:\Program\Malwarebytes Anti-Malware\mbamscheduler.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgnsx.exe
    (Malwarebytes Corporation) C:\Program\Malwarebytes Anti-Malware\mbamservice.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgemcx.exe
    (AVG) C:\Program\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
    (Malwarebytes Corporation) C:\Program\Malwarebytes Anti-Malware\mbam.exe
    (WinZip Computing, S.L. (WinZip Computing)) C:\Program\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
    (Hewlett-Packard) C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
    () C:\Program\HEWLET~1\HPSHAR~1\hpgs2wnf.exe
    (ATI Technologies, Inc.) C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe
    (Western Digital Technologies, Inc.) C:\WINDOWS\system32\WDBtnMgr.exe
    (AVG) C:\Program\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgui.exe
    (AVG Technologies CZ, s.r.o.) C:\Program\AVG\AVG2014\avgcsrvx.exe
    (Apple Inc.) C:\Program\iTunes\iTunesHelper.exe
    (Skype Technologies S.A.) C:\Program\Skype\Phone\Skype.exe
    (Google Inc.) C:\Program\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
    (Apple Inc.) C:\Program\iPod\bin\iPodService.exe
    (Google Inc.) C:\Program\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation.) C:\Program\Microsoft\BingBar\7.3.107.0\SeaPort.EXE
    (Google Inc.) C:\Program\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
    Winlogon\Notify\LBTWlgn: c:\program\delade filer\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
    HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
    HKU\S-1-5-21-280907462-213740653-3875255159-1148\...\Run: [Skype] => C:\Program\Skype\Phone\Skype.exe [21650536 2014-07-02] (Skype Technologies S.A.)
    HKU\S-1-5-21-280907462-213740653-3875255159-1148\...\Run: [3A1FA4C4CF1332A1DEC3D85002C2EACB5FFD419D._service_run] => C:\Program\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
    HKU\S-1-5-21-280907462-213740653-3875255159-1148\...\Policies\Explorer: [DisablePersonalDirChange] 1
    Startup: C:\Documents and Settings\Richard\Start-meny\Program\Autostart\Övervaka bläckvarningar - HP Deskjet 2510 series.lnk
    ShortcutTarget: Övervaka bläckvarningar - HP Deskjet 2510 series.lnk -> C:\Program\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
    ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Documents and Settings\Richard\Application Data\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: a_MiMediaFiles_MonitoredFolder -> {C00213B1-77A8-4F0E-B740-0B36FBF7FAE7} => C:\Program\MiMedia LLC\MiMedia\MiMedia_ShellExtensions.dll (MiMedia)
    ShellIconOverlayIdentifiers: a_MiMediaFiles_SynchronizationPending -> {FAD5EA38-2D1D-485D-9B07-D35EB72B922E} => C:\Program\MiMedia LLC\MiMedia\MiMedia_ShellExtensions.dll (MiMedia)
    ShellIconOverlayIdentifiers: a_MiMediaFiles_Synchronized -> {69DE75F6-60E6-4E55-B416-171941A5C73E} => C:\Program\MiMedia LLC\MiMedia\MiMedia_ShellExtensions.dll (MiMedia)
    BootExecute: autocheck autochk * C:\Program\AVG\AVG2014\avgrsx.exe /sync /restart
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://bay179.mail....il/?fid=flinbox
    HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
    URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
    BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
    BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKCU - &Adress - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
    Toolbar: HKCU - &Länkar - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
    Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
    DPF: {01892B12-4ABE-47E8-B7C1-4692F0B74024} http://viewer.akopia...ravaClientX.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
    DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} http://server/connec...uter/nshelp.dll
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20614.www2.h...hpdetect118.cab
    DPF: {8500E785-8A89-4633-BB72-C982B0133501} http://system.arkite...FileUpload2.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
    DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ma...ash/swflash.cab
    DPF: {E76A19A9-B579-4FF7-8857-7D79B22F8D45} http://viewer.byggne...ravaClientX.cab
    Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
    Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
    Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
    Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    Winsock: Catalog5 04 C:\Program\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
     
    FireFox:
    ========
    FF ProfilePath: C:\Documents and Settings\Richard\Application Data\Mozilla\Firefox\Profiles\t91cmnax.default
    FF DefaultSearchEngine: Google
    FF SelectedSearchEngine: Google
    FF Homepage: hxxp://www.msnbc.msn.com/
    FF Keyword.URL: user_pref("keyword.URL", "");
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
    FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin: @java.com/DTPlugin,version=10.11.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=10.11.2 -> C:\Program\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF Plugin: Adobe Reader -> C:\Program\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\Richard\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Documents and Settings\Richard\Application Data\Mozilla\plugins\npo1d.dll (Google)
    FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Documents and Settings\Richard\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Richard\Application Data\mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Richard\Application Data\mozilla\plugins\npgtpo3dautoplugin.dll ()
    FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Richard\Application Data\mozilla\plugins\npo1d.dll (Google)
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-22]
     
    Chrome: 
    =======
    CHR Plugin: (Shockwave Flash) - C:\Program\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Program\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
    CHR Plugin: (Google Talk Plugin) - C:\Documents and Settings\Richard\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
    CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Documents and Settings\Richard\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
    CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Documents and Settings\Richard\Application Data\Mozilla\plugins\npo1d.dll (Google)
    CHR Plugin: (Adobe Acrobat) - C:\Program\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Microsoft® DRM) - C:\Program\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
    CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
    CHR Plugin: (Microsoft® DRM) - C:\Program\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
    CHR Plugin: (Google Update) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
    CHR Plugin: (Google Earth Plugin) - C:\Program\Google\Google Earth\plugin\npgeplugin.dll (Google)
    CHR Plugin: (Java™ Platform SE 7 U11) - C:\Program\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    CHR Plugin: (Silverlight Plug-In) - C:\Program\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
    CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
    CHR Plugin: (Windows Live® Photo Gallery) - C:\Program\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
    CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    CHR Extension: (Google Docs) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-06]
    CHR Extension: (Google Drive) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-06]
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
    CHR Extension: (YouTube) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-06]
    CHR Extension: (Google Search) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-06]
    CHR Extension: (Google Wallet) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
    CHR Extension: (Gmail) - C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-06]
    CHR HKLM\...\Chrome\Extension: [aicjcijfbjpmgnlbojmcnflkgeecpfnn] - C:\Documents and Settings\All Users\Application Data\ADDICT-THING\aicjcijfbjpmgnlbojmcnflkgeecpfnn.crx [2013-06-06]
     
    ========================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 Apple Mobile Device; C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-06-12] (Apple Inc.)
    R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
    S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] () [File not signed]
    R2 avgfws; C:\Program\AVG\AVG2014\avgfws.exe [1417160 2014-07-10] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
    S2 BBSvc; C:\Program\Microsoft\BingBar\7.3.107.0\BBSvc.exe [193696 2013-08-30] (Microsoft Corporation.)
    R3 BBUpdate; C:\Program\Microsoft\BingBar\7.3.107.0\SeaPort.exe [240288 2013-08-30] (Microsoft Corporation.)
    R2 Bonjour Service; C:\Program\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
    R2 fsssvc; C:\Program\Windows Live\Family Safety\fsssvc.exe [704872 2010-04-28] (Microsoft Corporation)
    S2 gupdate; C:\Program\Google\Update\GoogleUpdate.exe [136176 2011-10-21] (Google Inc.)
    S3 gupdatem; C:\Program\Google\Update\GoogleUpdate.exe [136176 2011-10-21] (Google Inc.)
    S3 hpqcxs08; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
    S2 hpqddsvc; C:\WINDOWS\system32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
    R3 iPod Service; C:\Program\iPod\bin\iPodService.exe [553288 2014-07-08] (Apple Inc.)
    R2 JavaQuickStarterService; C:\Program\Java\jre7\bin\jqs.exe [170912 2013-01-29] (Oracle Corporation)
    S3 LBTServ; C:\Program\Delade filer\LogiShrd\Bluetooth\lbtserv.exe [295192 2011-09-27] (Logitech, Inc.)
    R2 MBAMScheduler; C:\Program\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
    R2 MBAMService; C:\Program\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
    S2 MsMpSvc; c:\Program\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
    S2 Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
    S3 ose; C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
    S2 Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
    R2 TuneUp.UtilitiesSvc; C:\Program\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1858360 2014-07-14] (AVG)
    R2 WINZIPSSDiskOptimizer; C:\Program\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe [267384 2013-07-15] (WinZip Computing, S.L. (WinZip Computing))
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    S3 ac97intc; C:\WINDOWS\System32\drivers\ac97intc.sys [96256 2001-08-17] (Intel Corporation)
    R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2278784 2004-09-21] (Realtek Semiconductor Corp.)
    R0 amdide; C:\WINDOWS\System32\DRIVERS\amdide.sys [11944 2012-12-03] (Advanced Micro Devices Inc.)
    R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2005-03-09] (Advanced Micro Devices)
    R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
    R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
    R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
    S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriverl; C:\WINDOWS\System32\DRIVERS\avgidsdriverlx.sys [190232 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [98584 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
    S3 Blfp; C:\WINDOWS\System32\DRIVERS\baspxp32.sys [65664 2005-03-04] (Broadcom Corporation)
    R1 cbfs3; C:\WINDOWS\system32\drivers\cbfs3.sys [299280 2012-05-25] (EldoS Corporation)
    S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
    S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2013-12-31] (Phoenix Technologies) [File not signed]
    R2 fssfltr; C:\WINDOWS\System32\DRIVERS\fssfltr_tdi.sys [54760 2010-04-28] (Microsoft Corporation)
    S3 i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [161020 2004-08-03] (Intel® Corporation)
    S3 iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [12415 2004-08-03] (Intel® Corporation)
    S3 iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [12127 2004-08-03] (Intel® Corporation)
    S3 iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [11775 2004-08-03] (Intel® Corporation)
    S3 iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [12063 2004-08-03] (Intel® Corporation)
    S3 iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [19455 2004-08-03] (Intel® Corporation)
    S3 iAimFP5; C:\WINDOWS\System32\DRIVERS\wADV07nt.sys [11807 2004-08-03] (Intel® Corporation)
    S3 iAimFP6; C:\WINDOWS\System32\DRIVERS\wADV08nt.sys [11295 2004-08-03] (Intel® Corporation)
    S3 iAimFP7; C:\WINDOWS\System32\DRIVERS\wADV09nt.sys [11871 2004-08-03] (Intel® Corporation)
    S3 iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [29311 2004-08-03] (Intel® Corporation)
    S3 iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [19551 2004-08-03] (Intel® Corporation)
    S3 iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [33599 2004-08-03] (Intel® Corporation)
    S3 iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [23615 2004-08-03] (Intel® Corporation)
    S3 iAimTV5; C:\WINDOWS\System32\DRIVERS\wATV10nt.sys [25471 2004-08-03] (Intel® Corporation)
    S3 iAimTV6; C:\WINDOWS\System32\DRIVERS\wATV06nt.sys [22271 2004-08-03] (Intel® Corporation)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
    R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-07] (Malwarebytes Corporation)
    R0 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
    S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
    S3 OmniDrv; C:\WINDOWS\System32\DRIVERS\OmniDrv.sys [30976 2004-01-05] (Ideazon) [File not signed]
    S1 P3; C:\WINDOWS\System32\DRIVERS\p3.sys [46720 2008-04-14] (Microsoft Corporation)
    R0 SI3112r; C:\WINDOWS\System32\DRIVERS\SI3112r.sys [116264 2007-08-29] (Silicon Image, Inc)
    R0 SiFilter; C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys [19240 2007-08-29] (Silicon Image, Inc)
    S3 taphss; C:\WINDOWS\System32\DRIVERS\taphss.sys [32768 2012-03-26] (AnchorFree Inc)
    R3 TuneUpUtilitiesDrv; C:\Program\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2014-06-23] (TuneUp Software)
    R3 XIRLINK; C:\WINDOWS\System32\DRIVERS\C-itnt.sys [443833 2000-05-12] (Xirlink, Inc) [File not signed]
    S4 adpu320; \SystemRoot\system32\DRIVERS\adpu320.sys [X]
    U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
    S4 Symmpi; \SystemRoot\system32\DRIVERS\symmpi.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-08-07 10:59 - 2014-08-07 13:33 - 00026751 _____ () C:\Documents and Settings\Richard\Skrivbord\FRST.txt
    2014-08-07 01:30 - 2014-08-07 01:30 - 00024995 _____ () C:\ComboFix.txt
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\Richard.TN\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\NetworkService\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\LocalService\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\Administratör\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\__sbs_netsetup__\Lokala inställningar\temp
    2014-08-07 01:07 - 2014-08-07 01:07 - 00000000 _RSHD () C:\cmdcons
    2014-08-07 00:41 - 2014-08-07 00:41 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080714-01.dmp
    2014-08-07 00:39 - 2014-08-07 13:33 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\temp
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
    2014-08-07 00:13 - 2014-08-07 00:13 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
    2014-08-06 23:55 - 2014-08-06 23:55 - 00000327 _____ () C:\Boot.bak
    2014-08-06 23:55 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
    2014-08-06 23:50 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
    2014-08-06 23:50 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
    2014-08-06 23:50 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
    2014-08-06 23:50 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
    2014-08-06 23:50 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
    2014-08-06 23:50 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
    2014-08-06 23:50 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
    2014-08-06 23:50 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
    2014-08-06 23:50 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe
    2014-08-06 23:49 - 2014-08-07 01:30 - 00000000 ____D () C:\Qoobox
    2014-08-06 23:48 - 2014-08-07 00:36 - 00000000 ____D () C:\WINDOWS\erdnt
    2014-08-06 23:42 - 2014-08-06 23:44 - 05568206 ____R (Swearware) C:\Documents and Settings\Richard\Skrivbord\ComboFix.exe
    2014-08-06 18:15 - 2014-08-06 18:15 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-05.dmp
    2014-08-06 18:01 - 2014-08-06 18:01 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-04.dmp
    2014-08-06 17:45 - 2014-08-06 17:45 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-03.dmp
    2014-08-06 16:45 - 2014-08-06 16:45 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-02.dmp
    2014-08-06 11:35 - 2014-08-06 11:35 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-01.dmp
    2014-08-05 20:58 - 2014-08-05 20:58 - 00001642 _____ () C:\Malwarebytes.txt
    2014-08-05 15:36 - 2014-08-05 15:36 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080514-02.dmp
    2014-08-05 08:13 - 2014-08-05 08:13 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080514-01.dmp
    2014-08-05 01:35 - 2014-08-05 01:35 - 00128197 _____ () C:\Documents and Settings\Richard\Skrivbord\BIG SUR GEORGE.celtx
    2014-08-04 20:25 - 2014-08-04 20:25 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080414-03.dmp
    2014-08-04 20:23 - 2008-04-14 21:34 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidserv.dll
    2014-08-04 20:23 - 2008-04-14 21:34 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidserv.dll
    2014-08-04 11:36 - 2014-08-04 11:36 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080414-02.dmp
    2014-08-04 09:12 - 2014-08-04 09:12 - 00002812 _____ () C:\WINDOWS\Regfix.reg
    2014-08-04 09:02 - 2014-08-04 09:02 - 00000000 ____D () C:\RegBackup
    2014-08-04 09:01 - 2014-08-04 09:27 - 00001820 _____ () C:\Documents and Settings\All Users\Skrivbord\Tweaking.com - Registry Backup.lnk
    2014-08-04 09:01 - 2014-08-04 09:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Tweaking.com
    2014-08-04 08:54 - 2014-08-04 08:54 - 00000000 ____D () C:\Program\Tweaking.com
    2014-08-04 08:50 - 2014-08-04 08:52 - 04057608 _____ () C:\Documents and Settings\Richard\Skrivbord\tweaking.com_registry_backup_setup.exe
    2014-08-04 02:59 - 2014-08-04 02:59 - 00114688 _____ () C:\WINDOWS\Minidump\Mini080414-01.dmp
    2014-08-03 10:03 - 2014-08-03 10:03 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080314-03.dmp
    2014-08-03 02:26 - 2014-08-03 02:26 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080314-02.dmp
    2014-08-03 01:26 - 2014-08-03 01:26 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080314-01.dmp
    2014-08-02 19:46 - 2014-08-07 13:32 - 00000000 ____D () C:\FRST
    2014-08-02 19:44 - 2014-08-07 10:48 - 01084928 _____ (Farbar) C:\Documents and Settings\Richard\Skrivbord\FRST.exe
    2014-08-02 10:16 - 2014-08-02 10:16 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080214-03.dmp
    2014-08-02 09:03 - 2014-08-02 09:03 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080214-02.dmp
    2014-08-02 08:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
    2014-08-02 01:51 - 2014-08-02 01:51 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080214-01.dmp
    2014-08-01 23:17 - 2014-08-01 23:17 - 00000733 _____ () C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk
    2014-08-01 23:17 - 2014-08-01 23:17 - 00000000 ____D () C:\Program\Malwarebytes Anti-Malware
    2014-08-01 23:17 - 2014-08-01 23:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes Anti-Malware
    2014-08-01 23:17 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
    2014-07-31 19:52 - 2014-08-07 13:26 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\Malware Tools
    2014-07-31 12:43 - 2014-07-31 12:43 - 00000000 _____ () C:\SophosBootTasks.txt
    2014-07-25 23:24 - 2014-07-25 23:24 - 00000000 ____H () C:\Documents and Settings\Richard\Mina dokument\Default.rdp
    2014-07-25 10:08 - 2014-07-31 18:25 - 00002227 _____ () C:\Documents and Settings\All Users\Skrivbord\Skype.lnk
    2014-07-25 10:08 - 2014-07-25 10:08 - 00000000 ____D () C:\Program\Delade filer\Skype
    2014-07-25 10:08 - 2014-07-25 10:08 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Skype
    2014-07-25 10:08 - 2014-07-25 10:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Skype
    2014-07-22 14:47 - 2010-02-10 21:20 - 00593920 ____N () C:\WINDOWS\system32\ati2sgag.exe
    2014-07-22 14:44 - 2014-07-22 14:44 - 00000000 ____D () C:\ATI
    2014-07-22 07:56 - 2014-07-22 14:56 - 00001084 _____ () C:\WINDOWS\spupdsvc.log
    2014-07-22 07:55 - 2014-07-22 07:56 - 00000000 ____D () C:\f18b8596a63f2776389f
    2014-07-22 07:22 - 2014-07-22 10:58 - 00000000 ____D () C:\0d608be659421094a8274931cdb6
    2014-07-22 00:33 - 2014-07-22 00:33 - 00001510 _____ () C:\Documents and Settings\All Users\Skrivbord\iTunes.lnk
    2014-07-22 00:33 - 2014-07-22 00:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\iTunes
    2014-07-22 00:32 - 2014-07-22 00:33 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2014-07-22 00:32 - 2014-07-22 00:32 - 00000000 ____D () C:\Program\iPod
    2014-07-21 23:53 - 2014-07-24 20:20 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\Apple Computer
    2014-07-21 23:53 - 2014-07-21 23:53 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Apple Computer
    2014-07-21 23:49 - 2014-07-22 00:33 - 00000000 ____D () C:\Program\iTunes
    2014-07-21 23:49 - 2014-07-22 00:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple Computer
    2014-07-21 23:47 - 2014-08-04 10:18 - 00000272 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2014-07-21 23:47 - 2014-07-21 23:47 - 00001830 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Apple Software Update.lnk
    2014-07-21 23:47 - 2014-07-21 23:47 - 00000000 ____D () C:\Program\Apple Software Update
    2014-07-21 23:47 - 2014-07-21 23:47 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Apple
    2014-07-21 23:47 - 2014-07-21 23:47 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Apple Computer
    2014-07-21 23:46 - 2013-03-18 16:51 - 06112864 _____ (Apple, Inc.) C:\WINDOWS\system32\usbaaplrc.dll
    2014-07-21 23:46 - 2013-03-18 16:51 - 00045056 _____ (Apple, Inc.) C:\WINDOWS\system32\Drivers\usbaapl.sys
    2014-07-21 23:45 - 2014-07-22 00:32 - 00000000 ____D () C:\Program\Delade filer\Apple
    2014-07-21 23:45 - 2014-07-21 23:47 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple
    2014-07-21 23:45 - 2014-07-21 23:45 - 00000000 ____D () C:\Program\Bonjour
    2014-07-21 22:14 - 2014-07-21 23:01 - 00000000 ____D () C:\d80b9deb1c60777af7
    2014-07-21 00:23 - 2014-07-21 00:23 - 00000000 ____D () C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\AVG
    2014-07-21 00:23 - 2014-07-21 00:23 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\AVG
    2014-07-21 00:01 - 2014-08-07 10:04 - 00000626 _____ () C:\WINDOWS\Tasks\AVG_SYS_TASK_0614t_RUN.job
    2014-07-21 00:01 - 2014-07-21 00:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avg_Update_0614t
    2014-07-20 09:17 - 2014-07-20 09:17 - 00000000 ____D () C:\Documents and Settings\Richard\Mina dokument\Ny mapp
    2014-07-20 02:41 - 2014-07-20 02:41 - 00002876 _____ () C:\WINDOWS\DPINST.LOG
    2014-07-20 00:43 - 2014-08-04 21:16 - 00000397 _____ () C:\WINDOWS\setupact.log
    2014-07-20 00:43 - 2014-07-20 00:43 - 00000000 _____ () C:\WINDOWS\setuperr.log
    2014-07-20 00:22 - 2014-08-07 02:30 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
    2014-07-20 00:22 - 2014-07-20 00:22 - 00001689 _____ () C:\Documents and Settings\All Users\Start-meny\Program\AVG PC TuneUp 2014.lnk
    2014-07-20 00:22 - 2014-07-20 00:22 - 00001689 _____ () C:\Documents and Settings\All Users\Skrivbord\AVG 1-Click Maintenance.lnk
    2014-07-20 00:22 - 2014-07-20 00:22 - 00001683 _____ () C:\Documents and Settings\All Users\Skrivbord\AVG PC TuneUp 2014.lnk
    2014-07-20 00:22 - 2014-07-20 00:22 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\AVG PC TuneUp 2014
    2014-07-20 00:22 - 2014-07-14 12:26 - 00036152 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
    2014-07-20 00:21 - 2014-07-20 00:21 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\AVG
    2014-07-20 00:21 - 2014-07-20 00:21 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\AVG
    2014-07-20 00:17 - 2014-07-20 00:29 - 00000000 __SHD () C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
    2014-07-20 00:17 - 2014-07-20 00:22 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG
    2014-07-19 21:23 - 2014-07-19 21:23 - 00000494 _____ () C:\Documents and Settings\Richard\Skrivbord\Data Safe.lnk
    2014-07-19 21:22 - 2014-07-19 21:23 - 209715200 _____ () C:\Documents and Settings\Richard\Mina dokument\Data Safe.avgfv
    2014-07-19 17:55 - 2014-07-19 17:55 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\AVG2014
    2014-07-19 17:54 - 2014-07-19 21:03 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\AVG
    2014-07-19 17:54 - 2014-07-19 17:54 - 00000670 _____ () C:\Documents and Settings\All Users\Skrivbord\AVG 2014.lnk
    2014-07-19 17:53 - 2014-07-19 17:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
    2014-07-19 17:53 - 2014-07-19 17:53 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\TuneUp Software
    2014-07-19 17:53 - 2014-07-19 17:53 - 00000000 ____D () C:\$AVG
    2014-07-19 17:52 - 2014-07-20 00:21 - 00000000 ____D () C:\Program\AVG
    2014-07-19 17:39 - 2014-08-07 12:51 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
    2014-07-19 17:39 - 2014-07-19 21:28 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Avg2014
    2014-07-19 17:39 - 2014-07-19 17:39 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\MFAData
    2014-07-19 02:28 - 2014-08-04 20:23 - 00520783 _____ () C:\WINDOWS\setupapi.log
    2014-07-15 14:40 - 2014-07-15 14:40 - 00031768 _____ () C:\Documents and Settings\Richard\Skrivbord\THE FIX'IT MAN.celtx
    2014-07-12 23:22 - 2014-07-12 23:22 - 00000427 _____ () C:\Billy Wilder.jpg.lnk5z651
    2014-07-12 14:59 - 2014-07-12 14:59 - 00000624 _____ () C:\Robert MacLean, his brief history.pdf.lnky4355
    2014-07-12 14:58 - 2014-07-12 14:58 - 00000506 _____ () C:\Romantic comedy Pas de deux.zip.lnkhs605
    2014-07-11 17:02 - 2014-07-11 17:02 - 00000384 _____ () C:\agent.pdf.lnk5z1020
    2014-07-11 14:03 - 2014-07-11 14:03 - 00000614 _____ () C:\Dancing Israeli's (3-of-the-5).jpeg.lnky4162
    2014-07-11 13:26 - 2014-07-11 13:26 - 00000549 _____ () C:\Sword rear Ninga #1.jpg.lnkht318
    2014-07-11 13:03 - 2014-07-11 13:03 - 00000584 _____ () C:\Ridley Scott & Camera #02.jpg.lnkyk287
    2014-07-11 12:58 - 2014-07-11 12:58 - 00000529 _____ () C:\Film Crew #03.jpeg.lnkhs209
    2014-07-11 12:44 - 2014-07-11 12:54 - 00000629 _____ () C:\Film Crew #10 (It's Who You Know).jpeg.lnkui256
    2014-07-10 12:38 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Richard\Skrivbord\TDSSKiller.exe
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2014-08-07 13:33 - 2014-08-07 10:59 - 00026751 _____ () C:\Documents and Settings\Richard\Skrivbord\FRST.txt
    2014-08-07 13:33 - 2014-08-07 00:39 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\temp
    2014-08-07 13:32 - 2014-08-02 19:46 - 00000000 ____D () C:\FRST
    2014-08-07 13:32 - 2010-08-24 11:09 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord
    2014-08-07 13:31 - 2009-09-03 07:53 - 00000410 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{7B8AB321-E309-49ED-B138-2D1AD3B32EF0}.job
    2014-08-07 13:30 - 2013-06-10 22:57 - 00000494 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
    2014-08-07 13:26 - 2014-07-31 19:52 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\Malware Tools
    2014-08-07 13:25 - 2012-04-12 06:55 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2014-08-07 13:22 - 2012-08-06 08:58 - 00000414 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{F881C789-9CA0-4738-AD4E-3E39BFF011E2}.job
    2014-08-07 13:15 - 2011-10-21 11:35 - 00000876 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2014-08-07 13:07 - 2012-06-03 17:20 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\Skype
    2014-08-07 12:55 - 2004-09-06 08:21 - 01422367 _____ () C:\WINDOWS\WindowsUpdate.log
    2014-08-07 12:51 - 2014-07-19 17:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
    2014-08-07 12:06 - 2004-09-06 08:21 - 00031746 _____ () C:\WINDOWS\SchedLgU.Txt
    2014-08-07 11:04 - 2014-01-23 18:25 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2014-08-07 10:48 - 2014-08-02 19:44 - 01084928 _____ (Farbar) C:\Documents and Settings\Richard\Skrivbord\FRST.exe
    2014-08-07 10:15 - 2010-12-22 11:22 - 00000000 ____D () C:\WINDOWS\system32\LogFiles
    2014-08-07 10:06 - 2004-09-06 08:16 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
    2014-08-07 10:05 - 2014-03-12 02:17 - 00000226 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP - Inloggningsmeddelande gällande när tjänsten upphör.job
    2014-08-07 10:05 - 2011-10-21 11:35 - 00000872 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2014-08-07 10:05 - 2004-09-06 09:46 - 00000159 _____ () C:\WINDOWS\wiadebug.log
    2014-08-07 10:05 - 2004-09-06 09:46 - 00000048 _____ () C:\WINDOWS\wiaservc.log
    2014-08-07 10:04 - 2014-07-21 00:01 - 00000626 _____ () C:\WINDOWS\Tasks\AVG_SYS_TASK_0614t_RUN.job
    2014-08-07 10:04 - 2004-09-06 08:21 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
    2014-08-07 02:30 - 2014-07-20 00:22 - 00065536 _____ () C:\WINDOWS\system32\config\TuneUp.evt
    2014-08-07 02:29 - 2010-08-24 11:09 - 00000304 ___SH () C:\Documents and Settings\Richard\ntuser.ini
    2014-08-07 02:29 - 2010-08-24 11:09 - 00000000 ____D () C:\Documents and Settings\Richard
    2014-08-07 01:30 - 2014-08-07 01:30 - 00024995 _____ () C:\ComboFix.txt
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\Richard.TN\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\NetworkService\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\LocalService\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\Administratör\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-07 01:30 - 00000000 ____D () C:\Documents and Settings\__sbs_netsetup__\Lokala inställningar\temp
    2014-08-07 01:30 - 2014-08-06 23:49 - 00000000 ____D () C:\Qoobox
    2014-08-07 01:30 - 2010-08-27 10:50 - 00000000 ___HD () C:\Documents and Settings\Richard.TN\Lokala inställningar
    2014-08-07 01:30 - 2008-10-28 18:26 - 00000000 ___HD () C:\Documents and Settings\__sbs_netsetup__\Lokala inställningar
    2014-08-07 01:30 - 2006-07-03 22:29 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Lokala inställningar
    2014-08-07 01:30 - 2006-07-03 22:29 - 00000000 ___HD () C:\Documents and Settings\LocalService\Lokala inställningar
    2014-08-07 01:30 - 2006-07-03 22:29 - 00000000 ___HD () C:\Documents and Settings\Administratör\Lokala inställningar
    2014-08-07 01:26 - 2004-09-06 09:43 - 00000227 _____ () C:\WINDOWS\system.ini
    2014-08-07 01:25 - 2006-07-03 22:29 - 00000000 ___RD () C:\Program
    2014-08-07 01:21 - 2006-07-03 22:30 - 00000000 ____D () C:\Program\Delade filer
    2014-08-07 01:07 - 2014-08-07 01:07 - 00000000 _RSHD () C:\cmdcons
    2014-08-07 01:07 - 2004-09-06 07:47 - 00000327 __RSH () C:\boot.ini
    2014-08-07 00:41 - 2014-08-07 00:41 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080714-01.dmp
    2014-08-07 00:41 - 2010-09-02 23:53 - 00000000 ____D () C:\WINDOWS\Minidump
    2014-08-07 00:39 - 2010-08-24 11:09 - 00000000 ___HD () C:\Documents and Settings\Richard\Lokala inställningar
    2014-08-07 00:36 - 2014-08-06 23:48 - 00000000 ____D () C:\WINDOWS\erdnt
    2014-08-07 00:15 - 2004-09-06 17:22 - 46137344 _____ () C:\WINDOWS\system32\config\software.bak
    2014-08-07 00:15 - 2004-09-06 08:21 - 05767168 _____ () C:\WINDOWS\system32\config\system.bak
    2014-08-07 00:15 - 2004-09-06 08:21 - 05242880 _____ () C:\WINDOWS\system32\config\default.bak
    2014-08-07 00:15 - 2004-09-06 08:21 - 00524288 _____ () C:\WINDOWS\system32\config\SECURITY.bak
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\system.tmp.LOG
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\software.tmp.LOG
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\SAM.tmp.LOG
    2014-08-07 00:14 - 2014-08-07 00:14 - 00000000 ____H () C:\WINDOWS\system32\config\default.tmp.LOG
    2014-08-07 00:13 - 2014-08-07 00:13 - 00008192 ____H () C:\WINDOWS\system32\config\SECURITY.tmp.LOG
    2014-08-06 23:55 - 2014-08-06 23:55 - 00000327 _____ () C:\Boot.bak
    2014-08-06 23:44 - 2014-08-06 23:42 - 05568206 ____R (Swearware) C:\Documents and Settings\Richard\Skrivbord\ComboFix.exe
    2014-08-06 18:31 - 2013-10-03 16:49 - 00000000 ____D () C:\AdwCleaner
    2014-08-06 18:15 - 2014-08-06 18:15 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-05.dmp
    2014-08-06 18:01 - 2014-08-06 18:01 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-04.dmp
    2014-08-06 17:45 - 2014-08-06 17:45 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-03.dmp
    2014-08-06 16:45 - 2014-08-06 16:45 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-02.dmp
    2014-08-06 11:35 - 2014-08-06 11:35 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080614-01.dmp
    2014-08-05 21:12 - 2011-07-05 15:06 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\vlc
    2014-08-05 20:58 - 2014-08-05 20:58 - 00001642 _____ () C:\Malwarebytes.txt
    2014-08-05 20:07 - 2012-05-18 00:01 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\My Desktop Photos
    2014-08-05 18:02 - 2013-11-30 21:10 - 00001039 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Express Burn.lnk
    2014-08-05 18:02 - 2013-11-30 21:09 - 00001041 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Disketch Disc Label Software.lnk
    2014-08-05 15:36 - 2014-08-05 15:36 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080514-02.dmp
    2014-08-05 08:13 - 2014-08-05 08:13 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080514-01.dmp
    2014-08-05 01:35 - 2014-08-05 01:35 - 00128197 _____ () C:\Documents and Settings\Richard\Skrivbord\BIG SUR GEORGE.celtx
    2014-08-05 01:00 - 2012-11-16 18:00 - 00000000 ____D () C:\Program\Celtx
    2014-08-04 21:16 - 2014-07-20 00:43 - 00000397 _____ () C:\WINDOWS\setupact.log
    2014-08-04 20:25 - 2014-08-04 20:25 - 00094208 _____ () C:\WINDOWS\Minidump\Mini080414-03.dmp
    2014-08-04 20:23 - 2014-07-19 02:28 - 00520783 _____ () C:\WINDOWS\setupapi.log
    2014-08-04 17:11 - 2013-06-10 00:47 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\SCRIPTS & TREATMENTS
    2014-08-04 16:59 - 2012-08-05 23:43 - 00000000 ____D () C:\unzipped
    2014-08-04 11:36 - 2014-08-04 11:36 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080414-02.dmp
    2014-08-04 10:18 - 2014-07-21 23:47 - 00000272 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    2014-08-04 09:27 - 2014-08-04 09:01 - 00001820 _____ () C:\Documents and Settings\All Users\Skrivbord\Tweaking.com - Registry Backup.lnk
    2014-08-04 09:27 - 2006-07-03 22:30 - 00000000 ____D () C:\WINDOWS\repair
    2014-08-04 09:27 - 2006-07-03 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Skrivbord
    2014-08-04 09:12 - 2014-08-04 09:12 - 00002812 _____ () C:\WINDOWS\Regfix.reg
    2014-08-04 09:02 - 2014-08-04 09:02 - 00000000 ____D () C:\RegBackup
    2014-08-04 09:02 - 2006-07-03 22:30 - 00000000 ____D () C:\WINDOWS\Registration
    2014-08-04 09:01 - 2014-08-04 09:01 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Tweaking.com
    2014-08-04 09:01 - 2006-07-03 22:29 - 00000000 ___RD () C:\Documents and Settings\All Users\Start-meny\Program
    2014-08-04 08:54 - 2014-08-04 08:54 - 00000000 ____D () C:\Program\Tweaking.com
    2014-08-04 08:52 - 2014-08-04 08:50 - 04057608 _____ () C:\Documents and Settings\Richard\Skrivbord\tweaking.com_registry_backup_setup.exe
    2014-08-04 02:59 - 2014-08-04 02:59 - 00114688 _____ () C:\WINDOWS\Minidump\Mini080414-01.dmp
    2014-08-03 10:03 - 2014-08-03 10:03 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080314-03.dmp
    2014-08-03 09:32 - 2006-07-03 22:29 - 00000000 ____D () C:\i386
    2014-08-03 02:26 - 2014-08-03 02:26 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080314-02.dmp
    2014-08-03 01:26 - 2014-08-03 01:26 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080314-01.dmp
    2014-08-02 10:16 - 2014-08-02 10:16 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080214-03.dmp
    2014-08-02 09:03 - 2014-08-02 09:03 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080214-02.dmp
    2014-08-02 09:00 - 2011-09-12 11:02 - 00000000 ___RD () C:\Documents and Settings\Richard\Mina dokument
    2014-08-02 01:51 - 2014-08-02 01:51 - 00110592 _____ () C:\WINDOWS\Minidump\Mini080214-01.dmp
    2014-08-01 23:17 - 2014-08-01 23:17 - 00000733 _____ () C:\Documents and Settings\All Users\Skrivbord\Malwarebytes Anti-Malware.lnk
    2014-08-01 23:17 - 2014-08-01 23:17 - 00000000 ____D () C:\Program\Malwarebytes Anti-Malware
    2014-08-01 23:17 - 2014-08-01 23:17 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Malwarebytes Anti-Malware
    2014-08-01 23:17 - 2012-05-18 08:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2014-07-31 19:52 - 2013-09-05 12:36 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\JAGAN (MASTER FILE)
    2014-07-31 18:41 - 2006-07-03 13:53 - 00002477 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Microsoft Word.lnk
    2014-07-31 18:25 - 2014-07-25 10:08 - 00002227 _____ () C:\Documents and Settings\All Users\Skrivbord\Skype.lnk
    2014-07-31 12:43 - 2014-07-31 12:43 - 00000000 _____ () C:\SophosBootTasks.txt
    2014-07-30 19:55 - 2012-05-26 12:54 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\uTorrent
    2014-07-28 19:25 - 2014-05-19 12:47 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\SCRIPT DEVELOPMENT
    2014-07-28 14:04 - 2013-07-02 10:24 - 00000372 _____ () C:\Documents and Settings\Richard\Mina dokument\spider.sav
    2014-07-26 22:36 - 2013-09-01 13:11 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\HOLLY FARM PRODUCTIONS
    2014-07-25 23:24 - 2014-07-25 23:24 - 00000000 ____H () C:\Documents and Settings\Richard\Mina dokument\Default.rdp
    2014-07-25 23:20 - 2010-08-24 11:09 - 00000000 ___RD () C:\Documents and Settings\Richard\Start-meny\Program\Autostart
    2014-07-25 21:17 - 2013-05-17 00:54 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\Dropbox
    2014-07-25 19:20 - 2013-12-28 05:10 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
    2014-07-25 19:20 - 2013-12-27 23:17 - 00000000 ____D () C:\Documents and Settings\Richard\Skrivbord\mbar
    2014-07-25 10:37 - 2012-09-30 00:43 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\Audacity
    2014-07-25 10:08 - 2014-07-25 10:08 - 00000000 ____D () C:\Program\Delade filer\Skype
    2014-07-25 10:08 - 2014-07-25 10:08 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Skype
    2014-07-25 10:08 - 2014-07-25 10:08 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Skype
    2014-07-25 10:08 - 2013-01-27 12:03 - 00000000 ___RD () C:\Program\Skype
    2014-07-25 10:08 - 2012-06-03 17:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
    2014-07-24 20:34 - 2013-07-12 16:44 - 00000000 ___RD () C:\Documents and Settings\Richard\Mina dokument\Mina bilder
    2014-07-24 20:20 - 2014-07-21 23:53 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\Apple Computer
    2014-07-24 15:30 - 2013-05-17 01:47 - 00001020 _____ () C:\Documents and Settings\Richard\Skrivbord\Dropbox.lnk
    2014-07-24 15:30 - 2013-05-17 00:56 - 00000000 ____D () C:\Documents and Settings\Richard\Start-meny\Program\Dropbox
    2014-07-24 15:25 - 2013-05-26 09:15 - 00002347 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Adobe Reader XI.lnk
    2014-07-24 00:04 - 2013-05-31 09:19 - 00000000 ____D () C:\Program\Microsoft Silverlight
    2014-07-23 23:52 - 2013-05-31 09:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Microsoft Silverlight
    2014-07-23 19:46 - 2006-07-03 22:30 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
    2014-07-23 19:11 - 2004-09-06 08:05 - 00542224 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
    2014-07-23 19:11 - 2004-09-06 08:05 - 00413416 _____ () C:\WINDOWS\system32\perfh01D.dat
    2014-07-23 19:11 - 2004-09-06 08:05 - 00068066 _____ () C:\WINDOWS\system32\perfc01D.dat
    2014-07-23 17:51 - 2010-09-06 09:45 - 00031080 ____C () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\GDIPFONTCACHEV1.DAT
    2014-07-22 14:56 - 2014-07-22 07:56 - 00001084 _____ () C:\WINDOWS\spupdsvc.log
    2014-07-22 14:53 - 2004-09-06 08:21 - 00036864 _____ () C:\WINDOWS\system32\config\SAM.bak
    2014-07-22 14:53 - 2004-09-06 08:02 - 00153176 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
    2014-07-22 14:49 - 2013-07-21 14:15 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\ATI
    2014-07-22 14:49 - 2013-07-21 14:15 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\ATI
    2014-07-22 14:44 - 2014-07-22 14:44 - 00000000 ____D () C:\ATI
    2014-07-22 10:58 - 2014-07-22 07:22 - 00000000 ____D () C:\0d608be659421094a8274931cdb6
    2014-07-22 07:57 - 2010-12-22 11:13 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
    2014-07-22 07:56 - 2014-07-22 07:55 - 00000000 ____D () C:\f18b8596a63f2776389f
    2014-07-22 00:33 - 2014-07-22 00:33 - 00001510 _____ () C:\Documents and Settings\All Users\Skrivbord\iTunes.lnk
    2014-07-22 00:33 - 2014-07-22 00:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\iTunes
    2014-07-22 00:33 - 2014-07-22 00:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
    2014-07-22 00:33 - 2014-07-21 23:49 - 00000000 ____D () C:\Program\iTunes
    2014-07-22 00:32 - 2014-07-22 00:32 - 00000000 ____D () C:\Program\iPod
    2014-07-22 00:32 - 2014-07-21 23:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple Computer
    2014-07-22 00:32 - 2014-07-21 23:45 - 00000000 ____D () C:\Program\Delade filer\Apple
    2014-07-21 23:53 - 2014-07-21 23:53 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Apple Computer
    2014-07-21 23:47 - 2014-07-21 23:47 - 00001830 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Apple Software Update.lnk
    2014-07-21 23:47 - 2014-07-21 23:47 - 00000000 ____D () C:\Program\Apple Software Update
    2014-07-21 23:47 - 2014-07-21 23:47 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Apple
    2014-07-21 23:47 - 2014-07-21 23:47 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\Apple Computer
    2014-07-21 23:47 - 2014-07-21 23:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple
    2014-07-21 23:45 - 2014-07-21 23:45 - 00000000 ____D () C:\Program\Bonjour
    2014-07-21 23:01 - 2014-07-21 22:14 - 00000000 ____D () C:\d80b9deb1c60777af7
    2014-07-21 22:09 - 2010-08-26 09:01 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
    2014-07-21 02:59 - 2012-08-14 23:23 - 00000270 _____ () C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
    2014-07-21 00:23 - 2014-07-21 00:23 - 00000000 ____D () C:\Documents and Settings\LocalService\Lokala inställningar\Application Data\AVG
    2014-07-21 00:23 - 2014-07-21 00:23 - 00000000 ____D () C:\Documents and Settings\LocalService\Application Data\AVG
    2014-07-21 00:01 - 2014-07-21 00:01 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Avg_Update_0614t
    2014-07-20 18:21 - 2014-05-19 19:33 - 00000000 ____D () C:\Documents and Settings\Richard\Mina dokument\CURT'S MEDICAL FILE
    2014-07-20 10:09 - 2004-09-06 07:52 - 00000749 ___RH () C:\WINDOWS\WindowsShell.Manifest
    2014-07-20 10:09 - 2004-09-06 07:52 - 00000749 ___RH () C:\WINDOWS\system32\wuaucpl.cpl.manifest
    2014-07-20 10:09 - 2004-09-06 07:52 - 00000749 ___RH () C:\WINDOWS\system32\sapi.cpl.manifest
    2014-07-20 10:09 - 2004-09-06 07:52 - 00000749 ___RH () C:\WINDOWS\system32\nwc.cpl.manifest
    2014-07-20 10:09 - 2004-09-06 07:52 - 00000749 ___RH () C:\WINDOWS\system32\ncpa.cpl.manifest
    2014-07-20 10:09 - 2004-09-06 07:52 - 00000749 ___RH () C:\WINDOWS\system32\cdplayer.exe.manifest
    2014-07-20 09:17 - 2014-07-20 09:17 - 00000000 ____D () C:\Documents and Settings\Richard\Mina dokument\Ny mapp
    2014-07-20 09:16 - 2012-10-04 17:16 - 00000000 ____D () C:\Intel Desktop Board
    2014-07-20 02:56 - 2010-08-24 11:09 - 00000000 ___RD () C:\Documents and Settings\Richard\Start-meny
    2014-07-20 02:41 - 2014-07-20 02:41 - 00002876 _____ () C:\WINDOWS\DPINST.LOG
    2014-07-20 00:43 - 2014-07-20 00:43 - 00000000 _____ () C:\WINDOWS\setuperr.log
    2014-07-20 00:29 - 2014-07-20 00:17 - 00000000 __SHD () C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
    2014-07-20 00:29 - 2013-05-18 14:40 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\HpUpdate
    2014-07-20 00:28 - 2013-06-14 01:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Plot Control
    2014-07-20 00:28 - 2006-07-03 15:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Lotus SmartSuite
    2014-07-20 00:22 - 2014-07-20 00:22 - 00001689 _____ () C:\Documents and Settings\All Users\Start-meny\Program\AVG PC TuneUp 2014.lnk
    2014-07-20 00:22 - 2014-07-20 00:22 - 00001689 _____ () C:\Documents and Settings\All Users\Skrivbord\AVG 1-Click Maintenance.lnk
    2014-07-20 00:22 - 2014-07-20 00:22 - 00001683 _____ () C:\Documents and Settings\All Users\Skrivbord\AVG PC TuneUp 2014.lnk
    2014-07-20 00:22 - 2014-07-20 00:22 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\AVG PC TuneUp 2014
    2014-07-20 00:22 - 2014-07-20 00:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG
    2014-07-20 00:21 - 2014-07-20 00:21 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\AVG
    2014-07-20 00:21 - 2014-07-20 00:21 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\AVG
    2014-07-20 00:21 - 2014-07-19 17:52 - 00000000 ____D () C:\Program\AVG
    2014-07-20 00:14 - 2010-08-24 11:09 - 00000000 ___RD () C:\Documents and Settings\Richard\Start-meny\Program
    2014-07-19 22:57 - 2013-06-06 01:08 - 00001753 _____ () C:\Documents and Settings\All Users\Skrivbord\Google Chrome.lnk
    2014-07-19 22:44 - 2011-02-11 13:43 - 00000000 ____D () C:\Program\PDFCreator
    2014-07-19 22:22 - 2014-04-28 15:36 - 00000000 ____D () C:\Program\Advanced Disk Recovery
    2014-07-19 21:59 - 2014-04-28 15:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\Advanced Disk Recovery
    2014-07-19 21:28 - 2014-07-19 17:39 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\Avg2014
    2014-07-19 21:23 - 2014-07-19 21:23 - 00000494 _____ () C:\Documents and Settings\Richard\Skrivbord\Data Safe.lnk
    2014-07-19 21:23 - 2014-07-19 21:22 - 209715200 _____ () C:\Documents and Settings\Richard\Mina dokument\Data Safe.avgfv
    2014-07-19 21:23 - 2010-08-24 11:09 - 00000000 ___RD () C:\Documents and Settings\Richard\Favoriter
    2014-07-19 21:03 - 2014-07-19 17:54 - 00000000 ____D () C:\Documents and Settings\All Users\Start-meny\Program\AVG
    2014-07-19 20:54 - 2012-05-13 14:33 - 00001912 _____ () C:\WINDOWS\epplauncher.mif
    2014-07-19 20:54 - 2012-05-13 14:32 - 00000000 ____D () C:\Program\Microsoft Security Client
    2014-07-19 17:55 - 2014-07-19 17:55 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\AVG2014
    2014-07-19 17:54 - 2014-07-19 17:54 - 00000670 _____ () C:\Documents and Settings\All Users\Skrivbord\AVG 2014.lnk
    2014-07-19 17:54 - 2014-07-19 17:53 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2014
    2014-07-19 17:53 - 2014-07-19 17:53 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\TuneUp Software
    2014-07-19 17:53 - 2014-07-19 17:53 - 00000000 ____D () C:\$AVG
    2014-07-19 17:39 - 2014-07-19 17:39 - 00000000 ____D () C:\Documents and Settings\Richard\Lokala inställningar\Application Data\MFAData
    2014-07-19 03:30 - 2013-06-14 01:32 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Package Cache
    2014-07-19 00:09 - 2012-09-30 13:40 - 00000000 ____D () C:\Program\Free Scan to PDF
    2014-07-18 23:51 - 2008-11-13 11:00 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Norton
    2014-07-18 23:50 - 2006-07-03 15:44 - 00000000 ____D () C:\Program\lotus
    2014-07-18 23:50 - 2006-07-03 13:40 - 00000000 ____D () C:\Documents and Settings\IVAB\Lokala inställningar\Temp
    2014-07-15 14:40 - 2014-07-15 14:40 - 00031768 _____ () C:\Documents and Settings\Richard\Skrivbord\THE FIX'IT MAN.celtx
    2014-07-15 07:23 - 2013-08-02 23:50 - 00000000 ____D () C:\WINDOWS\system32\MRT
    2014-07-14 12:26 - 2014-07-20 00:22 - 00036152 _____ (AVG) C:\WINDOWS\system32\TURegOpt.exe
    2014-07-12 23:22 - 2014-07-12 23:22 - 00000427 _____ () C:\Billy Wilder.jpg.lnk5z651
    2014-07-12 14:59 - 2014-07-12 14:59 - 00000624 _____ () C:\Robert MacLean, his brief history.pdf.lnky4355
    2014-07-12 14:58 - 2014-07-12 14:58 - 00000506 _____ () C:\Romantic comedy Pas de deux.zip.lnkhs605
    2014-07-11 17:02 - 2014-07-11 17:02 - 00000384 _____ () C:\agent.pdf.lnk5z1020
    2014-07-11 14:03 - 2014-07-11 14:03 - 00000614 _____ () C:\Dancing Israeli's (3-of-the-5).jpeg.lnky4162
    2014-07-11 13:26 - 2014-07-11 13:26 - 00000549 _____ () C:\Sword rear Ninga #1.jpg.lnkht318
    2014-07-11 13:03 - 2014-07-11 13:03 - 00000584 _____ () C:\Ridley Scott & Camera #02.jpg.lnkyk287
    2014-07-11 12:58 - 2014-07-11 12:58 - 00000529 _____ () C:\Film Crew #03.jpeg.lnkhs209
    2014-07-11 12:54 - 2014-07-11 12:44 - 00000629 _____ () C:\Film Crew #10 (It's Who You Know).jpeg.lnkui256
    2014-07-10 12:38 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Richard\Skrivbord\TDSSKiller.exe
    2014-07-09 13:29 - 2012-04-12 06:55 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
    2014-07-09 13:29 - 2012-02-01 08:19 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
    2014-07-08 15:49 - 2014-07-07 18:50 - 00000000 ____D () C:\Documents and Settings\Richard\Application Data\Real
    2014-07-08 15:48 - 2014-07-07 17:50 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Real
    2014-07-08 15:00 - 2014-03-12 02:17 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP - Månatligt meddelande gällande när tjänsten upphör.job
     
    Some content of TEMP:
    ====================
    C:\Documents and Settings\IVAB\Lokala inställningar\temp\applnch.exe
    C:\Documents and Settings\IVAB\Lokala inställningar\temp\UninstallRC.dll
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
     
    ==================== End Of Log ============================


    #45 ken545

    ken545

      Forum God

    • Classroom Teacher
    • 23,207 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 07 August 2014 - 05:43 AM

    :thumbup:

     

    Its gone at last.

     

    How is everything running now, still having your system reboot itself ??

     

    Just want to let you know that I will be away today and wont be returning until late this evening 


    Jeffce_zpsa19ee2e6.png

     

     

     

    Want to help others, Join our Malware Removal Classroom  HERE

    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif

     

    Find us on Facebook
    Please LIKE and SHARE

     

     

    Just a reminder that threads will be closed if no reply in 3 days.

    Related Topics



    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users