Type-R

Medlemmer
  • Innholdsteller

    148
  • Ble med

  • Besøkte siden sist


Nettsamfunnsomdømme

0 ProPoeng

Om Type-R

  • Rang
    Junior

Type-R sin aktivitet

  1. Type-R la til et innlegg i et emne Infisert pc   

    Er det ikke lenger noen på forumet som leser logger og eventuelt sier i fra om hvordan det ser ut? Det hadde vært veldig kjekt å få vite om det ser ok ut nå, spesielt ettersom jeg får opp dette merkelige Google chrome-lignende Warthunder-ikonet når jeg internt på datamaskinen søker etter Chromecast. Skal det være slik?
    • 0
  2. Type-R la til et innlegg i et emne Lite aktivitet?   

    He he. Ja, det med den gule flekken på himmelen som plutselig åpenbarte seg gjør selvsagt slik at det er mange andre ting enn å sitte foran datamaskinen som blir forlokkende.
    • 0
  3. Type-R la til et innlegg i et emne Infisert pc   

    Her er loggen fra AdwCleaner (den fant visst en del fra både firefox og de derre warthunder-greiene):
    # AdwCleaner v5.003 - Logfile created 20/08/2015 at 22:24:33
    # Updated 20/08/2015 by Xplode
    # Database : 2015-08-20.1 [Server]
    # Operating system : Windows 10 Home  (x64)
    # Username : Bjornar - BJØRNAR
    # Running from : C:\Users\Bjornar\Downloads\adwcleaner_5.003.exe
    # Option : Cleaning ***** [ Services ] ***** 
    ***** [ Folders ] ***** [-] Folder Deleted : C:\ProgramData\apn ***** [ Files ] ***** [-] File Deleted : C:\Users\Bjornar\AppData\Roaming\Mozilla\Firefox\Profiles\fl40ajxs.default\user.js ***** [ Shortcuts ] ***** [-] Shortcut Disinfected : C:\Users\Bjornar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
    [-] Shortcut Disinfected : C:\Users\Bjornar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk ***** [ Scheduled tasks ] ***** 
    ***** [ Registry ] ***** [-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    [-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF ***** [ Web browsers ] ***** [-] [C:\Users\Bjornar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : ************************* :: Proxy settings cleared
    :: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1713 bytes] ##########
    • 0
  4. Type-R la til et innlegg i et emne Lite aktivitet?   

    Supert. Jeg må få understreke at jeg synes det er helt fantastisk at dere her på forumet gir så mye bistand til oss mindre databegavede. Så jeg håper forumet vil bestå i lang tid framover. :-)
    • 0
  5. Type-R la til et innlegg i et emne Infisert pc   

    Hei. Jeg opplevde det du beskriver her, så det endte med at jeg rett og slett avinstallerte Firefox. Jeg får ikke disse problemene når jeg bruker Internet Explorer, Chrome eller Microsoft Edge.
    Kan det likevel ligge i maskinen, eller forsvant det da jeg fjernet Firefox?
    Jeg skal kjøre Adw Cleaner i kveld, så ser vi om den finner noe.
    • 0
  6. Type-R la til et emne i Tilbakemeldinger, kommentarer og forslag   

    Lite aktivitet?
    Som relativt lite datakyndig har jeg gjennom flere år hatt veldig god hjelp av dette forumet. Det jeg nå lurer på er imidlertid om forumet holder på å tape seg hva gjelder aktivitet. Før fikk man alltid hjelp med en logg etter noen timer, nå har jeg hatt en liggende til analyse siden fredag uten noen respons. I tillegg virker sidene mindre oppdaterte enn tidligere, der f.eks. Logganalyse på 1-2-3 under "underkategorier" er en lenke som bare leder tilbake til forumets forside. Der det står "følg denne veiledningen" er også en død lenke, så vidt jeg kan se. Og så er det vel en del av programmene som anbefales, f.eks. combofix/dds som ikke kan brukes på en del nyere operativsystemer?
    Dersom dette stemmer så synes jeg det er veldig synd. Jeg har jo forståelse for det, for det er vel ingen av dere som får betalt for å være her? Er det mulig å opprette en betal-versjon av forumet? Jeg hadde gjerne meldt meg på en slik dersom prisen var overkommelig for å ha tilgang på bistand når det gjelder dataproblemer.
    Hva sier dere? Er det noe i mine observasjoner, og kan eventuelt noe gjøres for å reversere den negative utviklingen?
    • 5 svar
    • visninger
  7. Type-R la til et innlegg i et emne Infisert pc   

    Combofix gikk ikke, men her er en dds-logg:
    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 10 Home
    Boot Device: \Device\HarddiskVolume2
    Install Date: 01.08.2015 01.38.47
    System Uptime: 13.08.2015 23.33.46 (1 hours ago)
    .
    Motherboard: Hewlett-Packard |  | 1963
    Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz | U3E1 | 2401/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 913 GiB total, 631,412 GiB free.
    D: is FIXED (NTFS) - 17 GiB total, 1,689 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP1: 01.08.2015 14.20.59 - Windows Update
    RP2: 01.08.2015 14.22.07 - Windows Update
    RP3: 13.08.2015 21.55.16 - Installasjonsprogram for Windows-moduler
    .
    ==== Installed Programs ======================
    .
    7-Zip 9.22 (x64 edition)
    Adobe Flash Player 18 NPAPI
    Adobe Shockwave Player 12.0
    Apple-programvaresupport (32-bits)
    Apple-programvaresupport (64-bits)
    Apple Mobile Device Support
    Apple Software Update
    Audacity 2.0.6
    Avast Free Antivirus
    Bonjour
    CCleaner
    Cyberlink PhotoDirector
    CyberLink PowerDirector 10
    CyberLink YouCam
    D3DX10
    Dropbox
    Energy Star
    Fotogalleriet
    GOG.com Downloader version 3.6.0
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    Heroes of Might and Magic 4 Complete
    Hewlett-Packard ACLM.NET v1.2.2.3
    HP 3D DriveGuard
    HP Connected Music (Meridian - installer)
    HP Connected Music (Meridian - player)
    HP CoolSense
    HP Customer Experience Enhancements
    HP Documentation
    HP PC Hardware Diagnostics UEFI
    HP Postscript Converter
    HP Recovery Manager
    HP Registration Service
    HP SimplePass
    HP Support Assistant
    HP System Event Utility
    HP Utility Center
    HP Wireless Button Driver
    IDT Audio
    Inst5675
    Inst5676
    Intel(R) Management Engine Components
    Intel(R) PRO/Wireless Driver
    Intel(R) Processor Graphics
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1327.1)
    Intel(R) Rapid Storage Technology
    Intel(R) Smart Connect Technology
    Intel® PROSet/Wireless-programvare
    Intel® PROSet/Wireless WiFi Software
    Intel® Trusted Connect Service Client
    iTunes
    Java 8 Update 45
    Java 8 Update 51
    Java Auto Updater
    Malwarebytes Anti-Malware versjon 2.1.8.1057
    Microsoft Application Error Reporting
    Microsoft Office Home and Student 2013 - nb-no
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NOR
    Movie Maker
    Mozilla Firefox 39.0 (x86 nb-NO)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT110
    MSVCRT110_amd64
    NVIDIA GeForce Experience 2.1.3
    NVIDIA GeForce Experience Service
    NVIDIA Grafikkdriver 344.48
    NVIDIA Install Application
    NVIDIA kontrollpanel 353.62
    NVIDIA LED Visualizer 1.0
    NVIDIA Network Service
    NVIDIA oppdateringer 16.13.56
    NVIDIA Optimus Update 16.13.56
    NVIDIA PhysX
    NVIDIA PhysX systemprogramvare 9.14.0702
    NVIDIA ShadowPlay 16.13.56
    NVIDIA Update Core
    NVIDIA Virtual Audio 1.2.25
    Office 15 Click-to-Run Extensibility Component
    Office 15 Click-to-Run Licensing Component
    Office 15 Click-to-Run Localization Component
    Photo Common
    Photo Gallery
    Realtek Card Reader
    Realtek Ethernet Controller Driver
    SHIELD Streaming
    SHIELD Wireless Controller Driver
    Skype™ 7.8
    Spotify
    Språkpakke for Microsoft Visual Studio 2010 Tools for Office Runtime (x64) – NOR
    swMSM
    Synaptics ClickPad Driver
    Validity WBF DDK
    Valokuvavalikoima
    Widevine Media Optimizer Chrome 6.0.0
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Liven peruspaketti
    .
    ==== End Of File ===========================
     
    Og her er en til - det kom opp to:
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.10240.16384  BrowserJavaVersion: 11.51.2
    Run by Bjornar at 0:07:32 on 2015-08-14
    Microsoft Windows 10 Home  10.0.10240.0.1252.47.1044.18.8124.5495 [GMT 2:00]
    .
    AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    C:\WINDOWS\system32\svchost.exe -k RPCSS
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    C:\WINDOWS\system32\dwm.exe
    C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\WINDOWS\system32\nvvsvc.exe
    C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
    C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
    C:\Windows\System32\WUDFHost.exe
    C:\WINDOWS\System32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\WINDOWS\system32\nvvsvc.exe
    C:\WINDOWS\system32\igfxCUIService.exe
    C:\Program Files\IDT\WDM\STacSV64.exe
    C:\WINDOWS\system32\Hpservice.exe
    C:\WINDOWS\system32\dashost.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\System32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
    C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
    C:\WINDOWS\system32\svchost.exe -k apphost
    C:\WINDOWS\System32\svchost.exe -k utcsvc
    c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
    C:\Program Files\Intel\iCLS Client\HeciServer.exe
    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
    C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\svchost.exe -k appmodel
    C:\Windows\system32\valWBFPolicyService.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\WINDOWS\system32\taskhostw.exe
    C:\WINDOWS\system32\sihost.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\igfxEM.exe
    C:\WINDOWS\system32\igfxHK.exe
    C:\WINDOWS\system32\igfxTray.exe
    svchost.exe
    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
    C:\WINDOWS\system32\SearchIndexer.exe
    C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
    C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
    C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
    C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
    C:\Windows\System32\RuntimeBroker.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\WINDOWS\system32\SettingSyncHost.exe
    C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe
    C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe
    C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Users\Bjornar\AppData\Roaming\Spotify\SpotifyWebHelper.exe
    C:\Users\Bjornar\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
    C:\Program Files\CCleaner\CCleaner64.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\WINDOWS\system32\fontdrvhost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
    C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\SearchProtocolHost.exe
    C:\WINDOWS\system32\SearchFilterHost.exe
    C:\WINDOWS\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = www.google.com
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
    BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
    BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [Spotify Web Helper] "C:\Users\Bjornar\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
    uRun: [OneDrive] "C:\Users\Bjornar\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    uRunOnce: [Uninstall C:\Users\Bjornar\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Bjornar\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
    mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    mRun: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
    mRun: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ISCTSY~1.LNK - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
    mPolicies-System: DSCAutomationHostEnabled = dword:2
    mPolicies-System: SoftwareSASGeneration = dword:1
    IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
    IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
    TCP: NameServer = 192.168.0.1
    TCP: Interfaces\{8ac6cb20-33d1-43ce-a52b-bcbc98988e41} : DHCPNameServer = 192.168.0.1
    TCP: Interfaces\{8ac6cb20-33d1-43ce-a52b-bcbc98988e41}\47865646F6F62737F52374548545 : DHCPNameServer = 192.168.0.105
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
    Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    LSA: Security Packages =  ""
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
    x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
    x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
    x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [SimplePass] C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe /hideui
    x64-Run: [OPBHOBroker] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
    x64-Run: [OPBHOBrokerDesktop] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
    x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
    x64-Run: [HotKeysCmds] "C:\WINDOWS\System32\hkcmd.exe"
    x64-Run: [Persistence] "C:\WINDOWS\System32\igfxpers.exe"
    x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
    x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
    x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
    x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
    x64-mPolicies-System: SoftwareSASGeneration = dword:1
    x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
    x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
    x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
    x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
    x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Bjornar\AppData\Roaming\Mozilla\Firefox\Profiles\fl40ajxs.default\
    FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search/?trackid=sp-006
    FF - prefs.js: browser.search.selectedEngine - Yahoo!
    FF - prefs.js: browser.startup.homepage - hxxps://www.malwarebytes.org/restorebrowser/yhp-ff|https://www.google.no/?gfe_rd=cr&ei=lm4xVdqTLoi_wQOJl4HACA&gws_rd=ssl
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
    FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
    FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
    FF - plugin: C:\Users\Bjornar\AppData\Roaming\Mozilla\Firefox\Profiles\fl40ajxs.default\extensions\plugin@starstable.com\plugins\npstudioruntime.dll
    FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
    FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
    .
    ---- FIREFOX POLICIES ----
    user_pref(extensions.autoDisableScopes,14);
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 aswRvrt;avast! Revert;C:\WINDOWS\System32\drivers\aswRvrt.sys [2014-8-26 65224]
    R0 aswVmm;avast! VM Monitor;C:\WINDOWS\System32\drivers\aswVmm.sys [2014-8-26 274808]
    R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-8-30 644968]
    R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
    R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
    R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-7-10 199008]
    R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-7-10 215552]
    R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswsnx.sys [2014-8-26 1048344]
    R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2014-8-26 447944]
    R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-7-10 83968]
    R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-7-10 8192]
    R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-5-29 77128]
    R2 aswHwid;avast! HardwareID;C:\WINDOWS\System32\drivers\aswHwid.sys [2014-8-26 28656]
    R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2014-8-26 90968]
    R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2014-8-26 150672]
    R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-8-13 146600]
    R2 Cachedrv server; HP SimplePass Cachedrv Service;C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [2013-10-14 109568]
    R2 ClickToRunSvc;Tjenesten Microsoft Office ClickToRun;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-8-27 2753720]
    R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
    R2 DiagTrack;Diagnostics Tracking Service;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-7-10 39856]
    R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-23 1148744]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 99128]
    R2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2013-7-23 43320]
    R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2015-2-17 608520]
    R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-30 15720]
    R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-7-18 351120]
    R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
    R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-2-8 131544]
    R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-6-27 157128]
    R2 ISCTAgent;Intel(R) Smart Connect Technology Agent;C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-8-12 198120]
    R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-2-8 169432]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-8-13 1871160]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-8-13 1133880]
    R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-23 1795912]
    R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-23 19439944]
    R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-7-10 61952]
    R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-7-17 246472]
    R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
    R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
    R2 valWBFPolicyService;Validity WBF Policy Service;C:\WINDOWS\System32\valWBFPolicyService.exe [2013-8-1 32768]
    R3 BthLEEnum;Driver for Bluetooth Low Energy;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2015-7-10 237568]
    R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
    R3 clwvd;CyberLink WebCam Virtual Driver;C:\WINDOWS\System32\drivers\clwvd.sys [2015-2-7 41704]
    R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2015-3-20 253680]
    R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\WINDOWS\System32\drivers\ikbevent.sys [2013-8-8 21408]
    R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\WINDOWS\System32\drivers\imsevent.sys [2013-8-8 21920]
    R3 INETMON;INETMON;C:\WINDOWS\System32\drivers\INETMON.sys [2014-2-8 29088]
    R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\WINDOWS\System32\drivers\ISCTD64.sys [2013-8-7 46568]
    R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2013-8-23 26008]
    R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
    R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2015-8-13 25816]
    R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2015-8-13 113880]
    R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2015-8-13 64216]
    R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
    R3 NdisVirtualBus;Adapternummerering for Microsoft virtuelt nettverk;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
    R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\WINDOWS\System32\drivers\Netwbw02.sys [2015-7-10 3496216]
    R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-23 19272]
    R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2014-10-23 38048]
    R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2014-2-8 827096]
    R3 RTSPER;Realtek PCIE Card Reader - PER;C:\WINDOWS\System32\drivers\RtsPer.sys [2015-5-14 751632]
    R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2015-7-17 42696]
    R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
    R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2013-7-22 20800]
    R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-7-10 214016]
    S2 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
    S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
    S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-7-10 39856]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
    S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-7-10 1135456]
    S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
    S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
    S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
    S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-7-10 17624]
    S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
    S3 buttonconverter;Tjeneste for enheter for kontroll av bærbar enhet;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-7-10 32256]
    S3 CapImg;HID-driver for CapImg-berøringsskjerm;C:\WINDOWS\System32\drivers\capimg.sys [2015-7-10 116736]
    S3 CDPSvc;CDPSvc;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
    S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
    S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
    S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2014-1-22 108800]
    S3 diagnosticshub.standardcollector.service;Standard Collector-tjeneste for Microsoft (R) diagnose-hub;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
    S3 DmEnrollmentSvc;Tjenesten for administrasjon av registrering av enheten;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
    S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
    S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
    S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
    S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-7-10 31232]
    S3 genericusbfn;Generell USB-funksjonsklasse;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-7-10 20992]
    S3 hidinterrupt;Felles driver for HID-knapper implementert med avbrudd;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
    S3 iaLPSSi_GPIO;Intel(R) GPIO-kontrollerdriver for seriell I/U;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
    S3 iaLPSSi_I2C;Intel(R) Serial IO I2C-kontrollerdriver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
    S3 iaStorAV;Intel(R) SATA RAID-kontroller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-7-10 673120]
    S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-7-10 424800]
    S3 icssvc;Tjeneste for mobil trådløssone for Windows;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-7-10 115200]
    S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2013-8-8 39320]
    S3 IntcDAud;Intel(R) Skjermlyd;C:\WINDOWS\System32\drivers\IntcDAud.sys [2013-8-20 449528]
    S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
    S3 intelpep;Intel(R)-plugin-drivermodul for strømmotor;C:\WINDOWS\System32\drivers\intelpep.sys [2015-7-10 43872]
    S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-7-10 26624]
    S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
    S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
    S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
    S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
    S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-7-10 76128]
    S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
    S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-7-10 94720]
    S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
    S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\lsass.exe [2015-7-10 56344]
    S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-7-10 58208]
    S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-7-10 58720]
    S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-8-1 934752]
    S3 RetailDemo;Tjenesten for forhandlerdemo;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
    S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
    S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-8-1 1031680]
    S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
    S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-7-10 155488]
    S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-8-2 30448]
    S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-7-10 39856]
    S3 SmsRouter;SMS-rutertjeneste for Microsoft Windows;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
    S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2014-1-22 206080]
    S3 stornvme;Microsoft Standard NVM Express-driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-7-10 78688]
    S3 storufs;Driver for Microsoft Universal Flash Storage (UFS);C:\WINDOWS\System32\drivers\storufs.sys [2015-7-10 40288]
    S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-7-10 61952]
    S3 UcmUcsi;UCSI-klient for USB-tilkoblingsbehandling;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-8-1 46080]
    S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-7-10 44032]
    S3 UEFI;Microsoft UEFI-driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-7-10 28512]
    S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-7-10 245088]
    S3 UfxChipidea;USB Chipidea-kontroller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
    S3 ufxsynopsys;USB Synopsys-kontroller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
    S3 UrsChipidea;Chipidea USB Role-Switch-driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-7-10 28512]
    S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-7-10 57696]
    S3 UrsSynopsys;Synopsys USB Role-Switch-driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-7-10 27488]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2014-8-15 54784]
    S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
    S3 vhf;VHF-driver (Virtual HID Framework);C:\WINDOWS\System32\drivers\vhf.sys [2015-7-10 31744]
    S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
    S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
    S3 w3logsvc;W3C-loggingstjeneste;C:\WINDOWS\System32\svchost.exe -k apphost [2015-7-10 39856]
    S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
    S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-7-10 685056]
    S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
    S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-7-10 362928]
    S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-7-10 39856]
    S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-7-10 26976]
    S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-7-10 59232]
    S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
    S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-7-10 39856]
    S3 XblAuthManager;Xbox Live godkjenningsbehandling;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
    S3 XblGameSave;Xbox Live spillagring;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
    S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-7-10 222720]
    S3 XboxNetApiSvc;Xbox Live nettverkstjeneste;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
    S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-7-10 25600]
    .
    =============== File Associations ===============
    .
    FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
    .
    =============== Created Last 30 ================
    .
    2015-08-13 21:36:45 -------- d--h--w- C:\OneDriveTemp
    2015-08-13 21:35:14 16148 ----a-w- C:\WINDOWS\System32\BJØRNAR_Bjornar_HistoryPrediction.bin
    2015-08-13 21:19:10 113880 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
    2015-08-13 21:19:05 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
    2015-08-13 21:19:05 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
    2015-08-13 21:19:05 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
    2015-08-13 21:19:05 -------- d-----w- C:\ProgramData\Malwarebytes
    2015-08-13 21:19:05 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-08-13 21:17:33 -------- d-----w- C:\Users\Bjornar\AppData\Local\MicrosoftEdge
    2015-08-13 21:17:29 -------- d-----w- C:\Program Files\CCleaner
    2015-08-13 21:10:39 -------- d-----w- C:\Users\Bjornar\AppData\Roaming\WarThunder
    2015-08-13 21:10:16 -------- d-----w- C:\Users\Bjornar\AppData\Roaming\vobplayer_setup
    2015-08-13 21:10:16 -------- d-----w- C:\Program Files (x86)\vobplayer_setup
    2015-08-13 21:04:43 -------- d-----w- C:\Users\Bjornar\AppData\Local\Windows Live
    2015-08-13 20:14:48 -------- d-----w- C:\Program Files\iPod
    2015-08-13 20:14:48 -------- d-----w- C:\Program Files (x86)\iTunes
    2015-08-13 20:14:47 -------- d-----w- C:\Program Files\iTunes
    2015-08-13 20:12:00 43112 ----a-w- C:\WINDOWS\avastSS.scr
    2015-08-13 20:08:57 -------- d-----r- C:\Program Files (x86)\Skype
    2015-08-01 15:30:00 -------- d-----w- C:\WINDOWS\System32\SleepStudy
    2015-08-01 15:12:40 -------- d-----w- C:\Users\Bjornar\AppData\Local\NetworkTiles
    2015-08-01 12:25:37 12222168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D23B8E4-A199-4694-9969-C3A702709CAB}\mpengine.dll
    2015-08-01 12:24:48 1187344 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
    2015-08-01 12:24:46 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{441BF59E-9071-4735-B345-1145651111D7}\gapaengine.dll
    2015-08-01 12:23:00 12222168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2015-08-01 00:01:00 -------- dc----w- C:\WINDOWS\Panther
    2015-07-31 23:56:27 -------- d-----w- C:\Windows.old
    2015-07-31 23:45:58 -------- d-----w- C:\WINDOWS\SysWow64\XPSViewer
    2015-07-31 23:45:56 -------- d-----w- C:\inetpub
    2015-07-31 23:45:19 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
    2015-07-31 23:45:19 35480 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
    2015-07-31 23:45:19 102608 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
    2015-07-31 23:45:17 35480 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
    2015-07-31 23:45:16 124112 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
    2015-07-31 23:45:16 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
    2015-07-31 23:43:40 -------- d-----w- C:\ProgramData\Microsoft OneDrive
    2015-07-31 23:41:26 -------- d-----w- C:\Users\Bjornar\AppData\Local\Publishers
    2015-07-31 23:40:20 -------- d-----w- C:\Users\Bjornar\AppData\Local\Comms
    2015-07-31 23:40:18 -------- d-----r- C:\Users\Bjornar\OneDrive
    2015-07-31 23:39:57 -------- d-sh--w- C:\Users\Bjornar\IntelGraphicsProfiles
    2015-07-31 23:39:57 -------- d-----w- C:\Users\Bjornar\AppData\Local\TileDataLayer
    2015-07-31 23:36:56 -------- d-sh--we C:\Programfiler
    2015-07-31 23:36:56 -------- d-sh--we C:\ProgramData\Start-meny
    2015-07-31 23:36:56 -------- d-sh--we C:\ProgramData\Skrivebord
    2015-07-31 23:36:56 -------- d-sh--we C:\ProgramData\Programdata
    2015-07-31 23:36:56 -------- d-sh--we C:\ProgramData\Maler
    2015-07-31 23:36:56 -------- d-sh--we C:\ProgramData\Dokumenter
    2015-07-31 23:36:56 -------- d-sh--we C:\Program Files\Fellesfiler
    2015-07-31 23:36:55 -------- d-sh--w- C:\Recovery
    2015-07-31 23:28:19 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
    2015-07-31 23:25:44 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
    2015-07-31 23:08:31 -------- d-----w- C:\ProgramData\Validity
    2015-07-31 23:08:19 -------- d-----w- C:\WINDOWS\SysWow64\sda
    2015-07-31 23:08:18 200 ----a-w- C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
    2015-07-31 23:08:18 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2015-07-31 23:08:16 86528 ----a-w- C:\WINDOWS\SysWow64\OpenCL.DLL
    2015-07-31 23:08:16 82432 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
    2015-07-31 23:06:48 -------- d-----w- C:\ProgramData\NVIDIA Corporation
    2015-07-31 23:06:34 -------- d-----w- C:\Program Files\NVIDIA Corporation
    2015-07-27 17:00:17 298608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\tobedeleted\rep178A.tmp
    2015-07-17 22:36:32 6389688 ----a-w- C:\WINDOWS\System32\drivers\igdkmd64.sys
    2015-07-17 22:36:02 519056 ----a-w- C:\WINDOWS\System32\IntelWiDiUMS64.exe
    2015-07-17 22:36:00 283024 ----a-w- C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    2015-07-17 22:34:24 6305696 ----a-w- C:\WINDOWS\System32\igdusc64.dll
    2015-07-17 22:29:54 11384832 ----a-w- C:\WINDOWS\System32\ig75icd64.dll
    2015-07-17 22:29:04 4443136 ----a-w- C:\WINDOWS\System32\igdrcl64.dll
    2015-07-17 22:29:02 425472 ----a-w- C:\WINDOWS\System32\igdbcl64.dll
    2015-07-17 22:29:02 397824 ----a-w- C:\WINDOWS\System32\IntelOpenCL64.dll
    2015-07-17 22:24:46 153600 ----a-w- C:\WINDOWS\SysWow64\igdail32.dll
    2015-07-17 22:18:52 3873280 ----a-w- C:\WINDOWS\SysWow64\igdrcl32.dll
    2015-07-17 22:17:12 373248 ----a-w- C:\WINDOWS\SysWow64\igdbcl32.dll
    2015-07-17 22:17:04 300032 ----a-w- C:\WINDOWS\SysWow64\IntelOpenCL32.dll
    2015-07-17 22:16:44 3801600 ----a-w- C:\WINDOWS\SysWow64\igdmcl32.dll
    2015-07-17 22:16:38 970752 ----a-w- C:\WINDOWS\SysWow64\igdfcl32.dll
    2015-07-17 22:09:58 8507392 ----a-w- C:\WINDOWS\SysWow64\ig75icd32.dll
    2015-07-17 22:03:14 35328 ----a-w- C:\WINDOWS\SysWow64\igfxexps32.dll
    2015-07-17 21:58:36 86528 ----a-w- C:\WINDOWS\SysWow64\Intel_OpenCL_ICD32.dll
    2015-07-17 21:58:36 82432 ----a-w- C:\WINDOWS\System32\Intel_OpenCL_ICD64.dll
    2015-07-17 21:58:32 511260 ----a-w- C:\WINDOWS\System32\cp_resources.bin
    2015-07-17 21:58:32 1565696 ----a-w- C:\WINDOWS\System32\igfxcmjit64.dll
    2015-07-17 21:58:32 1156608 ----a-w- C:\WINDOWS\SysWow64\igfxcmjit32.dll
    2015-07-17 21:58:30 331808 ----a-w- C:\WINDOWS\System32\IntelWiDiMCComp64.dll
    2015-07-17 21:58:30 313888 ----a-w- C:\WINDOWS\System32\IntelWiDiUtils64.dll
    2015-07-17 21:58:30 143904 ----a-w- C:\WINDOWS\System32\IntelWiDiLogServer64.dll
    2015-07-17 05:51:48 1804696 ----a-w- C:\WINDOWS\System32\WdfCoInstaller01011.dll
    2015-07-17 05:51:46 764616 ----a-w- C:\WINDOWS\System32\SynCOM.dll
    2015-07-17 05:51:46 614088 ----a-w- C:\WINDOWS\System32\drivers\SynTP.sys
    2015-07-17 05:51:46 42696 ----a-w- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys
    2015-07-17 05:51:46 42696 ----a-w- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys
    2015-07-17 05:51:46 42184 ----a-w- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys
    2015-07-17 05:51:46 419528 ----a-w- C:\WINDOWS\SysWow64\SynCom.dll
    2015-07-17 05:51:46 269000 ----a-w- C:\WINDOWS\System32\SynTPAPI.dll
    2015-07-17 05:51:46 255688 ----a-w- C:\WINDOWS\System32\SynTPCo31.dll
    .
    ==================== Find3M  ====================
    .
    2015-08-13 20:12:24 1048344 ----a-w- C:\WINDOWS\System32\drivers\aswsnx.sys
    2015-08-13 20:12:10 93528 ----a-w- C:\WINDOWS\System32\drivers\aswRdr2.sys
    2015-08-13 20:12:10 90968 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
    2015-08-13 20:12:10 65224 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
    2015-08-13 20:12:10 28656 ----a-w- C:\WINDOWS\System32\drivers\aswHwid.sys
    2015-08-13 20:12:10 274808 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
    2015-08-13 20:12:10 150672 ----a-w- C:\WINDOWS\System32\drivers\aswStm.sys
    2015-08-13 20:06:31 97888 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
    2015-08-08 15:38:46 794088 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
    2015-08-08 15:38:46 179688 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
    2015-07-31 23:45:48 55808 ----a-w- C:\WINDOWS\System32\admwprox.dll
    2015-07-23 02:02:12 983368 ----a-w- C:\WINDOWS\SysWow64\NvIFR.dll
    2015-07-23 01:10:18 937800 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
    2015-07-23 01:10:18 74896 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
    2015-07-23 01:10:18 62608 ----a-w- C:\WINDOWS\System32\nvshext.dll
    2015-07-23 01:10:18 385168 ----a-w- C:\WINDOWS\System32\nvmctray.dll
    2015-07-23 01:10:18 2558608 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
    2015-07-23 01:10:18 1059984 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
    2015-07-23 01:10:17 6873928 ----a-w- C:\WINDOWS\System32\nvcpl.dll
    2015-07-23 01:10:17 3493008 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
    2015-07-22 04:29:58 5121613 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
    2015-07-17 22:34:24 5121136 ----a-w- C:\WINDOWS\System32\igd12umd64.dll
    2015-07-17 22:28:50 172032 ----a-w- C:\WINDOWS\System32\igdail64.dll
    2015-07-10 16:12:03 800256 ----a-w- C:\WINDOWS\System32\mblctr.exe
    2015-07-10 16:11:59 374784 ----a-w- C:\WINDOWS\System32\rdpclip.exe
    2015-07-10 16:09:13 4617216 ----a-w- C:\WINDOWS\SysWow64\NlsLexicons0414.dll
    2015-07-10 16:09:13 4617216 ----a-w- C:\WINDOWS\System32\NlsLexicons0414.dll
    2015-07-10 16:09:13 4431872 ----a-w- C:\WINDOWS\System32\MLS6.dll
    2015-07-10 16:09:13 173568 ----a-w- C:\WINDOWS\System32\NlsData0414.dll
    2015-07-10 16:09:12 4386304 ----a-w- C:\WINDOWS\SysWow64\MLS6.dll
    2015-07-10 16:09:12 130048 ----a-w- C:\WINDOWS\SysWow64\NlsData0414.dll
    2015-07-10 16:07:59 14336 ----a-w- C:\WINDOWS\SysWow64\drivers\nb-NO\NdisImPlatform.sys.mui
    2015-07-10 16:07:58 8704 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\fwpkclnt.sys.mui
    2015-07-10 16:07:58 7680 ----a-w- C:\WINDOWS\SysWow64\drivers\nb-NO\ndiscap.sys.mui
    2015-07-10 16:07:58 3584 ----a-w- C:\WINDOWS\SysWow64\drivers\nb-NO\wfplwfs.sys.mui
    2015-07-10 16:07:58 3072 ----a-w- C:\WINDOWS\SysWow64\drivers\UMDF\nb-NO\SensorsCx.dll.mui
    2015-07-10 12:22:52 16148 ----a-w- C:\WINDOWS\System32\DESKTOP-M7P1NB6_Administrator_HistoryPrediction.bin
    2015-07-10 11:02:43 208384 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
    2015-07-10 11:02:41 229888 ----a-w- C:\WINDOWS\System32\msclmd.dll
    2015-07-10 11:00:41 394240 ----a-w- C:\WINDOWS\System32\StorSvc.dll
    2015-07-10 10:59:59 9728 ----a-w- C:\WINDOWS\System32\RpcNs4.dll
    2015-07-10 09:07:55 141824 ----a-w- C:\WINDOWS\System32\poqexec.exe
    2015-07-10 09:07:53 118272 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe
    2015-07-10 09:05:37 897024 ----a-w- C:\WINDOWS\System32\SmiEngine.dll
    2015-07-10 09:05:37 618272 ----a-w- C:\WINDOWS\System32\sxs.dll
    2015-07-10 09:05:37 36864 ----a-w- C:\WINDOWS\System32\sxstrace.exe
    2015-07-10 09:05:37 254816 ----a-w- C:\WINDOWS\System32\wdscore.dll
    2015-07-10 09:05:37 243040 ----a-w- C:\WINDOWS\System32\cmipnpinstall.dll
    2015-07-10 09:05:37 202240 ----a-w- C:\WINDOWS\System32\PkgMgr.exe
    2015-07-10 09:05:37 135520 ----a-w- C:\WINDOWS\System32\SSShim.dll
    2015-07-10 09:05:33 207200 ----a-w- C:\WINDOWS\SysWow64\wdscore.dll
    2015-07-10 09:05:33 199168 ----a-w- C:\WINDOWS\SysWow64\PkgMgr.exe
    2015-07-10 09:05:33 111456 ----a-w- C:\WINDOWS\SysWow64\SSShim.dll
    2015-07-10 09:05:30 191840 ----a-w- C:\WINDOWS\SysWow64\cmipnpinstall.dll
    2015-07-05 10:08:23 300704 ------w- C:\WINDOWS\System32\MpSigStub.exe
    2015-06-30 12:00:32 19844096 ----a-w- C:\WINDOWS\SysWow64\common_clang32.dll
    2015-06-26 22:03:00 206848 ----a-w- C:\WINDOWS\System32\igfxCoIn_v4256.dll
    2015-05-25 13:23:31 36864 ----a-w- C:\WINDOWS\System32\UtcResources.dll
    .
    ============= FINISH:  0.08.58,35 ===============
     
    Lenka til HiJackThis leder ikke til riktig sted. Er det noe annet sted jeg på en sikker måte kan finne programmet?
    • 0
  8. Type-R la til et emne i Logger til analyse   

    Infisert pc
    Jeg har en HP Envy, med Windows 10, som er blitt infisert etter at jeg forsøkte å laste ned en videoavspiller til gamle dvd-filer (VOB-filer). Jeg burde jo ha luktet lunta når det stod Free VOB-player, men det gjorde jeg dessverre ikke.
    Her er Malwarebytes-loggen:
    Malwarebytes Anti-Malware
    www.malwarebytes.org
    Skannedato: 13.08.2015
    Skannetid: 23.22
    Loggfil:
    Administrator: Ja
    Versjon: 2.1.8.1057
    Malwaredatabase: v2015.08.13.06
    Rootkitdatabase: v2015.08.06.01
    Lisens: Prøveversjon
    Malwarebeskyttelse: Aktivert
    Ondsinnet Nettsidebeskyttelse: Aktivert
    Selvbeskyttelse: Deaktivert
    OS: Windows 10
    CPU: x64
    Filsystem: NTFS
    Bruker: Bjornar
    Skannetype: Trusselskann
    Resultat: Fullført
    Objekter skannet: 367797
    Tid brukt: 10 min, 0 sek
    Minne: Aktivert
    Oppstart: Aktivert
    Filsystem: Aktivert
    Arkiv: Aktivert
    Rootkits: Deaktivert
    Heuristikk: Aktivert
    PUP: Aktivert
    PUM: Aktivert
    Prosesser: 6
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\PluginContainer.exe, 2544, Slett ved restart, [d38775935b30f3435676255f1fe655ab]
    PUP.Optional.JungleNet.A, C:\Program Files (x86)\Common Files\31f7a620-acbd-4f84-82db-5e231b8ad5de\Updater.exe, 2560, Slett ved restart, [77e38c7c3853c274923acfb522e3bb45]
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins\8\Plugin.exe, 5920, Slett ved restart, [7fdb10f8018ae74fa7250c7843c23bc5]
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins\2\Plugin.exe, 5932, Slett ved restart, [5efc16f2c7c48fa7efdddda7db2a06fa]
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins\12\Plugin.exe, 5940, Slett ved restart, [77e35cac47441b1b19b3176d43c247b9]
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins\12\Plugin.exe, 4468, Slett ved restart, [77e35cac47441b1b19b3176d43c247b9]
    Moduler: 1
    PUP.Optional.JungleNet.A, C:\Users\Bjornar\AppData\Local\Temp\{179FFD1D-DAC9-45FD-AF39-62C5D19EF479}.dll, Slett ved restart, [79e17c8cec9f3ff7329a2d5724e118e8],
    Registernøkler: 19
    PUP.Optional.JungleNet.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service Mgr JungleNet, Karantene, [d38775935b30f3435676255f1fe655ab],
    PUP.Optional.JungleNet.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr JungleNet, Karantene, [77e38c7c3853c274923acfb522e3bb45],
    PUP.Optional.JungleNet.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{dcfb5bfe-1f58-4b1d-96a7-3c7bbae51b36}, Karantene, [461409ffd1ba1b1ba269cd06936f6997],
    PUP.Optional.JungleNet.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{dcfb5bfe-1f58-4b1d-96a7-3c7bbae51b36}, Karantene, [461409ffd1ba1b1ba269cd06936f6997],
    PUP.Optional.JungleNet.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{bdc460f4-12fe-494e-a944-fb47bd22d23e}, Karantene, [461409ffd1ba1b1ba269cd06936f6997],
    PUP.Optional.JungleNet.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{73E335AD-422B-4020-BF2C-6520F2F32906}, Karantene, [461409ffd1ba1b1ba269cd06936f6997],
    PUP.Optional.JungleNet.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{73E335AD-422B-4020-BF2C-6520F2F32906}, Karantene, [461409ffd1ba1b1ba269cd06936f6997],
    PUP.Optional.JungleNet.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{73E335AD-422B-4020-BF2C-6520F2F32906}, Karantene, [461409ffd1ba1b1ba269cd06936f6997],
    PUP.Optional.JungleNet.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{bdc460f4-12fe-494e-a944-fb47bd22d23e}, Karantene, [461409ffd1ba1b1ba269cd06936f6997],
    PUP.Optional.JungleNet.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{bdc460f4-12fe-494e-a944-fb47bd22d23e}, Karantene, [461409ffd1ba1b1ba269cd06936f6997],
    PUP.Optional.JungleNet.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{DCFB5BFE-1F58-4B1D-96A7-3C7BBAE51B36}, Karantene, [461409ffd1ba1b1ba269cd06936f6997],
    PUP.Optional.JungleNet.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Jungle Net, Karantene, [a5b546c2f596d4627359354f08fdf50b],
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, Karantene, [a0ba3eca8b00c96d9116011a70936799],
    PUP.Optional.JungleNet.A, HKLM\SOFTWARE\WOW6432NODE\JungleNet, Karantene, [8cce0dfb28632b0bec9f31778a7a9a66],
    PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5350-4500-76A7-A758B70C1B00}, Karantene, [a0baf8108ffc231362224ad0f50e49b7],
    PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5354-2D53-5045-A758B70C1801}, Karantene, [4614d8304c3fa1958ff5e436d330a45c],
    PUP.Optional.ProductSetup.A, HKU\S-1-5-18\SOFTWARE\PRODUCTSETUP, Karantene, [dc7e53b5f596320418accbdc4db70cf4],
    PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1408461478-64501112-78754325-1002\SOFTWARE\AskPartnerNetwork, Karantene, [64f6e5238cff7abc9d0952c905fee719],
    PUP.Optional.Spigot.A, HKU\S-1-5-21-1408461478-64501112-78754325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{79DD85B7-8940-4EC7-9942-6C509DE57144}, Karantene, [47139573a7e4c47269a31f001de6ab55],
    Registerverdier: 6
    PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5350-4500-76A7-A758B70C1B00}|InstallSource, C:\ProgramData\APN\APN-Stub\ORJ-SPE\, Karantene, [a0baf8108ffc231362224ad0f50e49b7]
    PUP.Optional.AskAPN.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{4F524A2D-5354-2D53-5045-A758B70C1801}|InstallSource, C:\ProgramData\APN\APN-Stub\ORJ-ST-SPE\, Karantene, [4614d8304c3fa1958ff5e436d330a45c]
    PUP.Optional.PluginContainer.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service Mgr JungleNet|ImagePath, "C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugincontainer.exe", Karantene, [3f1bc246c6c53ef855d0fcb02bd95ea2]
    PUP.Optional.Updater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr JungleNet|ImagePath, "C:\Program Files (x86)\Common Files\31f7a620-acbd-4f84-82db-5e231b8ad5de\updater.exe", Karantene, [79e19474dab177bf6abd406c798b5da3]
    PUP.Optional.ProductSetup.A, HKU\S-1-5-18\SOFTWARE\PRODUCTSETUP|tb, Karantene, [dc7e53b5f596320418accbdc4db70cf4],
    PUP.Optional.Spigot.A, HKU\S-1-5-21-1408461478-64501112-78754325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{79DD85B7-8940-4EC7-9942-6C509DE57144}|URL, https://no.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=926458&p={searchTerms}, Karantene, [47139573a7e4c47269a31f001de6ab55]
    Registerdata: 1
    PUP.Optional.Spigot.A, HKU\S-1-5-21-1408461478-64501112-78754325-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://no.search.yahoo.com/?type=926458&fr=spigot-yhp-ie, God: (www.google.com), Dårlig: (https://no.search.yahoo.com/?type=926458&fr=spigot-yhp-ie),Erstattet,[62f8a8604c3fe056fe3b77cf9e67dc24]
    Mapper: 25
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Karantene, [ee6cbb4d602b39fd44e952c02ad943bd],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Response, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-ST-SPE, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Updater, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Updater\Config, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Updater\Response, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\Users\Bjornar\AppData\Local\AskPartnerNetwork, Karantene, [b5a52ddbed9e1521e14e739f7e8516ea],
    PUP.Optional.APNToolBar.Gen, C:\Users\Bjornar\AppData\Local\AskPartnerNetwork\Toolbar, Karantene, [b5a52ddbed9e1521e14e739f7e8516ea],
    PUP.Optional.APNToolBar.Gen, C:\Users\Bjornar\AppData\Local\AskPartnerNetwork\Toolbar\Updater, Karantene, [b5a52ddbed9e1521e14e739f7e8516ea],
    PUP.Optional.APNToolBar.Gen, C:\Users\Bjornar\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC, Karantene, [b5a52ddbed9e1521e14e739f7e8516ea],
    PUP.Optional.APNToolBar.Gen, C:\Program Files (x86)\AskPartnerNetwork, Karantene, [0a5031d7fe8dfe38151bfc16c340bf41],
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de, Slett ved restart, [3129c7411f6c2f077b62ed25b05343bd],
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins, Slett ved restart, [3129c7411f6c2f077b62ed25b05343bd],
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins\12, Slett ved restart, [3129c7411f6c2f077b62ed25b05343bd],
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins\12\resources, Karantene, [3129c7411f6c2f077b62ed25b05343bd],
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins\2, Slett ved restart, [3129c7411f6c2f077b62ed25b05343bd],
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins\8, Slett ved restart, [3129c7411f6c2f077b62ed25b05343bd],
    PUP.Optional.JungleNet.A, C:\Program Files (x86)\Common Files\31f7a620-acbd-4f84-82db-5e231b8ad5de, Slett ved restart, [d08a00086724ef478856957d0201768a],
    PUP.Optional.JungleNet.A, C:\Program Files (x86)\Jungle Net, Karantene, [80da5aae3853e94d7c638a88927144bc],
    PUP.Optional.JungleNet.A, C:\Program Files (x86)\Jungle Net\Extensions, Karantene, [80da5aae3853e94d7c638a88927144bc],
    Filer: 33
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\PluginContainer.exe, Slett ved restart, [d38775935b30f3435676255f1fe655ab],
    PUP.Optional.JungleNet.A, C:\Program Files (x86)\Common Files\31f7a620-acbd-4f84-82db-5e231b8ad5de\Updater.exe, Slett ved restart, [77e38c7c3853c274923acfb522e3bb45],
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins\8\Plugin.exe, Slett ved restart, [7fdb10f8018ae74fa7250c7843c23bc5],
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins\2\Plugin.exe, Slett ved restart, [5efc16f2c7c48fa7efdddda7db2a06fa],
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins\12\Plugin.exe, Slett ved restart, [77e35cac47441b1b19b3176d43c247b9],
    PUP.Optional.JungleNet.A, C:\Users\Bjornar\AppData\Local\Temp\{179FFD1D-DAC9-45FD-AF39-62C5D19EF479}.dll, Slett ved restart, [79e17c8cec9f3ff7329a2d5724e118e8],
    PUP.Optional.JungleNet.A, C:\Program Files (x86)\Jungle Net\Extensions\dcfb5bfe-1f58-4b1d-96a7-3c7bbae51b36.dll, Karantene, [461409ffd1ba1b1ba269cd06936f6997],
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\plugins\12\resources\plugin.dll, Karantene, [80da9672ef9ca195f6d66a1a29dc6997],
    PUP.Optional.JungleNet.A, C:\Program Files (x86)\Jungle Net\Uninstaller.exe, Karantene, [a5b546c2f596d4627359354f08fdf50b],
    PUP.Optional.Proinstall, C:\Users\Bjornar\Downloads\vobplayer_setup-53328096.exe, Karantene, [c6941eeaec9f1b1b7720553c659cde22],
    PUP.Optional.Spigot.A, C:\Users\Bjornar\AppData\Roaming\Mozilla\Firefox\Profiles\fl40ajxs.default\searchplugins\yahoo_ff.xml, Karantene, [aab052b6f893e94d0b8e3df0dd263fc1],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.14.0.0-5.xml, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.15.1.0-5.xml, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.16.2.0-4.xml, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.18.0.0-4.xml, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Config\Config.31.18.0.0-5.xml, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Response\Response.31.18.0.0-1.xml, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-SPE\Updater\Response\Response.31.18.0.0-2.xml, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Updater\Config\Config.31.18.0.0-5.xml, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Updater\Response\Response.31.18.0.0-0.xml, Karantene, [87d341c7dab137ff2707b85aec176b95],
    PUP.Optional.APNToolBar.Gen, C:\Users\Bjornar\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe, Karantene, [b5a52ddbed9e1521e14e739f7e8516ea],
    PUP.Optional.APNToolBar.Gen, C:\Users\Bjornar\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe, Karantene, [b5a52ddbed9e1521e14e739f7e8516ea],
    PUP.Optional.APNToolBar.Gen, C:\Users\Bjornar\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll, Karantene, [b5a52ddbed9e1521e14e739f7e8516ea],
    PUP.Optional.APNToolBar.Gen, C:\Users\Bjornar\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll, Karantene, [b5a52ddbed9e1521e14e739f7e8516ea],
    PUP.Optional.APNToolBar.Gen, C:\Users\Bjornar\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll, Karantene, [b5a52ddbed9e1521e14e739f7e8516ea],
    PUP.Optional.APNToolBar.Gen, C:\Users\Bjornar\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll, Karantene, [b5a52ddbed9e1521e14e739f7e8516ea],
    PUP.Optional.JungleNet.A, C:\ProgramData\31f7a620-acbd-4f84-82db-5e231b8ad5de\temp, Karantene, [3129c7411f6c2f077b62ed25b05343bd],
    PUP.Optional.JungleNet.A, C:\Program Files (x86)\Jungle Net\7za.exe, Karantene, [80da5aae3853e94d7c638a88927144bc],
    PUP.Optional.JungleNet.A, C:\Program Files (x86)\Jungle Net\Extensions\pijnalchgkhohdglibpjeebomodiccgh.crx, Karantene, [80da5aae3853e94d7c638a88927144bc],
    PUP.Optional.JungleNet.A, C:\Program Files (x86)\Jungle Net\Extensions\{197003db-974d-4618-9c29-6b814214a2e2}.xpi, Karantene, [80da5aae3853e94d7c638a88927144bc],
    PUP.Optional.Spigot.A, C:\Users\Bjornar\AppData\Roaming\Mozilla\Firefox\Profiles\fl40ajxs.default\prefs.js, God: (), Dårlig: (user_pref("keyword.URL", "https://no.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=926458&p=");), Erstattet,[e37743c565269b9b0329c1c8f90c659b]
    PUP.Optional.Spigot.A, C:\Users\Bjornar\AppData\Roaming\Mozilla\Firefox\Profiles\fl40ajxs.default\prefs.js, God: (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Dårlig: (browser.startup.homepage", "https://no.search.yahoo.com/?type=926458&fr=spigot-), Erstattet,[7edcfd0b4348092de3b2d0bd5da821df]
    PUP.Optional.AskAPN.Gen, C:\Users\Bjornar\AppData\Roaming\Mozilla\Firefox\Profiles\fl40ajxs.default\searchplugins\ask-search.xml, Karantene, [2a300107701b082e2524f395ec1935cb],
    Fysiske sektorer: 0
    (Ingen ondsinnede elementer funnet)

    (end)
    Og her er den såkalte beskyttelsesloggen:
    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Protection, 13.08.2015 23.19, SYSTEM, BJØRNAR, Protection, Malware Protection, Starting,
    Protection, 13.08.2015 23.19, SYSTEM, BJØRNAR, Protection, Malware Protection, Started,
    Protection, 13.08.2015 23.19, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, Starting,
    Protection, 13.08.2015 23.19, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, Started,
    Error, 13.08.2015 23.19, SYSTEM, BJØRNAR, Update, Bad md5 or size: akadomains, 11,
    Error, 13.08.2015 23.19, SYSTEM, BJØRNAR, Update, Bad md5 or size: akaips, 11,
    Update, 13.08.2015 23.19, SYSTEM, BJØRNAR, Manual, Domain Database, 0.0.0.0, 2015.7.24.2,
    Update, 13.08.2015 23.19, SYSTEM, BJØRNAR, Manual, Remediation Database, 2015.5.13.1, 2015.7.28.1,
    Update, 13.08.2015 23.19, SYSTEM, BJØRNAR, Manual, IP Database, 0.0.0.0, 2015.7.24.3,
    Update, 13.08.2015 23.19, SYSTEM, BJØRNAR, Manual, Rootkit Database, 2015.6.2.1, 2015.8.6.1,
    Update, 13.08.2015 23.19, SYSTEM, BJØRNAR, Manual, AKA IP Database, 0.0.0.0, 2015.8.6.1,
    Update, 13.08.2015 23.19, SYSTEM, BJØRNAR, Manual, AKA Domain Database, 0.0.0.0, 2015.8.11.1,
    Update, 13.08.2015 23.19, SYSTEM, BJØRNAR, Manual, Malware Database, 2015.6.3.3, 2015.8.13.6,
    Protection, 13.08.2015 23.19, SYSTEM, BJØRNAR, Protection, Refresh, Starting,
    Protection, 13.08.2015 23.19, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, Stopping,
    Protection, 13.08.2015 23.19, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, Stopped,
    Protection, 13.08.2015 23.19, SYSTEM, BJØRNAR, Protection, Refresh, Success,
    Protection, 13.08.2015 23.19, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, Starting,
    Protection, 13.08.2015 23.19, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, Started,
    Scan, 13.08.2015 23.33, SYSTEM, BJØRNAR, Manual, Start: 13.08.2015 23.22, Varighet: 10 min 0 sek, Trusselskann, Fullført, 0 Malwareidentifiseringer, 91 PUP/PUM-identifiseringer,
    Protection, 13.08.2015 23.34, SYSTEM, BJØRNAR, Protection, Malware Protection, Starting,
    Protection, 13.08.2015 23.34, SYSTEM, BJØRNAR, Protection, Malware Protection, Started,
    Protection, 13.08.2015 23.34, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, Starting,
    Protection, 13.08.2015 23.34, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, Started,
    Detection, 13.08.2015 23.40, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, IP, 8.34.112.227, here.sendevent.net, 50084, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    Detection, 13.08.2015 23.40, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, IP, 8.34.112.227, here.sendevent.net, 50084, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    Detection, 13.08.2015 23.40, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, IP, 8.34.112.227, here.sendevent.net, 50085, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    Detection, 13.08.2015 23.40, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, IP, 8.34.112.227, here.sendevent.net, 50364, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    Detection, 13.08.2015 23.41, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, IP, 8.34.112.226, here.sendevent.net, 50872, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    Detection, 13.08.2015 23.41, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, IP, 8.34.112.226, here.sendevent.net, 50872, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    Detection, 13.08.2015 23.41, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, IP, 8.34.112.226, here.sendevent.net, 50918, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    Detection, 13.08.2015 23.41, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, IP, 8.34.112.226, here.sendevent.net, 50990, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    Detection, 13.08.2015 23.43, SYSTEM, BJØRNAR, Protection, Malicious Website Protection, IP, 8.34.112.227, here.sendevent.net, 51562, Outbound, C:\Program Files (x86)\Mozilla Firefox\firefox.exe,
    (end)
     
    Jeg har ikke lastet ned combofix eller noe slikt, for da jeg i vår prøvde det med en pc med Windows 8 så funket det ikke. Hvordan ser dette ut?
    Det ser ut til at Firefox er sterkt infisert, for det kan jeg ikke bruke. Da oversvømmes jeg av pop ups. Internet Explorer går enn så lenge. Det virker også som om pc'en går tregere enn vanlig. Det kom opp et program som het noe sånt som WarThunder. Jeg avinstallerte det, men da sa avast i fra om at det fremdeles var rester av det igjen og begynte å mase om at jeg måtte kjøpe Premium-versjonen.
    • 7 svar
    • visninger
  9. Type-R la til et innlegg i et emne PC er blitt infisert på nytt   

    Vel, da er ståa slik at min kamerat bare ville ha tilbake pc'en slik den er nå. Hvilket betyr at malwares anti-malware, hijackthis eller en egen skann med avast ikke gir beskjed om noe rusk, men avast melder av og til fra om at den blokkerer uønskede elementer når man kobler til et trådløst nettverk.

    Da avslutter jeg herved saken, takker dere for hjelp - og så ser jeg ikke bort fra at jeg må starte en ny tråd om samme pc om noen måneder...
    • 0
  10. Type-R la til et innlegg i et emne PC er blitt infisert på nytt   

    Ok. Dere har overbevist meg. I morgen presenterer jeg alternativet for min kamerat, og så får han ta avgjørelsen. :-)
    • 0
  11. Type-R la til et innlegg i et emne PC er blitt infisert på nytt   

    Reinstallasjon altså? Hmm, det har jeg gjort en gang for noen år siden med en pc jeg hadde. Er det en krevende prosess for en dummy? Hva kreves av verifikasjonsnøkler e.l.?

    Min kamerat er for øvrig mye mer dummy enn meg. Dersom noe går feil med reinstallasjonen ser jeg ikke bort fra at han kan komme til å skylde på meg (eller ihvertfall i sitt stille sinn tenke at det er jeg som har ødelagt pc'en) - selv om problemet egentlig er at han har surfet i månedsvis uten antivirusprogram.

    Hvor farlig tror dere at det beskrevne problemet er, når det ikke kommer noe fram verken på malwarebytes-, hijackthis- eller avast-søket? Kun altså de blokkeringsmeldingene akkurat i det maskinen kobler seg opp mot nettverket. Kan en mulighet bare være å bruke maskinen som normalt, men holde avast aktivt i fortsettelsen?
    • 0
  12. Type-R la til et innlegg i et emne PC er blitt infisert på nytt   


    Huffsann. Hørtes ikke helt bra ut. Jeg foretok nå en skann med avast, men det kommer ikke opp melding om noen slags virus. Men i ny og ne popper det opp en haug med meldinger om at avast har blokkert skadelige elementer.

    Noe stort mer avansert enn å skanne for malware o.l. og så poste loggen på dette forumet (og følge de enkle instruksjonene) tror jeg ikke at jeg skal våge meg på. Burde jeg anbefale min kamerat om å ta med seg pc'en til en profesjonell pc-doktor?
    • 0
  13. Type-R la til et innlegg i et emne PC er blitt infisert på nytt   


    Hei. Det er windows 8.1, så det ser ikke ut til at jeg får dds til å kjøre på den. Er det noe annet program jeg kan bruke?
    • 0
  14. Type-R la til et innlegg i et emne PC er blitt infisert på nytt   


    Nå har jeg tatt pc'en hans hjem til meg, men de samme advarslene popper opp med en gang jeg kobler til mitt nettverk - avast melder om at 10-12 skadelige elementer er blitt blokkert av virusprogrammet. Dette skjer uten at en nettleser blir aktivert - det er altså nok at man kobler til et trådløst nettverk. Har dere vært borti noe slikt før?
    • 0
  15. Type-R la til et emne i Sikkerhet   

    Sikkerhet ved nettsurfing
    Ofte når man surfer på nett, særlig på offentlige nettverk men av og til hjemme også, melder virusprogrammet om at man er ubeskyttet mot overvåkning og annet (jeg bruker gratisversjonen av avast). Det oppfordres da til å oppgradere til betalutgaven av programmet.

    Hva tenker dere om dette? Er det noe poeng i å oppgradere, eller er sikkerhet og beskyttelse bra nok med gratisutgaven?
    • 4 svar
    • visninger