Just nu i M3-nätverket
Gå till innehåll

Virus igen


vimma

Rekommendera Poster

Nu var det dags igen. Datorn går så trögt att det inte finns. Avast hittar inget. Jag får köra CC Cleaner för att överhuvudtaget få den att öppna grejer överhuvudtaget.

Vet att jag har Vista i bakgrunden men kör Vindows 7 ultimate

Länk till kommentar
Dela på andra webbplatser

  • Svars 74
  • Skapad
  • Senaste svar

Med tanke på att datorn verkar vara rätt många år vid det här laget bör du veta att en vanlig orsak till en trög dator, och då särskilt när något ska läsas från hårddisken, är att hårddisken håller på och ger upp. Det är därför viktigt att du ser till att du har säkerhetskopior på alla viktiga filer eftersom hårddisken rätt som det är kan gå sönder.

 

När du har fixat det kan du följa anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn så gott det går.

 

Vilka funktioner i CCleaner är det som du använder så mycket?

Länk till kommentar
Dela på andra webbplatser

Nej, att högerklicka på

http://download.bleepingcomputer.com/farbar/FRST64.exe

och välja Spara länk/mål (varierar lite beroende på webbläsare) ska göra att en fil laddas ner till din dator och filen ska heta FRST64.

 

Tillägg:

Om du har svårt att få ner filen/programmet på den infekterade datorn kanske du kan ladda ner den på en annan dator och föra över den med hjälp av USB-minne eller liknande.

Länk till kommentar
Dela på andra webbplatser

Du kan klistra in loggen direkt i ditt svar, det behövs inga särskilda tecken.

 

Om man har 32-bitars Windows ska man ha 32-bitars FRST och motsvarande för 64-bitars. Om man väljer fel kommer man att få ett felmeddelande när man kör FRST.

Länk till kommentar
Dela på andra webbplatser

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-08-2015
Ran by Micke (administrator) on MICKE-DATOR (03-09-2015 21:14:23)
Running from D:\Ny mapp
Loaded Profiles: Micke (Available Profiles: Micke)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\w32x86\3\NetFaxServer.exe
(Pokki) C:\Users\Micke\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\w32x86\3\NetFaxTray.exe
(Dropbox, Inc.) C:\Users\Micke\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Spotify Ltd) C:\Users\Micke\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Uniblue Systems Limited) C:\Program Files\Uniblue\PC-Mechanic\pc-mechanic.exe
() C:\Program Files\DNS Unlocker\dnshugo.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-15] (Avast Software s.r.o.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [350072 2012-03-09] ()
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [spotify Web Helper] => C:\Users\Micke\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-03] (Spotify Ltd)
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [uTorrent] => C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-08-28] (BitTorrent Inc.)
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [spotify] => C:\Users\Micke\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-09-03] (Spotify Ltd)
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [Dropbox Update] => C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [Optimizer Pro] => C:\Program Files\Optimizer Pro 3.99\OptProLauncher.exe [148112 2015-07-31] ()
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [super Optimizer] => C:\Program Files\Super Optimizer\SupOptLauncher.exe [676400 2015-07-31] ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-15] (Avast Software s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-07-04]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2014-08-28]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\w32x86\3\NetFaxTray.exe (Samsung Electronics Co., Ltd.)
Startup: C:\Users\Micke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1    mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 46.17.101.204 192.168.1.1
Tcpip\..\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D}: [NameServer] 199.203.131.152,82.163.143.182
Tcpip\..\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D}: [DhcpNameServer] 46.17.101.204 192.168.1.1
Tcpip\..\Interfaces\{0F6E3910-C206-4413-9627-A053B2CE128F}: [NameServer] 199.203.131.152,82.163.143.182
Tcpip\..\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018}: [NameServer] 199.203.131.152,82.163.143.182
Tcpip\..\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018}: [DhcpNameServer] 46.17.101.204 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://se.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-07] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Micke\AppData\Roaming\Mozilla\Firefox\Profiles\4vlvrbc8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-19] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-20]

Chrome:
=======
CHR Profile: C:\Users\Micke\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Micke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-20]
CHR Extension: (Google Wallet) - C:\Users\Micke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-20]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 00dc9b86; c:\Program Files\ProcessInit\ProcessInit.dll [2955264 2015-08-27] () [File not signed]
R2 61871ce4; c:\Program Files\RelayLevel\RelayLevel.dll [2482688 2015-08-27] () [File not signed]
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2009-08-18] (AMD) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2013-02-27] (Microsoft Corporation) [File not signed]
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [149504 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473600 2014-07-07] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473600 2014-07-07] (Microsoft Corporation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-15] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-06-15] (Avast Software)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2010-11-20] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [494592 2010-11-20] (Microsoft Corporation) [File not signed]
R3 BITS; C:\Windows\System32\qmgr.dll [585728 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [102912 2012-07-04] (Microsoft Corporation) [File not signed]
R3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1874104 2015-07-14] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [140288 2013-07-09] (Microsoft Corporation) [File not signed]
R2 CscService; C:\Windows\System32\cscsvc.dll [546304 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-03] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [144384 2010-11-20] (Microsoft Corporation) [File not signed]
R3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\System32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [556544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-14] (Microsoft Corporation) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086976 2010-11-20] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation) [File not signed]
S3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [906240 2014-08-22] (Microsoft Corporation) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [593408 2010-11-20] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [108032 2014-08-18] (Microsoft Corporation) [File not signed]
S3 IKEEXT; C:\Windows\System32\ikeext.dll [679424 2013-10-12] (Microsoft Corporation) [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [499712 2012-10-03] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [168960 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2010-11-20] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [235696 2015-06-26] (McAfee, Inc.)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [68096 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [566272 2010-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242176 2012-10-03] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-14] (Microsoft Corporation) [File not signed]
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PcaSvc; C:\Windows\System32\pcasvc.dll [157184 2014-07-07] (Microsoft Corporation) [File not signed]
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1004544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [293376 2011-05-24] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350208 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [119808 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [164352 2012-05-01] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [286208 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [6324208 2015-08-19] (Reimage®)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [378416 2013-02-05] (Samsung Electronics Co., Ltd.)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [750592 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2010-11-20] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [317440 2012-02-11] (Microsoft Corporation) [File not signed]
R2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-14] (Microsoft Corporation) [File not signed]
S2 StiSvc; C:\Windows\System32\wiaservc.dll [463360 2010-11-20] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1159168 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [521216 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-14] (Microsoft Corporation) [File not signed]
S3 UmRdpService; C:\Windows\System32\umrdp.dll [171008 2010-11-20] (Microsoft Corporation) [File not signed]
R3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [453632 2010-11-20] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1025536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1203200 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121792 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [85504 2010-11-20] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) [File not signed]
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [73216 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185344 2014-01-28] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2014-05-30] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [55296 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [52736 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2010-11-20] (Microsoft Corporation) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-06-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-06-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-06-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-06-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-06-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-06-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-06-15] ()
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1096704 2009-07-14] (Atheros Communications, Inc.) [File not signed]
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [4994560 2009-08-18] (ATI Technologies Inc.) [File not signed]
S3 b06bdrv; C:\Windows\system32\drivers\bxvbdx.sys [430080 2009-07-14] (Broadcom Corporation) [File not signed]
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-14] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-23] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [13568 2009-07-14] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [5248 2009-07-14] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-14] (Brother Industries Ltd.) [File not signed]
R3 BthEnum; C:\Windows\system32\drivers\BthEnum.sys [34816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed]
R3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [93696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [393728 2012-07-06] (Microsoft Corporation) [File not signed]
R3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [60416 2011-04-28] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\system32\drivers\circlass.sys [37888 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [14080 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation) [File not signed]
R1 CSC; C:\Windows\System32\drivers\csc.sys [388096 2010-11-20] (Microsoft Corporation) [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-14] (Microsoft Corporation) [File not signed]
S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [62464 2010-11-20] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\drivers\evbdx.sys [3100160 2009-07-14] (Broadcom Corporation) [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-14] (Microsoft Corporation) [File not signed]
R3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\drivers\fdc.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-14] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-14] (Hauppauge Computer Works, Inc.) [File not signed]
R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [304128 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [91136 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [37888 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] (Microsoft Corporation) [File not signed]
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [80896 2009-07-14] (Microsoft Corporation) [File not signed]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-14] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-14] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2013-07-04] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-27] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-09] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-27] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\drivers\parport.sys [79360 2009-07-14] (Microsoft Corporation) [File not signed]
S2 Parvdm; C:\Windows\system32\drivers\parvdm.sys [8704 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\drivers\processr.sys [52224 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-14] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] (Microsoft Corporation) [File not signed]
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation) [File not signed]
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [133632 2010-11-20] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [15872 2010-11-20] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [183808 2012-04-28] (Microsoft Corporation) [File not signed]
R3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [129536 2009-07-14] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [5632 2010-11-20] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 Serenum; C:\Windows\system32\drivers\serenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [83456 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 SiSGbeLH; C:\Windows\System32\DRIVERS\SiSGB6.sys [48128 2009-07-14] (Silicon Integrated Systems Corp.) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-29] (Microsoft Corporation) [File not signed]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2013-04-10] (Samsung Electronics) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2012-10-03] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-17] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2010-11-20] (Microsoft Corporation) [File not signed]
S3 terminpt; C:\Windows\system32\drivers\terminpt.sys [25600 2010-11-20] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2013-06-15] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [52224 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [27264 2010-11-20] (Microsoft Corporation) [File not signed]
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [112640 2010-11-20] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [39936 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\drivers\umpass.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [43520 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [20480 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [36352 2013-07-03] (Microsoft Corporation) [File not signed]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-11] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146816 2013-07-12] (Microsoft Corporation) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-06-15] (Avast Software)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ViaC7; C:\Windows\system32\drivers\viac7.sys [52736 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [17920 2010-11-20] (Microsoft Corporation) [File not signed]
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-14] (Microsoft Corporation) [File not signed]
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [21632 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation) [File not signed]
R3 cpuz134; \??\C:\Users\Micke\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-03 21:14 - 2015-09-03 21:14 - 00000000 ____D C:\FRST
2015-09-03 20:19 - 2015-09-03 20:19 - 00002021 _____ C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2015-09-03 20:19 - 2015-09-03 20:19 - 00000000 ____D C:\ProgramData\Reimage Protector
2015-09-03 20:19 - 2015-09-03 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2015-09-03 20:18 - 2015-09-03 20:22 - 00000000 ____D C:\rei
2015-09-03 20:18 - 2015-09-03 20:19 - 00000000 ____D C:\Program Files\Reimage
2015-09-03 20:17 - 2015-09-03 20:20 - 00000148 _____ C:\Windows\Reimage.ini
2015-09-03 19:41 - 2015-09-03 19:41 - 00000000 ____D C:\Users\Micke\Desktop\Ny mapp (2)
2015-09-03 14:56 - 2015-09-03 14:56 - 00000056 _____ C:\Windows\setupact.log
2015-09-03 14:56 - 2015-09-03 14:56 - 00000000 _____ C:\Windows\setuperr.log
2015-09-03 14:54 - 2015-09-03 14:54 - 00004342 _____ C:\Windows\PFRO.log
2015-09-02 14:34 - 2015-09-02 14:35 - 00000000 ____D C:\Program Files\DNS Unlocker
2015-09-01 22:05 - 2015-09-01 22:05 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-01 14:25 - 2015-09-01 14:25 - 00000000 ____D C:\ProgramData\{983ea52e-b27a-2097-983e-ea52eb2794ba}
2015-09-01 06:10 - 2015-09-01 06:10 - 00000000 ____D C:\Users\Micke\Documents\Super Optimizer
2015-09-01 06:10 - 2015-09-01 06:10 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Super Optimizer
2015-09-01 06:10 - 2015-09-01 06:10 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Optimizer Pro
2015-09-01 06:05 - 2015-09-01 06:05 - 00001011 _____ C:\Users\Micke\Desktop\Super Optimizer.lnk
2015-09-01 06:05 - 2015-09-01 06:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
2015-09-01 06:05 - 2015-09-01 06:05 - 00000000 ____D C:\Program Files\Super Optimizer
2015-09-01 06:04 - 2015-09-03 20:25 - 00000340 _____ C:\Windows\Tasks\Superclean.job
2015-09-01 06:04 - 2015-09-01 06:04 - 00001024 _____ C:\Users\Micke\Desktop\Optimizer Pro.lnk
2015-09-01 06:04 - 2015-09-01 06:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-09-01 06:04 - 2015-09-01 06:04 - 00000000 ____D C:\ProgramData\{0885183f-e52a-819e-0885-5183fe5260ff}
2015-09-01 06:04 - 2015-09-01 06:04 - 00000000 ____D C:\Program Files\Optimizer Pro 3.99
2015-08-27 14:48 - 2015-08-27 15:07 - 00000000 ____D C:\ProgramData\11129950104558718253
2015-08-27 14:26 - 2015-08-27 14:26 - 00000000 ____D C:\Program Files\RelayLevel
2015-08-27 14:26 - 2015-08-27 14:26 - 00000000 ____D C:\Program Files\ProcessInit
2015-08-26 05:26 - 2015-08-26 19:20 - 00000000 ____D C:\Windows\Minidump
2015-08-25 14:33 - 2015-08-25 14:34 - 00106132 _____ C:\Users\Micke\Desktop\cc_20150825_143319.reg
2015-08-25 11:40 - 2015-06-15 06:26 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-08-23 20:51 - 2015-08-23 20:51 - 00000000 ____D C:\Users\Micke\Documents\Scan
2015-08-19 09:38 - 2015-08-19 09:38 - 00053973 _____ C:\Users\Micke\Desktop\ACFrOgA40i1ByRHs2fXMUZEgkjmDIpfTRJoov4G7JFK2EFrZ-vrQw5V9mZykcV_jUT3KMNWNs1qgFRfugGg0jugG1rpPRZjLFs-GiKMG1bgvamkytb798REZL06gnqs=
2015-08-19 09:36 - 2015-08-19 09:36 - 00013996 _____ C:\Users\Micke\Downloads\ACFrOgDmDrogVpPLhinxfI6xYc3-p1lwt-2Hr3oScRw22Hhzd9t5CTmWTf9xGrqXRm79ze04EHVgf8oRyQD0SSKTzakRzMKSXF3C81qm4DRqwqoXnxdk7RZ9-gfz6Z0=
2015-08-16 00:14 - 2015-06-26 18:28 - 00428120 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw2E15.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00209048 _____ C:\Windows\system32\Drivers\asw3122.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw3567.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw200D.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw27FB.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00049904 _____ C:\Windows\system32\Drivers\asw2B94.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00024144 _____ C:\Windows\system32\Drivers\asw2471.tmp
2015-08-16 00:14 - 2015-06-15 06:26 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw1996.tmp
2015-08-13 07:44 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 5 Complete 720p.BRrip.Sujaidr
2015-08-13 07:39 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 4 Complete 720p.BRrip.Sujaidr
2015-08-13 07:14 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 3 Complete 720p.BRrip.Sujaidr
2015-08-13 07:13 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 2 Complete 720p.BRrip.Sujaidr
2015-08-13 07:02 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 1 Complete 720p.BRrip.Sujaidr
2015-08-12 20:11 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Desktop\Breaking Bad Season 1, 2, 3, 4 & 5 + Extras BDRip DVDRip HDTV TSV
2015-08-12 15:11 - 2015-08-12 15:11 - 00013996 _____ C:\Users\Micke\Desktop\ACFrOgCnktbCZqhEkiAAeAZdKdXVNlV4yMJh2U4GdGM_QTMsBQOL4daXmJmKTDplunANCA3bnVqXmJ5KLi8heTuGQyQ4bv-hpEGTzZaR10PbWUCUrYyNPY146JQtus4=
2015-08-11 15:02 - 2015-08-27 14:26 - 00000000 ____D C:\ProgramData\fbb33df000002ca0
2015-08-11 15:00 - 2015-08-27 14:26 - 00000000 ____D C:\ProgramData\a26f837e000048e4
2015-08-11 09:37 - 2015-08-11 09:37 - 00000000 ____D C:\Users\Micke\AppData\Local\speed browser
2015-08-11 00:27 - 2015-08-11 00:27 - 00000000 ____D C:\Users\Micke\Documents\Optimizer Pro
2015-08-11 00:25 - 2015-08-11 00:25 - 00000000 ____D C:\Program Files\69dc8177-a574-4dff-8461-b3267b078dcf
2015-08-11 00:24 - 2015-08-16 00:46 - 00000000 ____D C:\ProgramData\Hepiwaewo
2015-08-11 00:23 - 2015-08-11 14:56 - 00000000 ____D C:\Program Files\globalUpdate
2015-08-11 00:23 - 2015-08-11 00:23 - 00000000 ____D C:\Users\Micke\AppData\Local\globalUpdate
2015-08-11 00:23 - 2015-08-11 00:23 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-08-11 00:22 - 2015-08-16 00:47 - 00000000 ____D C:\Program Files\CinemaP-1.9cV16.03
2015-08-11 00:22 - 2015-08-16 00:46 - 00000000 ____D C:\ProgramData\JWinManProJ
2015-08-11 00:21 - 2015-08-16 00:47 - 00000000 ____D C:\Program Files\ChilliTorrent
2015-08-11 00:21 - 2015-08-16 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChilliTorrent
2015-08-11 00:20 - 2015-08-11 10:31 - 00000000 ____D C:\Users\Micke\AppData\Local\gmsd_se_002030056
2015-08-11 00:20 - 2015-08-11 10:16 - 00000000 ____D C:\Program Files\gmsd_se_002030056
2015-08-11 00:18 - 2015-08-11 10:28 - 00000000 ____D C:\ProgramData\{06dcae7f-00cc-0710-06dc-cae7f00cb9fc}
2015-08-09 13:26 - 2015-08-10 01:16 - 00000000 ____D C:\Users\Micke\Desktop\Ny mapp
2015-08-08 14:35 - 2015-08-08 14:35 - 00074792 _____ C:\Users\Micke\Desktop\ACFrOgACWmNNDt_AZVFMcVHw2hZ__2vq9vtFvHQ1qN2R-PWRsYr9VHLZLtw-t-WFdAvKyt9TIYp94NXoyBwiXrbawL-G-Hj1X4cZvXy-Q2d5pBWHaqGHkiNnK0ZMl3M=
2015-08-07 10:08 - 2015-08-07 10:08 - 00000000 ____D C:\Users\Micke\AppData\Local\CEF
2015-08-07 00:21 - 2015-09-03 14:54 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-03 21:02 - 2014-08-22 19:42 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-03 20:59 - 2014-08-20 12:18 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-03 20:58 - 2015-06-20 22:48 - 00001014 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000UA.job
2015-09-03 20:25 - 2015-01-07 19:25 - 00000266 _____ C:\Windows\Tasks\PC-Mechanic Maintenance.job
2015-09-03 20:14 - 2014-08-19 21:09 - 02010179 _____ C:\Windows\WindowsUpdate.log
2015-09-03 19:36 - 2014-08-20 09:22 - 00000000 ____D C:\Users\Micke\Documents\Outlook-filer
2015-09-03 15:19 - 2014-10-12 16:20 - 00000000 ____D C:\Users\Micke\AppData\Local\Spotify
2015-09-03 15:18 - 2014-08-23 16:10 - 00000000 ___RD C:\Users\Micke\Dropbox
2015-09-03 15:18 - 2014-08-23 14:56 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Dropbox
2015-09-03 15:17 - 2014-10-12 16:17 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Spotify
2015-09-03 15:16 - 2015-01-07 19:25 - 00000000 ____D C:\Users\Micke\AppData\Local\Pokki
2015-09-03 15:15 - 2015-01-25 20:37 - 00000000 ____D C:\Users\Micke\AppData\Roaming\uTorrent
2015-09-03 15:15 - 2015-01-07 19:24 - 00000260 _____ C:\Windows\Tasks\PC-Mechanic Startup.job
2015-09-03 15:15 - 2014-08-20 12:17 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-03 15:06 - 2009-07-14 06:34 - 00032976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-03 15:06 - 2009-07-14 06:34 - 00032976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-03 14:58 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-03 14:54 - 2014-08-19 21:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-09-03 11:42 - 2015-06-20 22:48 - 00000962 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000Core.job
2015-09-01 23:29 - 2014-08-20 12:19 - 00002092 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-25 15:31 - 2015-06-15 09:06 - 00000000 __SHD C:\Jumpshot
2015-08-25 14:46 - 2014-08-19 21:51 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-25 14:46 - 2014-08-19 21:51 - 00001072 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-25 14:44 - 2015-06-15 09:06 - 00000000 ____D C:\Windows\jumpshot.com
2015-08-25 13:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-25 12:32 - 2015-07-04 14:44 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-08-25 12:32 - 2014-08-20 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-25 12:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp
2015-08-25 12:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2015-08-25 12:30 - 2014-08-20 09:28 - 00000000 __RHD C:\MSOCache
2015-08-25 12:13 - 2014-08-19 22:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-25 11:50 - 2014-08-19 21:43 - 00000000 ____D C:\Users\Micke
2015-08-25 11:42 - 2015-04-07 22:33 - 00001970 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-08-17 05:33 - 2015-07-30 14:02 - 00000000 ____D C:\Windows\system32\MRT
2015-08-17 05:16 - 2015-07-30 14:02 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-16 09:48 - 2014-08-22 19:42 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-16 09:48 - 2014-08-22 19:42 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-16 00:47 - 2015-07-22 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-08-16 00:47 - 2015-07-22 15:15 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-08-16 00:47 - 2015-01-07 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2015-08-16 00:47 - 2015-01-07 19:23 - 00000000 ____D C:\Program Files\Uniblue
2015-08-16 00:47 - 2014-08-22 19:42 - 00000000 ____D C:\Windows\system32\Macromed
2015-08-16 00:07 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles
2015-08-09 14:39 - 2011-04-12 08:32 - 00663312 _____ C:\Windows\system32\perfh01D.dat
2015-08-09 14:39 - 2011-04-12 08:32 - 00142080 _____ C:\Windows\system32\perfc01D.dat
2015-08-09 14:39 - 2010-11-20 23:01 - 01578190 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2014-10-20 17:38 - 2014-10-20 17:38 - 0000017 _____ () C:\Users\Micke\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Micke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5benpl.dll
C:\Users\Micke\AppData\Local\Temp\ReimagePackage.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\dnsapi.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-01 17:15

==================== End of FRST.txt ============================

Länk till kommentar
Dela på andra webbplatser

Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på knappen Log file.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[R0].txt

Länk till kommentar
Dela på andra webbplatser

# AdwCleaner v5.005 - Logfile created 04/09/2015 at 00:17:19
# Updated 31/08/2015 by Xplode
# Database : 2015-08-31.2 [server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x86)
# Username : Micke - MICKE-DATOR
# Running from : C:\Users\Micke\Desktop\adwcleaner_5.005.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : ReimageRealTimeProtector
Service Found : 00dc9b86
Service Found : 61871ce4

***** [ Folders ] *****

Folder Found : C:\rei
Folder Found : C:\Program Files\globalUpdate
Folder Found : C:\Program Files\Reimage
Folder Found : C:\Program Files\Uniblue
Folder Found : C:\Program Files\Super Optimizer
Folder Found : C:\Program Files\DNS Unlocker
Folder Found : C:\Program Files\CinemaP-1.9cV16.03
Folder Found : C:\Program Files\Optimizer Pro 3.99
Folder Found : C:\ProgramData\Reimage Protector
Folder Found : C:\ProgramData\IHProtectUpDate
Folder Found : C:\ProgramData\11129950104558718253
Folder Found : C:\ProgramData\a26f837e000048e4
Folder Found : C:\ProgramData\fbb33df000002ca0
Folder Found : C:\ProgramData\{06dcae7f-00cc-0710-06dc-cae7f00cb9fc}
Folder Found : C:\ProgramData\{0885183f-e52a-819e-0885-5183fe5260ff}
Folder Found : C:\ProgramData\{983ea52e-b27a-2097-983e-ea52eb2794ba}
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
Folder Found : C:\Users\Micke\AppData\Local\globalUpdate
Folder Found : C:\Users\Micke\AppData\Local\speed browser
Folder Found : C:\Users\Micke\AppData\Local\pokki
Folder Found : C:\Users\Micke\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Micke\AppData\Roaming\Super Optimizer
Folder Found : C:\Users\Micke\AppData\Roaming\IHlpr
Folder Found : C:\Users\Micke\Documents\Super Optimizer
Folder Found : C:\Windows\system32\config\systemprofile\AppData\Local\speed browser

***** [ Files ] *****

File Found : C:\Users\Micke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC-Mechanic.lnk
File Found : C:\Users\Micke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
File Found : C:\Users\Micke\Desktop\Optimizer Pro.lnk
File Found : C:\Users\Micke\Desktop\Super Optimizer.lnk
File Found : C:\Users\Public\Desktop\PC Mechanic.lnk
File Found : C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
File Found : C:\Windows\Reimage.ini

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : Optimizer Pro Schedule
Task Found : PC-Mechanic Maintenance
Task Found : PC-Mechanic Startup
Task Found : Reimage Reminder
Task Found : ReimageUpdater
Task Found : Super Optimizer Schedule
Task Found : Superclean
Task Found : Pokki

***** [ Registry ] *****

Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [super Optimizer]
Key Found : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
Key Found : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Key Found : HKCU\Software\Classes\Directory\shell\pokki
Key Found : HKCU\Software\Classes\Drive\shell\pokki
Key Found : HKCU\Software\Classes\lnkfile\shell\pokki
Key Found : HKLM\SOFTWARE\Classes\pc-mechanic
Key Found : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
Key Found : HKLM\SOFTWARE\dfc165c1-3324-36f9-03fd-12ba6252a472
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_6dd6415c7ca59a3afaff86950eac7bceb240f3f1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{61871ce4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{dc9b86}
Key Found : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\Pokki
Key Found : HKCU\Software\Reimage
Key Found : HKCU\Software\Super Optimizer
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : HKLM\SOFTWARE\Reimage
Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1F88FC5D-4D46-448A-AF59-7061FFC6ABBF}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [5620 bytes] ##########
 

Länk till kommentar
Dela på andra webbplatser

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.

Klicka på Clean-knappen.
Tryck på OK.
Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s0].txt

 

 

2. Starta FRST.

Bocka för Addition.txt.

Skanna med FRST och klistra in eller bifoga de två nya loggarna.

 

 

3. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Välj alternativet Enable detection of potentially unwanted applications.

Klicka på Advanced Settings.
Ta bort bocken framför Remove found threats.
Bocka för:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-08-2015
Ran by Micke (2015-09-04 09:26:50)
Running from D:\Ny mapp
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administratör (S-1-5-21-2344796923-460791167-1111748507-500 - Administrator - Disabled)
Gäst (S-1-5-21-2344796923-460791167-1111748507-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2344796923-460791167-1111748507-1002 - Limited - Enabled)
Micke (S-1-5-21-2344796923-460791167-1111748507-1000 - Administrator - Enabled) => C:\Users\Micke

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Svenska (HKLM\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Dropbox (HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
GOM Player (HKLM\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.13 - Google Inc.) Hidden
Läs bruksanvisningen (HKLM\...\View User Guide) (Version: 3.60.02.0 - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - sv-se (HKLM\...\ProPlusRetail - sv-se) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 sv-SE) (HKLM\...\Mozilla Firefox 40.0.3 (x86 sv-SE)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Samsung C460 Series (HKLM\...\Samsung C460 Series) (Version: 1.02 (2013-07-11) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM\...\Samsung Easy Document Creator) (Version: 1.05.61 (2013-04-10) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.03.23.00(2013-05-03) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM\...\Easy Wireless Setup) (Version: 3.60.40.03 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM\...\Samsung Network PC Fax) (Version: 1.09.14 (2013-02-05) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (Version: 1.00.56.01 - Samsung Electronics Co., Ltd.) Hidden
SNS Upload for Easy Document Creator (HKLM\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Spotify (HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Restore Points =========================

30-08-2015 09:41:54 Installationsprogram för Windows-moduler
30-08-2015 09:49:31 Installationsprogram för Windows-moduler
30-08-2015 09:51:47 Installationsprogram för Windows-moduler
30-08-2015 09:56:21 Installationsprogram för Windows-moduler
30-08-2015 09:58:37 Installationsprogram för Windows-moduler
30-08-2015 10:03:16 Installationsprogram för Windows-moduler
31-08-2015 06:22:21 Windows Update
01-09-2015 05:45:10 Installationsprogram för Windows-moduler
01-09-2015 05:54:25 Installationsprogram för Windows-moduler
01-09-2015 05:58:01 Installationsprogram för Windows-moduler
01-09-2015 06:05:57 Installationsprogram för Windows-moduler
01-09-2015 06:14:19 Installationsprogram för Windows-moduler
01-09-2015 06:24:44 Installationsprogram för Windows-moduler
02-09-2015 03:00:15 Windows Update
03-09-2015 11:27:28 Installationsprogram för Windows-moduler
03-09-2015 12:02:42 Installationsprogram för Windows-moduler
03-09-2015 12:35:08 Installationsprogram för Windows-moduler
03-09-2015 12:44:59 Installationsprogram för Windows-moduler
04-09-2015 03:00:35 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2015-07-22 15:15 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1    mssplus.mcafee.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09BC86A8-E454-433F-9C12-561AD4D70E9D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {0B876DBB-BEB9-4595-9AF0-A114F564798A} - System32\Tasks\DNSHUGO => dnshugo.exe
Task: {2B0BD56B-3AF7-4D48-91F7-67BBBEBEF013} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000Core => C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {41A4F5DA-E0F2-49BC-A841-63803D5319C3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {44E59D31-4399-490C-894D-F55DD106773D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {58919A09-90BD-4062-BDC1-370C8EEBF5C7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {639C62ED-1F49-4FF4-975A-AB2CE1729F24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {730C0496-93B3-4857-A1D5-7E3987365A31} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000UA => C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {CD2EA173-D0C1-430F-8B92-A38A05B18A01} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {D15F926C-880E-441D-956A-23B320C63E74} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated)
Task: {D44CC134-F680-413D-9DDF-059428F1B617} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {D60E030D-D5FE-4F20-8DED-B4307A97DD2E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-25] (Avast Software s.r.o.)
Task: {EE871092-1E80-4601-AEB0-830303EC1A95} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000Core.job => C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000UA.job => C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-15 06:26 - 2015-06-15 06:26 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-15 06:26 - 2015-06-15 06:26 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-04 01:17 - 2015-09-04 01:17 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15090301\algo.dll
2014-08-28 13:36 - 2013-05-06 08:04 - 00024064 _____ () C:\Windows\System32\sst9clm.dll
2014-08-19 22:12 - 2014-05-20 03:11 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2015-03-18 16:31 - 2015-03-18 16:31 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-03-09 09:58 - 2012-03-09 09:58 - 00350072 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00056696 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2015-09-04 09:17 - 2015-09-04 09:17 - 00071168 _____ () c:\users\micke\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1sbqmn.dll
2015-09-01 22:05 - 2015-08-05 07:26 - 00012800 _____ () C:\Users\Micke\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-09-01 22:05 - 2015-08-05 07:26 - 00779776 _____ () C:\Users\Micke\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-09-01 22:05 - 2015-08-05 07:26 - 00056320 _____ () C:\Users\Micke\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-09-01 22:05 - 2015-08-05 07:26 - 00012288 _____ () C:\Users\Micke\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2344796923-460791167-1111748507-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Micke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 199.203.131.152 - 82.163.143.182
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4237C3EC-9295-4B39-A0BD-7E2DF29E277B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{4720D742-DCE8-44A2-B771-4BD3DF78CE8B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E78AB09F-9589-4F0E-8D50-F72864459507}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{04C42982-BD40-4E91-BBF9-F14B20F6401C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8C4A3B6E-D9E7-469A-8E1B-592473D42F6E}] => (Allow) C:\Users\Micke\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{174E6398-989A-4C49-B562-FA8022A815A5}] => (Allow) C:\Users\Micke\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{58AE0FD2-73EA-4047-95C0-ACD4E4D42C48}] => (Allow) C:\Windows\twain_32\Samsung\SLC460\ScanCDLM\ScanCDLM.exe
FirewallRules: [{DC929D9A-6BAF-4BE5-AFAC-E09D3667CB75}] => (Allow) C:\Windows\twain_32\Samsung\SLC460\ScanCDLM\ScanCDLM.exe
FirewallRules: [{BD97CC4D-161A-4779-9457-A5378009334B}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{E80FA658-6C7F-4BAD-A5EF-9925A2714134}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{4F1E9C2E-B434-4E83-870B-08FB9B6A9ACD}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{AF0AB7F1-FBC1-404B-B5D4-C69F1F8E6139}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{2DA648F7-9BFF-4B42-AA15-6D6FFEE35D50}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{21BDE5E7-F3C8-4A6A-90A7-1B023FEC9FE1}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{CAB7FE27-8DA4-45E3-AE95-DA3194FD2574}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{CDA74FD1-AEF0-4A7C-AFEC-E820C7F3AADD}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{EB819BF7-E3EC-45C5-9B4E-5198B395B2BB}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{D0735AF7-2280-4A67-AA07-9C39728B36BC}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{DD99FD4E-1335-475B-99F9-AF3FB9EAB175}] => (Allow) C:\Program Files\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{13275830-600C-407D-8B1E-EF11552C537F}] => (Allow) C:\Program Files\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [TCP Query User{1859F2A1-BCF3-42DE-907E-5B7AD79EEA44}C:\users\micke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micke\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{0921A62C-70C6-42FD-A562-14729168A928}C:\users\micke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micke\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{35E72BB7-3855-4938-B3AB-065F2691F877}C:\users\micke\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\micke\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{6C7B64DB-1C6C-44F5-B975-E277323C47F9}C:\users\micke\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\micke\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FA4CF73B-7D86-41F7-8B70-88589627EDB4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3C89BB29-4F94-4778-A404-C7470ECC9D00}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AED2765B-185E-4262-A6CE-AE8AD52BCAFA}] => (Allow) C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A1953D07-F9CE-4B63-8A72-80E79593DF74}] => (Allow) C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{92D8A5C9-0769-43F2-8F8C-BF081D2D4E11}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [uDP Query User{D35A8B0F-8405-4696-8D2C-3C01836DA6C5}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{9DDF6DF9-FADE-4152-84E2-245C2FE232B9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{D6958697-067F-4014-A4D0-4B7A90BFC74E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{0532C6E4-34D7-441F-8526-227A29BF7700}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D9B0629A-B7A3-4139-A3C4-A5B9E745EAB8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{1BEA463B-390A-496E-BA88-C5C4AFD5407D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/04/2015 09:14:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 01:21:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1.
Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.

Error: (09/04/2015 01:21:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1.
Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.

Error: (09/04/2015 01:21:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1.
Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.

Error: (09/03/2015 03:16:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programmet uTorrent.exe, version 3.4.4.40911, avslutades eftersom det slutade att samverka med Windows. Ytterligare information kan finnas i problemhistoriken på kontrollpanelen för Åtgärdscentret och lösningar.

Process-ID: 2ec

Starttid: 01d0e64a8d729a7f

Avslutningstid: 5492

Programsökväg: C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exe

Rapport-ID: e82cb786-523d-11e5-8979-001a7d0abf3d

Error: (09/03/2015 03:01:43 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Det går inte att initiera indexet.

Information:
    Innehållsindexets katalog är skadad.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/03/2015 03:01:43 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Det går inte att initiera programmet.

Kontext: program Windows

Information:
    Innehållsindexets katalog är skadad.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/03/2015 03:01:43 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Det går inte att initiera insamlingsobjektet.

Kontext: program Windows, katalog SystemIndex

Information:
    Innehållsindexets katalog är skadad.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/03/2015 03:01:43 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Det går inte att initiera plugin-programmet i <Search.TripoliIndexer>.

Kontext: program Windows, katalog SystemIndex

Information:
    Det gick inte att hitta elementet.  (HRESULT : 0x80070490) (0x80070490)

Error: (09/03/2015 03:01:35 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Det går inte att initiera plugin-programmet i <Search.JetPropStore>.

Kontext: program Windows, katalog SystemIndex

Information:
    Innehållsindexets katalog är skadad.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (09/04/2015 09:20:17 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Tjänsten Windows Defender avbröts med följande fel:
%%-2147023113

Error: (09/04/2015 09:19:19 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Tjänsten Windows Search stannade under start.

Error: (09/04/2015 09:12:17 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (09/04/2015 09:12:17 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (09/04/2015 09:04:04 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Tjänsthanteraren försökte utföra en korrigeringsåtgärd (Starta om tjänsten) efter att tjänsten Windows Search avslutats oväntat, men denna åtgärd misslyckades med följande fel:
%%1056

Error: (09/04/2015 09:03:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Tjänsten Windows Modules Installer avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 120000 millisekunder: Starta om tjänsten.

Error: (09/04/2015 09:03:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Tjänsten Windows Search avslutades oväntat. Den har gjort detta 2 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

Error: (09/04/2015 09:03:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Tjänsten Windows Media Player Network Sharing Service avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

Error: (09/04/2015 09:03:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjänsten Reimage Real Time Protector avslutades oväntat. Detta har skett 1 gånger.

Error: (09/04/2015 09:03:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Tjänsten Microsoft Office-tjänsten Klicka-och-Kör avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 0 millisekunder: Starta om tjänsten.


Microsoft Office:
=========================
Error: (09/04/2015 09:14:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 01:21:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\network pc fax\drv\NetFaxTray64.exe

Error: (09/04/2015 01:21:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\network pc fax\drv\NetFaxMon64.exe

Error: (09/04/2015 01:21:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung c460 series\Setup\Setup\bin\wiainst64.exe

Error: (09/03/2015 03:16:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: uTorrent.exe3.4.4.409112ec01d0e64a8d729a7f5492C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exee82cb786-523d-11e5-8979-001a7d0abf3d

Error: (09/03/2015 03:01:43 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Information:
    Innehållsindexets katalog är skadad.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/03/2015 03:01:43 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: program Windows

Information:
    Innehållsindexets katalog är skadad.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/03/2015 03:01:43 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: program Windows, katalog SystemIndex

Information:
    Innehållsindexets katalog är skadad.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/03/2015 03:01:43 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: program Windows, katalog SystemIndex

Information:
    Det gick inte att hitta elementet.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (09/03/2015 03:01:35 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: program Windows, katalog SystemIndex

Information:
    Innehållsindexets katalog är skadad.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore


CodeIntegrity:
===================================
  Date: 2015-09-04 09:13:59.861
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-04 09:03:16.727
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-03 15:15:03.786
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-03 14:57:21.011
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-03 13:17:17.665
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-03 12:07:21.179
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-03 11:45:47.844
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-02 22:57:37.622
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-02 22:19:56.116
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-02 14:45:03.803
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core2 Duo CPU T5850 @ 2.16GHz
Percentage of memory in use: 49%
Total physical RAM: 3071.27 MB
Available physical RAM: 1561.56 MB
Total Virtual: 6140.84 MB
Available Virtual: 4388.23 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:149.04 GB) (Free:5.87 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:137.33 GB) (Free:55.3 GB) NTFS
Drive g: (Transcend) (Fixed) (Total:931.28 GB) (Free:760.74 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=137.3 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00143318)
Partition 1: (Active) - (Size=931.5 GB) - (Type=0C)

==================== End of Addition.txt ============================

Länk till kommentar
Dela på andra webbplatser

# AdwCleaner v5.005 - Logfile created 04/09/2015 at 09:03:26
# Updated 31/08/2015 by Xplode
# Database : 2015-08-31.2 [server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x86)
# Username : Micke - MICKE-DATOR
# Running from : C:\Users\Micke\Desktop\adwcleaner_5.005.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : ReimageRealTimeProtector
[-] Service Deleted : 00dc9b86
[-] Service Deleted : 61871ce4

***** [ Folders ] *****

[-] Folder Deleted : C:\rei
[-] Folder Deleted : C:\Program Files\globalUpdate
[-] Folder Deleted : C:\Program Files\Reimage
[-] Folder Deleted : C:\Program Files\Uniblue
[-] Folder Deleted : C:\Program Files\Super Optimizer
[-] Folder Deleted : C:\Program Files\DNS Unlocker
[-] Folder Deleted : C:\Program Files\CinemaP-1.9cV16.03
[-] Folder Deleted : C:\Program Files\Optimizer Pro 3.99
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[-] Folder Deleted : C:\ProgramData\IHProtectUpDate
[-] Folder Deleted : C:\ProgramData\11129950104558718253
[-] Folder Deleted : C:\ProgramData\a26f837e000048e4
[-] Folder Deleted : C:\ProgramData\fbb33df000002ca0
[-] Folder Deleted : C:\ProgramData\{06dcae7f-00cc-0710-06dc-cae7f00cb9fc}
[-] Folder Deleted : C:\ProgramData\{0885183f-e52a-819e-0885-5183fe5260ff}
[-] Folder Deleted : C:\ProgramData\{983ea52e-b27a-2097-983e-ea52eb2794ba}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reimage repair
[-] Folder Deleted : C:\Users\Micke\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Micke\AppData\Local\speed browser
[-] Folder Deleted : C:\Users\Micke\AppData\Local\pokki
[-] Folder Deleted : C:\Users\Micke\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Micke\AppData\Roaming\Super Optimizer
[-] Folder Deleted : C:\Users\Micke\AppData\Roaming\IHlpr
[-] Folder Deleted : C:\Users\Micke\Documents\Super Optimizer
[-] Folder Deleted : C:\Windows\system32\config\systemprofile\AppData\Local\speed browser

***** [ Files ] *****

[-] File Deleted : C:\Users\Micke\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC-Mechanic.lnk
[-] File Deleted : C:\Users\Micke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
[-] File Deleted : C:\Users\Micke\Desktop\Optimizer Pro.lnk
[-] File Deleted : C:\Users\Micke\Desktop\Super Optimizer.lnk
[-] File Deleted : C:\Users\Public\Desktop\PC Mechanic.lnk
[-] File Deleted : C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
[-] File Deleted : C:\Windows\Reimage.ini

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Optimizer Pro Schedule
[-] Task Deleted : PC-Mechanic Maintenance
[-] Task Deleted : PC-Mechanic Startup
[-] Task Deleted : Reimage Reminder
[-] Task Deleted : ReimageUpdater
[-] Task Deleted : Super Optimizer Schedule
[-] Task Deleted : Superclean
[-] Task Deleted : Pokki

***** [ Registry ] *****

[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [super Optimizer]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Reimage.exe
[-] Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Key Deleted : HKLM\SOFTWARE\Classes\pc-mechanic
[-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : HKLM\SOFTWARE\dfc165c1-3324-36f9-03fd-12ba6252a472
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_6dd6415c7ca59a3afaff86950eac7bceb240f3f1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{61871ce4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{dc9b86}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKCU\Software\Optimizer Pro
[-] Key Deleted : HKCU\Software\Pokki
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\Super Optimizer
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[-] Key Deleted : HKLM\SOFTWARE\Reimage
[-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Super Optimizer_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1F88FC5D-4D46-448A-AF59-7061FFC6ABBF}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1

***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6176 bytes] ##########
 

Länk till kommentar
Dela på andra webbplatser

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-08-2015
Ran by Micke (administrator) on MICKE-DATOR (04-09-2015 09:25:41)
Running from D:\Ny mapp
Loaded Profiles: Micke (Available Profiles: Micke)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\w32x86\3\NetFaxServer.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Spotify Ltd) C:\Users\Micke\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(BitTorrent Inc.) C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\w32x86\3\NetFaxTray.exe
(Dropbox, Inc.) C:\Users\Micke\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-15] (Avast Software s.r.o.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [350072 2012-03-09] ()
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [spotify Web Helper] => C:\Users\Micke\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-03] (Spotify Ltd)
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [uTorrent] => C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-08-28] (BitTorrent Inc.)
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [spotify] => C:\Users\Micke\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-09-03] (Spotify Ltd)
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [Dropbox Update] => C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-15] (Avast Software s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-07-04]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2014-08-28]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\w32x86\3\NetFaxTray.exe (Samsung Electronics Co., Ltd.)
Startup: C:\Users\Micke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1    mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 46.17.101.204 192.168.1.1
Tcpip\..\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D}: [NameServer] 199.203.131.152,82.163.143.182
Tcpip\..\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D}: [DhcpNameServer] 46.17.101.204 192.168.1.1
Tcpip\..\Interfaces\{0F6E3910-C206-4413-9627-A053B2CE128F}: [NameServer] 199.203.131.152,82.163.143.182
Tcpip\..\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018}: [NameServer] 199.203.131.152,82.163.143.182
Tcpip\..\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018}: [DhcpNameServer] 46.17.101.204 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://se.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-07] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Micke\AppData\Roaming\Mozilla\Firefox\Profiles\4vlvrbc8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-19] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-20]

Chrome:
=======
CHR Profile: C:\Users\Micke\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Micke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-20]
CHR Extension: (Google Wallet) - C:\Users\Micke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-20]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2009-08-18] (AMD) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2013-02-27] (Microsoft Corporation) [File not signed]
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [149504 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473600 2014-07-07] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473600 2014-07-07] (Microsoft Corporation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-15] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-06-15] (Avast Software)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2010-11-20] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [494592 2010-11-20] (Microsoft Corporation) [File not signed]
R3 BITS; C:\Windows\System32\qmgr.dll [585728 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [102912 2012-07-04] (Microsoft Corporation) [File not signed]
R3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1874104 2015-07-14] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [140288 2013-07-09] (Microsoft Corporation) [File not signed]
R2 CscService; C:\Windows\System32\cscsvc.dll [546304 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-03] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [144384 2010-11-20] (Microsoft Corporation) [File not signed]
R3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\System32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [556544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-14] (Microsoft Corporation) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086976 2010-11-20] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation) [File not signed]
S3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [906240 2014-08-22] (Microsoft Corporation) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [593408 2010-11-20] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [108032 2014-08-18] (Microsoft Corporation) [File not signed]
S3 IKEEXT; C:\Windows\System32\ikeext.dll [679424 2013-10-12] (Microsoft Corporation) [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [499712 2012-10-03] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [168960 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2010-11-20] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [235696 2015-06-26] (McAfee, Inc.)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [68096 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [566272 2010-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242176 2012-10-03] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-14] (Microsoft Corporation) [File not signed]
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PcaSvc; C:\Windows\System32\pcasvc.dll [157184 2014-07-07] (Microsoft Corporation) [File not signed]
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1004544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [293376 2011-05-24] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350208 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [119808 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [164352 2012-05-01] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [286208 2010-11-20] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [378416 2013-02-05] (Samsung Electronics Co., Ltd.)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [750592 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2010-11-20] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [317440 2012-02-11] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-14] (Microsoft Corporation) [File not signed]
R2 StiSvc; C:\Windows\System32\wiaservc.dll [463360 2010-11-20] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1159168 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [521216 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-14] (Microsoft Corporation) [File not signed]
R3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-14] (Microsoft Corporation) [File not signed]
S3 UmRdpService; C:\Windows\System32\umrdp.dll [171008 2010-11-20] (Microsoft Corporation) [File not signed]
R3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [453632 2010-11-20] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1025536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1203200 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121792 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [85504 2010-11-20] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) [File not signed]
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [73216 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185344 2014-01-28] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2014-05-30] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [55296 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [52736 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2010-11-20] (Microsoft Corporation) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-06-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-06-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-06-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-06-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-06-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-06-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-06-15] ()
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1096704 2009-07-14] (Atheros Communications, Inc.) [File not signed]
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [4994560 2009-08-18] (ATI Technologies Inc.) [File not signed]
S3 b06bdrv; C:\Windows\system32\drivers\bxvbdx.sys [430080 2009-07-14] (Broadcom Corporation) [File not signed]
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-14] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-23] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [13568 2009-07-14] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [5248 2009-07-14] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-14] (Brother Industries Ltd.) [File not signed]
R3 BthEnum; C:\Windows\system32\drivers\BthEnum.sys [34816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed]
R3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [93696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [393728 2012-07-06] (Microsoft Corporation) [File not signed]
R3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [60416 2011-04-28] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\system32\drivers\circlass.sys [37888 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [14080 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation) [File not signed]
R1 CSC; C:\Windows\System32\drivers\csc.sys [388096 2010-11-20] (Microsoft Corporation) [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-14] (Microsoft Corporation) [File not signed]
S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [62464 2010-11-20] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\drivers\evbdx.sys [3100160 2009-07-14] (Broadcom Corporation) [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-14] (Microsoft Corporation) [File not signed]
R3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\drivers\fdc.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-14] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-14] (Hauppauge Computer Works, Inc.) [File not signed]
R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [304128 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [91136 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [37888 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] (Microsoft Corporation) [File not signed]
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [80896 2009-07-14] (Microsoft Corporation) [File not signed]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-14] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-14] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2013-07-04] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-27] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-09] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-27] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\drivers\parport.sys [79360 2009-07-14] (Microsoft Corporation) [File not signed]
S2 Parvdm; C:\Windows\system32\drivers\parvdm.sys [8704 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\drivers\processr.sys [52224 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-14] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] (Microsoft Corporation) [File not signed]
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation) [File not signed]
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [133632 2010-11-20] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [15872 2010-11-20] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [183808 2012-04-28] (Microsoft Corporation) [File not signed]
R3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [129536 2009-07-14] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [5632 2010-11-20] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 Serenum; C:\Windows\system32\drivers\serenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [83456 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 SiSGbeLH; C:\Windows\System32\DRIVERS\SiSGB6.sys [48128 2009-07-14] (Silicon Integrated Systems Corp.) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-29] (Microsoft Corporation) [File not signed]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2013-04-10] (Samsung Electronics) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2012-10-03] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-17] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2010-11-20] (Microsoft Corporation) [File not signed]
S3 terminpt; C:\Windows\system32\drivers\terminpt.sys [25600 2010-11-20] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2013-06-15] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [52224 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [27264 2010-11-20] (Microsoft Corporation) [File not signed]
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [112640 2010-11-20] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [39936 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\drivers\umpass.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [43520 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [20480 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [36352 2013-07-03] (Microsoft Corporation) [File not signed]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-11] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146816 2013-07-12] (Microsoft Corporation) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-06-15] (Avast Software)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ViaC7; C:\Windows\system32\drivers\viac7.sys [52736 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [17920 2010-11-20] (Microsoft Corporation) [File not signed]
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-14] (Microsoft Corporation) [File not signed]
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [21632 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation) [File not signed]
S3 cpuz134; \??\C:\Users\Micke\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-04 09:17 - 2015-09-04 09:18 - 00000000 ____D C:\Users\Micke\Desktop\Virus(3)
2015-09-04 00:17 - 2015-09-04 09:03 - 00000000 ____D C:\AdwCleaner
2015-09-04 00:14 - 2015-09-04 00:14 - 01654272 _____ C:\Users\Micke\Desktop\adwcleaner_5.005.exe
2015-09-03 21:14 - 2015-09-04 09:25 - 00000000 ____D C:\FRST
2015-09-03 19:41 - 2015-09-03 19:41 - 00000000 ____D C:\Users\Micke\Desktop\Ny mapp (2)
2015-09-03 14:56 - 2015-09-04 09:13 - 00000112 _____ C:\Windows\setupact.log
2015-09-03 14:56 - 2015-09-03 14:56 - 00000000 _____ C:\Windows\setuperr.log
2015-09-03 14:54 - 2015-09-03 14:54 - 00004342 _____ C:\Windows\PFRO.log
2015-09-01 22:05 - 2015-09-01 22:05 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-01 06:10 - 2015-09-01 06:10 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Optimizer Pro
2015-09-01 06:04 - 2015-09-01 06:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-08-27 14:26 - 2015-08-27 14:26 - 00000000 ____D C:\Program Files\RelayLevel
2015-08-27 14:26 - 2015-08-27 14:26 - 00000000 ____D C:\Program Files\ProcessInit
2015-08-26 05:26 - 2015-08-26 19:20 - 00000000 ____D C:\Windows\Minidump
2015-08-25 14:33 - 2015-08-25 14:34 - 00106132 _____ C:\Users\Micke\Desktop\cc_20150825_143319.reg
2015-08-25 11:40 - 2015-06-15 06:26 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-08-23 20:51 - 2015-08-23 20:51 - 00000000 ____D C:\Users\Micke\Documents\Scan
2015-08-19 09:38 - 2015-08-19 09:38 - 00053973 _____ C:\Users\Micke\Desktop\ACFrOgA40i1ByRHs2fXMUZEgkjmDIpfTRJoov4G7JFK2EFrZ-vrQw5V9mZykcV_jUT3KMNWNs1qgFRfugGg0jugG1rpPRZjLFs-GiKMG1bgvamkytb798REZL06gnqs=
2015-08-19 09:36 - 2015-08-19 09:36 - 00013996 _____ C:\Users\Micke\Downloads\ACFrOgDmDrogVpPLhinxfI6xYc3-p1lwt-2Hr3oScRw22Hhzd9t5CTmWTf9xGrqXRm79ze04EHVgf8oRyQD0SSKTzakRzMKSXF3C81qm4DRqwqoXnxdk7RZ9-gfz6Z0=
2015-08-16 00:14 - 2015-06-26 18:28 - 00428120 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw2E15.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00209048 _____ C:\Windows\system32\Drivers\asw3122.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw3567.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw200D.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw27FB.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00049904 _____ C:\Windows\system32\Drivers\asw2B94.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00024144 _____ C:\Windows\system32\Drivers\asw2471.tmp
2015-08-16 00:14 - 2015-06-15 06:26 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw1996.tmp
2015-08-13 07:44 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 5 Complete 720p.BRrip.Sujaidr
2015-08-13 07:39 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 4 Complete 720p.BRrip.Sujaidr
2015-08-13 07:14 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 3 Complete 720p.BRrip.Sujaidr
2015-08-13 07:13 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 2 Complete 720p.BRrip.Sujaidr
2015-08-13 07:02 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 1 Complete 720p.BRrip.Sujaidr
2015-08-12 20:11 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Desktop\Breaking Bad Season 1, 2, 3, 4 & 5 + Extras BDRip DVDRip HDTV TSV
2015-08-12 15:11 - 2015-08-12 15:11 - 00013996 _____ C:\Users\Micke\Desktop\ACFrOgCnktbCZqhEkiAAeAZdKdXVNlV4yMJh2U4GdGM_QTMsBQOL4daXmJmKTDplunANCA3bnVqXmJ5KLi8heTuGQyQ4bv-hpEGTzZaR10PbWUCUrYyNPY146JQtus4=
2015-08-11 00:27 - 2015-08-11 00:27 - 00000000 ____D C:\Users\Micke\Documents\Optimizer Pro
2015-08-11 00:25 - 2015-08-11 00:25 - 00000000 ____D C:\Program Files\69dc8177-a574-4dff-8461-b3267b078dcf
2015-08-11 00:24 - 2015-08-16 00:46 - 00000000 ____D C:\ProgramData\Hepiwaewo
2015-08-11 00:22 - 2015-08-16 00:46 - 00000000 ____D C:\ProgramData\JWinManProJ
2015-08-11 00:21 - 2015-08-16 00:47 - 00000000 ____D C:\Program Files\ChilliTorrent
2015-08-11 00:21 - 2015-08-16 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChilliTorrent
2015-08-11 00:20 - 2015-08-11 10:31 - 00000000 ____D C:\Users\Micke\AppData\Local\gmsd_se_002030056
2015-08-11 00:20 - 2015-08-11 10:16 - 00000000 ____D C:\Program Files\gmsd_se_002030056
2015-08-09 13:26 - 2015-08-10 01:16 - 00000000 ____D C:\Users\Micke\Desktop\Ny mapp
2015-08-08 14:35 - 2015-08-08 14:35 - 00074792 _____ C:\Users\Micke\Desktop\ACFrOgACWmNNDt_AZVFMcVHw2hZ__2vq9vtFvHQ1qN2R-PWRsYr9VHLZLtw-t-WFdAvKyt9TIYp94NXoyBwiXrbawL-G-Hj1X4cZvXy-Q2d5pBWHaqGHkiNnK0ZMl3M=
2015-08-07 10:08 - 2015-08-07 10:08 - 00000000 ____D C:\Users\Micke\AppData\Local\CEF
2015-08-07 00:21 - 2015-09-03 14:54 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-04 09:22 - 2015-01-25 20:37 - 00000000 ____D C:\Users\Micke\AppData\Roaming\uTorrent
2015-09-04 09:22 - 2014-08-19 21:09 - 01090007 _____ C:\Windows\WindowsUpdate.log
2015-09-04 09:22 - 2009-07-14 06:34 - 00032976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-04 09:22 - 2009-07-14 06:34 - 00032976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-04 09:19 - 2014-10-12 16:20 - 00000000 ____D C:\Users\Micke\AppData\Local\Spotify
2015-09-04 09:19 - 2014-08-23 16:10 - 00000000 ___RD C:\Users\Micke\Dropbox
2015-09-04 09:19 - 2014-08-23 14:56 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Dropbox
2015-09-04 09:18 - 2014-10-12 16:17 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Spotify
2015-09-04 09:16 - 2014-08-20 12:17 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-04 09:14 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-04 09:02 - 2014-08-22 19:42 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-04 08:59 - 2014-08-20 12:18 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-04 08:58 - 2015-06-20 22:48 - 00001014 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000UA.job
2015-09-04 08:58 - 2015-06-20 22:48 - 00000962 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000Core.job
2015-09-03 19:36 - 2014-08-20 09:22 - 00000000 ____D C:\Users\Micke\Documents\Outlook-filer
2015-09-03 14:54 - 2014-08-19 21:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-25 15:31 - 2015-06-15 09:06 - 00000000 __SHD C:\Jumpshot
2015-08-25 14:46 - 2014-08-19 21:51 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-25 14:46 - 2014-08-19 21:51 - 00001072 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-25 14:44 - 2015-06-15 09:06 - 00000000 ____D C:\Windows\jumpshot.com
2015-08-25 13:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-25 12:32 - 2015-07-04 14:44 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-08-25 12:32 - 2014-08-20 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-25 12:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp
2015-08-25 12:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2015-08-25 12:30 - 2014-08-20 09:28 - 00000000 __RHD C:\MSOCache
2015-08-25 12:13 - 2014-08-19 22:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-25 11:50 - 2014-08-19 21:43 - 00000000 ____D C:\Users\Micke
2015-08-17 05:33 - 2015-07-30 14:02 - 00000000 ____D C:\Windows\system32\MRT
2015-08-17 05:16 - 2015-07-30 14:02 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-16 09:48 - 2014-08-22 19:42 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-16 09:48 - 2014-08-22 19:42 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-16 00:47 - 2015-07-22 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-08-16 00:47 - 2015-07-22 15:15 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-08-16 00:47 - 2014-08-22 19:42 - 00000000 ____D C:\Windows\system32\Macromed
2015-08-16 00:07 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles
2015-08-09 14:39 - 2011-04-12 08:32 - 00663312 _____ C:\Windows\system32\perfh01D.dat
2015-08-09 14:39 - 2011-04-12 08:32 - 00142080 _____ C:\Windows\system32\perfc01D.dat
2015-08-09 14:39 - 2010-11-20 23:01 - 01578190 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2014-10-20 17:38 - 2014-10-20 17:38 - 0000017 _____ () C:\Users\Micke\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Micke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1sbqmn.dll
C:\Users\Micke\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Micke\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\dnsapi.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-01 17:15

==================== End of FRST.txt ============================

Länk till kommentar
Dela på andra webbplatser

Kan inte starta Explorer, den bara flashar upp, provat uppdatera den men säger att det är senaste upplagan som är registrerad. Eset online går inte öppna via Firefox

Länk till kommentar
Dela på andra webbplatser

1. Återställ inställningarna i Internet Explorer enligt artikeln http://windows.microsoft.com/sv-se/internet-explorer/reset-ie-settings men du kan starta Internetalternativ från Kontrollpanelen  i stället för inifrån Internet Explorer.
 
 
2. Enligt ena loggen använder datorn DNS-servrar som finns i Ryssland och/eller Israel i stället för de vanliga från din internet-leverantör. Om det är meningen, gör inte resten.


3. Starta programmet Anteckningar.
Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
Task: {0B876DBB-BEB9-4595-9AF0-A114F564798A} - System32\Tasks\DNSHUGO => dnshugo.exe
Tcpip\Parameters: [DhcpNameServer] 46.17.101.204 192.168.1.1
Tcpip\..\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D}: [NameServer] 199.203.131.152,82.163.143.182
Tcpip\..\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D}: [DhcpNameServer] 46.17.101.204 192.168.1.1
Tcpip\..\Interfaces\{0F6E3910-C206-4413-9627-A053B2CE128F}: [NameServer] 199.203.131.152,82.163.143.182
Tcpip\..\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018}: [NameServer] 199.203.131.152,82.163.143.182
Tcpip\..\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018}: [DhcpNameServer] 46.17.101.204 192.168.1.1
2015-09-01 06:04 - 2015-09-01 06:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-08-11 00:27 - 2015-08-11 00:27 - 00000000 ____D C:\Users\Micke\Documents\Optimizer Pro
2015-08-11 00:25 - 2015-08-11 00:25 - 00000000 ____D C:\Program Files\69dc8177-a574-4dff-8461-b3267b078dcf
2015-08-11 00:24 - 2015-08-16 00:46 - 00000000 ____D C:\ProgramData\Hepiwaewo
2015-08-11 00:22 - 2015-08-16 00:46 - 00000000 ____D C:\ProgramData\JWinManProJ
2015-08-11 00:21 - 2015-08-16 00:47 - 00000000 ____D C:\Program Files\ChilliTorrent
2015-08-11 00:21 - 2015-08-16 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChilliTorrent
2015-08-11 00:20 - 2015-08-11 10:31 - 00000000 ____D C:\Users\Micke\AppData\Local\gmsd_se_002030056
2015-08-11 00:20 - 2015-08-11 10:16 - 00000000 ____D C:\Program Files\gmsd_se_002030056
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
Reboot:

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.
Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.
Om datorn inte startas om automatiskt så gör det själv.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.

 

 

4. Går det att göra Esets skanning nu?

Länk till kommentar
Dela på andra webbplatser

Nej det går inte köra eset.

 

Fix result of Farbar Recovery Scan Tool (x86) Version:31-08-2015
Ran by Micke (2015-09-04 20:42:28) Run:1
Running from C:\Users\Micke\Desktop
Loaded Profiles: Micke (Available Profiles: Micke)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
Task: {0B876DBB-BEB9-4595-9AF0-A114F564798A} - System32\Tasks\DNSHUGO => dnshugo.exe
Tcpip\Parameters: [DhcpNameServer] 46.17.101.204 192.168.1.1
Tcpip\..\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D}: [NameServer] 199.203.131.152,82.163.143.182
Tcpip\..\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D}: [DhcpNameServer] 46.17.101.204 192.168.1.1
Tcpip\..\Interfaces\{0F6E3910-C206-4413-9627-A053B2CE128F}: [NameServer] 199.203.131.152,82.163.143.182
Tcpip\..\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018}: [NameServer] 199.203.131.152,82.163.143.182
Tcpip\..\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018}: [DhcpNameServer] 46.17.101.204 192.168.1.1
2015-09-01 06:04 - 2015-09-01 06:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-08-11 00:27 - 2015-08-11 00:27 - 00000000 ____D C:\Users\Micke\Documents\Optimizer Pro
2015-08-11 00:25 - 2015-08-11 00:25 - 00000000 ____D C:\Program Files\69dc8177-a574-4dff-8461-b3267b078dcf
2015-08-11 00:24 - 2015-08-16 00:46 - 00000000 ____D C:\ProgramData\Hepiwaewo
2015-08-11 00:22 - 2015-08-16 00:46 - 00000000 ____D C:\ProgramData\JWinManProJ
2015-08-11 00:21 - 2015-08-16 00:47 - 00000000 ____D C:\Program Files\ChilliTorrent
2015-08-11 00:21 - 2015-08-16 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChilliTorrent
2015-08-11 00:20 - 2015-08-11 10:31 - 00000000 ____D C:\Users\Micke\AppData\Local\gmsd_se_002030056
2015-08-11 00:20 - 2015-08-11 10:16 - 00000000 ____D C:\Program Files\gmsd_se_002030056
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
Reboot:
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{0B876DBB-BEB9-4595-9AF0-A114F564798A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B876DBB-BEB9-4595-9AF0-A114F564798A}" => key removed successfully.
C:\Windows\System32\Tasks\DNSHUGO => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DNSHUGO" => key removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D}\\NameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D}\\DhcpNameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0F6E3910-C206-4413-9627-A053B2CE128F}\\NameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018}\\NameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018}\\DhcpNameServer => value removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 => moved successfully
C:\Users\Micke\Documents\Optimizer Pro => moved successfully
C:\Program Files\69dc8177-a574-4dff-8461-b3267b078dcf => moved successfully
C:\ProgramData\Hepiwaewo => moved successfully
C:\ProgramData\JWinManProJ => moved successfully
C:\Program Files\ChilliTorrent => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChilliTorrent => moved successfully
C:\Users\Micke\AppData\Local\gmsd_se_002030056 => moved successfully
C:\Program Files\gmsd_se_002030056 => moved successfully

=========  ipconfig /flushdns =========


IP-konfiguration f�r Windows

DNS-matcharens cacheminne har rensats.

========= End of CMD: =========


=========  netsh winsock reset catalog =========


Winsock-katalogen har nollst�llts.
Du m�ste starta om datorn f�r att slutf�ra nollst�llningen.


========= End of CMD: =========


=========  netsh int ip reset c:\resetlog.txt =========

�terst�llning av Allm�n, OK!
�terst�llning av Gr�nssnitt, OK!
Slutf�r �tg�rden genom att starta om datorn.


========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog 20:44:42 ====

Länk till kommentar
Dela på andra webbplatser

Starta FRST.

Bocka för Addition.txt.

Skanna med FRST och klistra in eller bifoga de två nya loggarna.

 

Någon förbättring när det gäller Internet Explorer?

Länk till kommentar
Dela på andra webbplatser

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-08-2015
Ran by Micke (administrator) on MICKE-DATOR (05-09-2015 10:13:52)
Running from C:\Users\Micke\Desktop
Loaded Profiles: Micke (Available Profiles: Micke)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\w32x86\3\NetFaxServer.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Spotify Ltd) C:\Users\Micke\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(BitTorrent Inc.) C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\w32x86\3\NetFaxTray.exe
(Dropbox, Inc.) C:\Users\Micke\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-15] (Avast Software s.r.o.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [350072 2012-03-09] ()
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [spotify Web Helper] => C:\Users\Micke\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-03] (Spotify Ltd)
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [uTorrent] => C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-08-28] (BitTorrent Inc.)
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [spotify] => C:\Users\Micke\AppData\Roaming\Spotify\Spotify.exe [7535672 2015-09-03] (Spotify Ltd)
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Run: [Dropbox Update] => C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-15] (Avast Software s.r.o.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-07-04]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2014-08-28]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\w32x86\3\NetFaxTray.exe (Samsung Electronics Co., Ltd.)
Startup: C:\Users\Micke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1    mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 46.17.101.204 192.168.1.1
Tcpip\..\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D}: [DhcpNameServer] 46.17.101.204 192.168.1.1
Tcpip\..\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018}: [DhcpNameServer] 46.17.101.204 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2344796923-460791167-1111748507-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://se.msn.com/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-07] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Micke\AppData\Roaming\Mozilla\Firefox\Profiles\4vlvrbc8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-19] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-20]

Chrome:
=======
CHR Profile: C:\Users\Micke\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Micke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-20]
CHR Extension: (Google Wallet) - C:\Users\Micke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-20]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2009-08-18] (AMD) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2013-02-27] (Microsoft Corporation) [File not signed]
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [149504 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473600 2014-07-07] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473600 2014-07-07] (Microsoft Corporation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-15] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-06-15] (Avast Software)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2010-11-20] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [494592 2010-11-20] (Microsoft Corporation) [File not signed]
R3 BITS; C:\Windows\System32\qmgr.dll [585728 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [102912 2012-07-04] (Microsoft Corporation) [File not signed]
R3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1874104 2015-07-14] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [140288 2013-07-09] (Microsoft Corporation) [File not signed]
R2 CscService; C:\Windows\System32\cscsvc.dll [546304 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-03] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [144384 2010-11-20] (Microsoft Corporation) [File not signed]
R3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\System32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [556544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-14] (Microsoft Corporation) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086976 2010-11-20] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation) [File not signed]
S3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [906240 2014-08-22] (Microsoft Corporation) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [593408 2010-11-20] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [108032 2014-08-18] (Microsoft Corporation) [File not signed]
S3 IKEEXT; C:\Windows\System32\ikeext.dll [679424 2013-10-12] (Microsoft Corporation) [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [499712 2012-10-03] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [168960 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2010-11-20] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [235696 2015-06-26] (McAfee, Inc.)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [68096 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [566272 2010-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242176 2012-10-03] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-14] (Microsoft Corporation) [File not signed]
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PcaSvc; C:\Windows\System32\pcasvc.dll [157184 2014-07-07] (Microsoft Corporation) [File not signed]
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1004544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [293376 2011-05-24] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350208 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [119808 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [164352 2012-05-01] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [286208 2010-11-20] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [378416 2013-02-05] (Samsung Electronics Co., Ltd.)
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [750592 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2010-11-20] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [317440 2012-02-11] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-14] (Microsoft Corporation) [File not signed]
S2 StiSvc; C:\Windows\System32\wiaservc.dll [463360 2010-11-20] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1159168 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [521216 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-14] (Microsoft Corporation) [File not signed]
R3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-14] (Microsoft Corporation) [File not signed]
S3 UmRdpService; C:\Windows\System32\umrdp.dll [171008 2010-11-20] (Microsoft Corporation) [File not signed]
R3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [453632 2010-11-20] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1025536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1203200 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) [File not signed]
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1175040 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121792 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [85504 2010-11-20] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) [File not signed]
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [73216 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185344 2014-01-28] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2014-05-30] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [55296 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [52736 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2010-11-20] (Microsoft Corporation) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-06-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-06-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-06-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-06-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-06-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-06-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-06-15] ()
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [1096704 2009-07-14] (Atheros Communications, Inc.) [File not signed]
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [4994560 2009-08-18] (ATI Technologies Inc.) [File not signed]
S3 b06bdrv; C:\Windows\system32\drivers\bxvbdx.sys [430080 2009-07-14] (Broadcom Corporation) [File not signed]
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-14] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-23] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [13568 2009-07-14] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [5248 2009-07-14] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-14] (Brother Industries Ltd.) [File not signed]
R3 BthEnum; C:\Windows\system32\drivers\BthEnum.sys [34816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed]
R3 BthPan; C:\Windows\System32\DRIVERS\bthpan.sys [93696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [393728 2012-07-06] (Microsoft Corporation) [File not signed]
R3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [60416 2011-04-28] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\system32\drivers\circlass.sys [37888 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [14080 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation) [File not signed]
R1 CSC; C:\Windows\System32\drivers\csc.sys [388096 2010-11-20] (Microsoft Corporation) [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-14] (Microsoft Corporation) [File not signed]
S3 dmvsc; C:\Windows\system32\drivers\dmvsc.sys [62464 2010-11-20] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\drivers\evbdx.sys [3100160 2009-07-14] (Broadcom Corporation) [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-14] (Microsoft Corporation) [File not signed]
R3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\drivers\fdc.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-14] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-14] (Hauppauge Computer Works, Inc.) [File not signed]
R3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [304128 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [91136 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\system32\drivers\hidir.sys [37888 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] (Microsoft Corporation) [File not signed]
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [80896 2009-07-14] (Microsoft Corporation) [File not signed]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-14] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-14] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2013-07-04] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-27] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-09] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-27] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\drivers\parport.sys [79360 2009-07-14] (Microsoft Corporation) [File not signed]
S2 Parvdm; C:\Windows\system32\drivers\parvdm.sys [8704 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\drivers\processr.sys [52224 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-14] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] (Microsoft Corporation) [File not signed]
R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation) [File not signed]
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [133632 2010-11-20] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [15872 2010-11-20] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [183808 2012-04-28] (Microsoft Corporation) [File not signed]
R3 RFCOMM; C:\Windows\System32\DRIVERS\rfcomm.sys [129536 2009-07-14] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
S3 s3cap; C:\Windows\system32\drivers\vms3cap.sys [5632 2010-11-20] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 Serenum; C:\Windows\system32\drivers\serenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [83456 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 SiSGbeLH; C:\Windows\System32\DRIVERS\SiSGB6.sys [48128 2009-07-14] (Silicon Integrated Systems Corp.) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-29] (Microsoft Corporation) [File not signed]
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2013-04-10] (Samsung Electronics) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2012-10-03] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-17] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2010-11-20] (Microsoft Corporation) [File not signed]
S3 terminpt; C:\Windows\system32\drivers\terminpt.sys [25600 2010-11-20] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2013-06-15] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [52224 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [27264 2010-11-20] (Microsoft Corporation) [File not signed]
S3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [112640 2010-11-20] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [39936 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\drivers\umpass.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [43520 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [20480 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [36352 2013-07-03] (Microsoft Corporation) [File not signed]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-11] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146816 2013-07-12] (Microsoft Corporation) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-06-15] (Avast Software)
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ViaC7; C:\Windows\system32\drivers\viac7.sys [52736 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [17920 2010-11-20] (Microsoft Corporation) [File not signed]
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-14] (Microsoft Corporation) [File not signed]
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [21632 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation) [File not signed]
S3 cpuz134; \??\C:\Users\Micke\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-05 10:13 - 2015-09-05 10:15 - 00045110 _____ C:\Users\Micke\Desktop\FRST.txt
2015-09-04 20:41 - 2015-09-03 21:13 - 01690624 _____ (Farbar) C:\Users\Micke\Desktop\FRST.exe
2015-09-04 09:50 - 2015-09-04 10:03 - 00002664 _____ C:\Windows\IE11_main.log
2015-09-04 09:50 - 2015-09-04 09:50 - 02077392 _____ (Microsoft Corporation) C:\Users\Micke\Downloads\IE11-Windows6.1.exe
2015-09-04 09:17 - 2015-09-04 09:33 - 00000000 ____D C:\Users\Micke\Desktop\Virus(3)
2015-09-04 00:17 - 2015-09-04 09:03 - 00000000 ____D C:\AdwCleaner
2015-09-04 00:14 - 2015-09-04 00:14 - 01654272 _____ C:\Users\Micke\Desktop\adwcleaner_5.005.exe
2015-09-03 21:14 - 2015-09-05 10:14 - 00000000 ____D C:\FRST
2015-09-03 19:41 - 2015-09-03 19:41 - 00000000 ____D C:\Users\Micke\Desktop\Ny mapp (2)
2015-09-03 14:56 - 2015-09-04 21:13 - 00000224 _____ C:\Windows\setupact.log
2015-09-03 14:56 - 2015-09-03 14:56 - 00000000 _____ C:\Windows\setuperr.log
2015-09-03 14:54 - 2015-09-04 19:58 - 00005700 _____ C:\Windows\PFRO.log
2015-09-01 22:05 - 2015-09-01 22:05 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-01 06:10 - 2015-09-01 06:10 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Optimizer Pro
2015-08-27 14:26 - 2015-08-27 14:26 - 00000000 ____D C:\Program Files\RelayLevel
2015-08-27 14:26 - 2015-08-27 14:26 - 00000000 ____D C:\Program Files\ProcessInit
2015-08-26 05:26 - 2015-08-26 19:20 - 00000000 ____D C:\Windows\Minidump
2015-08-25 14:33 - 2015-08-25 14:34 - 00106132 _____ C:\Users\Micke\Desktop\cc_20150825_143319.reg
2015-08-25 11:40 - 2015-06-15 06:26 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-08-23 20:51 - 2015-08-23 20:51 - 00000000 ____D C:\Users\Micke\Documents\Scan
2015-08-19 09:38 - 2015-08-19 09:38 - 00053973 _____ C:\Users\Micke\Desktop\ACFrOgA40i1ByRHs2fXMUZEgkjmDIpfTRJoov4G7JFK2EFrZ-vrQw5V9mZykcV_jUT3KMNWNs1qgFRfugGg0jugG1rpPRZjLFs-GiKMG1bgvamkytb798REZL06gnqs=
2015-08-19 09:36 - 2015-08-19 09:36 - 00013996 _____ C:\Users\Micke\Downloads\ACFrOgDmDrogVpPLhinxfI6xYc3-p1lwt-2Hr3oScRw22Hhzd9t5CTmWTf9xGrqXRm79ze04EHVgf8oRyQD0SSKTzakRzMKSXF3C81qm4DRqwqoXnxdk7RZ9-gfz6Z0=
2015-08-16 00:14 - 2015-06-26 18:28 - 00428120 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw2E15.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00209048 _____ C:\Windows\system32\Drivers\asw3122.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw3567.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw200D.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00074976 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw27FB.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00049904 _____ C:\Windows\system32\Drivers\asw2B94.tmp
2015-08-16 00:14 - 2015-06-15 06:27 - 00024144 _____ C:\Windows\system32\Drivers\asw2471.tmp
2015-08-16 00:14 - 2015-06-15 06:26 - 00787760 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\asw1996.tmp
2015-08-13 07:44 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 5 Complete 720p.BRrip.Sujaidr
2015-08-13 07:39 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 4 Complete 720p.BRrip.Sujaidr
2015-08-13 07:14 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 3 Complete 720p.BRrip.Sujaidr
2015-08-13 07:13 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 2 Complete 720p.BRrip.Sujaidr
2015-08-13 07:02 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Downloads\Breaking Bad Season 1 Complete 720p.BRrip.Sujaidr
2015-08-12 20:11 - 2015-08-16 00:46 - 00000000 ____D C:\Users\Micke\Desktop\Breaking Bad Season 1, 2, 3, 4 & 5 + Extras BDRip DVDRip HDTV TSV
2015-08-12 15:11 - 2015-08-12 15:11 - 00013996 _____ C:\Users\Micke\Desktop\ACFrOgCnktbCZqhEkiAAeAZdKdXVNlV4yMJh2U4GdGM_QTMsBQOL4daXmJmKTDplunANCA3bnVqXmJ5KLi8heTuGQyQ4bv-hpEGTzZaR10PbWUCUrYyNPY146JQtus4=
2015-08-09 13:26 - 2015-08-10 01:16 - 00000000 ____D C:\Users\Micke\Desktop\Ny mapp
2015-08-08 14:35 - 2015-08-08 14:35 - 00074792 _____ C:\Users\Micke\Desktop\ACFrOgACWmNNDt_AZVFMcVHw2hZ__2vq9vtFvHQ1qN2R-PWRsYr9VHLZLtw-t-WFdAvKyt9TIYp94NXoyBwiXrbawL-G-Hj1X4cZvXy-Q2d5pBWHaqGHkiNnK0ZMl3M=
2015-08-07 10:08 - 2015-08-07 10:08 - 00000000 ____D C:\Users\Micke\AppData\Local\CEF
2015-08-07 00:21 - 2015-09-03 14:54 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-05 10:16 - 2015-01-25 20:37 - 00000000 ____D C:\Users\Micke\AppData\Roaming\uTorrent
2015-09-05 10:02 - 2014-08-22 19:42 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-05 09:59 - 2014-08-20 12:18 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-05 09:59 - 2014-08-20 12:17 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-05 09:58 - 2015-06-20 22:48 - 00001014 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000UA.job
2015-09-05 09:38 - 2014-08-19 21:09 - 01240177 _____ C:\Windows\WindowsUpdate.log
2015-09-05 08:58 - 2015-06-20 22:48 - 00000962 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000Core.job
2015-09-04 21:45 - 2014-10-12 16:20 - 00000000 ____D C:\Users\Micke\AppData\Local\Spotify
2015-09-04 21:37 - 2009-07-14 06:34 - 00032976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-04 21:37 - 2009-07-14 06:34 - 00032976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-04 21:34 - 2014-10-12 16:17 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Spotify
2015-09-04 21:34 - 2014-08-23 16:10 - 00000000 ___RD C:\Users\Micke\Dropbox
2015-09-04 21:34 - 2014-08-23 14:56 - 00000000 ____D C:\Users\Micke\AppData\Roaming\Dropbox
2015-09-04 21:16 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-03 19:36 - 2014-08-20 09:22 - 00000000 ____D C:\Users\Micke\Documents\Outlook-filer
2015-09-03 14:54 - 2014-08-19 21:51 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-25 15:31 - 2015-06-15 09:06 - 00000000 __SHD C:\Jumpshot
2015-08-25 14:46 - 2014-08-19 21:51 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-25 14:46 - 2014-08-19 21:51 - 00001072 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-25 14:44 - 2015-06-15 09:06 - 00000000 ____D C:\Windows\jumpshot.com
2015-08-25 13:16 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-25 12:32 - 2015-07-04 14:44 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-08-25 12:32 - 2014-08-20 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-25 12:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\wfp
2015-08-25 12:32 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2015-08-25 12:30 - 2014-08-20 09:28 - 00000000 __RHD C:\MSOCache
2015-08-25 12:13 - 2014-08-19 22:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-25 11:50 - 2014-08-19 21:43 - 00000000 ____D C:\Users\Micke
2015-08-17 05:33 - 2015-07-30 14:02 - 00000000 ____D C:\Windows\system32\MRT
2015-08-17 05:16 - 2015-07-30 14:02 - 129304528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-16 09:48 - 2014-08-22 19:42 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-16 09:48 - 2014-08-22 19:42 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-16 00:47 - 2015-07-22 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-08-16 00:47 - 2015-07-22 15:15 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-08-16 00:47 - 2014-08-22 19:42 - 00000000 ____D C:\Windows\system32\Macromed
2015-08-16 00:07 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles
2015-08-09 14:39 - 2011-04-12 08:32 - 00663312 _____ C:\Windows\system32\perfh01D.dat
2015-08-09 14:39 - 2011-04-12 08:32 - 00142080 _____ C:\Windows\system32\perfc01D.dat
2015-08-09 14:39 - 2010-11-20 23:01 - 01578190 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2014-10-20 17:38 - 2014-10-20 17:38 - 0000017 _____ () C:\Users\Micke\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Micke\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpf6pnhw.dll
C:\Users\Micke\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Micke\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\dnsapi.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-01 17:15

==================== End of FRST.txt ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-08-2015
Ran by Micke (2015-09-05 10:18:49)
Running from C:\Users\Micke\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administratör (S-1-5-21-2344796923-460791167-1111748507-500 - Administrator - Disabled)
Gäst (S-1-5-21-2344796923-460791167-1111748507-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2344796923-460791167-1111748507-1002 - Limited - Enabled)
Micke (S-1-5-21-2344796923-460791167-1111748507-1000 - Administrator - Enabled) => C:\Users\Micke

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Svenska (HKLM\...\{AC76BA86-7AD7-1053-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Dropbox (HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
GOM Player (HKLM\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.13 - Google Inc.) Hidden
Läs bruksanvisningen (HKLM\...\View User Guide) (Version: 3.60.02.0 - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - sv-se (HKLM\...\ProPlusRetail - sv-se) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 sv-SE) (HKLM\...\Mozilla Firefox 40.0.3 (x86 sv-SE)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Samsung C460 Series (HKLM\...\Samsung C460 Series) (Version: 1.02 (2013-07-11) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM\...\Samsung Easy Document Creator) (Version: 1.05.61 (2013-04-10) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM\...\Samsung Easy Printer Manager) (Version: 1.03.23.00(2013-05-03) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM\...\Easy Wireless Setup) (Version: 3.60.40.03 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM\...\Samsung Network PC Fax) (Version: 1.09.14 (2013-02-05) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (Version: 1.00.56.01 - Samsung Electronics Co., Ltd.) Hidden
SNS Upload for Easy Document Creator (HKLM\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Spotify (HKU\S-1-5-21-2344796923-460791167-1111748507-1000\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Micke\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2344796923-460791167-1111748507-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Micke\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Restore Points =========================

05-09-2015 03:00:15 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2015-07-22 15:15 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1    mssplus.mcafee.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09BC86A8-E454-433F-9C12-561AD4D70E9D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {2B0BD56B-3AF7-4D48-91F7-67BBBEBEF013} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000Core => C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {41A4F5DA-E0F2-49BC-A841-63803D5319C3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {44E59D31-4399-490C-894D-F55DD106773D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {58919A09-90BD-4062-BDC1-370C8EEBF5C7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2015-07-14] (Microsoft Corporation)
Task: {639C62ED-1F49-4FF4-975A-AB2CE1729F24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {730C0496-93B3-4857-A1D5-7E3987365A31} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000UA => C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {CD2EA173-D0C1-430F-8B92-A38A05B18A01} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {D15F926C-880E-441D-956A-23B320C63E74} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-16] (Adobe Systems Incorporated)
Task: {D44CC134-F680-413D-9DDF-059428F1B617} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {D60E030D-D5FE-4F20-8DED-B4307A97DD2E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-25] (Avast Software s.r.o.)
Task: {EE871092-1E80-4601-AEB0-830303EC1A95} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000Core.job => C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2344796923-460791167-1111748507-1000UA.job => C:\Users\Micke\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-06-15 06:26 - 2015-06-15 06:26 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-15 06:26 - 2015-06-15 06:26 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-04 20:09 - 2015-09-04 20:09 - 02964480 _____ () C:\Program Files\AVAST Software\Avast\defs\15090402\algo.dll
2014-08-28 13:36 - 2013-05-06 08:04 - 00024064 _____ () C:\Windows\System32\sst9clm.dll
2014-08-19 22:12 - 2014-05-20 03:11 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2015-03-18 16:31 - 2015-03-18 16:31 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-03-09 09:58 - 2012-03-09 09:58 - 00350072 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00056696 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2015-09-04 21:32 - 2015-09-04 21:32 - 00071168 _____ () c:\users\micke\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpf6pnhw.dll
2015-09-01 22:05 - 2015-08-05 07:26 - 00012800 _____ () C:\Users\Micke\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-09-01 22:05 - 2015-08-05 07:26 - 00779776 _____ () C:\Users\Micke\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-09-01 22:05 - 2015-08-05 07:26 - 00056320 _____ () C:\Users\Micke\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-09-01 22:05 - 2015-08-05 07:26 - 00012288 _____ () C:\Users\Micke\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-08-16 09:48 - 2015-08-16 09:48 - 17482952 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2344796923-460791167-1111748507-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Micke\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 46.17.101.204 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4237C3EC-9295-4B39-A0BD-7E2DF29E277B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{4720D742-DCE8-44A2-B771-4BD3DF78CE8B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E78AB09F-9589-4F0E-8D50-F72864459507}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{04C42982-BD40-4E91-BBF9-F14B20F6401C}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8C4A3B6E-D9E7-469A-8E1B-592473D42F6E}] => (Allow) C:\Users\Micke\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{174E6398-989A-4C49-B562-FA8022A815A5}] => (Allow) C:\Users\Micke\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{58AE0FD2-73EA-4047-95C0-ACD4E4D42C48}] => (Allow) C:\Windows\twain_32\Samsung\SLC460\ScanCDLM\ScanCDLM.exe
FirewallRules: [{DC929D9A-6BAF-4BE5-AFAC-E09D3667CB75}] => (Allow) C:\Windows\twain_32\Samsung\SLC460\ScanCDLM\ScanCDLM.exe
FirewallRules: [{BD97CC4D-161A-4779-9457-A5378009334B}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{E80FA658-6C7F-4BAD-A5EF-9925A2714134}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{4F1E9C2E-B434-4E83-870B-08FB9B6A9ACD}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{AF0AB7F1-FBC1-404B-B5D4-C69F1F8E6139}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{2DA648F7-9BFF-4B42-AA15-6D6FFEE35D50}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{21BDE5E7-F3C8-4A6A-90A7-1B023FEC9FE1}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{CAB7FE27-8DA4-45E3-AE95-DA3194FD2574}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{CDA74FD1-AEF0-4A7C-AFEC-E820C7F3AADD}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{EB819BF7-E3EC-45C5-9B4E-5198B395B2BB}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{D0735AF7-2280-4A67-AA07-9C39728B36BC}] => (Allow) C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{DD99FD4E-1335-475B-99F9-AF3FB9EAB175}] => (Allow) C:\Program Files\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{13275830-600C-407D-8B1E-EF11552C537F}] => (Allow) C:\Program Files\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [TCP Query User{1859F2A1-BCF3-42DE-907E-5B7AD79EEA44}C:\users\micke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micke\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{0921A62C-70C6-42FD-A562-14729168A928}C:\users\micke\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\micke\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{35E72BB7-3855-4938-B3AB-065F2691F877}C:\users\micke\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\micke\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{6C7B64DB-1C6C-44F5-B975-E277323C47F9}C:\users\micke\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\micke\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FA4CF73B-7D86-41F7-8B70-88589627EDB4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3C89BB29-4F94-4778-A404-C7470ECC9D00}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AED2765B-185E-4262-A6CE-AE8AD52BCAFA}] => (Allow) C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A1953D07-F9CE-4B63-8A72-80E79593DF74}] => (Allow) C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{92D8A5C9-0769-43F2-8F8C-BF081D2D4E11}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [uDP Query User{D35A8B0F-8405-4696-8D2C-3C01836DA6C5}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{9DDF6DF9-FADE-4152-84E2-245C2FE232B9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{D6958697-067F-4014-A4D0-4B7A90BFC74E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{0532C6E4-34D7-441F-8526-227A29BF7700}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D9B0629A-B7A3-4139-A3C4-A5B9E745EAB8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{1BEA463B-390A-496E-BA88-C5C4AFD5407D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/04/2015 09:17:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 08:43:13 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Fel i tjänsten Volume Shadow Copy: Oväntat fel när gränssnittet IVssWriterCallback skulle erhållas.  hr = 0x80070005, Åtkomst nekad.
.
Det orsakas ofta av inkorrekta säkerhetsinställningar i processen för antingen skrivaren eller beställaren.


Åtgärd:
   Samlar in skrivardata

Kontext:
   Skrivarklass-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Skrivarnamn: System Writer
   Skrivarinstans-ID: {76b894b9-b93f-48ef-87a2-944e3e52585a}

Error: (09/04/2015 08:01:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 09:14:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 01:21:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1.
Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.

Error: (09/04/2015 01:21:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1.
Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.

Error: (09/04/2015 01:21:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Det gick inte att skapa aktiveringskontext för Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1.
Den beroende sammansättningen Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" kunde inte hittas.
Använd sxstrace.exe om du vill diagnostisera ytterligare.

Error: (09/03/2015 03:16:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programmet uTorrent.exe, version 3.4.4.40911, avslutades eftersom det slutade att samverka med Windows. Ytterligare information kan finnas i problemhistoriken på kontrollpanelen för Åtgärdscentret och lösningar.

Process-ID: 2ec

Starttid: 01d0e64a8d729a7f

Avslutningstid: 5492

Programsökväg: C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exe

Rapport-ID: e82cb786-523d-11e5-8979-001a7d0abf3d

Error: (09/03/2015 03:01:43 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Det går inte att initiera indexet.

Information:
    Innehållsindexets katalog är skadad.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/03/2015 03:01:43 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Det går inte att initiera programmet.

Kontext: program Windows

Information:
    Innehållsindexets katalog är skadad.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (09/05/2015 05:26:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT instans)
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x800706f7: Uppdatering för Windows 7 (KB3006137).

Error: (09/05/2015 03:03:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT instans)
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x800706f7: Säkerhetsuppdatering för Microsoft .NET Framework 3.5.1 i Windows 7 SP1 x86 (KB3032655).

Error: (09/05/2015 03:03:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT instans)
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x800706f7: Säkerhetsuppdatering för Windows 7 (KB3046269).

Error: (09/05/2015 03:03:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT instans)
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x800706f7: Säkerhetsuppdatering för Microsoft .NET Framework 3.5.1 i Windows 7 SP1 x86 (KB3037574).

Error: (09/05/2015 03:03:03 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT instans)
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x800706f7: Säkerhetsuppdatering för Microsoft .NET Framework 3.5.1 i Windows 7 SP1 x86 (KB3072305).

Error: (09/05/2015 03:01:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT instans)
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x800706f7: Säkerhetsuppdatering för Microsoft .NET Framework 3.5.1 i Windows 7 SP1 x86 (KB3023215).

Error: (09/05/2015 01:04:40 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Master browser har mottagit ett meddelande från datorn MARTIN-PC
som tror att den är master browser för domänen på transporten NetBT_Tcpip_{11124D57-F19C-4653-960F-42B27E12. Master browser
stannar eller ett val tvingas att göras.

Error: (09/04/2015 10:59:58 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (09/04/2015 09:38:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Tjänsten Windows Defender avbröts med följande fel:
%%-2147023113

Error: (09/04/2015 09:31:11 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Skuggkopiorna för volymen C: togs bort eftersom lagringsutrymmet för skuggkopian inte kunde växa snabbt nog. Överväg att minska I/O-belastning i datorn eller välj en volym för lagringsutrymmet som inte ingår i en skuggkopia.


Microsoft Office:
=========================
Error: (09/04/2015 09:17:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 08:43:13 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Åtkomst nekad.


Åtgärd:
   Samlar in skrivardata

Kontext:
   Skrivarklass-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Skrivarnamn: System Writer
   Skrivarinstans-ID: {76b894b9-b93f-48ef-87a2-944e3e52585a}

Error: (09/04/2015 08:01:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 09:14:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/04/2015 01:21:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\network pc fax\drv\NetFaxTray64.exe

Error: (09/04/2015 01:21:24 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\network pc fax\drv\NetFaxMon64.exe

Error: (09/04/2015 01:21:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung c460 series\Setup\Setup\bin\wiainst64.exe

Error: (09/03/2015 03:16:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: uTorrent.exe3.4.4.409112ec01d0e64a8d729a7f5492C:\Users\Micke\AppData\Roaming\uTorrent\uTorrent.exee82cb786-523d-11e5-8979-001a7d0abf3d

Error: (09/03/2015 03:01:43 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Information:
    Innehållsindexets katalog är skadad.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/03/2015 03:01:43 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: program Windows

Information:
    Innehållsindexets katalog är skadad.  (HRESULT : 0xc0041801) (0xc0041801)


CodeIntegrity:
===================================
  Date: 2015-09-04 21:45:38.240
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-04 21:32:20.891
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-04 21:15:47.279
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-04 20:31:00.064
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-04 20:00:34.465
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-04 09:35:13.947
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-04 09:13:59.861
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-04 09:03:16.727
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-03 15:15:03.786
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.

  Date: 2015-09-03 14:57:21.011
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\audiodg.exe because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core2 Duo CPU T5850 @ 2.16GHz
Percentage of memory in use: 64%
Total physical RAM: 3071.27 MB
Available physical RAM: 1081.08 MB
Total Virtual: 6140.84 MB
Available Virtual: 2978.79 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:149.04 GB) (Free:22.19 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:137.33 GB) (Free:58.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=1C)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=137.3 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

Länk till kommentar
Dela på andra webbplatser

Starta FRST.

Bocka för Addition.txt.

Skanna med FRST och klistra in eller bifoga de två nya loggarna.

 

Någon förbättring när det gäller Internet Explorer?

Nej ingen skillnad, den börjar starta upp och flashar till men kommer aldrig upp

Länk till kommentar
Dela på andra webbplatser

När man är ute på webben så ser sidorna konstiga ut, vissa ord blir kraftigt markerade med en reklam popup länkad till ordet, det är en sån som låser eset sidan

Länk till kommentar
Dela på andra webbplatser

Ja, inställningarna till de falska DNS-servrarna är tillbaka.

 

Spara RougueKiller på Skrivbordet: http://www.adlice.com/softwares/roguekiller/
För 32-bitars Windows: Klicka på en av de tre första knapparna som det står "Portable 32 bits" på.
För 64-bitars Windows: Klicka på en av de tre första knapparna som det står "Portable 64 bits" på.
Stäng av alla program.
Ta bort alla externa enheter, t ex USB-minnen och externa hårddiskar, utom tangentbord och mus. Låt dem vara bortkopplade medan rensningen pågår.

Kör RogueKiller (i Vista och Windows 7 högerklicka på programmet och välj "Kör som administratör). Om det inte går att köra så pröva flera gång, men om det fortfarande inte går så pröva med att döpa om programmet till winlogon.exe.

Vänta tills "Prescan" har avslutats.
Klicka på "Scan"-knappen uppe till höger.
Vänta tills skanningen är klar.
Klicka på "Report"-knappen.
En rapport skapas. Klistra in innehållet i den i ditt svar.
 

Länk till kommentar
Dela på andra webbplatser

RogueKiller V10.10.4.0 [sep  4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Micke [Administrator]
Started from : C:\Users\Micke\Desktop\RogueKiller.exe
Mode : Scan -- Date : 09/05/2015 18:39:32

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 9 ¤¤¤
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 46.17.101.204 192.168.1.1 ([X][-])  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 46.17.101.204 192.168.1.1 ([X][-])  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 46.17.101.204 192.168.1.1 ([X][-])  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D} | DhcpNameServer : 46.17.101.204 192.168.1.1 ([X][-])  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018} | DhcpNameServer : 46.17.101.204 192.168.1.1 ([X][-])  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D} | DhcpNameServer : 46.17.101.204 192.168.1.1 ([X][-])  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018} | DhcpNameServer : 46.17.101.204 192.168.1.1 ([X][-])  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{033F4DAA-4461-435E-92E4-ABA38DDB944D} | DhcpNameServer : 46.17.101.204 192.168.1.1 ([X][-])  -> Found
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{11124D57-F19C-4653-960F-42B27E12A018} | DhcpNameServer : 46.17.101.204 192.168.1.1 ([X][-])  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 0.0.0.1    mssplus.mcafee.com

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST9320320AS ATA Device +++++
--- User ---
[MBR] a142dc25c21ed30c022c0aecfddff8bf
[bSP] c83f6d3cdea8c218388548da794008b8 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 12001 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 24579450 | Size: 152617 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 337140090 | Size: 140623 MB
User = LL1 ... OK
User = LL2 ... OK
 

Länk till kommentar
Dela på andra webbplatser

Stäng av alla program inklusive antivirusprogram och liknande.
Kör RogueKiller (i Vista och Windows 7 högerklicka på programmet och välj "Kör som administratör).
Vänta tills "Prescan" har avslutats.

Gå igenom flikarna och se till att det bara är på fliken "Registry" som något är valt.

Klicka på "Delete"-knappen.

Starta om datorn.
En till "RKreport.txt" ska då ha skapats på Skrivbordet.
Klistra in dess innehåll i ditt svar.
 

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...