Just nu i M3-nätverket
Gå till innehåll

millpark10

Medlem
  • Antal inlägg

    71
  • Gick med

  • Senaste besök

Om millpark10

  • Medlemstitel
    Användare

Profil

  • Kön
    Man
  • Ort
    Norra StorStockholm
  1. Hej Cecilia Java hade jag missat, slarvigt. AVG gjorde något bra också. Diskrensning var också gjort så det gav inget extra. Stort jättetack, du är bäst! /millpark10 (Som vanligt, en olycka kommer sällan ensam, lagom till jag var klar med denna kommer lillebror över med sin, återigen, spel-nerlusade dator. Ska ta bort sånt jag kan och återkommer om det behövs log-läsning.)
  2. Hej Cecilia Länge sedan jag bad om din hjälp. Har lämnat tidigare jobb och pillar ännu mindre på datorer än förut, men släkt o vänner kommer jag inte undan ;) Nu har jag fått en laptop på halsen som en kompis vill ha ren från spel och annat som segar ner den. Jag har avinstallerat en hel drös med sånt som inte ska användas mer. Undrar om du kan kika på filerna och se vad ytterligare jag kan göra. Har även virussökt den då det verkade finnas tveksamma program och även kört en omgång med adwcleaner. Den verkar funka rätt hyggligt nu. Misstänker att windows update inte har installerat allt som den borde ha gjort, men får inte hem fler updates just nu iaf. (update tisdag idag så vem vet vad som händer iofs.) Stort tack. /millpark10 FRST.txt Addition.txt AdwCleaner[C00].txt AdwCleaner[S00].txt
  3. millpark10

    Hjälp m log o ev rensning

    Allt rensat o verkar funka som det ska. Ett riktigt Gott Nytt År till dig! /millpark10
  4. millpark10

    Hjälp m log o ev rensning

    Tack snälla Cecilia, igen! Ta bort FRST gör jag väl med Delfix och ADWCleaner hade en knapp/menyval förut iaf för uninstall. Kollar o återkommer ifall jag misslyckas. //millpark10
  5. millpark10

    Hjälp m log o ev rensning

    Hej Cecilia, Här är fixlog.txt Blev det klart där? //millpark10 Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016 Ran by Daniel (30-12-2016 01:50:37) Run:1 Running from C:\Users\Daniel\Downloads\AV_2016re Loaded Profiles: Daniel (Available Profiles: Daniel) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: CloseProcesses: C:\ProgramData\TEMP FirewallRules: [{A2AC0D24-9324-451C-993B-CD409ACF6403}] => C:\Users\Daniel\AppData\Local\iLivid\iLivid.exe FirewallRules: [{A47891CD-B11D-4C1C-9D4F-98A9E98D49C5}] => C:\Users\Daniel\AppData\Local\iLivid\iLivid.exe FirewallRules: [{DB945AA8-75C1-4B5B-96DE-59A3786C5EDC}] => C:\Users\Daniel\AppData\Local\Temp\nsfDE7F.tmp\Installer-185664.exe FirewallRules: [{7B767052-3464-4521-8262-D8DC71568346}] => C:\Users\Daniel\AppData\Local\Temp\nsfDE7F.tmp\Installer-185664.exe KU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {406b7ffb-ea8e-11e4-b8bb-705ab6a76618} - E:\startme.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {85bb1a00-39ba-11e5-a74f-0026c606fa42} - E:\AutoRun.exe Reboot: ***************** Restore point was successfully created. Processes closed successfully. C:\ProgramData\TEMP => moved successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2AC0D24-9324-451C-993B-CD409ACF6403} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A47891CD-B11D-4C1C-9D4F-98A9E98D49C5} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB945AA8-75C1-4B5B-96DE-59A3786C5EDC} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7B767052-3464-4521-8262-D8DC71568346} => value removed successfully KU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe => Error: No automatic fix found for this entry. "HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{406b7ffb-ea8e-11e4-b8bb-705ab6a76618}" => key removed successfully HKCR\CLSID\{406b7ffb-ea8e-11e4-b8bb-705ab6a76618} => key not found. "HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{85bb1a00-39ba-11e5-a74f-0026c606fa42}" => key removed successfully HKCR\CLSID\{85bb1a00-39ba-11e5-a74f-0026c606fa42} => key not found. The system needed a reboot. ==== End of Fixlog 01:50:53 ====
  6. millpark10

    Hjälp m log o ev rensning

    Hej igen, Då var jag iaf på rätt väg med min tanke om ADWClean, och har lyckats avinstallera det mesta på hyggligt sätt. Körde ADWclean och en ny FRST, loggar följer. //millpark 10 Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016 Ran by Daniel (administrator) on DANIEL-HP-DATOR (29-12-2016 19:54:18) Running from C:\Users\Daniel\Downloads\AV_2016re Loaded Profiles: Daniel (Available Profiles: Daniel) Platform: Windows 7 Professional Service Pack 1 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE () C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe () C:\Windows\SysWOW64\SecUPDUtilSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Windows\vsnpstd3.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Windows\FixCamera.exe () C:\Windows\tsnpstd3.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated) HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] () HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [soundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) HKLM-x32\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [20480 2007-02-10] () HKLM-x32\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] () HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [270336 2007-03-10] () HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\Run: [sTUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] () HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {406b7ffb-ea8e-11e4-b8bb-705ab6a76618} - E:\startme.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {85bb1a00-39ba-11e5-a74f-0026c606fa42} - E:\AutoRun.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{09899BC7-D371-400D-A83B-434138817B2A}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{9B695061-0E4A-437C-AC02-6CB824B1575C}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{9E635E13-5235-446F-90EE-F1ABC5F48E07}: [DhcpNameServer] 172.20.10.1 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-2331861272-3787314368-3103865204-1000 -> {2B200296-A4CF-4713-9F9B-9733A2AAA664} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-2331861272-3787314368-3103865204-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-25] (AVAST Software) BHO: No Name -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> No File BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\blnangbh.default-1477310370794 [2016-12-29] FF Homepage: Mozilla\Firefox\Profiles\blnangbh.default-1477310370794 -> hxxps://www.google.com/ FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] () FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] () FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2331861272-3787314368-3103865204-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-09-01] (Sony Network Entertainment International LLC) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default [2016-12-29] CHR Extension: (Google Presentationer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15] CHR Extension: (Google Dokument) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-23] CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-23] CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-18] CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-23] CHR Extension: (Google Kalkylark) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-15] CHR Extension: (Google Dokument Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-21] CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-29] CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-27] CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-18] CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-29] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software) R2 SamsungCloudPrintSvc; C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe [907568 2016-01-28] () R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2016-04-28] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S4 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2085760 2016-09-16] (Sony) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software) R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130688 2014-03-14] (Gemalto) R3 HBtnKey; C:\Windows\System32\DRIVERS\cpqbttn.sys [19000 2010-02-24] (Hewlett-Packard Company) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2014-07-15] (Apple Inc.) [File not signed] R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1875624 2008-10-09] () S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550656 2007-03-26] (Sonix Co. Ltd.) S3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10252544 2007-03-26] (Sonix Co. Ltd.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-29 02:35 - 2016-12-29 19:54 - 00000000 ____D C:\FRST 2016-12-29 02:33 - 2016-12-29 19:54 - 00000000 ____D C:\Users\Daniel\Downloads\AV_2016re 2016-12-29 02:26 - 2016-12-29 18:58 - 00000000 ____D C:\AdwCleaner 2016-12-28 14:49 - 2016-12-28 14:50 - 00000000 ____D C:\Users\Daniel\Desktop\MSupdates 2016-12-28 14:46 - 2016-12-28 14:46 - 00000000 ____D C:\2cd80aef570097c8e78c11630f 2016-12-27 03:14 - 2016-06-11 07:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-12-27 03:14 - 2016-06-11 05:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-12-27 03:14 - 2016-06-10 22:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-12-27 03:14 - 2016-06-10 22:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-12-27 03:14 - 2016-06-10 22:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-12-27 03:14 - 2016-06-10 22:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-12-27 03:14 - 2016-06-10 22:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-12-27 03:14 - 2016-06-10 22:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-12-27 03:14 - 2016-06-10 22:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-12-27 03:14 - 2016-06-10 22:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-12-27 03:14 - 2016-06-10 22:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-12-27 03:14 - 2016-06-10 22:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-12-27 03:14 - 2016-06-10 22:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-12-27 03:14 - 2016-06-10 22:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-12-27 03:14 - 2016-06-10 21:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-12-27 03:14 - 2016-06-10 21:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-12-27 03:14 - 2016-06-10 21:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-12-27 03:14 - 2016-06-10 21:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-12-27 03:14 - 2016-06-10 21:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-12-27 03:14 - 2016-06-10 21:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-12-27 03:14 - 2016-06-10 21:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-12-27 03:14 - 2016-06-10 21:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-12-27 03:14 - 2016-06-10 21:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-12-27 03:14 - 2016-06-10 21:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-12-27 03:14 - 2016-06-10 21:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-12-27 03:14 - 2016-06-10 21:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-12-27 03:14 - 2016-06-10 21:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-12-27 03:14 - 2016-06-10 20:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-12-27 03:14 - 2016-06-10 20:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-12-27 03:14 - 2016-06-10 20:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-12-27 03:14 - 2016-06-10 20:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-12-27 03:14 - 2016-06-10 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-12-27 03:14 - 2016-06-10 19:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-12-27 03:14 - 2016-06-10 19:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-12-27 03:14 - 2016-06-10 19:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-12-27 03:14 - 2016-06-10 19:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-12-27 03:14 - 2016-06-10 19:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-12-27 03:14 - 2016-06-10 19:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-12-27 03:14 - 2016-06-10 19:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-12-27 03:14 - 2016-06-10 19:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-12-27 03:14 - 2016-06-10 19:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-12-27 03:14 - 2016-06-10 19:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-12-27 03:14 - 2016-06-10 19:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-12-27 03:14 - 2016-06-10 19:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-12-27 03:14 - 2016-06-10 19:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-12-27 03:14 - 2016-06-10 19:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-12-27 03:14 - 2016-06-10 19:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-12-27 03:14 - 2016-06-10 19:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-12-27 03:14 - 2016-06-10 19:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-12-27 03:14 - 2016-06-10 19:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-12-27 03:14 - 2016-06-10 19:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-12-27 03:14 - 2016-06-10 19:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-12-27 03:14 - 2016-06-10 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-12-27 03:14 - 2016-06-10 19:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-12-27 03:14 - 2016-06-10 19:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-12-27 03:14 - 2016-06-10 19:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-12-27 03:14 - 2016-06-10 18:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-12-27 03:14 - 2016-06-10 18:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-12-27 03:14 - 2016-06-10 18:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-12-27 03:14 - 2016-06-10 18:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-12-27 03:13 - 2016-06-10 22:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-12-27 03:13 - 2016-06-10 22:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-12-27 03:13 - 2016-06-10 22:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-12-27 03:13 - 2016-06-10 22:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-12-27 03:13 - 2016-06-10 21:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-12-27 03:13 - 2016-06-10 20:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll 2016-12-27 03:12 - 2016-06-25 20:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2016-12-27 03:12 - 2016-06-25 20:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2016-12-27 03:12 - 2016-06-25 20:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe 2016-12-27 03:12 - 2016-06-25 20:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe 2016-12-27 03:12 - 2016-06-25 20:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe 2016-12-27 03:12 - 2016-06-14 16:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-12-26 00:19 - 2016-12-26 00:19 - 00003664 ____N C:\bootsqm.dat 2016-12-25 22:19 - 2016-12-25 22:19 - 00000000 ____D C:\Users\Public\Documents\sun 2016-12-25 22:08 - 2016-12-25 22:09 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3 2016-12-25 22:08 - 2016-12-25 22:08 - 00001106 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk 2016-12-25 22:04 - 2016-12-25 22:04 - 00001817 _____ C:\Users\Daniel\Desktop\Spotify.lnk 2016-12-25 22:01 - 2016-12-26 14:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TeamViewer 2016-12-25 22:01 - 2016-12-25 22:01 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat 2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat 2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\Program Files (x86)\WinDirStat 2016-12-25 21:59 - 2016-12-25 21:59 - 00422480 _____ (Secure By Design Inc.) C:\Users\Daniel\Downloads\Ninite Avast Chrome CutePDF Firefox Java 8 Installer.exe 2016-12-25 16:21 - 2016-12-25 16:31 - 00000000 ____D C:\Users\Daniel\Desktop\Filer fr skrivbord 2016-12-25 16:06 - 2016-12-25 16:11 - 00000000 ____D C:\Users\Daniel\Downloads\HP installfiles 2016-12-18 11:56 - 2016-12-18 12:00 - 00015277 _____ C:\Users\Daniel\Documents\Utlägg kvitton DE 2016.ods ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-29 19:53 - 2016-11-18 12:45 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Mozilla 2016-12-29 19:33 - 2014-10-08 14:39 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-12-29 19:08 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-29 19:08 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-29 19:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-12-29 19:00 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-29 00:54 - 2016-07-08 14:24 - 00000000 ____D C:\Users\Daniel\Downloads\HP Downloads 2016-12-28 14:46 - 2011-04-12 15:28 - 00663728 _____ C:\Windows\system32\perfh01D.dat 2016-12-28 14:46 - 2011-04-12 15:28 - 00142496 _____ C:\Windows\system32\perfc01D.dat 2016-12-28 14:46 - 2009-07-14 06:13 - 01579154 _____ C:\Windows\system32\PerfStringBackup.INI 2016-12-28 13:51 - 2016-07-08 18:11 - 00000000 ____D C:\Program Files (x86)\HP 2016-12-28 13:49 - 2016-07-08 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-12-28 13:49 - 2014-10-04 12:22 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2016-12-28 13:42 - 2015-11-19 13:15 - 00000000 ____D C:\Windows\system32\appmgmt 2016-12-28 13:41 - 2016-07-08 18:11 - 00000000 ____D C:\ProgramData\HP 2016-12-27 17:46 - 2009-07-14 05:45 - 00300544 _____ C:\Windows\system32\FNTCACHE.DAT 2016-12-27 17:43 - 2011-04-12 15:39 - 00000000 ____D C:\Program Files\Windows Journal 2016-12-26 11:30 - 2014-11-05 21:43 - 00000000 ____D C:\Temp 2016-12-25 22:20 - 2014-10-05 15:52 - 00065152 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT 2016-12-25 22:09 - 2014-10-05 15:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2016-12-25 22:04 - 2015-04-01 08:30 - 00001803 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-12-25 22:04 - 2014-10-08 14:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify 2016-12-25 22:04 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-12-25 22:03 - 2014-10-05 15:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-12-25 21:30 - 2014-10-08 09:15 - 00000000 ____D C:\ProgramData\Apple 2016-12-25 21:00 - 2015-11-26 18:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Samsung 2016-12-25 21:00 - 2015-11-26 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-12-25 21:00 - 2015-11-26 18:24 - 00000000 ____D C:\Program Files (x86)\Samsung 2016-12-25 20:47 - 2014-10-07 16:59 - 00000000 ____D C:\ProgramData\Big Fish 2016-12-25 20:16 - 2014-10-24 10:42 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apple Inc 2016-12-25 20:16 - 2014-10-08 09:18 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer 2016-12-25 20:16 - 2014-10-04 11:19 - 00000000 ____D C:\Users\Daniel 2016-12-25 17:41 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-12-25 16:50 - 2015-11-19 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-12-25 16:50 - 2014-10-05 15:42 - 00000000 ____D C:\Program Files\Java 2016-12-25 16:49 - 2014-10-17 20:40 - 00000000 ____D C:\Program Files (x86)\Java 2016-12-25 16:33 - 2014-10-05 17:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc 2016-12-23 10:32 - 2014-10-07 16:59 - 00000000 ____D C:\ProgramData\TEMP 2016-12-21 18:28 - 2009-07-14 06:08 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-12-18 16:35 - 2016-08-19 16:51 - 00000000 _____ C:\Windows\SysWOW64\last.dump 2016-12-18 14:03 - 2014-10-05 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-18 09:09 - 2016-11-18 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-12-17 11:27 - 2015-10-07 15:02 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DominiGames 2016-12-17 10:10 - 2015-10-15 10:32 - 00003426 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-17 10:10 - 2015-10-15 10:32 - 00003298 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-15 14:16 - 2015-06-16 18:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Elephant Games 2016-12-14 16:59 - 2014-10-08 14:39 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-12-14 16:59 - 2014-10-08 14:39 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-14 16:59 - 2014-10-08 14:39 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-12-14 15:36 - 2014-10-08 14:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-12-14 15:36 - 2014-10-08 14:39 - 00000000 ____D C:\Windows\system32\Macromed 2016-12-14 14:16 - 2015-10-15 10:34 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-14 14:16 - 2015-10-15 10:34 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-09 10:08 - 2014-11-05 21:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\ElevatedDiagnostics 2016-12-09 08:11 - 2015-12-11 11:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\4 Friends Games 2016-12-06 17:21 - 2014-10-13 11:34 - 00000000 ____D C:\Users\Daniel\AppData\Local\Spotify 2016-12-06 10:03 - 2015-06-22 12:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ERS Game Studios 2016-12-04 18:29 - 2016-11-10 11:47 - 00000000 ____D C:\Users\Daniel\Documents\Glämsta 2017 2016-12-02 09:23 - 2016-10-06 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-11-29 15:29 - 2015-06-16 17:17 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Eipix 2016-11-29 13:44 - 2015-07-25 19:20 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mad Head Games 2016-11-29 08:49 - 2014-10-08 14:51 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update ==================== Files in the root of some directories ======= 2014-10-05 15:45 - 2016-07-29 13:58 - 0000027 _____ () C:\Program Files\plugins.dat 2016-02-08 18:48 - 2016-02-08 18:48 - 0003072 _____ () C:\Users\Daniel\AppData\Roaming\.spark_db 2016-01-08 09:17 - 2016-03-10 14:37 - 0000000 _____ () C:\Users\Daniel\AppData\Roaming\log.txt 2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\AtStart.txt 2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\DSwitch.txt 2015-04-24 17:34 - 2016-05-12 11:01 - 42304896 _____ (Sony) C:\Users\Daniel\AppData\Local\pcc.exe 2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\QSwitch.txt 2016-07-08 18:10 - 2016-07-08 18:10 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP: ==================== C:\Users\Daniel\AppData\Local\Temp\ACLMInstaller.exe C:\Users\Daniel\AppData\Local\Temp\libeay32.dll C:\Users\Daniel\AppData\Local\Temp\msvcr120.dll C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-07-17 13:13 ==================== End of FRST.txt ============================ Addition1.txt AdwCleanerC0.txt
  7. Hej Cecilia God fortsättning på helgerna. Long time no hear Trodde jag skulle klara sista veckan på året utan att behöva störa dig, men på julafton kom lillebror med sin laptop o sa att den var seg. :/ Jo den var seg men inte katastrof, dock, en 120Gb hdd med endast knappt 4Gb ledigt utrymme är ju förstås ingen höjdare. Han har en förmåga att spela olika flashspel samt spel som kommer från bigfishgames eller något liknande. Normalt när jag får hans datorer brukar jag blåsa och installera om. Denna gång verkar det inte vara så illa. Avinstallerade ca 20Gb program, filer, spel o tömde cache på browsers körde MS Diskrensningsverktyg som lyckades plocka väck ca 25 Gb! Körde chkdsk, defrag och winupdates. Maskinen går riktigt bra nu. (Drygt 40Gb ledigt på C:) Inga virus hittade av Avast. Tänkte att jag kör ADWClean o ser om det finns rester av spelen. Insåg att det var mer än jag trodde som ser ut att finnas kvar och ber ödmjukast om tolkningshjälp. Tack //millpark10 (sparade inte adwclean-loggen utan började i "rätt ända" med FRST o postning i forumet istället) Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016 Ran by Daniel (administrator) on DANIEL-HP-DATOR (29-12-2016 02:35:47) Running from C:\Users\Daniel\Downloads\AV_2016re Loaded Profiles: Daniel (Available Profiles: Daniel) Platform: Windows 7 Professional Service Pack 1 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE () C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe () C:\Windows\SysWOW64\SecUPDUtilSvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Windows\vsnpstd3.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Windows\FixCamera.exe () C:\Windows\tsnpstd3.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated) HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] () HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [soundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) HKLM-x32\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [20480 2007-02-10] () HKLM-x32\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] () HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [270336 2007-03-10] () HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\Run: [sTUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] () HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {406b7ffb-ea8e-11e4-b8bb-705ab6a76618} - E:\startme.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {85bb1a00-39ba-11e5-a74f-0026c606fa42} - E:\AutoRun.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{09899BC7-D371-400D-A83B-434138817B2A}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{9B695061-0E4A-437C-AC02-6CB824B1575C}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{9E635E13-5235-446F-90EE-F1ABC5F48E07}: [DhcpNameServer] 172.20.10.1 Internet Explorer: ================== SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=2043&systemid=406&v=n15946-666&apn_uid=8848744470194470&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=2043&systemid=406&v=n15946-666&apn_uid=8848744470194470&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKU\S-1-5-21-2331861272-3787314368-3103865204-1000 -> {2B200296-A4CF-4713-9F9B-9733A2AAA664} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-2331861272-3787314368-3103865204-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-25] (AVAST Software) BHO: No Name -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> No File BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software) BHO-x32: No Name -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> No File BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\blnangbh.default-1477310370794 [2016-12-29] FF Homepage: Mozilla\Firefox\Profiles\blnangbh.default-1477310370794 -> hxxps://www.google.com/ FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml [2015-03-29] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] () FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] () FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2331861272-3787314368-3103865204-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-09-01] (Sony Network Entertainment International LLC) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default [2016-12-28] CHR Extension: (Google Presentationer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15] CHR Extension: (Google Dokument) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-23] CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-23] CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-18] CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-23] CHR Extension: (Google Kalkylark) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-15] CHR Extension: (Google Dokument Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-21] CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-08-24] CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-27] CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-18] CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software) R2 SamsungCloudPrintSvc; C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe [907568 2016-01-28] () R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2016-04-28] () S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S4 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2085760 2016-09-16] (Sony) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software) R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130688 2014-03-14] (Gemalto) R3 HBtnKey; C:\Windows\System32\DRIVERS\cpqbttn.sys [19000 2010-02-24] (Hewlett-Packard Company) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2014-07-15] (Apple Inc.) [File not signed] R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1875624 2008-10-09] () S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550656 2007-03-26] (Sonix Co. Ltd.) S3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10252544 2007-03-26] (Sonix Co. Ltd.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-29 02:35 - 2016-12-29 02:35 - 00000000 ____D C:\FRST 2016-12-29 02:33 - 2016-12-29 02:35 - 00000000 ____D C:\Users\Daniel\Downloads\AV_2016re 2016-12-29 02:26 - 2016-12-29 02:28 - 00000000 ____D C:\AdwCleaner 2016-12-28 14:49 - 2016-12-28 14:50 - 00000000 ____D C:\Users\Daniel\Desktop\MSupdates 2016-12-28 14:46 - 2016-12-28 14:46 - 00000000 ____D C:\2cd80aef570097c8e78c11630f 2016-12-27 03:14 - 2016-06-11 07:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-12-27 03:14 - 2016-06-11 05:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-12-27 03:14 - 2016-06-10 22:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-12-27 03:14 - 2016-06-10 22:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-12-27 03:14 - 2016-06-10 22:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-12-27 03:14 - 2016-06-10 22:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-12-27 03:14 - 2016-06-10 22:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-12-27 03:14 - 2016-06-10 22:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-12-27 03:14 - 2016-06-10 22:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-12-27 03:14 - 2016-06-10 22:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-12-27 03:14 - 2016-06-10 22:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-12-27 03:14 - 2016-06-10 22:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-12-27 03:14 - 2016-06-10 22:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-12-27 03:14 - 2016-06-10 22:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-12-27 03:14 - 2016-06-10 21:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-12-27 03:14 - 2016-06-10 21:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-12-27 03:14 - 2016-06-10 21:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-12-27 03:14 - 2016-06-10 21:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-12-27 03:14 - 2016-06-10 21:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-12-27 03:14 - 2016-06-10 21:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-12-27 03:14 - 2016-06-10 21:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-12-27 03:14 - 2016-06-10 21:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-12-27 03:14 - 2016-06-10 21:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-12-27 03:14 - 2016-06-10 21:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-12-27 03:14 - 2016-06-10 21:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-12-27 03:14 - 2016-06-10 21:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-12-27 03:14 - 2016-06-10 21:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-12-27 03:14 - 2016-06-10 20:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-12-27 03:14 - 2016-06-10 20:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-12-27 03:14 - 2016-06-10 20:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-12-27 03:14 - 2016-06-10 20:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-12-27 03:14 - 2016-06-10 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-12-27 03:14 - 2016-06-10 19:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-12-27 03:14 - 2016-06-10 19:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-12-27 03:14 - 2016-06-10 19:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-12-27 03:14 - 2016-06-10 19:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-12-27 03:14 - 2016-06-10 19:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-12-27 03:14 - 2016-06-10 19:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-12-27 03:14 - 2016-06-10 19:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-12-27 03:14 - 2016-06-10 19:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-12-27 03:14 - 2016-06-10 19:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-12-27 03:14 - 2016-06-10 19:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-12-27 03:14 - 2016-06-10 19:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-12-27 03:14 - 2016-06-10 19:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-12-27 03:14 - 2016-06-10 19:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-12-27 03:14 - 2016-06-10 19:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-12-27 03:14 - 2016-06-10 19:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-12-27 03:14 - 2016-06-10 19:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-12-27 03:14 - 2016-06-10 19:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-12-27 03:14 - 2016-06-10 19:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-12-27 03:14 - 2016-06-10 19:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-12-27 03:14 - 2016-06-10 19:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-12-27 03:14 - 2016-06-10 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-12-27 03:14 - 2016-06-10 19:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-12-27 03:14 - 2016-06-10 19:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-12-27 03:14 - 2016-06-10 19:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-12-27 03:14 - 2016-06-10 18:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-12-27 03:14 - 2016-06-10 18:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-12-27 03:14 - 2016-06-10 18:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-12-27 03:14 - 2016-06-10 18:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-12-27 03:13 - 2016-06-10 22:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-12-27 03:13 - 2016-06-10 22:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-12-27 03:13 - 2016-06-10 22:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-12-27 03:13 - 2016-06-10 22:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-12-27 03:13 - 2016-06-10 21:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-12-27 03:13 - 2016-06-10 20:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll 2016-12-27 03:12 - 2016-06-25 20:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2016-12-27 03:12 - 2016-06-25 20:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2016-12-27 03:12 - 2016-06-25 20:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe 2016-12-27 03:12 - 2016-06-25 20:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe 2016-12-27 03:12 - 2016-06-25 20:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe 2016-12-27 03:12 - 2016-06-14 16:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-12-26 00:19 - 2016-12-26 00:19 - 00003664 ____N C:\bootsqm.dat 2016-12-25 22:19 - 2016-12-25 22:19 - 00000000 ____D C:\Users\Public\Documents\sun 2016-12-25 22:08 - 2016-12-25 22:09 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3 2016-12-25 22:08 - 2016-12-25 22:08 - 00001106 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk 2016-12-25 22:04 - 2016-12-25 22:04 - 00001817 _____ C:\Users\Daniel\Desktop\Spotify.lnk 2016-12-25 22:01 - 2016-12-26 14:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TeamViewer 2016-12-25 22:01 - 2016-12-25 22:01 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat 2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat 2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\Program Files (x86)\WinDirStat 2016-12-25 21:59 - 2016-12-25 21:59 - 00422480 _____ (Secure By Design Inc.) C:\Users\Daniel\Downloads\Ninite Avast Chrome CutePDF Firefox Java 8 Installer.exe 2016-12-25 16:21 - 2016-12-25 16:31 - 00000000 ____D C:\Users\Daniel\Desktop\Filer fr skrivbord 2016-12-25 16:06 - 2016-12-25 16:11 - 00000000 ____D C:\Users\Daniel\Downloads\HP installfiles 2016-12-18 11:56 - 2016-12-18 12:00 - 00015277 _____ C:\Users\Daniel\Documents\Utlägg kvitton DE 2016.ods ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-29 02:33 - 2014-10-08 14:39 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-12-29 02:30 - 2016-11-18 12:45 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Mozilla 2016-12-29 01:54 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-29 01:54 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-29 00:54 - 2016-07-08 14:24 - 00000000 ____D C:\Users\Daniel\Downloads\HP Downloads 2016-12-28 15:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-28 14:46 - 2011-04-12 15:28 - 00663728 _____ C:\Windows\system32\perfh01D.dat 2016-12-28 14:46 - 2011-04-12 15:28 - 00142496 _____ C:\Windows\system32\perfc01D.dat 2016-12-28 14:46 - 2009-07-14 06:13 - 01579154 _____ C:\Windows\system32\PerfStringBackup.INI 2016-12-28 14:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-12-28 13:51 - 2016-07-08 18:11 - 00000000 ____D C:\Program Files (x86)\HP 2016-12-28 13:49 - 2016-07-08 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-12-28 13:49 - 2014-10-04 12:22 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2016-12-28 13:42 - 2015-11-19 13:15 - 00000000 ____D C:\Windows\system32\appmgmt 2016-12-28 13:41 - 2016-07-08 18:11 - 00000000 ____D C:\ProgramData\HP 2016-12-27 17:46 - 2009-07-14 05:45 - 00300544 _____ C:\Windows\system32\FNTCACHE.DAT 2016-12-27 17:43 - 2011-04-12 15:39 - 00000000 ____D C:\Program Files\Windows Journal 2016-12-26 11:30 - 2014-11-05 21:43 - 00000000 ____D C:\Temp 2016-12-25 22:20 - 2014-10-05 15:52 - 00065152 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT 2016-12-25 22:09 - 2014-10-05 15:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2016-12-25 22:04 - 2015-04-01 08:30 - 00001803 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-12-25 22:04 - 2014-10-08 14:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify 2016-12-25 22:04 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-12-25 22:03 - 2014-10-05 15:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-12-25 21:30 - 2014-10-08 09:15 - 00000000 ____D C:\ProgramData\Apple 2016-12-25 21:00 - 2015-11-26 18:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Samsung 2016-12-25 21:00 - 2015-11-26 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-12-25 21:00 - 2015-11-26 18:24 - 00000000 ____D C:\Program Files (x86)\Samsung 2016-12-25 20:47 - 2014-10-07 16:59 - 00000000 ____D C:\ProgramData\Big Fish 2016-12-25 20:16 - 2014-10-24 10:42 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apple Inc 2016-12-25 20:16 - 2014-10-08 09:18 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer 2016-12-25 20:16 - 2014-10-04 11:19 - 00000000 ____D C:\Users\Daniel 2016-12-25 17:41 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-12-25 16:50 - 2015-11-19 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-12-25 16:50 - 2014-10-05 15:42 - 00000000 ____D C:\Program Files\Java 2016-12-25 16:49 - 2014-10-17 20:40 - 00000000 ____D C:\Program Files (x86)\Java 2016-12-25 16:33 - 2014-10-05 17:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc 2016-12-23 10:32 - 2014-10-07 16:59 - 00000000 ____D C:\ProgramData\TEMP 2016-12-21 18:28 - 2009-07-14 06:08 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-12-18 16:35 - 2016-08-19 16:51 - 00000000 _____ C:\Windows\SysWOW64\last.dump 2016-12-18 14:03 - 2014-10-05 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-18 09:09 - 2016-11-18 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-12-17 11:27 - 2015-10-07 15:02 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DominiGames 2016-12-17 10:10 - 2015-10-15 10:32 - 00003426 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-17 10:10 - 2015-10-15 10:32 - 00003298 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-15 14:16 - 2015-06-16 18:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Elephant Games 2016-12-14 16:59 - 2014-10-08 14:39 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-12-14 16:59 - 2014-10-08 14:39 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-14 16:59 - 2014-10-08 14:39 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-12-14 15:36 - 2014-10-08 14:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-12-14 15:36 - 2014-10-08 14:39 - 00000000 ____D C:\Windows\system32\Macromed 2016-12-14 14:16 - 2015-10-15 10:34 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-14 14:16 - 2015-10-15 10:34 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-09 10:08 - 2014-11-05 21:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\ElevatedDiagnostics 2016-12-09 08:11 - 2015-12-11 11:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\4 Friends Games 2016-12-06 17:21 - 2014-10-13 11:34 - 00000000 ____D C:\Users\Daniel\AppData\Local\Spotify 2016-12-06 10:03 - 2015-06-22 12:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ERS Game Studios 2016-12-04 18:29 - 2016-11-10 11:47 - 00000000 ____D C:\Users\Daniel\Documents\Glämsta 2017 2016-12-02 09:23 - 2016-10-06 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-11-29 15:29 - 2015-06-16 17:17 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Eipix 2016-11-29 13:44 - 2015-07-25 19:20 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mad Head Games 2016-11-29 08:49 - 2014-10-08 14:51 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update ==================== Files in the root of some directories ======= 2014-10-05 15:45 - 2016-07-29 13:58 - 0000027 _____ () C:\Program Files\plugins.dat 2016-02-08 18:48 - 2016-02-08 18:48 - 0003072 _____ () C:\Users\Daniel\AppData\Roaming\.spark_db 2016-01-08 09:17 - 2016-03-10 14:37 - 0000000 _____ () C:\Users\Daniel\AppData\Roaming\log.txt 2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\AtStart.txt 2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\DSwitch.txt 2015-04-24 17:34 - 2016-05-12 11:01 - 42304896 _____ (Sony) C:\Users\Daniel\AppData\Local\pcc.exe 2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\QSwitch.txt 2016-07-08 18:10 - 2016-07-08 18:10 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP: ==================== C:\Users\Daniel\AppData\Local\Temp\ACLMInstaller.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-07-17 13:13 ==================== End of FRST.txt ============================ Addition.txt
  8. Hej Som sagt, det kanske räcker med ett litet hål i disken för att det ska ställa till elände. Fick inget SMART data den här vägen men som bilden visar så är det väl de där 4k på precis fel ställe som sabbar t.ex. windows update o lite annat. Konstigt nog så funkar uppdatering i MicrosoftSecurityEssentials, eller har funkat en gång idag. Gjorde en stop av wuauserv o bits o crypt för att sen döpa om updatesbiblioteken enligt en instruktion från microsoft. Hjälpte inte heller. I min värld är nästa steg att få fatt i datorn fysiskt, se om det är något jag missat. Därefter skulle jag, om det var min dator och det var viktigt att den såg ut som den gör just nu, (hjälpmedelsdator, underlättar för användaren om det inte blir för mycket skillnad). Då skulle jag ta ut disken, sätta upp den i en linuxmaskin, göra en dd-kopia/bitkopia till en helt ny disk. Felet kan följa med, men den fysiska skadan(eller vad det nu är på den gamla disken) kommer ju inte följa med och kanske till o med reparerar sig i kopieringen. Den metoden har lyckats för mig med andra hårddiskar som uppvisat betydligt sämre symptom. Jag har just nu i alla fall slut på andra uppslag. Tack så jättemycket Cecilia för dina ideer o förslag. Återkommer om det blir ny utveckling i fallet. (Eller med något nytt smaskigt ) //millpark10
  9. Hej WinDFT hittade inte hårddisken, eller så var något annat fel. Försökte avinstallera den men det ser ut som den har hängt sig. Eller nä, precis när jag skrev detta så försvann den från skärmen, efter 35 min! Det var ju liksom inte många Gigabytes-installation, skumt som attan. Något är ju knas med winupdates osv. Installerade hdtune från hdtune.com, men den fria versionen verkar inte läsa SMARTdatat. iaf inte ver2.55 som jag fick ner. Det kanske var så att jag skulle laddat ner HDTunePRO, ser nu att filen heter ***trial.exe. Nu skannar iaf fria versionen hela disken och har hittat iaf ett ställe hittills som har någon skada. Känns verkligen som jag vill ha datorn i knät och använda mina "vanliga" verktyg. Ibland kan man inte få allt. //millpark10
  10. Hej Cecilia Jo jag (eller google ) hittade den länken till hgst också, men när jag läste instruktionerna så stannade jag vid raden: "Please note: WinDFT is not designed to run on your primary operating drive." och det är ju den jag behöver scanna. Raden visar egentligen att det är ett seriöst verktyg som inte ska installeras på samma disk som man vill testa. Har ju tyvärr datorn på distans men ska försöka komma den fysiskt närmare. Ett rätt "enkelt" sätt att få en snabb uppfattning om en hårddisks kondition är ju att ha t.ex. LinuxMint på en bootbar USBsticka och starta upp den felaktiga maskinen på stickan. Då kan man sedan, utan att nödvändigtvis montera, den interna disken, scanna den med det inbyggda diskverktyget och även få en SMART scan. Dock, som sagt, lättare om man har den aktuella datorn framför sig. Forts följer... //millpark10
  11. Hej Jo nog räcker det med 4kB på fel ställe för att det ska gå åt skogen och chkdsk roddade ju runt lite oxå. Får vi den bara att starta om ordentligt så kanske även updates kommer igång. Håller ju på med annat också och därav min tidigare fråga om du sett problem med winupdates. Installerade en ny win 7 pro häromdagen och den hade efter ett drygt dygn fortfarande inte ens hittat de 235 första updates som man brukar få. Tidigare tog det någon timme eller tre, men numera verkar det som man ska ha tur för att "nå fram" till updates servrarna för win7. Det snackas i forum om att MS prioriterat bandbredden för win10, vilket iofs inte skulle vara ett dugg konstigt. Men som sagt, subjektivt upplever iaf jag att det är supersegt att uppdatera win7 maskiner f.n. Ska försöka testa disken oxå. Tack snälla Cecilia för ditt engagemang och din vänlighet att dela med dig av dina stora kunskaper! //millpark10 [EDIT: Fann ut att det är en Hitachi disk i datorn men länkarna till verktygen för Hitachidiskarna funkar inte. Har för mig att WD har tagit över deras HDD. HTS545016B9SA00] Till Maria: Ser att du ofta rekommenderar folk att byta till Linux. Det är givetvis ett bra råd, speciellt numera när många distributioner har ett mycket bra skrivbord och upplevelsen är väldigt lik windows, vilket många jämför med. Själv har jag Linux Mint på mina arbetsstationer och laptops samt UbuntuServer på de maskiner som jag har som servrar sedan över 7 år tillbaka. Det är inte alltid som vänner och bekanta har lika lätt att acceptera Linux som vi som redan är frälsta och har bytt religion. I vissa fall är det av programskäl också omöjlgt då det är klumpigt att köra tex LinuxMint i botten för att starta upp en virtualbox och köra vissa windowsprogram som inte går att få igång under Wine. Mest intressant är ju när man nyinstallerar en Windows 7 PRO t.ex. och sen ska köra updates i nästan 3 dygn för att få med allt. Jämför med en nedladdning av LinuxMint till ett USB-minne, en knapp GB oftast, och fullständig installation med updates klar på 20 minuter, absolut max en timme! Jo jag har konverterat till annan religion, men hjälper fortfarande vännerna i Windowsträsket så gott jag kan, och ibland med Cecilias fantastiska hjälp.
  12. Hej Då har vi gjort lite framsteg, tror jag. En avaktiverad drivrutin för trådat nätverkskort dök plötsligt upp, om den varit det tidigare har jag iaf inte sett det. Aktiverade den. Hittade med sökfunktionen att den senast schemalagda chksdsk har gått! jippii ! Kopierade ut resultatet från eventviewern/loggboken till bif fil. Gick att via teamviewer starta om in i felsäkert läge 2ggr men teamviewer som program kraschade. Har nu lyckats även starta om till normalläge utan hängning på "avslutar windows". (iaf en gång). Däremot verkar det fortfarande som att vi inte har åtkomst till windows update. Ms sec ess hänger sig på 25% av "snöret" när jag begär uppdatering och windows update bara vandrar på bandet utan att något verkar hända. (Har dock bara väntat ca 10min ännu) I denna första egna omstart till normalläge finns bara en 6to4adapter under nätverkskort men två st Microsoft ISATAP Adapter. (raderade alla dubletter inatt). Gissningsvis har ett hundratal 6to4 adapters stökat till det och kanske en del av de justeringar som CHKDSK till slut fick göra gjort att det nu är möjligt att starta om normalt. Hoppas jag. Ska testa några gånger till. Men irriterande med ickefungerande windows update dock. Försöker pilla lite med microsoft "fix it" o ser om det kommer upp med något. //millpark10 chkdsk_from_eventviewer2016-03-09 141702.txt
  13. Hej Cecilia Inaktiverade Gobi drivern då det är ett inbyggt mobilt modem som inte används.(borde väl inte ställa till något när den är inaktiverad?) Hotfixen för 6to4adapter problemet gick inte att köra, varken i normalt eller felsäkert läge. Plockade bort, dvs avinstallerade, alla 6to4adapters utom "originalet" försökt läsa o förstå vad den gör på en dator som inte använder IPv6 men inte blivit klokare. Vågade inte ta bort den sista då diverse forum behandlar problem med att den saknas. Alla jag tog bort stannade borta efter omstart in i felsäkert läge, men jag inser att det inte behöver se likadant ut efter normalstart, men hoppas dock. Körde SFC i felsäkert läge och fick tillbaka den med "inga integritetsbrott hittades" så det är ju bra iofs. Läste även loggen från sfc men inga anmärkningar. Har återigen försökt köra en chkdsk /R, men fått (som vanligt) schemalägga den till en omstart. dvs jag ser inte vad som händer, men än så länge har varje begäran om omstart slutat med att användaren får göra det hårt. Börjar bli slut på ideer. Trodde från början det var något virusskräp som inte blivit korrekt borttaget men datorn är i det avseendet, vad jag vet, fri från angrepp och användaren har inte ett riskfyllt beteende i sitt surfande(givetvis ingen garanti, men underlättar). //millpark10 sfcdetails.txt
  14. Hej! Jodu, det är galet många 6to4 adapters, precis som jag oxå såg i log-filen. Hittade denna support.microsoft.com/sv-se/kb/980486 är det nästa steg för att komma till rätta med detta eller har du bättre förslag? Saknas driver för Qualcomm Gobi 2000 enligt enhetshanteraren oxå. Den har dykt upp under vår "felsökning" kan jag se. Saknade den inte innan. Ska se om jag hittar rätt driver. Då kanske oxå adaptrarna rättar till sig? Har noterat att rent generellt verkar det svårt att komma fram till och ladda ner updates med windows update på windows7 maskiner. Något du märkt av? Återkommer under kvällen. /millpark10
  15. Hej Denna gång gick FRST att köra från start till mål utan konstiga hängningar eller avbrott. Vad det gäller felsäkert läge är det lite stökigt eftersom jag inte har fysisk tillgång till datorn f.n. (Brukar köra bl.a. MBAM i felsäkert läge men har inte kunnat göra det med den här maskinen.) Verkar ju dock inte vara något rent virusproblem iaf. Må de bifogade filerna innehålla grundbulten till problemet. //millpark10 Addition.txt FRST.txt
×