Just nu i M3-nätverket
Gå till innehåll

millpark10

Medlem
  • Antal inlägg

    79
  • Gick med

  • Senaste besök

Om millpark10

  • Medlemstitel
    Användare

Profil

  • Kön
    Man
  • Ort
    Norra StorStockholm
  1. Tack än en gång Cecilia! Det ser ut som det mesta försvann i logfilen, en och annan "not found" men det kanske är korrekt det också? Datorn beter sig som förväntat och kvar har jag att uppdatera några program till nyare versioner. Är så tacksam för att du hjälper till med sånt här. Finns något jag missat i logfilen? //millpark10 Fixlog.txt
  2. Ingen panik! Är så tacksam för dina kloka råd. Datorn väntar mer än gärna på att få din hjälp, och jag med. 😎 (Det är så mycket annat på dagarna nu, det här blir när det finns tid) Länken var lösningen för att få bort notifieringarna som jag skickade bild på! Där kunde jag iaf hitta clipconverter-länk som fanns under "allow" och tog bort den. Svårt att tänka mig att den kommer tillbaka nu utan att någon tillåter det. //millpark10
  3. Hej Cecilia Jag brukar fatta vad du menar och tror mig göra det även nu. Det som är konstigt är att jag kan inte hitta några sökmotorer i IE (eller edge för den delen) Jag ser raderna du angivit, från logfilen, men när jag går in i IE, Windows+R, iexplore, "kugghjulet" "manage add-ons" "search providers" är det tomt förutom Bing o Google!? Avinstallerade windows live, körde AVGclear (igen) samt MWB som tog bort lite till, mest PUPs. Rensade bort en del i brandväggen också. Startat om och kört en ny FRST som verkar alltför lik den förra tyvärr. Skickar med en bild på skärmen med notification som dyker upp och ser ut att komma från GoogleChrome/ClipConverter, om det kan ge dig någon ledtråd. Med hopp om kloka råd /millpark10 Addition.txt FRST.txt mwb1.txt
  4. Hej Cecilia Det verkar som allt rasade över mig plötsligt. Har rensat ut en Sony Vaio VPCSB med Windows 10. Mest för att kamrat Christine installerat drivertonic och wintonic, vilket någon websida antagligen uppmanade till eller snarare lurade henne till att göra. Tog bort en hel del andra små s.k. "bra-att-ha-program-som-inte-alls-är-så-bra". Körde diskrensning, diskdefrag (win original), windows updates och slutligen ADWCleaner. Maskinen går fortare och startar bättre men när jag surfar med chrome kommer en popupruta fram som till synes kommer från clipconverter.cc men visar även annan reklam. Fattar inte var jag ska avinstallera något sådant. Körde FRST och då såg jag bland annat kyrilliska/ryska bokstäver i logfilen. Inser att det finns mer än det jag kan se själv kvar på burken. Ber ödmjukast om hjälp igen med logläsning. //millpark10 AdwCleaner[C00].txt Addition.txt FRST.txt
  5. Vet inte vad det var exakt som gjorde att det tog tid. Inget antivirus, förutom MSdefender lr motsvarande, och gott om plats på hårddisken. Nå nu är updateringen på plats. Windows10 med 4GB kanske inte på en thinkpad edge 335 ska kanske inte gå mycket bättre än den just nu gör. Startar inom dräglig tid och startar upp program innan man somnar osv. Skulle möjligen vara ominstallation men det känns inte lockande just nu. Svägerskan får testa o köra den innan jag gör något mer. (Dvs ber dig om hjälp ) TACK igen Cecilia för din vänliga, ovärderliga och outtröttliga hjälp. /millpark10
  6. Hej Cecilia Jo det skulle jag förstås ha sagt också, den är ju helt användbar nu! Till skillnad från när jag fick den på köksbordet. Nu startar den som man kan förvänta sig av en hyggligt gammal men ändå "frisk" Win7 på duglig hårdvara. Innan fick jag starta i felsäkert läge och börja ta bort program för att skapa utrymme. TackTackTack! Otroligt skönt att få din hjälp med sånt här. Datorer hamnar sällan hos mig för "översyn", har heltidsjobb i helt annan verksamhet numera och hinner helt enkelt inte med. Endast de närmaste i släkten lyckas tjata sig till hjälp. När det blir såna här nötter att knäcka räcker inte min kunskap och jag är glad att du så vänligt finns här. Har en annan burk, windows 10, som jag tror jag är färdig med. Den tog nästan 10 minuter på sig att bara starta och få fram skrivbordet. Tog bort lite onödiga "fix och laga"-program och kunde till slut få den att starta upp windows update. Verkar som senast den uppdaterades var 2år sedan. Den där gigantiska 1803-updaten, som kan ta något dygn att köra på slöa maskiner, har tagit drygt tre dygn att få fullständigt på plats. Ska det verkligen vara så illa? Visserligen bara 4GB minne men ändå? /millpark10
  7. - Fixlog inklistrad - Avast avinstallerad, omstart och ominstallerad, (meddelandet om användarkonto är lite konstigt då avast endast är installerat som freeware på denna burk, vad jag vet.) - Bassystemenhet var inte helt självklart vad som skulle installeras, google visste lite mer. Det som till slut funkade var drivrutinen för "Ricoh SD/MMC host controller" - Fingerprintsensor från HP installerad. (kan säkert vara att den aldrig installerats från start då det inte varit aktuellt att använda) Blev det något kvar som du kan se? /millpark10 Fixlog.txt
  8. Hej Cecilia Ber än en gång allra vänligast om koll i loggar. Eftersom ämnet i denna tråden passar utmärkt för lillebrors dator startar jag ingen ny tråd, om det är okej? Har rensat laptopen från ca 20GB Bigfishgame-spel samt en hel del annat. Kört ADWcleaner, virussökt med AVast, kört windows updates, Diskrensning och frigjort totalt nästan 30 GB på en i stort sett full 120GB disk. Tror det var knappt 3GB ledigt när jag började. Så den gick rätt segt. Nu är den betydligt piggare och bör duga för det han ska göra, skriva, mejla och surfa. (Spelen får han iaf börja om med, om han ska spela, för nu är de borta!) Försökte begripa något av loggarna men det är lika bra att den som kan tittar istället för att jag försöker. Det ser ut som teamviewer skulle vara en version 9 men det är 13 installerat, kanske bara att när man uppdaterar så läggs det i "originalbiblioteket". /millpark10 FRST.txt Addition.txt
  9. Hej Cecilia Java hade jag missat, slarvigt. AVG gjorde något bra också. Diskrensning var också gjort så det gav inget extra. Stort jättetack, du är bäst! /millpark10 (Som vanligt, en olycka kommer sällan ensam, lagom till jag var klar med denna kommer lillebror över med sin, återigen, spel-nerlusade dator. Ska ta bort sånt jag kan och återkommer om det behövs log-läsning.)
  10. Hej Cecilia Länge sedan jag bad om din hjälp. Har lämnat tidigare jobb och pillar ännu mindre på datorer än förut, men släkt o vänner kommer jag inte undan ;) Nu har jag fått en laptop på halsen som en kompis vill ha ren från spel och annat som segar ner den. Jag har avinstallerat en hel drös med sånt som inte ska användas mer. Undrar om du kan kika på filerna och se vad ytterligare jag kan göra. Har även virussökt den då det verkade finnas tveksamma program och även kört en omgång med adwcleaner. Den verkar funka rätt hyggligt nu. Misstänker att windows update inte har installerat allt som den borde ha gjort, men får inte hem fler updates just nu iaf. (update tisdag idag så vem vet vad som händer iofs.) Stort tack. /millpark10 FRST.txt Addition.txt AdwCleaner[C00].txt AdwCleaner[S00].txt
  11. Allt rensat o verkar funka som det ska. Ett riktigt Gott Nytt År till dig! /millpark10
  12. Tack snälla Cecilia, igen! Ta bort FRST gör jag väl med Delfix och ADWCleaner hade en knapp/menyval förut iaf för uninstall. Kollar o återkommer ifall jag misslyckas. //millpark10
  13. Hej Cecilia, Här är fixlog.txt Blev det klart där? //millpark10 Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016 Ran by Daniel (30-12-2016 01:50:37) Run:1 Running from C:\Users\Daniel\Downloads\AV_2016re Loaded Profiles: Daniel (Available Profiles: Daniel) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: CloseProcesses: C:\ProgramData\TEMP FirewallRules: [{A2AC0D24-9324-451C-993B-CD409ACF6403}] => C:\Users\Daniel\AppData\Local\iLivid\iLivid.exe FirewallRules: [{A47891CD-B11D-4C1C-9D4F-98A9E98D49C5}] => C:\Users\Daniel\AppData\Local\iLivid\iLivid.exe FirewallRules: [{DB945AA8-75C1-4B5B-96DE-59A3786C5EDC}] => C:\Users\Daniel\AppData\Local\Temp\nsfDE7F.tmp\Installer-185664.exe FirewallRules: [{7B767052-3464-4521-8262-D8DC71568346}] => C:\Users\Daniel\AppData\Local\Temp\nsfDE7F.tmp\Installer-185664.exe KU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {406b7ffb-ea8e-11e4-b8bb-705ab6a76618} - E:\startme.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {85bb1a00-39ba-11e5-a74f-0026c606fa42} - E:\AutoRun.exe Reboot: ***************** Restore point was successfully created. Processes closed successfully. C:\ProgramData\TEMP => moved successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2AC0D24-9324-451C-993B-CD409ACF6403} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A47891CD-B11D-4C1C-9D4F-98A9E98D49C5} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB945AA8-75C1-4B5B-96DE-59A3786C5EDC} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7B767052-3464-4521-8262-D8DC71568346} => value removed successfully KU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe => Error: No automatic fix found for this entry. "HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{406b7ffb-ea8e-11e4-b8bb-705ab6a76618}" => key removed successfully HKCR\CLSID\{406b7ffb-ea8e-11e4-b8bb-705ab6a76618} => key not found. "HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{85bb1a00-39ba-11e5-a74f-0026c606fa42}" => key removed successfully HKCR\CLSID\{85bb1a00-39ba-11e5-a74f-0026c606fa42} => key not found. The system needed a reboot. ==== End of Fixlog 01:50:53 ====
  14. Hej igen, Då var jag iaf på rätt väg med min tanke om ADWClean, och har lyckats avinstallera det mesta på hyggligt sätt. Körde ADWclean och en ny FRST, loggar följer. //millpark 10 Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016 Ran by Daniel (administrator) on DANIEL-HP-DATOR (29-12-2016 19:54:18) Running from C:\Users\Daniel\Downloads\AV_2016re Loaded Profiles: Daniel (Available Profiles: Daniel) Platform: Windows 7 Professional Service Pack 1 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE () C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe () C:\Windows\SysWOW64\SecUPDUtilSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Windows\vsnpstd3.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Windows\FixCamera.exe () C:\Windows\tsnpstd3.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated) HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] () HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [soundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) HKLM-x32\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [20480 2007-02-10] () HKLM-x32\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] () HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [270336 2007-03-10] () HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\Run: [sTUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] () HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {406b7ffb-ea8e-11e4-b8bb-705ab6a76618} - E:\startme.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {85bb1a00-39ba-11e5-a74f-0026c606fa42} - E:\AutoRun.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{09899BC7-D371-400D-A83B-434138817B2A}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{9B695061-0E4A-437C-AC02-6CB824B1575C}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{9E635E13-5235-446F-90EE-F1ABC5F48E07}: [DhcpNameServer] 172.20.10.1 Internet Explorer: ================== SearchScopes: HKU\S-1-5-21-2331861272-3787314368-3103865204-1000 -> {2B200296-A4CF-4713-9F9B-9733A2AAA664} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-2331861272-3787314368-3103865204-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-25] (AVAST Software) BHO: No Name -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> No File BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\blnangbh.default-1477310370794 [2016-12-29] FF Homepage: Mozilla\Firefox\Profiles\blnangbh.default-1477310370794 -> hxxps://www.google.com/ FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] () FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] () FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2331861272-3787314368-3103865204-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-09-01] (Sony Network Entertainment International LLC) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default [2016-12-29] CHR Extension: (Google Presentationer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15] CHR Extension: (Google Dokument) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-23] CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-23] CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-18] CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-23] CHR Extension: (Google Kalkylark) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-15] CHR Extension: (Google Dokument Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-21] CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-29] CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-27] CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-18] CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-29] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software) R2 SamsungCloudPrintSvc; C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe [907568 2016-01-28] () R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2016-04-28] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S4 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2085760 2016-09-16] (Sony) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software) R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130688 2014-03-14] (Gemalto) R3 HBtnKey; C:\Windows\System32\DRIVERS\cpqbttn.sys [19000 2010-02-24] (Hewlett-Packard Company) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2014-07-15] (Apple Inc.) [File not signed] R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1875624 2008-10-09] () S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550656 2007-03-26] (Sonix Co. Ltd.) S3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10252544 2007-03-26] (Sonix Co. Ltd.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-29 02:35 - 2016-12-29 19:54 - 00000000 ____D C:\FRST 2016-12-29 02:33 - 2016-12-29 19:54 - 00000000 ____D C:\Users\Daniel\Downloads\AV_2016re 2016-12-29 02:26 - 2016-12-29 18:58 - 00000000 ____D C:\AdwCleaner 2016-12-28 14:49 - 2016-12-28 14:50 - 00000000 ____D C:\Users\Daniel\Desktop\MSupdates 2016-12-28 14:46 - 2016-12-28 14:46 - 00000000 ____D C:\2cd80aef570097c8e78c11630f 2016-12-27 03:14 - 2016-06-11 07:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-12-27 03:14 - 2016-06-11 05:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-12-27 03:14 - 2016-06-10 22:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-12-27 03:14 - 2016-06-10 22:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-12-27 03:14 - 2016-06-10 22:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-12-27 03:14 - 2016-06-10 22:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-12-27 03:14 - 2016-06-10 22:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-12-27 03:14 - 2016-06-10 22:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-12-27 03:14 - 2016-06-10 22:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-12-27 03:14 - 2016-06-10 22:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-12-27 03:14 - 2016-06-10 22:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-12-27 03:14 - 2016-06-10 22:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-12-27 03:14 - 2016-06-10 22:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-12-27 03:14 - 2016-06-10 22:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-12-27 03:14 - 2016-06-10 21:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-12-27 03:14 - 2016-06-10 21:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-12-27 03:14 - 2016-06-10 21:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-12-27 03:14 - 2016-06-10 21:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-12-27 03:14 - 2016-06-10 21:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-12-27 03:14 - 2016-06-10 21:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-12-27 03:14 - 2016-06-10 21:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-12-27 03:14 - 2016-06-10 21:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-12-27 03:14 - 2016-06-10 21:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-12-27 03:14 - 2016-06-10 21:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-12-27 03:14 - 2016-06-10 21:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-12-27 03:14 - 2016-06-10 21:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-12-27 03:14 - 2016-06-10 21:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-12-27 03:14 - 2016-06-10 20:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-12-27 03:14 - 2016-06-10 20:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-12-27 03:14 - 2016-06-10 20:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-12-27 03:14 - 2016-06-10 20:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-12-27 03:14 - 2016-06-10 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-12-27 03:14 - 2016-06-10 19:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-12-27 03:14 - 2016-06-10 19:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-12-27 03:14 - 2016-06-10 19:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-12-27 03:14 - 2016-06-10 19:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-12-27 03:14 - 2016-06-10 19:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-12-27 03:14 - 2016-06-10 19:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-12-27 03:14 - 2016-06-10 19:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-12-27 03:14 - 2016-06-10 19:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-12-27 03:14 - 2016-06-10 19:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-12-27 03:14 - 2016-06-10 19:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-12-27 03:14 - 2016-06-10 19:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-12-27 03:14 - 2016-06-10 19:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-12-27 03:14 - 2016-06-10 19:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-12-27 03:14 - 2016-06-10 19:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-12-27 03:14 - 2016-06-10 19:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-12-27 03:14 - 2016-06-10 19:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-12-27 03:14 - 2016-06-10 19:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-12-27 03:14 - 2016-06-10 19:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-12-27 03:14 - 2016-06-10 19:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-12-27 03:14 - 2016-06-10 19:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-12-27 03:14 - 2016-06-10 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-12-27 03:14 - 2016-06-10 19:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-12-27 03:14 - 2016-06-10 19:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-12-27 03:14 - 2016-06-10 19:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-12-27 03:14 - 2016-06-10 18:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-12-27 03:14 - 2016-06-10 18:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-12-27 03:14 - 2016-06-10 18:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-12-27 03:14 - 2016-06-10 18:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-12-27 03:13 - 2016-06-10 22:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-12-27 03:13 - 2016-06-10 22:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-12-27 03:13 - 2016-06-10 22:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-12-27 03:13 - 2016-06-10 22:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-12-27 03:13 - 2016-06-10 21:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-12-27 03:13 - 2016-06-10 20:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll 2016-12-27 03:12 - 2016-06-25 20:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2016-12-27 03:12 - 2016-06-25 20:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2016-12-27 03:12 - 2016-06-25 20:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe 2016-12-27 03:12 - 2016-06-25 20:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe 2016-12-27 03:12 - 2016-06-25 20:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe 2016-12-27 03:12 - 2016-06-14 16:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-12-26 00:19 - 2016-12-26 00:19 - 00003664 ____N C:\bootsqm.dat 2016-12-25 22:19 - 2016-12-25 22:19 - 00000000 ____D C:\Users\Public\Documents\sun 2016-12-25 22:08 - 2016-12-25 22:09 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3 2016-12-25 22:08 - 2016-12-25 22:08 - 00001106 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk 2016-12-25 22:04 - 2016-12-25 22:04 - 00001817 _____ C:\Users\Daniel\Desktop\Spotify.lnk 2016-12-25 22:01 - 2016-12-26 14:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TeamViewer 2016-12-25 22:01 - 2016-12-25 22:01 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat 2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat 2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\Program Files (x86)\WinDirStat 2016-12-25 21:59 - 2016-12-25 21:59 - 00422480 _____ (Secure By Design Inc.) C:\Users\Daniel\Downloads\Ninite Avast Chrome CutePDF Firefox Java 8 Installer.exe 2016-12-25 16:21 - 2016-12-25 16:31 - 00000000 ____D C:\Users\Daniel\Desktop\Filer fr skrivbord 2016-12-25 16:06 - 2016-12-25 16:11 - 00000000 ____D C:\Users\Daniel\Downloads\HP installfiles 2016-12-18 11:56 - 2016-12-18 12:00 - 00015277 _____ C:\Users\Daniel\Documents\Utlägg kvitton DE 2016.ods ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-29 19:53 - 2016-11-18 12:45 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Mozilla 2016-12-29 19:33 - 2014-10-08 14:39 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-12-29 19:08 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-29 19:08 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-29 19:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-12-29 19:00 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-29 00:54 - 2016-07-08 14:24 - 00000000 ____D C:\Users\Daniel\Downloads\HP Downloads 2016-12-28 14:46 - 2011-04-12 15:28 - 00663728 _____ C:\Windows\system32\perfh01D.dat 2016-12-28 14:46 - 2011-04-12 15:28 - 00142496 _____ C:\Windows\system32\perfc01D.dat 2016-12-28 14:46 - 2009-07-14 06:13 - 01579154 _____ C:\Windows\system32\PerfStringBackup.INI 2016-12-28 13:51 - 2016-07-08 18:11 - 00000000 ____D C:\Program Files (x86)\HP 2016-12-28 13:49 - 2016-07-08 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-12-28 13:49 - 2014-10-04 12:22 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2016-12-28 13:42 - 2015-11-19 13:15 - 00000000 ____D C:\Windows\system32\appmgmt 2016-12-28 13:41 - 2016-07-08 18:11 - 00000000 ____D C:\ProgramData\HP 2016-12-27 17:46 - 2009-07-14 05:45 - 00300544 _____ C:\Windows\system32\FNTCACHE.DAT 2016-12-27 17:43 - 2011-04-12 15:39 - 00000000 ____D C:\Program Files\Windows Journal 2016-12-26 11:30 - 2014-11-05 21:43 - 00000000 ____D C:\Temp 2016-12-25 22:20 - 2014-10-05 15:52 - 00065152 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT 2016-12-25 22:09 - 2014-10-05 15:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2016-12-25 22:04 - 2015-04-01 08:30 - 00001803 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-12-25 22:04 - 2014-10-08 14:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify 2016-12-25 22:04 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-12-25 22:03 - 2014-10-05 15:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-12-25 21:30 - 2014-10-08 09:15 - 00000000 ____D C:\ProgramData\Apple 2016-12-25 21:00 - 2015-11-26 18:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Samsung 2016-12-25 21:00 - 2015-11-26 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-12-25 21:00 - 2015-11-26 18:24 - 00000000 ____D C:\Program Files (x86)\Samsung 2016-12-25 20:47 - 2014-10-07 16:59 - 00000000 ____D C:\ProgramData\Big Fish 2016-12-25 20:16 - 2014-10-24 10:42 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apple Inc 2016-12-25 20:16 - 2014-10-08 09:18 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer 2016-12-25 20:16 - 2014-10-04 11:19 - 00000000 ____D C:\Users\Daniel 2016-12-25 17:41 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-12-25 16:50 - 2015-11-19 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-12-25 16:50 - 2014-10-05 15:42 - 00000000 ____D C:\Program Files\Java 2016-12-25 16:49 - 2014-10-17 20:40 - 00000000 ____D C:\Program Files (x86)\Java 2016-12-25 16:33 - 2014-10-05 17:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc 2016-12-23 10:32 - 2014-10-07 16:59 - 00000000 ____D C:\ProgramData\TEMP 2016-12-21 18:28 - 2009-07-14 06:08 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-12-18 16:35 - 2016-08-19 16:51 - 00000000 _____ C:\Windows\SysWOW64\last.dump 2016-12-18 14:03 - 2014-10-05 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-18 09:09 - 2016-11-18 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-12-17 11:27 - 2015-10-07 15:02 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DominiGames 2016-12-17 10:10 - 2015-10-15 10:32 - 00003426 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-17 10:10 - 2015-10-15 10:32 - 00003298 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-15 14:16 - 2015-06-16 18:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Elephant Games 2016-12-14 16:59 - 2014-10-08 14:39 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-12-14 16:59 - 2014-10-08 14:39 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-14 16:59 - 2014-10-08 14:39 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-12-14 15:36 - 2014-10-08 14:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-12-14 15:36 - 2014-10-08 14:39 - 00000000 ____D C:\Windows\system32\Macromed 2016-12-14 14:16 - 2015-10-15 10:34 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-14 14:16 - 2015-10-15 10:34 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-09 10:08 - 2014-11-05 21:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\ElevatedDiagnostics 2016-12-09 08:11 - 2015-12-11 11:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\4 Friends Games 2016-12-06 17:21 - 2014-10-13 11:34 - 00000000 ____D C:\Users\Daniel\AppData\Local\Spotify 2016-12-06 10:03 - 2015-06-22 12:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ERS Game Studios 2016-12-04 18:29 - 2016-11-10 11:47 - 00000000 ____D C:\Users\Daniel\Documents\Glämsta 2017 2016-12-02 09:23 - 2016-10-06 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-11-29 15:29 - 2015-06-16 17:17 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Eipix 2016-11-29 13:44 - 2015-07-25 19:20 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mad Head Games 2016-11-29 08:49 - 2014-10-08 14:51 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update ==================== Files in the root of some directories ======= 2014-10-05 15:45 - 2016-07-29 13:58 - 0000027 _____ () C:\Program Files\plugins.dat 2016-02-08 18:48 - 2016-02-08 18:48 - 0003072 _____ () C:\Users\Daniel\AppData\Roaming\.spark_db 2016-01-08 09:17 - 2016-03-10 14:37 - 0000000 _____ () C:\Users\Daniel\AppData\Roaming\log.txt 2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\AtStart.txt 2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\DSwitch.txt 2015-04-24 17:34 - 2016-05-12 11:01 - 42304896 _____ (Sony) C:\Users\Daniel\AppData\Local\pcc.exe 2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\QSwitch.txt 2016-07-08 18:10 - 2016-07-08 18:10 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP: ==================== C:\Users\Daniel\AppData\Local\Temp\ACLMInstaller.exe C:\Users\Daniel\AppData\Local\Temp\libeay32.dll C:\Users\Daniel\AppData\Local\Temp\msvcr120.dll C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-07-17 13:13 ==================== End of FRST.txt ============================ Addition1.txt AdwCleanerC0.txt
  15. Hej Cecilia God fortsättning på helgerna. Long time no hear Trodde jag skulle klara sista veckan på året utan att behöva störa dig, men på julafton kom lillebror med sin laptop o sa att den var seg. :/ Jo den var seg men inte katastrof, dock, en 120Gb hdd med endast knappt 4Gb ledigt utrymme är ju förstås ingen höjdare. Han har en förmåga att spela olika flashspel samt spel som kommer från bigfishgames eller något liknande. Normalt när jag får hans datorer brukar jag blåsa och installera om. Denna gång verkar det inte vara så illa. Avinstallerade ca 20Gb program, filer, spel o tömde cache på browsers körde MS Diskrensningsverktyg som lyckades plocka väck ca 25 Gb! Körde chkdsk, defrag och winupdates. Maskinen går riktigt bra nu. (Drygt 40Gb ledigt på C:) Inga virus hittade av Avast. Tänkte att jag kör ADWClean o ser om det finns rester av spelen. Insåg att det var mer än jag trodde som ser ut att finnas kvar och ber ödmjukast om tolkningshjälp. Tack //millpark10 (sparade inte adwclean-loggen utan började i "rätt ända" med FRST o postning i forumet istället) Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016 Ran by Daniel (administrator) on DANIEL-HP-DATOR (29-12-2016 02:35:47) Running from C:\Users\Daniel\Downloads\AV_2016re Loaded Profiles: Daniel (Available Profiles: Daniel) Platform: Windows 7 Professional Service Pack 1 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE () C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe () C:\Windows\SysWOW64\SecUPDUtilSvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Windows\vsnpstd3.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Windows\FixCamera.exe () C:\Windows\tsnpstd3.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated) HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] () HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [soundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) HKLM-x32\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [20480 2007-02-10] () HKLM-x32\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] () HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [270336 2007-03-10] () HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\Run: [sTUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] () HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {406b7ffb-ea8e-11e4-b8bb-705ab6a76618} - E:\startme.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {85bb1a00-39ba-11e5-a74f-0026c606fa42} - E:\AutoRun.exe HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{09899BC7-D371-400D-A83B-434138817B2A}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{9B695061-0E4A-437C-AC02-6CB824B1575C}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{9E635E13-5235-446F-90EE-F1ABC5F48E07}: [DhcpNameServer] 172.20.10.1 Internet Explorer: ================== SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=2043&systemid=406&v=n15946-666&apn_uid=8848744470194470&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=2043&systemid=406&v=n15946-666&apn_uid=8848744470194470&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKU\S-1-5-21-2331861272-3787314368-3103865204-1000 -> {2B200296-A4CF-4713-9F9B-9733A2AAA664} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} SearchScopes: HKU\S-1-5-21-2331861272-3787314368-3103865204-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-25] (AVAST Software) BHO: No Name -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> No File BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software) BHO-x32: No Name -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> No File BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\blnangbh.default-1477310370794 [2016-12-29] FF Homepage: Mozilla\Firefox\Profiles\blnangbh.default-1477310370794 -> hxxps://www.google.com/ FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml [2015-03-29] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] () FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] () FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2331861272-3787314368-3103865204-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-09-01] (Sony Network Entertainment International LLC) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default [2016-12-28] CHR Extension: (Google Presentationer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15] CHR Extension: (Google Dokument) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-23] CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-23] CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-18] CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-23] CHR Extension: (Google Kalkylark) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-15] CHR Extension: (Google Dokument Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-21] CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-08-24] CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-27] CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-18] CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software) R2 SamsungCloudPrintSvc; C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe [907568 2016-01-28] () R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2016-04-28] () S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S4 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2085760 2016-09-16] (Sony) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software) R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130688 2014-03-14] (Gemalto) R3 HBtnKey; C:\Windows\System32\DRIVERS\cpqbttn.sys [19000 2010-02-24] (Hewlett-Packard Company) S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2014-07-15] (Apple Inc.) [File not signed] R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1875624 2008-10-09] () S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550656 2007-03-26] (Sonix Co. Ltd.) S3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10252544 2007-03-26] (Sonix Co. Ltd.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-29 02:35 - 2016-12-29 02:35 - 00000000 ____D C:\FRST 2016-12-29 02:33 - 2016-12-29 02:35 - 00000000 ____D C:\Users\Daniel\Downloads\AV_2016re 2016-12-29 02:26 - 2016-12-29 02:28 - 00000000 ____D C:\AdwCleaner 2016-12-28 14:49 - 2016-12-28 14:50 - 00000000 ____D C:\Users\Daniel\Desktop\MSupdates 2016-12-28 14:46 - 2016-12-28 14:46 - 00000000 ____D C:\2cd80aef570097c8e78c11630f 2016-12-27 03:14 - 2016-06-11 07:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-12-27 03:14 - 2016-06-11 05:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-12-27 03:14 - 2016-06-10 22:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-12-27 03:14 - 2016-06-10 22:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2016-12-27 03:14 - 2016-06-10 22:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2016-12-27 03:14 - 2016-06-10 22:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2016-12-27 03:14 - 2016-06-10 22:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-12-27 03:14 - 2016-06-10 22:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-12-27 03:14 - 2016-06-10 22:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2016-12-27 03:14 - 2016-06-10 22:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-12-27 03:14 - 2016-06-10 22:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-12-27 03:14 - 2016-06-10 22:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2016-12-27 03:14 - 2016-06-10 22:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-12-27 03:14 - 2016-06-10 22:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-12-27 03:14 - 2016-06-10 21:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2016-12-27 03:14 - 2016-06-10 21:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-12-27 03:14 - 2016-06-10 21:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-12-27 03:14 - 2016-06-10 21:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-12-27 03:14 - 2016-06-10 21:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2016-12-27 03:14 - 2016-06-10 21:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-12-27 03:14 - 2016-06-10 21:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-12-27 03:14 - 2016-06-10 21:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2016-12-27 03:14 - 2016-06-10 21:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-12-27 03:14 - 2016-06-10 21:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-12-27 03:14 - 2016-06-10 21:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-12-27 03:14 - 2016-06-10 21:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2016-12-27 03:14 - 2016-06-10 21:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-12-27 03:14 - 2016-06-10 20:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-12-27 03:14 - 2016-06-10 20:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-12-27 03:14 - 2016-06-10 20:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-12-27 03:14 - 2016-06-10 20:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2016-12-27 03:14 - 2016-06-10 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2016-12-27 03:14 - 2016-06-10 19:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-12-27 03:14 - 2016-06-10 19:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2016-12-27 03:14 - 2016-06-10 19:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2016-12-27 03:14 - 2016-06-10 19:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2016-12-27 03:14 - 2016-06-10 19:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-12-27 03:14 - 2016-06-10 19:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2016-12-27 03:14 - 2016-06-10 19:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2016-12-27 03:14 - 2016-06-10 19:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-12-27 03:14 - 2016-06-10 19:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-12-27 03:14 - 2016-06-10 19:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-12-27 03:14 - 2016-06-10 19:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2016-12-27 03:14 - 2016-06-10 19:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2016-12-27 03:14 - 2016-06-10 19:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2016-12-27 03:14 - 2016-06-10 19:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-12-27 03:14 - 2016-06-10 19:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2016-12-27 03:14 - 2016-06-10 19:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2016-12-27 03:14 - 2016-06-10 19:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2016-12-27 03:14 - 2016-06-10 19:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-12-27 03:14 - 2016-06-10 19:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2016-12-27 03:14 - 2016-06-10 19:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-12-27 03:14 - 2016-06-10 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-12-27 03:14 - 2016-06-10 19:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-12-27 03:14 - 2016-06-10 19:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-12-27 03:14 - 2016-06-10 19:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2016-12-27 03:14 - 2016-06-10 18:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-12-27 03:14 - 2016-06-10 18:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-12-27 03:14 - 2016-06-10 18:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-12-27 03:14 - 2016-06-10 18:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-12-27 03:13 - 2016-06-10 22:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-12-27 03:13 - 2016-06-10 22:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2016-12-27 03:13 - 2016-06-10 22:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-12-27 03:13 - 2016-06-10 22:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-12-27 03:13 - 2016-06-10 21:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2016-12-27 03:13 - 2016-06-10 20:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2016-12-27 03:12 - 2016-06-26 01:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll 2016-12-27 03:12 - 2016-06-25 20:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2016-12-27 03:12 - 2016-06-25 20:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2016-12-27 03:12 - 2016-06-25 20:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe 2016-12-27 03:12 - 2016-06-25 20:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe 2016-12-27 03:12 - 2016-06-25 20:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe 2016-12-27 03:12 - 2016-06-14 16:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-12-26 00:19 - 2016-12-26 00:19 - 00003664 ____N C:\bootsqm.dat 2016-12-25 22:19 - 2016-12-25 22:19 - 00000000 ____D C:\Users\Public\Documents\sun 2016-12-25 22:08 - 2016-12-25 22:09 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3 2016-12-25 22:08 - 2016-12-25 22:08 - 00001106 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk 2016-12-25 22:04 - 2016-12-25 22:04 - 00001817 _____ C:\Users\Daniel\Desktop\Spotify.lnk 2016-12-25 22:01 - 2016-12-26 14:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TeamViewer 2016-12-25 22:01 - 2016-12-25 22:01 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat 2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat 2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\Program Files (x86)\WinDirStat 2016-12-25 21:59 - 2016-12-25 21:59 - 00422480 _____ (Secure By Design Inc.) C:\Users\Daniel\Downloads\Ninite Avast Chrome CutePDF Firefox Java 8 Installer.exe 2016-12-25 16:21 - 2016-12-25 16:31 - 00000000 ____D C:\Users\Daniel\Desktop\Filer fr skrivbord 2016-12-25 16:06 - 2016-12-25 16:11 - 00000000 ____D C:\Users\Daniel\Downloads\HP installfiles 2016-12-18 11:56 - 2016-12-18 12:00 - 00015277 _____ C:\Users\Daniel\Documents\Utlägg kvitton DE 2016.ods ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-29 02:33 - 2014-10-08 14:39 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-12-29 02:30 - 2016-11-18 12:45 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Mozilla 2016-12-29 01:54 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-12-29 01:54 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-12-29 00:54 - 2016-07-08 14:24 - 00000000 ____D C:\Users\Daniel\Downloads\HP Downloads 2016-12-28 15:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-12-28 14:46 - 2011-04-12 15:28 - 00663728 _____ C:\Windows\system32\perfh01D.dat 2016-12-28 14:46 - 2011-04-12 15:28 - 00142496 _____ C:\Windows\system32\perfc01D.dat 2016-12-28 14:46 - 2009-07-14 06:13 - 01579154 _____ C:\Windows\system32\PerfStringBackup.INI 2016-12-28 14:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2016-12-28 13:51 - 2016-07-08 18:11 - 00000000 ____D C:\Program Files (x86)\HP 2016-12-28 13:49 - 2016-07-08 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-12-28 13:49 - 2014-10-04 12:22 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard 2016-12-28 13:42 - 2015-11-19 13:15 - 00000000 ____D C:\Windows\system32\appmgmt 2016-12-28 13:41 - 2016-07-08 18:11 - 00000000 ____D C:\ProgramData\HP 2016-12-27 17:46 - 2009-07-14 05:45 - 00300544 _____ C:\Windows\system32\FNTCACHE.DAT 2016-12-27 17:43 - 2011-04-12 15:39 - 00000000 ____D C:\Program Files\Windows Journal 2016-12-26 11:30 - 2014-11-05 21:43 - 00000000 ____D C:\Temp 2016-12-25 22:20 - 2014-10-05 15:52 - 00065152 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT 2016-12-25 22:09 - 2014-10-05 15:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2016-12-25 22:04 - 2015-04-01 08:30 - 00001803 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-12-25 22:04 - 2014-10-08 14:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify 2016-12-25 22:04 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2016-12-25 22:03 - 2014-10-05 15:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-12-25 21:30 - 2014-10-08 09:15 - 00000000 ____D C:\ProgramData\Apple 2016-12-25 21:00 - 2015-11-26 18:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Samsung 2016-12-25 21:00 - 2015-11-26 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2016-12-25 21:00 - 2015-11-26 18:24 - 00000000 ____D C:\Program Files (x86)\Samsung 2016-12-25 20:47 - 2014-10-07 16:59 - 00000000 ____D C:\ProgramData\Big Fish 2016-12-25 20:16 - 2014-10-24 10:42 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apple Inc 2016-12-25 20:16 - 2014-10-08 09:18 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer 2016-12-25 20:16 - 2014-10-04 11:19 - 00000000 ____D C:\Users\Daniel 2016-12-25 17:41 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2016-12-25 16:50 - 2015-11-19 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-12-25 16:50 - 2014-10-05 15:42 - 00000000 ____D C:\Program Files\Java 2016-12-25 16:49 - 2014-10-17 20:40 - 00000000 ____D C:\Program Files (x86)\Java 2016-12-25 16:33 - 2014-10-05 17:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc 2016-12-23 10:32 - 2014-10-07 16:59 - 00000000 ____D C:\ProgramData\TEMP 2016-12-21 18:28 - 2009-07-14 06:08 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-12-18 16:35 - 2016-08-19 16:51 - 00000000 _____ C:\Windows\SysWOW64\last.dump 2016-12-18 14:03 - 2014-10-05 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-12-18 09:09 - 2016-11-18 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-12-17 11:27 - 2015-10-07 15:02 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DominiGames 2016-12-17 10:10 - 2015-10-15 10:32 - 00003426 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-17 10:10 - 2015-10-15 10:32 - 00003298 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-15 14:16 - 2015-06-16 18:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Elephant Games 2016-12-14 16:59 - 2014-10-08 14:39 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-12-14 16:59 - 2014-10-08 14:39 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-12-14 16:59 - 2014-10-08 14:39 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-12-14 15:36 - 2014-10-08 14:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-12-14 15:36 - 2014-10-08 14:39 - 00000000 ____D C:\Windows\system32\Macromed 2016-12-14 14:16 - 2015-10-15 10:34 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-12-14 14:16 - 2015-10-15 10:34 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-12-09 10:08 - 2014-11-05 21:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\ElevatedDiagnostics 2016-12-09 08:11 - 2015-12-11 11:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\4 Friends Games 2016-12-06 17:21 - 2014-10-13 11:34 - 00000000 ____D C:\Users\Daniel\AppData\Local\Spotify 2016-12-06 10:03 - 2015-06-22 12:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ERS Game Studios 2016-12-04 18:29 - 2016-11-10 11:47 - 00000000 ____D C:\Users\Daniel\Documents\Glämsta 2017 2016-12-02 09:23 - 2016-10-06 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-11-29 15:29 - 2015-06-16 17:17 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Eipix 2016-11-29 13:44 - 2015-07-25 19:20 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mad Head Games 2016-11-29 08:49 - 2014-10-08 14:51 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update ==================== Files in the root of some directories ======= 2014-10-05 15:45 - 2016-07-29 13:58 - 0000027 _____ () C:\Program Files\plugins.dat 2016-02-08 18:48 - 2016-02-08 18:48 - 0003072 _____ () C:\Users\Daniel\AppData\Roaming\.spark_db 2016-01-08 09:17 - 2016-03-10 14:37 - 0000000 _____ () C:\Users\Daniel\AppData\Roaming\log.txt 2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\AtStart.txt 2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\DSwitch.txt 2015-04-24 17:34 - 2016-05-12 11:01 - 42304896 _____ (Sony) C:\Users\Daniel\AppData\Local\pcc.exe 2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\QSwitch.txt 2016-07-08 18:10 - 2016-07-08 18:10 - 0000057 _____ () C:\ProgramData\Ament.ini Some files in TEMP: ==================== C:\Users\Daniel\AppData\Local\Temp\ACLMInstaller.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-07-17 13:13 ==================== End of FRST.txt ============================ Addition.txt
×
×
  • Skapa nytt...