Just nu i M3-nätverket
Gå till innehåll

Leffan55

Medlem
  • Antal inlägg

    37
  • Gick med

  • Senaste besök

Allt postat av Leffan55

  1. Systemåterställning utförd,allt verkar fungera. Tack för all hjälp Cecilia.
  2. Det var SFC, kollar just nu.
  3. windows resource protection did not find any intergrity violations.
  4. Kommer ju inte åt kommandotolken, händer ingenting
  5. Detta kom upp vid kommandotolken: Error 740 Fick Error 740 elevated permission are required to runDISM Use an elevated command prompt to complete these tasks.
  6. Problemet var inte tidigare. Om jag gör en systemåterställning, kommer allt skit som jag tagit bort tillbaka då ?
  7. Jag kommer inte åt några program via windowsknappen, inte inställningar eller kommandotolken.
  8. Kommer inte åt mina appar via windowsknappen
  9. Efter denna operation så fungerar inte Windows knappen,sök knappen eller meddelande ikonen på verktygsfältet.
  10. Fix result of Farbar Recovery Scan Tool (x64) Version:17-02-2016 Ran by Leffan (2016-02-18 17:28:04) Run:1 Running from C:\Users\Leffan\Desktop Loaded Profiles: Leffan (Available Profiles: Leffan & DefaultAppPool) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: CloseProcesses: AlternateDataStreams: C:\ProgramData\Temp:073341D1 AlternateDataStreams: C:\ProgramData\Temp:07BF512B AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\ProgramData\Temp:56E2E879 AlternateDataStreams: C:\ProgramData\Temp:5C321E34 AlternateDataStreams: C:\ProgramData\Temp:6DFF1A8A AlternateDataStreams: C:\ProgramData\Temp:98181191 AlternateDataStreams: C:\ProgramData\Temp:C05ABBB5 AlternateDataStreams: C:\ProgramData\Temp:C5760A8B Reboot: ***************** Restore point was successfully created. Processes closed successfully. C:\ProgramData\Temp => ":073341D1" ADS removed successfully. C:\ProgramData\Temp => ":07BF512B" ADS removed successfully. C:\ProgramData\Temp => ":0B4227B4" ADS removed successfully. C:\ProgramData\Temp => ":373E1720" ADS removed successfully. C:\ProgramData\Temp => ":56E2E879" ADS removed successfully. C:\ProgramData\Temp => ":5C321E34" ADS removed successfully. C:\ProgramData\Temp => ":6DFF1A8A" ADS removed successfully. C:\ProgramData\Temp => ":98181191" ADS removed successfully. C:\ProgramData\Temp => ":C05ABBB5" ADS removed successfully. C:\ProgramData\Temp => ":C5760A8B" ADS removed successfully. The system needed a reboot. ==== End of Fixlog 17:28:40 ====
  11. Fix result of Farbar Recovery Scan Tool (x64) Version:17-02-2016 Ran by Leffan (2016-02-18 13:32:33) Run:6 Running from C:\Users\Leffan\Desktop Loaded Profiles: Leffan & DefaultAppPool (Available Profiles: Leffan & DefaultAppPool) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: CloseProcesses: Task: {B44DCCB2-CBCF-43CA-9AB4-DF65EEB3BDDD} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-1 -> No File <==== ATTENTION Task: {BCCF1E13-4ADA-4182-97D7-E996AD2B877E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {BDA71962-EA5D-4385-81B3-48EFF84EBB70} - \94A46359-5537-4201-BEFD-1EC63DFD0949 -> No File <==== ATTENTION Task: {C0D0348D-C956-46A1-B30F-B57043226A65} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-7 -> No File <==== ATTENTION Task: {C6FA3A30-ECA9-4DD0-85B3-7845A3DD0CCB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-4 -> No File <==== ATTENTION Task: {C7B71700-04D1-4AEC-8975-2B954CF4CA3D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {C9482E4C-B40B-42BD-8020-2AAC7828AC83} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit) Task: {CD41C298-24DD-4BF6-9270-1017E4B9D929} - System32\Tasks\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => pcalua.exe -a Z:\SETUP.EXE -d Z:\ Task: {D1A30C2B-02ED-4D75-8DDB-9D13BF40EC9E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-1 -> No File <==== ATTENTION Task: {D3DA3BE4-9D44-4387-9A8A-77A70F3DD1CD} - System32\Tasks\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\CloudAntivirus.exe -d C:\Users\Leffan\Desktop\Filhämtaren Task: {D41550B9-1CE4-4475-A57B-43C3155818D2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {D6BBD0A2-36BA-4F27-A243-E3D982AA8323} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {E3022D0E-ECFA-4AA9-A2A9-E563007E921C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {E48E7272-8EFE-40BA-8172-A9B5426507E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {E6423FD3-6C70-4406-81ED-A50E74108523} - \SpyHunter4Startup -> No File <==== ATTENTION Task: {E7E05EA5-8067-4E1E-8904-3B8FE7CE21BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {FC8AF801-5C9D-4E5D-973B-D3A3F36DB387} - System32\Tasks\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => K:\autorunce.exe Reboot: ***************** Restore point was successfully created. Processes closed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B44DCCB2-CBCF-43CA-9AB4-DF65EEB3BDDD} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-1 => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCCF1E13-4ADA-4182-97D7-E996AD2B877E} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDA71962-EA5D-4385-81B3-48EFF84EBB70} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\94A46359-5537-4201-BEFD-1EC63DFD0949 => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0D0348D-C956-46A1-B30F-B57043226A65} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-7 => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6FA3A30-ECA9-4DD0-85B3-7845A3DD0CCB} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-4 => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7B71700-04D1-4AEC-8975-2B954CF4CA3D} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9482E4C-B40B-42BD-8020-2AAC7828AC83} => key not found. C:\WINDOWS\System32\Tasks\Driver Booster Scheduler => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD41C298-24DD-4BF6-9270-1017E4B9D929} => key not found. C:\WINDOWS\System32\Tasks\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1A30C2B-02ED-4D75-8DDB-9D13BF40EC9E} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-1 => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3DA3BE4-9D44-4387-9A8A-77A70F3DD1CD} => key not found. C:\WINDOWS\System32\Tasks\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D41550B9-1CE4-4475-A57B-43C3155818D2} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6BBD0A2-36BA-4F27-A243-E3D982AA8323} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3022D0E-ECFA-4AA9-A2A9-E563007E921C} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E48E7272-8EFE-40BA-8172-A9B5426507E1} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6423FD3-6C70-4406-81ED-A50E74108523} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7E05EA5-8067-4E1E-8904-3B8FE7CE21BD} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC8AF801-5C9D-4E5D-973B-D3A3F36DB387} => key not found. C:\WINDOWS\System32\Tasks\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => key not found. The system needed a reboot. ==== End of Fixlog 13:32:52 ==== Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-02-2016 Ran by Leffan (2016-02-18 13:29:11) Running from C:\Users\Leffan\Desktop Windows 10 Home (X64) (2016-02-17 10:04:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administratör (S-1-5-21-2436640913-3975503498-2043303906-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2436640913-3975503498-2043303906-503 - Limited - Disabled) Gäst (S-1-5-21-2436640913-3975503498-2043303906-501 - Limited - Disabled) Leffan (S-1-5-21-2436640913-3975503498-2043303906-1001 - Administrator - Enabled) => C:\Users\Leffan ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\uTorrent) (Version: 3.4.5.41073 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 17.2.1 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated) Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.) Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit) Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{AB71D51A-DD83-4C22-98E2-DF8CB803F65D}) (Version: 1.14.17.06729 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.14.17.06729 - Alcor Micro Corp.) Hidden Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Apple-programstöd (32-bitar) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.) Apple-programstöd (64-bitar) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.) AVCWare Ringtone Maker (HKLM-x32\...\AVCWare Ringtone Maker) (Version: 2.0.5.20120712 - AVCWare) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6172 - AVG Technologies) AVG 2015 (Version: 15.0.6172 - AVG Technologies) Hidden BankID säkerhetsprogram (HKLM-x32\...\{1BDBF557-BA87-438F-9B28-AE4D836E35BA}) (Version: 7.1.0.20 - Finansiell ID-Teknik BID AB) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version: - ) Compatibility Pack för Office 2007-systemet (HKLM-x32\...\{90120000-0020-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.) DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard) DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software) Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - ) EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 2.7 - Poikosoft) Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation) FileSearchy Pro (HKLM-x32\...\FileSearchy Pro) (Version: 1.11 - Midlinesoft) FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory) FSS Google Maps Downloader version 2.0.8.1 (HKLM-x32\...\FSS Google Maps Downloader_is1) (Version: 2.0.8.1 - FreeSmartSoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.) HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard) HP MAINSTREAM KEYBOARD (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.4.3.0 - Hewlett-Packard) HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard) HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Product Detection (HKLM-x32\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP) HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP) HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard) HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard) HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC) HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation) HTC Sync (HKLM-x32\...\{1F9E5C64-165D-4679-BBB3-498D216D017B}) (Version: 3.3.7 - HTC Corporation) HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.13.0 - HTC) Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation) IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.41 - Irfan Skiljan) iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.) Kursomvandlaren 1.0 (HKLM-x32\...\Kursomvandlaren) (Version: 1.0 - Kursomvandlaren.se) Leapic Audio Cutter 3.0 (HKLM-x32\...\Leapic Audio Cutter_is1) (Version: - Leapic Software) LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_ENTERPRISE_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_ENTERPRISE_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version: - Microsoft) Microsoft Office PowerPoint Viewer 2007 (Swedish) (HKLM-x32\...\{95120000-00AF-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_ENTERPRISE_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version: - Microsoft) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard) Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden Mozilla Firefox 43.0.1 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 sv-SE)) (Version: 43.0.1 - Mozilla) Mozilla Firefox 44.0.2 (x64 sv-SE) (HKLM\...\Mozilla Firefox 44.0.2 (x64 sv-SE)) (Version: 44.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Nordea NCR1 Installationspaket (HKLM-x32\...\{CD9A35D4-8A81-4188-98AF-14D759083FB4}) (Version: 1.00.000 - Todos Data System AB) NVIDIA 3D Vision drivrutin 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation) NVIDIA 3D Vision drivrutin för styrenhet 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.70 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation) NVIDIA Grafikdrivrutin 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA-uppdatering 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Panda Cloud Antivirus (HKLM\...\{8BA78FA6-E817-454C-9D32-8DE04404119E}) (Version: 4.02.00.0000 - Panda Security) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) PopChar 6.0 (HKLM\...\ergonis PopChar_is1) (Version: 6.0 - Ergonis Software) Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.) Power2Go (x32 Version: 6.1.3810 - CyberLink Corp.) Hidden Privacy Eraser (HKLM\...\{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 4.4.0.1580 - Cybertron Software Co., Ltd.) PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) QuickTime Alternative 3.1.1 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.1.1 - ) Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.23.0 - Mediatek) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.30.1019.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 5.5.2719 - CyberLink Corp.) Hidden Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.) SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com) Spotify (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Spotify) (Version: 1.0.20.101.ge6957e14 - Spotify AB) SpringFiles (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\SpringFiles) (Version: 29.15.38 - hxxp://www.spring-file.com) SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - ) System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC) UniPDF 1.0.5 (HKLM-x32\...\UniPDF) (Version: 1.0.5 - UniPDF.com) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.) Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Leffan\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {015D92BF-3905-4212-8E37-9573EF8946D3} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {017E6A68-2D3A-4FA1-B9C4-489B1D3AE6D0} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-05-29] () Task: {047C2F9F-5DEA-4650-B407-DC0512536094} - System32\Tasks\{5EC01EB6-9E5A-404A-99B8-6CF97B7ED3DD} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {0809A89E-404A-4D5D-9B26-081576289B9C} - System32\Tasks\Cybertron\Privacy Eraser\SkipUAC_Leffan => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser.exe [2015-10-02] (Cybertron Software, Co., Ltd.) Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {0D55A894-4243-46AA-BE55-3FFB87D20595} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] () Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {13353C5F-3569-4E84-A2EE-1A5DC2B78CEF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-16] (Microsoft Corporation) Task: {13802080-A435-460E-A8C8-EE026D9DF1F0} - System32\Tasks\{B1087BD8-E5F8-459E-BA42-82D7589A720E} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {1537EDA8-027A-4507-AC4E-93A4E0BFC640} - \Driver Booster SkipUAC (Leffan) -> No File <==== ATTENTION Task: {1BE0B7D9-F640-4E4D-BF8A-D035646B5661} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {1D3967CC-676A-486B-A20A-3DA07F5B7958} - System32\Tasks\{0FB8EBCC-9766-45A7-A303-D09B0B9BD45F} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {2341FCA8-7C90-436F-8B08-84E93950E58A} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {2575C29E-BA05-48B9-B0EF-6862BF8429B2} - System32\Tasks\{39A1BCC2-0D94-4E8E-8E99-434667EC37F3} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {27122E99-4230-4EE8-856C-CC8CD289A0AC} - System32\Tasks\{1E89BF2A-0738-4751-B74F-BCC148691285} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {29990644-B79A-4F9B-B184-45225F368080} - System32\Tasks\{2FC1D531-7D62-49B0-92F6-4B6A33DC012C} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {30EEFFE7-99F8-4860-A81D-2AFAEDBE4098} - System32\Tasks\{998C7732-8855-4A08-BA4C-F1AA473C9E70} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {315B28B0-9835-4E3F-B81E-0E16ADEAA9C8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {32ABA5C1-E0ED-4BDF-86A9-C75D45B0BB89} - System32\Tasks\{BF677917-AD42-4C99-9564-FF7DBC764A70} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {33589691-0896-46B4-82DB-FA2BA62038EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {3A32527B-676D-44D5-A90F-6BFEC2A4F8B3} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {420544F1-038F-40DC-BCED-EE3CA989F9F6} - \CCleanerSkipUAC -> No File <==== ATTENTION Task: {444C3CA9-1CE7-4575-9A68-6A1FDBB08DBB} - System32\Tasks\{20ECD2CE-4BE8-4120-86B6-DA4CED53A141} => pcalua.exe -a "J:\Program\Logitech Mus MX310\mw9791sve.exe" -d "J:\Program\Logitech Mus MX310" Task: {4D515E26-8912-4948-B044-54DA5F548274} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {4D714B6F-CC7F-434B-B049-EC548F68FAF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {4E644A8D-2A48-4553-8495-CD9AC56C475A} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2010-02-02] (PC-Doctor, Inc.) Task: {5B252DF3-DD42-4593-8E1F-70DA4CD5C926} - System32\Tasks\HPCeeScheduleForLeffan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard) Task: {5C3682DC-00C4-42B6-BDF4-291CE450520B} - System32\Tasks\{F72B7057-8A2E-4A3A-B919-8BDB5F2C34D5} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {6AEB90CA-E25E-4F7A-B6D0-7D1E6D95B5F8} - System32\Tasks\{3408CB37-2C67-46A7-928D-1F3F71DBEED5} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {80D92798-093B-468D-B973-D733520C10F6} - System32\Tasks\ASC7U_SkipUac_Leffan => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {8B42502E-AF26-4A3D-AB75-BFDE38F8AF19} - System32\Tasks\{649C94FF-5E42-4F31-9F1C-CDDB2C654B8B} => pcalua.exe -a "C:\Program Files (x86)\AVS4YOU\Uninstall.exe" Task: {8E7FC1F8-9DB1-46F7-AF7B-71F743F23BC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {93AA24D5-D9E4-469D-B51A-E507DFB86F5F} - System32\Tasks\{8696F1B7-7B49-4C88-86BE-E5436E6B9BE6} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\daemon-tools.exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: {94725C4A-D8DC-4E84-AEC9-35897AA0FFD5} - System32\Tasks\{4A6B5362-1860-456A-8FAB-6FC474D30AD7} => pcalua.exe -a "C:\Windows\SysWOW64\Adobe\Shockwave 11\syminstallstub.exe" -d C:\Users\Leffan\Desktop -c /partnerid=adobe /productlist=nss /staging=false /debug /delay=0 Task: {9A7CE315-F2C2-4B0B-8DA0-9CAF1E927ACA} - System32\Tasks\{8A0B35A7-C76F-4160-875B-0BB3716F167C} => pcalua.exe -a "C:\Users\Leffan\Desktop\Eget\Olika Prog\wmp11-windowsxp-x86-SV-SE.exe" -d "C:\Users\Leffan\Desktop\Eget\Olika Prog" Task: {9CD1E83E-15B1-4314-8AC2-A61E697DE0A4} - System32\Tasks\{1490BFE5-F5BB-46E0-B4CD-3438C4957884} => pcalua.exe -a E:\SETUP.EXE -d E:\ Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {9FD1CE56-EE7B-46D6-9B34-6DA76FB6DC3D} - System32\Tasks\{5B06E479-555D-4864-88DE-72A2B6FBB1FD} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {A16E9003-48D6-4F34-8636-B33F3D67537A} - System32\Tasks\{6EBDE3E0-2BE7-4C3C-B5E1-2605F8CB5563} => K:\autorunce.exe Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {B615642F-8AF5-4AD7-91F3-7A384DC7BAC1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {BA1D5441-965F-4AE2-B6B4-DE072B4F1248} - System32\Tasks\{7BB7C00D-46F6-4294-BD6C-567F503637BE} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {BF83FDDD-7C67-489B-96E9-2F7FB75415A5} - System32\Tasks\ASC9_SkipUac_Leffan => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2015-11-30] (IObit) Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {D5202B90-EDB2-4155-A1EC-894D7B408267} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-04] (Adobe Systems Incorporated) Task: {D8638B38-356A-42C6-AA41-E91C12A2A6E8} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard) Task: {D98F64A5-ECB7-4D90-9CC0-A4EEBC4B262E} - System32\Tasks\FileSearchyPro_SkipUAC => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [2014-02-14] () Task: {DF59405B-CB86-427C-A8D5-0EA50790CFFF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {E47DC616-F79D-4ECC-A214-5E9F4131EE24} - System32\Tasks\{5BA75C5D-537E-401B-BB74-A1494BA2FCE4} => pcalua.exe -a "C:\Program Files (x86)\Personal\bin\persinst.exe" -d "C:\Program Files (x86)\Personal\bin" Task: {E604A3F7-FC9F-4A15-B8C2-9EFFB0635A06} - System32\Tasks\Google Updater and Installer => C:\Users\Leffan\AppData\Local\Google\Update\GoogleUpdate.exe Task: {E886E1C4-44AE-44C1-87C7-9AAC8FB9DAA1} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] () Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {EA2197B3-EBEC-433D-9B3E-FEA775E25760} - System32\Tasks\{F7F5755D-563D-42D9-89E1-5872D836B8EB} => C:\Users\Leffan\Desktop\Eget\EuroC\setup.exe Task: {EC34AB08-DCA1-477E-A034-5DB7B65F6B87} - System32\Tasks\{D6F371CA-08A1-4B7E-9E2D-7585D37A4DC2} => K:\Program\CD-LP Skivor Cardfile\Cardfile.exe Task: {F29CE86A-3B32-4B44-A08F-964AF154EA4E} - System32\Tasks\{803EC8C1-976B-466E-8FEE-A1E65CA27538} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {F6FC083E-8783-4D79-B152-E051CE275512} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {FAEA5001-7894-4392-AAEB-83E6A5C0C348} - System32\Tasks\{FF41CD49-FDD3-43FC-8C2F-819BCD47E52D} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Leffan.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForLeffan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-02-17 10:31 - 2015-10-13 18:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-02-17 10:19 - 2016-02-17 10:19 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-02-17 10:19 - 2016-02-17 10:19 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2014-05-27 11:33 - 2014-05-27 11:33 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe 2016-02-17 10:19 - 2016-02-17 10:19 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-02-17 10:19 - 2016-02-17 10:19 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-02-17 10:19 - 2016-02-17 10:19 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-02-17 10:19 - 2016-02-17 10:19 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-02-17 10:19 - 2016-02-17 10:19 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-02-17 10:19 - 2016-02-17 10:19 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-02-17 11:48 - 2016-02-17 11:49 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2014-03-24 10:31 - 2014-03-24 10:31 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll 2014-05-27 11:32 - 2014-05-27 11:32 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll 2014-03-24 10:32 - 2014-03-24 10:32 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll 2014-03-24 10:32 - 2014-03-24 10:32 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll 2014-03-24 10:32 - 2014-03-24 10:32 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll 2014-03-24 10:34 - 2014-03-24 10:34 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll 2014-03-24 10:36 - 2014-03-24 10:36 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll 2013-11-15 18:42 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2016-02-11 08:23 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll 2016-02-11 08:23 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll 2016-02-17 11:48 - 2016-02-17 11:49 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-02-17 11:48 - 2016-02-17 11:49 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:073341D1 AlternateDataStreams: C:\ProgramData\Temp:07BF512B AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\ProgramData\Temp:56E2E879 AlternateDataStreams: C:\ProgramData\Temp:5C321E34 AlternateDataStreams: C:\ProgramData\Temp:6DFF1A8A AlternateDataStreams: C:\ProgramData\Temp:98181191 AlternateDataStreams: C:\ProgramData\Temp:C05ABBB5 AlternateDataStreams: C:\ProgramData\Temp:C5760A8B ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\1001movie.com -> 1001movie.com There are 6127 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2015-09-21 15:46 - 00000949 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.iobit.com 127.0.0.1 www.asc55.iobit.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leffan\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: LightScribeService => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NAUpdate => 3 MSCONFIG\Services: Secunia PSI Agent => 2 MSCONFIG\Services: Secunia Update Agent => 2 MSCONFIG\Services: SpyHunter 4 Service => 2 MSCONFIG\Services: WinDefend => 2 MSCONFIG\Services: WiseBootAssistant => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BankID säkerhetsprogram.lnk => C:\Windows\pss\BankID säkerhetsprogram.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Leffan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Setup.lnk => C:\Windows\pss\Setup.lnk.Startup MSCONFIG\startupfolder: C:^Users^Leffan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^YoWindow.lnk => MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: AVG_UI => MSCONFIG\startupreg: Browsers Protector => MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: CommonToolkitTray => MSCONFIG\startupreg: CPA => MSCONFIG\startupreg: Google Update => MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup MSCONFIG\startupreg: IAStorIcon => MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Logitech Utility => LOGI_MWX.EXE MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Leffan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime Alternative\QTTask.exe" -atboottime MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s MSCONFIG\startupreg: SDTray => MSCONFIG\startupreg: SearchSettings => MSCONFIG\startupreg: sfagent => MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background MSCONFIG\startupreg: Spybot-S&D Cleaning => MSCONFIG\startupreg: SpybotSD TeaTimer => MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: Telia => HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "SDTray" HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall" HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "FileSearchy Pro" HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{6B1D7C96-BCB3-4CA5-98B3-2B275CA0F642}] => (Block) C:\users\leffan\appdata\roaming\spotify\spotify.exe FirewallRules: [{2505942A-00EC-459D-9FBE-A749E520EAAB}] => (Block) C:\users\leffan\appdata\roaming\spotify\spotify.exe FirewallRules: [uDP Query User{BDEF94DD-FCDA-4F33-9CEE-6BCD7F48624B}C:\users\leffan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leffan\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{7FBA5499-5F04-4324-9E55-E53B4D075F48}C:\users\leffan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leffan\appdata\roaming\spotify\spotify.exe FirewallRules: [{99C4FCC9-849E-4A2F-9371-8F09DEB7F6CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{77100609-AF62-4E05-9D6B-328B187CB96D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{50DB1AD2-57AF-46B5-AD32-B0F5CF878655}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{FF2E9711-5D11-451D-9378-8CCB479EF96A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{53AC1C04-B420-492E-9261-3263116AA84D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0BA1D425-7352-4A30-8E13-54FE2BB5B487}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D3210709-F65D-433A-AFC8-2C8DB89AEBBD}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{23CED342-45A6-4B53-AE9C-C590CDD84CF8}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0C9B086A-472D-4803-A2B9-869EFFE3B3D7}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8B1EB20C-507A-4285-B609-5A252554FC65}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{82E67E65-D8D1-420B-A3E5-EFBA05E91C1D}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{08AD2175-9C59-410C-874E-D09D1F301738}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E39CA200-0F33-44F5-9A7B-9650A14E2E70}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{2BF69994-4495-4298-8923-51066558E4FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{20B04BB7-7D9A-4995-B306-CB902B36D93C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{232693B7-0B9B-4B06-BF78-6A7263CBA1C5}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [uDP Query User{67C6D7D6-5C3C-4470-992E-90312FA30D1F}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [TCP Query User{5579ED67-C65C-4EC8-BD0A-F7C5294232F6}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe FirewallRules: [uDP Query User{AB9F266D-DD59-4304-A141-E14B84A63464}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe FirewallRules: [{01149F99-49F3-40DF-9C1E-E3A30A3283E6}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [{FA88A1AC-3745-4E4B-B54B-C66E2E01D226}] => (Allow) C:\Windows\SysWOW64\msiexec.exe FirewallRules: [TCP Query User{73A9521C-0D38-4123-8771-C8F1BCAD70D4}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops\blackops.exe FirewallRules: [uDP Query User{32F2739C-25AB-4EF8-ABCF-3BE7532946AA}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops\blackops.exe FirewallRules: [TCP Query User{99F0F9AB-FEDA-4514-BEF2-CAFD9749D793}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [uDP Query User{C74B7532-6DE7-4512-8F60-9CE5B5C4DF10}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe FirewallRules: [TCP Query User{17073FEE-EC8E-4B73-B4EB-5136E9BBCD09}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe FirewallRules: [uDP Query User{456024A2-EECA-41DF-8DCB-5BE0CE2C9A65}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe FirewallRules: [TCP Query User{1E7B6E7F-8DFA-4BF9-A7A9-E038E30C413E}C:\program files (x86)\utorrent.exe] => (Allow) C:\program files (x86)\utorrent.exe FirewallRules: [uDP Query User{B6D56527-655A-44B0-9B3C-6F8C9ADD9565}C:\program files (x86)\utorrent.exe] => (Allow) C:\program files (x86)\utorrent.exe FirewallRules: [{47BCD015-8C25-4976-9489-EC0990529AB3}] => (Block) C:\program files (x86)\utorrent.exe FirewallRules: [{8B481F7A-E28A-421F-997C-E81C94C96E2B}] => (Block) C:\program files (x86)\utorrent.exe FirewallRules: [TCP Query User{E8002486-FC7A-41FC-B15C-77763877274D}C:\users\leffan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\leffan\appdata\roaming\utorrent\utorrent.exe FirewallRules: [uDP Query User{403B1697-4BFC-4554-A0C3-B4BCEBC988D2}C:\users\leffan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\leffan\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{6D1688F0-0A73-4D68-95D2-8C8B73653695}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{37AF9967-E0CE-4DD9-AC91-97FC980C56A0}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2E131DD2-BA3D-4629-9017-B8B17CFB9E03}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe FirewallRules: [{C68DC0A4-8072-4895-8643-C3C9A2B4B71E}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe FirewallRules: [TCP Query User{682DDBFB-3A51-47F5-A1A5-77B7F1B158C6}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe FirewallRules: [uDP Query User{F79188FF-B780-4047-AEDE-4B2431F1E67D}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe FirewallRules: [{1932C498-C858-47B3-9A07-EA7FA7E506AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{12EA3144-6F12-49C7-95BA-9C79CBE11EF3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{C91C2882-0D8B-4501-8C76-C5BE700687D8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [uDP Query User{EDCD2296-5E21-478A-A5E6-5657B2F41079}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{9A5B3D93-837E-4A64-A0F9-2BC4813DFCE1}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe FirewallRules: [{FC826B1C-502F-4B67-B045-1DB4E7F337E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 17-02-2016 11:41:52 Revo Uninstaller Pro's restore point - Spybot - Search & Destroy 17-02-2016 11:53:11 Restore Point Created by FRST 18-02-2016 12:59:17 Revo Uninstaller Pro's restore point - Driver Booster 3.2 18-02-2016 13:04:23 Restore Point Created by FRST 18-02-2016 13:12:23 Revo Uninstaller Pro's restore point - IObit Malware Fighter 3 18-02-2016 13:15:58 Revo Uninstaller Pro's restore point - IObit Uninstaller 18-02-2016 13:17:32 Revo Uninstaller Pro's restore point - Smart Defrag 4 18-02-2016 13:18:52 Revo Uninstaller Pro's restore point - Java 8 Update 65 18-02-2016 13:19:08 Removed Java 8 Update 65 18-02-2016 13:20:10 Revo Uninstaller Pro's restore point - Java 8 Update 66 18-02-2016 13:20:30 Removed Java 8 Update 66 18-02-2016 13:21:38 Revo Uninstaller Pro's restore point - Java 8 Update 72 18-02-2016 13:22:03 Removed Java 8 Update 72 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/18/2016 01:22:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services. Details: AddLegacyDriverFiles: Unable to back up image of binary RegFilter. System Error: Det går inte att hitta filen. . Error: (02/18/2016 01:22:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Åtkomst nekad. . Error: (02/18/2016 01:21:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services. Details: AddLegacyDriverFiles: Unable to back up image of binary RegFilter. System Error: Det går inte att hitta filen. . Error: (02/18/2016 01:21:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Åtkomst nekad. . Error: (02/18/2016 01:20:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services. Details: AddLegacyDriverFiles: Unable to back up image of binary RegFilter. System Error: Det går inte att hitta filen. . Error: (02/18/2016 01:20:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Åtkomst nekad. . Error: (02/18/2016 01:20:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services. Details: AddLegacyDriverFiles: Unable to back up image of binary RegFilter. System Error: Det går inte att hitta filen. . Error: (02/18/2016 01:20:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Åtkomst nekad. . Error: (02/18/2016 01:19:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services. Details: AddLegacyDriverFiles: Unable to back up image of binary RegFilter. System Error: Det går inte att hitta filen. . Error: (02/18/2016 01:19:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Åtkomst nekad. . System errors: ============= Error: (02/18/2016 01:21:08 PM) (Source: DCOM) (EventID: 10016) (User: Leffan-HP) Description: datorstandardvärdeLokalAktivering{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Leffan-HPLeffanS-1-5-21-2436640913-3975503498-2043303906-1001LocalHost (med LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (02/18/2016 01:21:07 PM) (Source: DCOM) (EventID: 10016) (User: Leffan-HP) Description: datorstandardvärdeLokalAktivering{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Leffan-HPLeffanS-1-5-21-2436640913-3975503498-2043303906-1001LocalHost (med LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (02/18/2016 01:05:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Tjänsten Windows Search kunde inte startas på grund av följande fel: %%3 Error: (02/18/2016 01:04:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Synkroniseringsvärd_4b6dbd avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 10000 millisekunder: Starta om tjänsten. Error: (02/18/2016 01:04:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Print Spooler avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 5000 millisekunder: Starta om tjänsten. Error: (02/18/2016 01:04:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Message Queuing avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 120000 millisekunder: Starta om tjänsten. Error: (02/18/2016 01:04:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Net.Pipe Lyssnaradapter avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 120000 millisekunder: Starta om tjänsten. Error: (02/18/2016 01:04:37 PM) (Source: WAS) (EventID: 5175) (User: ) Description: Lyssnaradaptern som servar protokollet net.pipe kopplades oväntat bort. Error: (02/18/2016 01:04:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Windows Modules Installer avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 120000 millisekunder: Starta om tjänsten. Error: (02/18/2016 01:04:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Tjänsten Windows Search avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten. CodeIntegrity: =================================== Date: 2016-02-18 13:28:40.220 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-18 13:28:40.214 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-18 13:25:24.482 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-18 13:25:24.476 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-18 12:48:19.702 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-18 12:48:19.695 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-18 12:48:19.621 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-18 12:48:19.613 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-18 12:48:19.603 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-18 12:48:08.651 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Core i7 CPU 860 @ 2.80GHz Percentage of memory in use: 26% Total physical RAM: 8151.07 MB Available physical RAM: 5969.16 MB Total Virtual: 16855.07 MB Available Virtual: 14593.68 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1383.85 GB) (Free:978.16 GB) NTFS Drive d: (HP_RECOVERY) (Fixed) (Total:12.88 GB) (Free:1.52 GB) NTFS ==>[system with boot components (obtained from drive)] Drive z: (På Emirates) (Fixed) (Total:931.51 GB) (Free:586.57 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 1397.3 GB) (Disk ID: 6E198BB1) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1383.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=12.9 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 57BA3405) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
  12. Vet ej om det är mer att göra,men nu fungerar windows update + edge. Tackar så hemskt mycket för hjälpen.
  13. Fix result of Farbar Recovery Scan Tool (x64) Version:07-02-2016 Ran by Leffan (2016-02-17 11:53:10) Run:4 Running from C:\Users\Leffan\Desktop Loaded Profiles: Leffan (Available Profiles: Leffan & DefaultAppPool) Boot Mode: Normal ============================================== fixlist content: ***************** CreateRestorePoint: CloseProcesses: HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKLM\...\Policies\Explorer: [NoInternetOpenWhith] 1 HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File BootExecute: autocheck autochk * ????????????? GroupPolicy: Restriction - Chrome <======= ATTENTION GroupPolicyScripts-x32: Restriction <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.babal.net/?gjj SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} URL = Toolbar: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> No Name - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} - No File Handler: gopher - No CLSID Value FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006 FF HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Leffan\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found CHR DefaultSearchURL: Profile 2 -> hxxp://yoursearching.com/web?type=ds&ts=1453735116&z=4a9e7198e19aef820e60986gfz0wccem9c4wbgdodz&from=free&uid=ST31500341AS_9VS46FW1&q={searchTerms} CHR DefaultSearchKeyword: Profile 2 -> yoursearching CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => No File CHR Plugin: (Java™ Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => No File CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => No File CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Google Wallet) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url> CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [dbehnicccappldhpklckppjcdhlhcpmj] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [idiadiegplldnjnnhjfcggldbkjokmmd] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url> R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO) S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] () R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-11-03] () S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO) R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.) S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.) R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.) S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [57928 2011-03-10] (Panda Security) S0 cffkog; System32\drivers\gatk.sys [X] U3 idsvc; no ImagePath U3 wpcsvc; no ImagePath 2016-02-05 13:42 - 2016-02-06 05:15 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler 2016-02-05 13:42 - 2016-02-06 05:15 - 00003078 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan) 2016-02-04 10:07 - 2016-02-05 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\Norton 2016-01-25 09:22 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\AVAST Software 2014-11-30 18:54 - 2014-11-30 12:41 - 1979240 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe Panda Cloud Antivirus (Version: 4.02.00.0000 - Panda Security) Hidden Task: {004BD1B3-5175-4FFF-8847-36552271C71A} - \Ad-Aware Antivirus Scheduled Scan -> No File <==== ATTENTION Task: {11DBE9C2-672A-4B9F-B337-91F4F6AECE6D} - System32\Tasks\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\irfanview_lang_svenska.exe -d C:\Users\Leffan\Desktop\Filhämtaren Task: {164D37C2-FBAD-47B4-93B5-3062D9BB06C8} - System32\Tasks\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(1).exe -d C:\Users\Leffan\Desktop\Filhämtaren Task: {16847A77-A515-451B-AD81-A369021D3F38} - System32\Tasks\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75} => K:\autorunce.exe Task: {16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD} - System32\Tasks\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4} => K:\autorunce.exe Task: {1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7} - System32\Tasks\{A3E12639-911A-493D-8291-C43934499F4D} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35\MacDrive_Pro_9.0.3.35_en_Setup.exe -d C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35 Task: {223310F3-934C-496C-A4FE-9810DEC59970} - System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => C:\ProgramData\UpdaterSrv\UpdaterSrv.exe [2015-11-27] () <==== ATTENTION Task: {2889796A-E8F9-4520-99FA-821415487847} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-4 -> No File <==== ATTENTION Task: {295C9287-7247-4241-A63A-13C569A31320} - System32\Tasks\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467} => K:\autorunce.exe Task: {29D5864E-025B-4966-A15A-DE22A64F2268} - System32\Tasks\{F1B96DF2-1E4B-4B84-B964-E431146708E6} => E:\SETUP.EXE Task: {30648DF9-E656-4A7A-89E0-13E228B8D121} - System32\Tasks\{AC2E07DB-99E6-453D-AA25-78F464F22D37} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(2).exe -d C:\Users\Leffan\Desktop\Filhämtaren Task: {317ABD25-4807-4239-9D10-2E7091227F3E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-5 -> No File <==== ATTENTION Task: {356EBFDA-3CC2-4016-8ED7-636D5E28828E} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION Task: {3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284} - System32\Tasks\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB} => Z:\Panda Internet Security 2012 16.00\PANDAIS12PROMO1M.exe Task: {444E300E-8607-4E58-8F83-E6C10EB96832} - System32\Tasks\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001 => Chrome.exe Task: {4D35091C-063F-4653-8089-D1F27F254E4A} - System32\Tasks\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734} => K:\autorunce.exe Task: {4EFDB5BD-5CF7-4748-A9BF-644E48425207} - System32\Tasks\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3} => E:\SETUP.EXE Task: {58C96A45-1DD1-4A30-8713-791B8136D6BC} - \060184C3-9766-46a0-B258-F4518A0B2633 -> No File <==== ATTENTION Task: {652D917A-B005-4661-AC63-65A9D11E503D} - \Trojan Killer -> No File <==== ATTENTION Task: {69EE0CD2-9496-49FC-A7BD-D1125394A0DB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-3 -> No File <==== ATTENTION Task: {6B448F61-307A-4135-AD66-6F550557B5DE} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-5 -> No File <==== ATTENTION Task: {6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-2 -> No File <==== ATTENTION Task: {74D6BFB7-14FC-4A5B-8098-40C8CC043052} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {77EB921A-148E-4F20-BA05-D35731BCCA98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {78039CD5-5495-42E4-BE47-5E3558F8B528} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-6 -> No File <==== ATTENTION Task: {85070D5E-1745-4C48-8902-71A36068310A} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-3 -> No File <==== ATTENTION Task: {898B9353-42B6-461F-82B1-7A6D54A86697} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {8EBC57F6-CD69-4FB0-A11D-E82261535D49} - System32\Tasks\{D296527F-224B-4CB7-8A65-6E8492A3448E} => E:\SETUP.EXE Task: {939CE0A3-F6DD-4A69-95CD-0E1B19588965} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-2 -> No File <==== ATTENTION Task: {AA8CC61F-0624-4AC9-89C5-F8AD72D82401} - \DealPlyUpdate -> No File <==== ATTENTION Task: {AADCE8B4-4F47-473C-84ED-6137DB7AC4F2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Reboot: ***************** Restore point was successfully created. Processes closed successfully. HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value removed successfully HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInternetOpenWhith => value removed successfully HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully C:\WINDOWS\SysWOW64\GroupPolicy\Machine => moved successfully "HKLM\SOFTWARE\Policies\Google" => key removed successfully "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully "HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully "HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75CC006D-9CF6-4B1D-84CA-A8B8122B71FD}" => key removed successfully HKCR\CLSID\{75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} => key not found. HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D554D8FC-B36D-4BB4-93DB-4A3394D505E3} => value removed successfully HKCR\CLSID\{D554D8FC-B36D-4BB4-93DB-4A3394D505E3} => key not found. HKCR\PROTOCOLS\Handler\gopher => key not found. Firefox "Keyword.URL" removed successfully HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Mozilla\Firefox\Extensions\\acewebextension_unlisted@acestream.org => value removed successfully Chrome DefaultSearchURL => removed successfully Chrome DefaultSearchKeyword => removed successfully C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => not found. C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => not found. C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => not found. C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => not found. C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf <==== ATTENTION => not found C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda <==== ATTENTION => not found "HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\adkocghdlgfalpfkdohnkeaknpmcejpo" => key removed successfully "HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\jpmkmilbnbcikglaaonnlcfboiniggbf" => key removed successfully "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\adkocghdlgfalpfkdohnkeaknpmcejpo" => key removed successfully "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dbehnicccappldhpklckppjcdhlhcpmj" => key removed successfully "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\idiadiegplldnjnnhjfcggldbkjokmmd" => key removed successfully "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmkmilbnbcikglaaonnlcfboiniggbf" => key removed successfully cmdGuard => Unable to stop service. cmdGuard => service removed successfully cmdHlp => Unable to stop service. cmdHlp => service removed successfully cpudrv64 => service removed successfully fsbts => Unable to stop service. fsbts => service removed successfully inspect => service removed successfully NNSALPC => Unable to stop service. NNSALPC => service removed successfully NNSPIHSW => service removed successfully NNSPRV => Unable to stop service. NNSPRV => service removed successfully PSKMAD => service removed successfully cffkog => service not found. idsvc => service removed successfully wpcsvc => service not found. C:\WINDOWS\System32\Tasks\Driver Booster Scheduler => moved successfully C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan) => moved successfully C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 => moved successfully C:\ProgramData\Norton => moved successfully C:\ProgramData\AVAST Software => moved successfully C:\ProgramData\BavPro_Setup_Mini_GL1.exe => moved successfully HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8BA78FA6-E817-454C-9D32-8DE04404119E}\\SystemComponent => value removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{004BD1B3-5175-4FFF-8847-36552271C71A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{004BD1B3-5175-4FFF-8847-36552271C71A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Antivirus Scheduled Scan" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11DBE9C2-672A-4B9F-B337-91F4F6AECE6D}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11DBE9C2-672A-4B9F-B337-91F4F6AECE6D}" => key removed successfully C:\WINDOWS\System32\Tasks\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{164D37C2-FBAD-47B4-93B5-3062D9BB06C8}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{164D37C2-FBAD-47B4-93B5-3062D9BB06C8}" => key removed successfully C:\WINDOWS\System32\Tasks\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16847A77-A515-451B-AD81-A369021D3F38}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16847A77-A515-451B-AD81-A369021D3F38}" => key removed successfully C:\WINDOWS\System32\Tasks\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD}" => key removed successfully C:\WINDOWS\System32\Tasks\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7}" => key removed successfully C:\WINDOWS\System32\Tasks\{A3E12639-911A-493D-8291-C43934499F4D} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3E12639-911A-493D-8291-C43934499F4D}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{223310F3-934C-496C-A4FE-9810DEC59970}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{223310F3-934C-496C-A4FE-9810DEC59970}" => key removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Software\UpdaterSrv" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2889796A-E8F9-4520-99FA-821415487847}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2889796A-E8F9-4520-99FA-821415487847}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-4 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{295C9287-7247-4241-A63A-13C569A31320}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{295C9287-7247-4241-A63A-13C569A31320}" => key removed successfully C:\WINDOWS\System32\Tasks\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29D5864E-025B-4966-A15A-DE22A64F2268}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29D5864E-025B-4966-A15A-DE22A64F2268}" => key removed successfully C:\WINDOWS\System32\Tasks\{F1B96DF2-1E4B-4B84-B964-E431146708E6} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F1B96DF2-1E4B-4B84-B964-E431146708E6}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30648DF9-E656-4A7A-89E0-13E228B8D121}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30648DF9-E656-4A7A-89E0-13E228B8D121}" => key removed successfully C:\WINDOWS\System32\Tasks\{AC2E07DB-99E6-453D-AA25-78F464F22D37} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AC2E07DB-99E6-453D-AA25-78F464F22D37}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{317ABD25-4807-4239-9D10-2E7091227F3E}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{317ABD25-4807-4239-9D10-2E7091227F3E}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-5 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{356EBFDA-3CC2-4016-8ED7-636D5E28828E}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{356EBFDA-3CC2-4016-8ED7-636D5E28828E}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (SYSTEM)" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284}" => key removed successfully C:\WINDOWS\System32\Tasks\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{444E300E-8607-4E58-8F83-E6C10EB96832}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{444E300E-8607-4E58-8F83-E6C10EB96832}" => key removed successfully C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001 => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D35091C-063F-4653-8089-D1F27F254E4A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D35091C-063F-4653-8089-D1F27F254E4A}" => key removed successfully C:\WINDOWS\System32\Tasks\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EFDB5BD-5CF7-4748-A9BF-644E48425207}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EFDB5BD-5CF7-4748-A9BF-644E48425207}" => key removed successfully C:\WINDOWS\System32\Tasks\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{58C96A45-1DD1-4A30-8713-791B8136D6BC}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58C96A45-1DD1-4A30-8713-791B8136D6BC}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{652D917A-B005-4661-AC63-65A9D11E503D}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{652D917A-B005-4661-AC63-65A9D11E503D}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trojan Killer" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69EE0CD2-9496-49FC-A7BD-D1125394A0DB}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69EE0CD2-9496-49FC-A7BD-D1125394A0DB}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-3 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B448F61-307A-4135-AD66-6F550557B5DE}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B448F61-307A-4135-AD66-6F550557B5DE}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-5 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-2 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74D6BFB7-14FC-4A5B-8098-40C8CC043052}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74D6BFB7-14FC-4A5B-8098-40C8CC043052}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77EB921A-148E-4F20-BA05-D35731BCCA98}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77EB921A-148E-4F20-BA05-D35731BCCA98}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{78039CD5-5495-42E4-BE47-5E3558F8B528}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78039CD5-5495-42E4-BE47-5E3558F8B528}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-6 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{85070D5E-1745-4C48-8902-71A36068310A}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85070D5E-1745-4C48-8902-71A36068310A}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-3 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{898B9353-42B6-461F-82B1-7A6D54A86697}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{898B9353-42B6-461F-82B1-7A6D54A86697}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EBC57F6-CD69-4FB0-A11D-E82261535D49}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EBC57F6-CD69-4FB0-A11D-E82261535D49}" => key removed successfully C:\WINDOWS\System32\Tasks\{D296527F-224B-4CB7-8A65-6E8492A3448E} => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D296527F-224B-4CB7-8A65-6E8492A3448E}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{939CE0A3-F6DD-4A69-95CD-0E1B19588965}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{939CE0A3-F6DD-4A69-95CD-0E1B19588965}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-2 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA8CC61F-0624-4AC9-89C5-F8AD72D82401}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA8CC61F-0624-4AC9-89C5-F8AD72D82401}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AADCE8B4-4F47-473C-84ED-6137DB7AC4F2}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AADCE8B4-4F47-473C-84ED-6137DB7AC4F2}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully The system needed a reboot. ==== End of Fixlog 11:54:06 ====
  14. C:\Users\All Users\InstallMate\{92AB2A58-E310-E82F-0AC4-AB32494808AE}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application cleaned by deleting C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe a variant of Win32/Hao123.A potentially unwanted application cleaned by deleting C:\Program Files (x86)\Portable\Trojan Killer v2.1.5.0\trojankiller.exe a variant of Win32/1AntiVirus potentially unwanted application cleaned by deleting C:\Program Files (x86)\ringtonemaker_setup\ringtonemaker_setup\ringtonemaker_setup.exe a variant of Win32/InstallCore.ACZ potentially unwanted application cleaned by deleting C:\ProgramData\InstallMate\{92AB2A58-E310-E82F-0AC4-AB32494808AE}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application cleaned by deleting C:\Users\Leffan\AppData\Roaming\LCEFUOWD JS/Toolbar.Crossrider.C potentially unwanted application deleted C:\Users\Leffan\Desktop\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application deleted C:\Users\Leffan\Desktop\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application deleted C:\Users\Leffan\Desktop\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted C:\Windows\Installer\MSI3319.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application cleaned by deleting C:\Windows\Installer\MSI3319.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting C:\Windows\Installer\MSI3319.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application cleaned by deleting C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application cleaned by deleting C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Infrastructure.Utilities.dll a variant of MSIL/Toolbar.Linkury.T potentially unwanted application cleaned by deleting C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application cleaned by deleting C:\Windows\Installer\MSI92B2.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting C:\Windows\Installer\MSI92B2.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting C:\Windows\Installer\MSI92B2.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting C:\Windows\Installer\MSI92B2.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application cleaned by deleting C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application cleaned by deleting C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Infrastructure.Utilities.dll a variant of MSIL/Toolbar.Linkury.T potentially unwanted application cleaned by deleting C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application cleaned by deleting C:\Windows\Installer\MSIE47C.tmp-\spbe.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application cleaned by deleting C:\Windows\Installer\MSIE47C.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting C:\Windows\Installer\MSIE47C.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting C:\Windows\Installer\MSIE47C.tmp-\srbs.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application cleaned by deleting C:\Windows\Installer\MSIE47C.tmp-\srbu.dll a variant of MSIL/Toolbar.Linkury.F potentially unwanted application cleaned by deleting C:\Windows\Installer\MSIE47C.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting C:\Windows\Installer\MSIE47C.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application cleaned by deleting Z:\Program\FreemakeVideoConverter_4.1.4.1.exe Win32/OpenCandy potentially unsafe application deleted Z:\Program\SweetHome3D-4.3-windows-oc.exe Win32/OpenCandy potentially unsafe application deleted Z:\Program\NCH Switch Sound File Converter Plus v4.35 LAXiTY\switchsetup_engl.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted Z:\Väskan\Olika Prog\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application deleted Z:\Väskan\Olika Prog\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application deleted Z:\Väskan\Olika Prog\Trojan Killer v2.1.5.0 (1-click run)(registred)\Trojan Killer v2.1.5.0 (1-click run)(registred).exe a variant of Win32/1AntiVirus potentially unwanted application deleted Z:\Väskan\Program\FreeRingtoneMakerPlatinum.exe Win32/OpenCandy potentially unsafe application deleted Z:\Väskan\Program\RingToneMakerOC.exe Win32/OpenCandy potentially unsafe application deleted Z:\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application deleted Z:\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application deleted Z:\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted
  15. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016 Ran by Leffan (administrator) on LEFFAN-HP (17-02-2016 08:58:58) Running from C:\Users\Leffan\Desktop Loaded Profiles: Leffan (Available Profiles: Leffan & DefaultAppPool) Platform: Windows 10 Home (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe () C:\Program Files\Everything\Everything.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe () C:\Program Files\Everything\Everything.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.4.9241.0_x64__8wekyb3d8bbwe\Solitaire.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\XboxIdp.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Windows\System32\wimserv.exe (ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2016-02-01] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.) HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [iObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation) HKLM-x32\...\Run: [stereoLinksInstall] => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [1100920 2015-10-13] (NVIDIA Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKLM\...\Policies\Explorer: [NoInternetOpenWhith] 1 HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [FileSearchy Pro] => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [1525248 2014-02-14] () HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-30] (IObit) HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spotify Web Helper] => C:\Users\Leffan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-24] (Spotify Ltd) HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spotify] => C:\Users\Leffan\AppData\Roaming\Spotify\Spotify.exe [8316528 2016-01-24] (Spotify Ltd) HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀 GroupPolicy: Restriction - Chrome <======= ATTENTION GroupPolicyScripts-x32: Restriction <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4a1fad1a-0eef-41f8-8287-881a3ba3943c}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{bd71d21a-105f-4373-847e-0523c572c004}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130960216718203138&GUID=D6779D41-B3B3-4189-A7B5-3352496BC9CC HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.se/ HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.babal.net/?gjj HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11ENUS/WOL_WCP SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 -> {215008E8-E834-48F6-8730-525AE55113C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0C10295D-0704-4F42-A489-093BF416CB9D} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} URL = SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {8505C2C0-B8ED-4612-86AC-134CD63DD49F} URL = hxxp://maps.google.se/maps?q={searchTerms} SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {C14D3986-D040-4DE4-A13D-A3864D96A29B} URL = hxxps://www.google.com/search?q={searchTerms} BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-02-04] (Oracle Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-02-04] (Oracle Corporation) Toolbar: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> No Name - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} - No File DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: gopher - No CLSID Value FireFox: ======== FF ProfilePath: C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default FF SelectedSearchEngine: Google FF Homepage: hxxps://www.google.se/ FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-02-04] () FF Plugin: @java.com/DTPlugin,version=1.6.0_43 -> C:\Windows\system32\npdeployJava1.dll [2013-03-05] (Sun Microsystems, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-02-04] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-22] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-02-04] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-02-04] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2436640913-3975503498-2043303906-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leffan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS) FF Extension: Adblock Plus - C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20] FF HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Leffan\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found Chrome: ======= CHR HomePage: Profile 2 -> hxxps://www.google.se/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8 CHR StartupUrls: Profile 2 -> "hxxps://www.google.se/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8" CHR DefaultSearchURL: Profile 2 -> hxxp://yoursearching.com/web?type=ds&ts=1453735116&z=4a9e7198e19aef820e60986gfz0wccem9c4wbgdodz&from=free&uid=ST31500341AS_9VS46FW1&q={searchTerms} CHR DefaultSearchKeyword: Profile 2 -> yoursearching CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll => No File CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\pdf.dll => No File CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin.dll => No File CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin2.dll => No File CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin3.dll => No File CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin4.dll => No File CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin5.dll => No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\BankID\npBispBrowser.dll => No File CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => No File CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => No File CHR Plugin: (Java Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Unity Player) - C:\Users\Leffan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File CHR Profile: C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-30] CHR Extension: (YouTube) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-30] CHR Extension: (Sök på Google) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-30] CHR Extension: (Gmail) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-30] CHR Profile: C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2 CHR Extension: (Sveriges Radio Spelare) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\agojbidllejeebbhcbonnlpodicladdk [2015-10-26] CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (YouTube) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Adblock Plus) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04] CHR Extension: (Google Search) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Wallet) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Gmail) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url> CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [dbehnicccappldhpklckppjcdhlhcpmj] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [idiadiegplldnjnnhjfcggldbkjokmmd] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url> ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) S3 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [File not signed] R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation) R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit) S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed] R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [File not signed] S3 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed] R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [File not signed] S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [289792 2011-12-26] (Puran Software) [File not signed] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-02-01] (Realtek Semiconductor) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO) S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] () S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider) R1 ElRawDisk; C:\WINDOWS\system32\drivers\ElRawDsk.sys [30752 2013-03-17] (EldoS Corporation) R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-11-03] () R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-24] (REALiX) S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO) S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) S3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.) R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.) S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.) R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.) S3 NvStUSB; C:\Windows\system32\DRIVERS\nvstusb.sys [55912 2010-03-25] () S3 PcdrNdisuio; C:\Windows\SysWow64\drivers\pcdrndisuio.sys [26096 2010-01-19] (Windows ® Codename Longhorn DDK provider) S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [57928 2011-03-10] (Panda Security) R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-12-30] (Realtek ) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-07] (Synaptics Incorporated) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-12] (Anchorfree Inc.) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) U5 WmFilter; C:\Windows\System32\Drivers\WmFilter.sys [43976 2010-04-27] (Logitech Inc.) S0 cffkog; System32\drivers\gatk.sys [X] U3 idsvc; no ImagePath S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X] S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-17 08:58 - 2016-02-17 08:59 - 00025365 _____ C:\Users\Leffan\Desktop\FRST.txt 2016-02-17 08:52 - 2016-02-17 08:52 - 00016148 _____ C:\WINDOWS\system32\LEFFAN-HP_Leffan_HistoryPrediction.bin 2016-02-16 21:33 - 2016-02-16 21:33 - 00002490 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Leffan 2016-02-16 21:33 - 2016-02-16 21:33 - 00000300 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Leffan.job 2016-02-16 20:27 - 2016-02-16 20:27 - 00010018 _____ C:\Users\Leffan\Desktop\bra.txt 2016-02-16 18:11 - 2015-10-13 16:26 - 00608048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2016-02-16 18:10 - 2016-02-16 18:11 - 00000000 ____D C:\WINDOWS\LastGood 2016-02-16 18:10 - 2016-02-16 18:10 - 31523000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 24208056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 23001912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 18805920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 17721840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 16278496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 15301816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 14633232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 14047120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 13957976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 12907704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2016-02-16 18:10 - 2016-02-16 18:10 - 11379416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 11316168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 04254336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 03995320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 03246848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 02857536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 01917240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434192.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 01565368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434192.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 00953016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 00916152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 00912184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 00877752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2016-02-16 18:10 - 2016-02-16 18:10 - 00026155 _____ C:\WINDOWS\system32\nvinfo.pb 2016-02-16 18:09 - 2016-02-16 18:09 - 00000000 ____D C:\Program Files (x86)\ESET 2016-02-16 17:52 - 2016-02-02 23:47 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-16 17:52 - 2016-02-02 23:47 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-02-16 17:30 - 2016-02-16 17:30 - 00001048 _____ C:\Users\Leffan\Desktop\OK.txt 2016-02-16 17:22 - 2016-02-16 17:22 - 00270928 _____ C:\WINDOWS\Minidump\021616-18828-01.dmp 2016-02-16 17:03 - 2016-02-16 17:21 - 4252365016 _____ C:\WINDOWS\MEMORY.DMP 2016-02-16 17:03 - 2016-02-16 17:03 - 00270928 _____ C:\WINDOWS\Minidump\021616-18421-01.dmp 2016-02-16 16:54 - 2016-02-16 16:55 - 00001829 _____ C:\Users\Leffan\Desktop\Fixlog.txt 2016-02-16 16:47 - 2016-02-16 16:47 - 00270928 _____ C:\WINDOWS\Minidump\021616-22515-01.dmp 2016-02-16 16:37 - 2016-02-16 16:55 - 01508352 _____ C:\Users\Leffan\Desktop\adwcleaner_5.033.exe 2016-02-16 13:54 - 2016-02-16 13:54 - 02370560 _____ (Farbar) C:\Users\Leffan\Desktop\FRST64.exe 2016-02-12 12:41 - 2016-02-12 12:41 - 00104904 _____ C:\Users\Leffan\AppData\Local\GDIPFONTCACHEV1.DAT 2016-02-11 11:17 - 2016-02-11 11:18 - 00000337 _____ C:\Users\Leffan\Desktop\Sport på TV Idag.url 2016-02-10 23:54 - 2016-02-16 17:31 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Everything 2016-02-06 10:09 - 2016-02-06 10:09 - 00000000 ____D C:\NPE 2016-02-06 07:27 - 2016-02-06 07:27 - 00000254 __RSH C:\ProgramData\ntuser.pol 2016-02-05 13:42 - 2016-02-06 05:15 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler 2016-02-05 13:42 - 2016-02-06 05:15 - 00003078 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan) 2016-02-05 12:46 - 2016-02-05 12:46 - 00000000 ____D C:\Users\Public\Thunder Network 2016-02-05 12:46 - 2016-02-05 12:46 - 00000000 ____D C:\ProgramData\Thunder Network 2016-02-05 12:45 - 2016-02-05 12:45 - 00000000 ____D C:\OSTotoFolder 2016-02-05 12:44 - 2016-02-05 12:53 - 00000000 ____D C:\Program Files (x86)\OSTotoSoft 2016-02-04 10:19 - 2016-02-04 10:19 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-02-04 10:07 - 2016-02-05 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 2016-02-02 14:15 - 2016-02-17 08:20 - 00001022 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-02 14:15 - 2016-02-16 17:23 - 00001018 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-01 08:43 - 2016-02-01 08:43 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2016-02-01 08:43 - 2016-02-01 08:43 - 04686592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2016-02-01 08:43 - 2016-02-01 08:43 - 04307112 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2016-02-01 08:43 - 2016-02-01 08:43 - 03282032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 03040488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2016-02-01 08:43 - 2016-02-01 08:43 - 02130584 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 02030208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 01601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 01356512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 01328496 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 01020208 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2016-01-28 09:17 - 2016-02-16 16:29 - 00000455 _____ C:\Users\Leffan\Desktop\Swedbank.url 2016-01-27 09:01 - 2016-01-27 09:01 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-01-27 09:01 - 2016-01-27 09:01 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-01-25 10:42 - 2016-02-12 12:32 - 00000000 ____D C:\Users\Leffan\AppData\Local\NPE 2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\Norton ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-17 08:58 - 2014-04-18 08:32 - 00000000 ____D C:\FRST 2016-02-17 08:52 - 2012-01-25 17:01 - 00000000 ____D C:\Users\Leffan\AppData\Local\CrashDumps 2016-02-17 05:24 - 2013-11-15 18:42 - 00000000 ____D C:\ProgramData\ProductData 2016-02-16 21:39 - 2010-10-23 15:32 - 00000000 ___RD C:\Users\Leffan\Desktop\Filhämtaren 2016-02-16 18:52 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-16 18:51 - 2015-08-20 07:22 - 00000000 ___DC C:\WINDOWS\Panther 2016-02-16 18:26 - 2015-10-30 20:02 - 00000000 ___HD C:\$WINDOWS.~BT 2016-02-16 18:22 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF 2016-02-16 18:11 - 2015-08-20 06:31 - 00000000 ____D C:\ProgramData\NVIDIA 2016-02-16 17:57 - 2015-04-16 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-02-16 17:56 - 2015-04-16 15:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-02-16 17:56 - 2015-04-16 15:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-02-16 17:51 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-16 17:51 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-16 17:49 - 2013-08-14 11:13 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-16 17:43 - 2010-10-23 15:57 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-16 17:22 - 2015-09-03 09:33 - 00000000 ____D C:\WINDOWS\Minidump 2016-02-16 17:22 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-16 17:18 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-16 17:17 - 2015-03-04 13:08 - 00000000 ____D C:\AdwCleaner 2016-02-16 17:11 - 2010-12-11 08:46 - 00000000 ___RD C:\Users\Leffan\Desktop\Väskan 2016-02-16 09:13 - 2010-10-25 16:50 - 00000000 ____D C:\Users\Leffan\AppData\Local\ElevatedDiagnostics 2016-02-16 08:50 - 2013-02-20 21:36 - 00000000 ___RD C:\Users\Leffan\Desktop\Till M Disk 2016-02-15 23:05 - 2015-12-03 09:42 - 00000260 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_Leffan.job 2016-02-15 17:56 - 2011-11-06 19:20 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\uTorrent 2016-02-15 17:24 - 2015-08-20 06:33 - 02039452 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-15 17:24 - 2015-07-10 16:48 - 00841736 _____ C:\WINDOWS\system32\perfh01D.dat 2016-02-15 17:24 - 2015-07-10 16:48 - 00191588 _____ C:\WINDOWS\system32\perfc01D.dat 2016-02-15 10:05 - 2010-10-25 16:50 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\HpUpdate 2016-02-13 09:59 - 2010-10-23 15:30 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Macromedia 2016-02-13 08:30 - 2014-09-03 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-12 15:40 - 2015-09-17 07:19 - 00000000 ____D C:\Users\Leffan\Desktop\Ny Jobbmapp 2016-02-12 12:27 - 2012-09-05 21:23 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Geek Uninstaller 2016-02-12 08:22 - 2014-09-03 15:55 - 00001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-12 08:21 - 2016-01-04 08:56 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-02-11 13:04 - 2013-09-14 21:38 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\vlc 2016-02-11 11:26 - 2011-08-21 09:03 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\dvdcss 2016-02-11 08:23 - 2013-05-21 16:04 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-09 13:58 - 2016-01-12 13:02 - 00000000 ____D C:\Users\Leffan\AppData\Local\Spotify 2016-02-09 13:57 - 2016-01-12 13:02 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Spotify 2016-02-08 09:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-02-06 08:57 - 2014-09-03 10:08 - 00000000 ____D C:\Users\Leffan\Desktop\HockeyMapp 2016-02-06 07:28 - 2010-07-29 09:31 - 00000000 ____D C:\ProgramData\Temp 2016-02-06 07:27 - 2016-01-10 10:36 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster 2016-02-05 08:12 - 2012-04-01 17:24 - 00000868 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-04 10:26 - 2015-08-24 11:04 - 00000000 ____D C:\Users\DefaultAppPool 2016-02-04 10:19 - 2015-08-20 04:12 - 00000000 ____D C:\Users\Leffan\.oracle_jre_usage 2016-02-04 10:19 - 2014-08-08 05:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-02-04 10:19 - 2011-08-07 22:15 - 00000000 ____D C:\Program Files (x86)\Java 2016-02-04 10:18 - 2015-02-16 12:30 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-04 10:07 - 2012-12-26 14:08 - 00000000 ____D C:\ProgramData\IObit 2016-02-04 10:07 - 2012-12-26 14:01 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\IObit 2016-02-04 10:07 - 2012-12-26 14:01 - 00000000 ____D C:\Program Files (x86)\IObit 2016-02-02 14:15 - 2012-01-28 10:58 - 00004080 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-02 14:15 - 2012-01-28 10:58 - 00003848 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-01 08:43 - 2015-08-20 06:30 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2016-01-30 10:04 - 2015-08-20 07:10 - 00000000 ____D C:\inetpub 2016-01-30 10:04 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\System 2016-01-30 10:04 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-01-30 10:04 - 2015-04-21 13:49 - 00000000 ____D C:\Qoobox 2016-01-30 10:04 - 2013-10-27 15:25 - 00000000 ____D C:\AllMySongs Database 2016-01-30 10:04 - 2011-06-03 12:35 - 00000000 ____D C:\Program Files (x86)\QuickTime Alternative 2016-01-30 10:04 - 2010-12-15 17:48 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-01-30 10:04 - 2010-10-27 17:47 - 00000000 ____D C:\Program Files (x86)\SopCast 2016-01-30 10:04 - 2010-10-23 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8 2016-01-30 10:04 - 2010-07-29 09:32 - 00000000 ____D C:\Program Files (x86)\Hp 2016-01-30 10:04 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games 2016-01-25 23:00 - 2015-08-20 06:34 - 00000000 ____D C:\Users\Leffan 2016-01-25 18:51 - 2014-08-21 03:53 - 00000000 ____D C:\Users\Leffan\AppData\Local\Adobe 2016-01-25 11:02 - 2012-11-11 20:40 - 01409024 _____ C:\Users\Leffan\Documents\Tillgångar.accdb 2016-01-25 09:28 - 2014-10-13 15:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-25 09:22 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\AVAST Software 2016-01-25 00:21 - 2010-10-23 15:09 - 00000448 _____ C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job 2016-01-24 09:33 - 2010-11-06 14:14 - 00000000 ____D C:\ProgramData\MFAData 2016-01-24 07:26 - 2016-01-12 13:02 - 00001843 _____ C:\Users\Leffan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-01-23 11:38 - 2011-02-09 22:36 - 00003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForLeffan 2016-01-23 11:38 - 2011-02-09 22:36 - 00000336 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLeffan.job 2016-01-21 12:32 - 2015-03-02 16:38 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\3E001880-1425314280-1016-826C-CD2F7FAD0E65 2016-01-21 10:23 - 2014-09-03 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\HomeGroupUser$ 2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\Gäst 2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\Administratör 2016-01-20 11:13 - 2011-12-21 20:05 - 00000000 ____D C:\Users\UpdatusUser 2016-01-20 11:13 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated ==================== Files in the root of some directories ======= 2014-08-24 08:53 - 2014-07-03 12:10 - 0204752 _____ (Igor Pavlov) C:\Program Files (x86)\7zxa.dll 2014-08-24 08:53 - 2014-07-03 12:10 - 0060368 _____ () C:\Program Files (x86)\Ace32Loader.exe 2010-11-08 18:32 - 2014-06-06 16:29 - 0210432 _____ () C:\Program Files (x86)\Default.SFX 2010-11-08 18:32 - 2014-06-06 16:29 - 0258560 _____ () C:\Program Files (x86)\Default64.SFX 2010-11-08 18:32 - 2014-05-08 22:16 - 0000852 _____ () C:\Program Files (x86)\Descript.ion 2010-11-08 18:32 - 2010-03-11 17:59 - 0000495 _____ () C:\Program Files (x86)\File_Id.diz 2010-11-08 18:32 - 2014-06-10 12:12 - 0003268 _____ () C:\Program Files (x86)\Order.htm 2010-11-08 18:32 - 2014-07-03 12:10 - 0523216 _____ (Alexander Roshal) C:\Program Files (x86)\Rar.exe 2010-11-08 18:32 - 2014-05-18 13:00 - 0099263 _____ () C:\Program Files (x86)\Rar.txt 2010-11-08 18:32 - 2014-07-03 12:10 - 0316880 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt.dll 2014-08-24 08:53 - 2014-07-03 12:10 - 0266192 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt32.dll 2010-11-08 18:32 - 2014-03-18 21:09 - 0001241 _____ () C:\Program Files (x86)\RarFiles.lst 2010-11-08 18:32 - 2010-11-08 18:32 - 0000020 _____ () C:\Program Files (x86)\rarnew.dat 2010-12-17 23:21 - 2010-12-17 22:54 - 0000474 _____ () C:\Program Files (x86)\rarreg.key 2010-11-08 18:32 - 2013-01-11 18:13 - 0001284 _____ () C:\Program Files (x86)\ReadMe.txt 2010-11-08 18:32 - 2010-03-11 17:59 - 0009232 _____ () C:\Program Files (x86)\TechNote.txt 2014-08-24 08:53 - 2005-08-26 01:50 - 0077312 _____ () C:\Program Files (x86)\UNACEV2.DLL 2010-11-08 18:32 - 2014-06-06 16:29 - 0000443 _____ () C:\Program Files (x86)\Uninstall.lst 2010-11-08 18:32 - 2014-07-03 12:10 - 0329680 _____ (Alexander Roshal) C:\Program Files (x86)\UnRAR.exe 2010-11-08 18:32 - 2005-05-12 17:02 - 0000090 _____ () C:\Program Files (x86)\UnrarSrc.txt 2013-12-26 10:31 - 2013-12-26 10:31 - 0802136 _____ (BitTorrent Inc.) C:\Program Files (x86)\uTorrent.exe 2010-11-08 18:32 - 2014-06-06 15:34 - 0044393 _____ () C:\Program Files (x86)\WhatsNew.txt 2010-11-08 18:32 - 2014-06-06 16:29 - 0197632 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon.SFX 2010-11-08 18:32 - 2014-06-06 16:29 - 0238592 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon64.SFX 2010-11-08 18:32 - 2014-06-06 16:29 - 0297978 _____ () C:\Program Files (x86)\WinRAR.chm 2010-11-08 18:32 - 2014-07-03 12:10 - 1479632 _____ (Alexander Roshal) C:\Program Files (x86)\WinRAR.exe 2010-11-08 18:32 - 2014-06-06 16:29 - 0156672 _____ () C:\Program Files (x86)\Zip.SFX 2010-11-08 18:32 - 2014-06-06 16:29 - 0180224 _____ () C:\Program Files (x86)\Zip64.SFX 2010-11-08 18:32 - 2010-11-08 18:32 - 0000022 _____ () C:\Program Files (x86)\zipnew.dat 2013-09-10 19:05 - 2013-11-13 21:55 - 0000000 _____ () C:\Users\Leffan\AppData\Roaming\bitlord_log.txt 2010-12-30 12:22 - 2011-11-20 19:50 - 0000518 _____ () C:\Users\Leffan\AppData\Roaming\burnaware.ini 2011-05-25 20:18 - 2011-09-14 20:11 - 0001854 _____ () C:\Users\Leffan\AppData\Roaming\GhostObjGAFix.xml 2014-11-18 19:42 - 2014-11-18 19:43 - 0000498 _____ () C:\Users\Leffan\AppData\Roaming\WinInstallFlashLog.ini 2014-10-10 07:55 - 2014-10-10 07:55 - 0003584 _____ () C:\Users\Leffan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-09-10 19:22 - 2013-09-10 19:22 - 0000218 _____ () C:\Users\Leffan\AppData\Local\recently-used.xbel 2011-08-21 13:06 - 2015-09-13 09:28 - 0007630 _____ () C:\Users\Leffan\AppData\Local\Resmon.ResmonCfg 2012-08-20 19:00 - 2012-08-20 19:00 - 0000000 _____ () C:\ProgramData\0x0304A000.sfl 2015-10-20 07:47 - 2015-10-20 07:47 - 0045323 _____ () C:\ProgramData\1445323628.bdinstall.bin 2015-10-20 07:57 - 2015-10-20 07:57 - 0045185 _____ () C:\ProgramData\1445324239.bdinstall.bin 2015-10-20 09:35 - 2015-10-20 09:35 - 0045190 _____ () C:\ProgramData\1445330108.bdinstall.bin 2013-11-23 08:56 - 2013-11-23 08:56 - 0000000 _____ () C:\ProgramData\242c35322e3c542039_c 2014-11-30 18:54 - 2014-11-30 12:41 - 1979240 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe 2014-10-02 10:36 - 2014-10-02 10:36 - 0000261 _____ () C:\ProgramData\fontcacheev1.dat 2011-09-17 21:41 - 2011-09-17 21:46 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2013-06-10 21:18 - 2013-06-10 21:18 - 0000000 ____H () C:\ProgramData\rifmasterlic.lic Files to move or delete: ==================== C:\ProgramData\BavPro_Setup_Mini_GL1.exe C:\ProgramData\fontcacheev1.dat C:\Users\Leffan\link.vbs C:\Users\Leffan\reg-bak.reg Some files in TEMP: ==================== C:\Users\Leffan\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016 Ran by Leffan (2016-02-17 09:00:10) Running from C:\Users\Leffan\Desktop Windows 10 Home (X64) (2015-08-20 06:07:07) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administratör (S-1-5-21-2436640913-3975503498-2043303906-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2436640913-3975503498-2043303906-503 - Limited - Disabled) Gäst (S-1-5-21-2436640913-3975503498-2043303906-501 - Limited - Disabled) Leffan (S-1-5-21-2436640913-3975503498-2043303906-1001 - Administrator - Enabled) => C:\Users\Leffan ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: IObit Malware Fighter (Disabled - Out of date) {A751AC20-3B48-5237-898A-78C4436BB78D} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\uTorrent) (Version: 3.4.5.41073 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 17.2.1 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated) Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.) Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit) Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{AB71D51A-DD83-4C22-98E2-DF8CB803F65D}) (Version: 1.14.17.06729 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.14.17.06729 - Alcor Micro Corp.) Hidden Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Apple-programstöd (32-bitar) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.) Apple-programstöd (64-bitar) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.) AVCWare Ringtone Maker (HKLM-x32\...\AVCWare Ringtone Maker) (Version: 2.0.5.20120712 - AVCWare) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6172 - AVG Technologies) AVG 2015 (Version: 15.0.6172 - AVG Technologies) Hidden BankID säkerhetsprogram (HKLM-x32\...\{1BDBF557-BA87-438F-9B28-AE4D836E35BA}) (Version: 7.1.0.20 - Finansiell ID-Teknik BID AB) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform) Compatibility Pack för Office 2007-systemet (HKLM-x32\...\{90120000-0020-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.) Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit) DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard) DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software) Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - ) EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 2.7 - Poikosoft) Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation) FileSearchy Pro (HKLM-x32\...\FileSearchy Pro) (Version: 1.11 - Midlinesoft) FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory) FSS Google Maps Downloader version 2.0.8.1 (HKLM-x32\...\FSS Google Maps Downloader_is1) (Version: 2.0.8.1 - FreeSmartSoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.) HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard) HP MAINSTREAM KEYBOARD (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.4.3.0 - Hewlett-Packard) HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard) HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Product Detection (HKLM-x32\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP) HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP) HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard) HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard) HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC) HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation) HTC Sync (HKLM-x32\...\{1F9E5C64-165D-4679-BBB3-498D216D017B}) (Version: 3.3.7 - HTC Corporation) HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.13.0 - HTC) Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation) IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.0 - IObit) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.37 - IObit) IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.41 - Irfan Skiljan) iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.) Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.17 - Oracle Corporation) Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation) Kursomvandlaren 1.0 (HKLM-x32\...\Kursomvandlaren) (Version: 1.0 - Kursomvandlaren.se) Leapic Audio Cutter 3.0 (HKLM-x32\...\Leapic Audio Cutter_is1) (Version: - Leapic Software) LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_ENTERPRISE_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_ENTERPRISE_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version: - Microsoft) Microsoft Office PowerPoint Viewer 2007 (Swedish) (HKLM-x32\...\{95120000-00AF-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_ENTERPRISE_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version: - Microsoft) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard) Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden Mozilla Firefox 43.0.1 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 sv-SE)) (Version: 43.0.1 - Mozilla) Mozilla Firefox 44.0.2 (x64 sv-SE) (HKLM\...\Mozilla Firefox 44.0.2 (x64 sv-SE)) (Version: 44.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Nordea NCR1 Installationspaket (HKLM-x32\...\{CD9A35D4-8A81-4188-98AF-14D759083FB4}) (Version: 1.00.000 - Todos Data System AB) NVIDIA 3D Vision drivrutin 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation) NVIDIA 3D Vision drivrutin för styrenhet 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.70 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation) NVIDIA Grafikdrivrutin 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NVIDIA-uppdatering 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Panda Cloud Antivirus (Version: 4.02.00.0000 - Panda Security) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) PopChar 6.0 (HKLM\...\ergonis PopChar_is1) (Version: 6.0 - Ergonis Software) Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.) Power2Go (x32 Version: 6.1.3810 - CyberLink Corp.) Hidden Privacy Eraser (HKLM\...\{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 4.4.0.1580 - Cybertron Software Co., Ltd.) PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) QuickTime Alternative 3.1.1 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.1.1 - ) Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.23.0 - Mediatek) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.30.1019.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 5.5.2719 - CyberLink Corp.) Hidden Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.) Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit) SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com) Spotify (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Spotify) (Version: 1.0.20.101.ge6957e14 - Spotify AB) SpringFiles (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\SpringFiles) (Version: 29.15.38 - hxxp://www.spring-file.com) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - ) System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC) UniPDF 1.0.5 (HKLM-x32\...\UniPDF) (Version: 1.0.5 - UniPDF.com) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.) Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Leffan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {004BD1B3-5175-4FFF-8847-36552271C71A} - \Ad-Aware Antivirus Scheduled Scan -> No File <==== ATTENTION Task: {015D92BF-3905-4212-8E37-9573EF8946D3} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {017E6A68-2D3A-4FA1-B9C4-489B1D3AE6D0} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-05-29] () Task: {047C2F9F-5DEA-4650-B407-DC0512536094} - System32\Tasks\{5EC01EB6-9E5A-404A-99B8-6CF97B7ED3DD} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {0809A89E-404A-4D5D-9B26-081576289B9C} - System32\Tasks\Cybertron\Privacy Eraser\SkipUAC_Leffan => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser.exe [2015-10-02] (Cybertron Software, Co., Ltd.) Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {0D55A894-4243-46AA-BE55-3FFB87D20595} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] () Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {11DBE9C2-672A-4B9F-B337-91F4F6AECE6D} - System32\Tasks\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\irfanview_lang_svenska.exe -d C:\Users\Leffan\Desktop\Filhämtaren Task: {13353C5F-3569-4E84-A2EE-1A5DC2B78CEF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-16] (Microsoft Corporation) Task: {13802080-A435-460E-A8C8-EE026D9DF1F0} - System32\Tasks\{B1087BD8-E5F8-459E-BA42-82D7589A720E} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {1537EDA8-027A-4507-AC4E-93A4E0BFC640} - System32\Tasks\Driver Booster SkipUAC (Leffan) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-01-18] (IObit) Task: {164D37C2-FBAD-47B4-93B5-3062D9BB06C8} - System32\Tasks\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(1).exe -d C:\Users\Leffan\Desktop\Filhämtaren Task: {16847A77-A515-451B-AD81-A369021D3F38} - System32\Tasks\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75} => K:\autorunce.exe Task: {16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD} - System32\Tasks\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4} => K:\autorunce.exe Task: {1BE0B7D9-F640-4E4D-BF8A-D035646B5661} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {1D3967CC-676A-486B-A20A-3DA07F5B7958} - System32\Tasks\{0FB8EBCC-9766-45A7-A303-D09B0B9BD45F} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7} - System32\Tasks\{A3E12639-911A-493D-8291-C43934499F4D} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35\MacDrive_Pro_9.0.3.35_en_Setup.exe -d C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35 Task: {1EB96C60-F185-4B08-8DAD-F45E67717DD6} - System32\Tasks\Uninstaller_SkipUac_Leffan => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-10-30] (IObit) Task: {223310F3-934C-496C-A4FE-9810DEC59970} - System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => C:\ProgramData\UpdaterSrv\UpdaterSrv.exe [2015-11-27] () <==== ATTENTION Task: {2341FCA8-7C90-436F-8B08-84E93950E58A} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-10-30] (IObit) Task: {2575C29E-BA05-48B9-B0EF-6862BF8429B2} - System32\Tasks\{39A1BCC2-0D94-4E8E-8E99-434667EC37F3} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {27122E99-4230-4EE8-856C-CC8CD289A0AC} - System32\Tasks\{1E89BF2A-0738-4751-B74F-BCC148691285} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {2889796A-E8F9-4520-99FA-821415487847} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-4 -> No File <==== ATTENTION Task: {295C9287-7247-4241-A63A-13C569A31320} - System32\Tasks\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467} => K:\autorunce.exe Task: {29990644-B79A-4F9B-B184-45225F368080} - System32\Tasks\{2FC1D531-7D62-49B0-92F6-4B6A33DC012C} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {29D5864E-025B-4966-A15A-DE22A64F2268} - System32\Tasks\{F1B96DF2-1E4B-4B84-B964-E431146708E6} => E:\SETUP.EXE Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {30648DF9-E656-4A7A-89E0-13E228B8D121} - System32\Tasks\{AC2E07DB-99E6-453D-AA25-78F464F22D37} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(2).exe -d C:\Users\Leffan\Desktop\Filhämtaren Task: {30EEFFE7-99F8-4860-A81D-2AFAEDBE4098} - System32\Tasks\{998C7732-8855-4A08-BA4C-F1AA473C9E70} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {315B28B0-9835-4E3F-B81E-0E16ADEAA9C8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {317ABD25-4807-4239-9D10-2E7091227F3E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-5 -> No File <==== ATTENTION Task: {32ABA5C1-E0ED-4BDF-86A9-C75D45B0BB89} - System32\Tasks\{BF677917-AD42-4C99-9564-FF7DBC764A70} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {33589691-0896-46B4-82DB-FA2BA62038EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {356EBFDA-3CC2-4016-8ED7-636D5E28828E} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {3A32527B-676D-44D5-A90F-6BFEC2A4F8B3} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-10-06] (Oracle Corporation) Task: {3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284} - System32\Tasks\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB} => Z:\Panda Internet Security 2012 16.00\PANDAIS12PROMO1M.exe Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {420544F1-038F-40DC-BCED-EE3CA989F9F6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd) Task: {444C3CA9-1CE7-4575-9A68-6A1FDBB08DBB} - System32\Tasks\{20ECD2CE-4BE8-4120-86B6-DA4CED53A141} => pcalua.exe -a "J:\Program\Logitech Mus MX310\mw9791sve.exe" -d "J:\Program\Logitech Mus MX310" Task: {444E300E-8607-4E58-8F83-E6C10EB96832} - System32\Tasks\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001 => Chrome.exe Task: {4D35091C-063F-4653-8089-D1F27F254E4A} - System32\Tasks\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734} => K:\autorunce.exe Task: {4D515E26-8912-4948-B044-54DA5F548274} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {4D714B6F-CC7F-434B-B049-EC548F68FAF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {4E644A8D-2A48-4553-8495-CD9AC56C475A} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2010-02-02] (PC-Doctor, Inc.) Task: {4EFDB5BD-5CF7-4748-A9BF-644E48425207} - System32\Tasks\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3} => E:\SETUP.EXE Task: {58C96A45-1DD1-4A30-8713-791B8136D6BC} - \060184C3-9766-46a0-B258-F4518A0B2633 -> No File <==== ATTENTION Task: {5B252DF3-DD42-4593-8E1F-70DA4CD5C926} - System32\Tasks\HPCeeScheduleForLeffan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard) Task: {5C3682DC-00C4-42B6-BDF4-291CE450520B} - System32\Tasks\{F72B7057-8A2E-4A3A-B919-8BDB5F2C34D5} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {652D917A-B005-4661-AC63-65A9D11E503D} - \Trojan Killer -> No File <==== ATTENTION Task: {69EE0CD2-9496-49FC-A7BD-D1125394A0DB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-3 -> No File <==== ATTENTION Task: {6AEB90CA-E25E-4F7A-B6D0-7D1E6D95B5F8} - System32\Tasks\{3408CB37-2C67-46A7-928D-1F3F71DBEED5} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {6B448F61-307A-4135-AD66-6F550557B5DE} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-5 -> No File <==== ATTENTION Task: {6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-2 -> No File <==== ATTENTION Task: {74D6BFB7-14FC-4A5B-8098-40C8CC043052} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {77EB921A-148E-4F20-BA05-D35731BCCA98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {78039CD5-5495-42E4-BE47-5E3558F8B528} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-6 -> No File <==== ATTENTION Task: {79321947-476E-4235-A7BA-1DFC4DD8FC9F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.) Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {80D92798-093B-468D-B973-D733520C10F6} - System32\Tasks\ASC7U_SkipUac_Leffan => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe Task: {8230B32A-D160-4D4B-9895-9471C7F677A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {85070D5E-1745-4C48-8902-71A36068310A} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-3 -> No File <==== ATTENTION Task: {87A22366-8990-43BA-9656-EB3D09BB8615} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-08-21] (IObit) Task: {898B9353-42B6-461F-82B1-7A6D54A86697} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {8B42502E-AF26-4A3D-AB75-BFDE38F8AF19} - System32\Tasks\{649C94FF-5E42-4F31-9F1C-CDDB2C654B8B} => pcalua.exe -a "C:\Program Files (x86)\AVS4YOU\Uninstall.exe" Task: {8E7FC1F8-9DB1-46F7-AF7B-71F743F23BC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {8EBC57F6-CD69-4FB0-A11D-E82261535D49} - System32\Tasks\{D296527F-224B-4CB7-8A65-6E8492A3448E} => E:\SETUP.EXE Task: {939CE0A3-F6DD-4A69-95CD-0E1B19588965} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-2 -> No File <==== ATTENTION Task: {93AA24D5-D9E4-469D-B51A-E507DFB86F5F} - System32\Tasks\{8696F1B7-7B49-4C88-86BE-E5436E6B9BE6} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\daemon-tools.exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: {94725C4A-D8DC-4E84-AEC9-35897AA0FFD5} - System32\Tasks\{4A6B5362-1860-456A-8FAB-6FC474D30AD7} => pcalua.exe -a "C:\Windows\SysWOW64\Adobe\Shockwave 11\syminstallstub.exe" -d C:\Users\Leffan\Desktop -c /partnerid=adobe /productlist=nss /staging=false /debug /delay=0 Task: {9A7CE315-F2C2-4B0B-8DA0-9CAF1E927ACA} - System32\Tasks\{8A0B35A7-C76F-4160-875B-0BB3716F167C} => pcalua.exe -a "C:\Users\Leffan\Desktop\Eget\Olika Prog\wmp11-windowsxp-x86-SV-SE.exe" -d "C:\Users\Leffan\Desktop\Eget\Olika Prog" Task: {9CD1E83E-15B1-4314-8AC2-A61E697DE0A4} - System32\Tasks\{1490BFE5-F5BB-46E0-B4CD-3438C4957884} => pcalua.exe -a E:\SETUP.EXE -d E:\ Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {9FD1CE56-EE7B-46D6-9B34-6DA76FB6DC3D} - System32\Tasks\{5B06E479-555D-4864-88DE-72A2B6FBB1FD} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {A16E9003-48D6-4F34-8636-B33F3D67537A} - System32\Tasks\{6EBDE3E0-2BE7-4C3C-B5E1-2605F8CB5563} => K:\autorunce.exe Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {AA8CC61F-0624-4AC9-89C5-F8AD72D82401} - \DealPlyUpdate -> No File <==== ATTENTION Task: {AADCE8B4-4F47-473C-84ED-6137DB7AC4F2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {B44DCCB2-CBCF-43CA-9AB4-DF65EEB3BDDD} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-1 -> No File <==== ATTENTION Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {BA1D5441-965F-4AE2-B6B4-DE072B4F1248} - System32\Tasks\{7BB7C00D-46F6-4294-BD6C-567F503637BE} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {BCCF1E13-4ADA-4182-97D7-E996AD2B877E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {BDA71962-EA5D-4385-81B3-48EFF84EBB70} - \94A46359-5537-4201-BEFD-1EC63DFD0949 -> No File <==== ATTENTION Task: {BF83FDDD-7C67-489B-96E9-2F7FB75415A5} - System32\Tasks\ASC9_SkipUac_Leffan => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2015-11-30] (IObit) Task: {C0D0348D-C956-46A1-B30F-B57043226A65} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-7 -> No File <==== ATTENTION Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {C6FA3A30-ECA9-4DD0-85B3-7845A3DD0CCB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-4 -> No File <==== ATTENTION Task: {C7B71700-04D1-4AEC-8975-2B954CF4CA3D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {C9482E4C-B40B-42BD-8020-2AAC7828AC83} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit) Task: {CD41C298-24DD-4BF6-9270-1017E4B9D929} - System32\Tasks\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => pcalua.exe -a Z:\SETUP.EXE -d Z:\ Task: {D1A30C2B-02ED-4D75-8DDB-9D13BF40EC9E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-1 -> No File <==== ATTENTION Task: {D3DA3BE4-9D44-4387-9A8A-77A70F3DD1CD} - System32\Tasks\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\CloudAntivirus.exe -d C:\Users\Leffan\Desktop\Filhämtaren Task: {D41550B9-1CE4-4475-A57B-43C3155818D2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {D5202B90-EDB2-4155-A1EC-894D7B408267} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-04] (Adobe Systems Incorporated) Task: {D6BBD0A2-36BA-4F27-A243-E3D982AA8323} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {D8638B38-356A-42C6-AA41-E91C12A2A6E8} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard) Task: {D98F64A5-ECB7-4D90-9CC0-A4EEBC4B262E} - System32\Tasks\FileSearchyPro_SkipUAC => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [2014-02-14] () Task: {E3022D0E-ECFA-4AA9-A2A9-E563007E921C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {E47DC616-F79D-4ECC-A214-5E9F4131EE24} - System32\Tasks\{5BA75C5D-537E-401B-BB74-A1494BA2FCE4} => pcalua.exe -a "C:\Program Files (x86)\Personal\bin\persinst.exe" -d "C:\Program Files (x86)\Personal\bin" Task: {E48E7272-8EFE-40BA-8172-A9B5426507E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {E604A3F7-FC9F-4A15-B8C2-9EFFB0635A06} - System32\Tasks\Google Updater and Installer => C:\Users\Leffan\AppData\Local\Google\Update\GoogleUpdate.exe Task: {E6423FD3-6C70-4406-81ED-A50E74108523} - \SpyHunter4Startup -> No File <==== ATTENTION Task: {E7E05EA5-8067-4E1E-8904-3B8FE7CE21BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {E886E1C4-44AE-44C1-87C7-9AAC8FB9DAA1} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] () Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {EA2197B3-EBEC-433D-9B3E-FEA775E25760} - System32\Tasks\{F7F5755D-563D-42D9-89E1-5872D836B8EB} => C:\Users\Leffan\Desktop\Eget\EuroC\setup.exe Task: {EC34AB08-DCA1-477E-A034-5DB7B65F6B87} - System32\Tasks\{D6F371CA-08A1-4B7E-9E2D-7585D37A4DC2} => K:\Program\CD-LP Skivor Cardfile\Cardfile.exe Task: {F29CE86A-3B32-4B44-A08F-964AF154EA4E} - System32\Tasks\{803EC8C1-976B-466E-8FEE-A1E65CA27538} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {FAEA5001-7894-4392-AAEB-83E6A5C0C348} - System32\Tasks\{FF41CD49-FDD3-43FC-8C2F-819BCD47E52D} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {FC8AF801-5C9D-4E5D-973B-D3A3F36DB387} - System32\Tasks\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => K:\autorunce.exe Task: {FFF387A5-D463-45F0-AFC4-5BA55C0A9685} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Leffan.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForLeffan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Leffan.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.)
  16. C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe a variant of Win32/Hao123.A potentially unwanted application C:\Program Files (x86)\Portable\Trojan Killer v2.1.5.0\trojankiller.exe a variant of Win32/1AntiVirus potentially unwanted application C:\Program Files (x86)\ringtonemaker_setup\ringtonemaker_setup\ringtonemaker_setup.exe a variant of Win32/InstallCore.ACZ potentially unwanted application C:\ProgramData\InstallMate\{92AB2A58-E310-E82F-0AC4-AB32494808AE}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application C:\Users\All Users\InstallMate\{92AB2A58-E310-E82F-0AC4-AB32494808AE}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application C:\Users\Leffan\AppData\Roaming\LCEFUOWD JS/Toolbar.Crossrider.C potentially unwanted application C:\Users\Leffan\Desktop\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application C:\Users\Leffan\Desktop\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application C:\Users\Leffan\Desktop\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application C:\Windows\Installer\MSI3319.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application C:\Windows\Installer\MSI3319.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application C:\Windows\Installer\MSI3319.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Infrastructure.Utilities.dll a variant of MSIL/Toolbar.Linkury.T potentially unwanted application C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application C:\Windows\Installer\MSI92B2.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application C:\Windows\Installer\MSI92B2.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application C:\Windows\Installer\MSI92B2.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application C:\Windows\Installer\MSI92B2.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Infrastructure.Utilities.dll a variant of MSIL/Toolbar.Linkury.T potentially unwanted application C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application C:\Windows\Installer\MSIE47C.tmp-\spbe.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application C:\Windows\Installer\MSIE47C.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application C:\Windows\Installer\MSIE47C.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application C:\Windows\Installer\MSIE47C.tmp-\srbs.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application C:\Windows\Installer\MSIE47C.tmp-\srbu.dll a variant of MSIL/Toolbar.Linkury.F potentially unwanted application C:\Windows\Installer\MSIE47C.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application C:\Windows\Installer\MSIE47C.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application Z:\Program\FreemakeVideoConverter_4.1.4.1.exe Win32/OpenCandy potentially unsafe application Z:\Program\SweetHome3D-4.3-windows-oc.exe Win32/OpenCandy potentially unsafe application Z:\Program\NCH Switch Sound File Converter Plus v4.35 LAXiTY\switchsetup_engl.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application Z:\Väskan\Olika Prog\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application Z:\Väskan\Olika Prog\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application Z:\Väskan\Olika Prog\Trojan Killer v2.1.5.0 (1-click run)(registred)\Trojan Killer v2.1.5.0 (1-click run)(registred).exe a variant of Win32/1AntiVirus potentially unwanted application Z:\Väskan\Program\FreeRingtoneMakerPlatinum.exe Win32/OpenCandy potentially unsafe application Z:\Väskan\Program\RingToneMakerOC.exe Win32/OpenCandy potentially unsafe application Z:\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application Z:\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application Z:\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application
  17. Var på sidan hittar jag scanningsprogramet?
  18. # AdwCleaner v5.033 - Logfile created 16/02/2016 at 17:17:44 # Updated 07/02/2016 by Xplode # Database : 2016-02-15.1 [server] # Operating system : Windows 10 Home (x64) # Username : Leffan - LEFFAN-HP # Running from : C:\Users\Leffan\Desktop\adwcleaner_5.033.exe # Option : Cleaning # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder Deleted : C:\_acestream_cache_ [-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\SpringFiles [-] Folder Deleted : C:\Users\Leffan\AppData\LocalLow\.acestream [-] Folder Deleted : C:\Users\Leffan\AppData\Roaming\.acestream [-] Folder Deleted : C:\Users\Leffan\AppData\Roaming\Easeware ***** [ Files ] ***** [-] File Deleted : C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\searchplugins\yoursearching.xml ***** [ DLLs ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.0 [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [TheHDvid-Codec V10-bg.exe] [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aeea7232-07c1-4296-a0d5-5bb6efc76c16} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{231047C5-F7E9-45BE-9EFD-6E9BB6D59A9F} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{82443621-A29A-473E-8335-F5C958A7A4CA} [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aeea7232-07c1-4296-a0d5-5bb6efc76c16} [-] Key Deleted : HKLM\SOFTWARE\yoursearchingSoftware [-] Key Deleted : HKLM\SOFTWARE\Caphyon [-] Key Deleted : HKCU\Software\Classes\.acestream ***** [ Web browsers ] ***** [-] [C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename", "yoursearching"); ************************* :: "Tracing" keys removed :: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2098 bytes] ##########
  19. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016 Ran by Leffan (administrator) on LEFFAN-HP (16-02-2016 13:54:54) Running from C:\Users\Leffan\Desktop\Filhämtaren Loaded Profiles: Leffan (Available Profiles: Leffan & DefaultAppPool) Platform: Windows 10 Home (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe (Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.4.9241.0_x64__8wekyb3d8bbwe\Solitaire.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\XboxIdp.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2016-02-01] (Realtek Semiconductor) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.) HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [iObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKLM\...\Policies\Explorer: [NoInternetOpenWhith] 1 HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [FileSearchy Pro] => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [1525248 2014-02-14] () HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-30] (IObit) HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spotify Web Helper] => C:\Users\Leffan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-24] (Spotify Ltd) HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spotify] => C:\Users\Leffan\AppData\Roaming\Spotify\Spotify.exe [8316528 2016-01-24] (Spotify Ltd) HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀 GroupPolicy: Restriction - Chrome <======= ATTENTION GroupPolicyScripts-x32: Restriction <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Restriction - ProxySettings) ProxyEnable: [HKLM] => Proxy is enabled. ProxyEnable: [HKLM-x32] => Proxy is enabled. ProxyServer: [HKLM] => http=127.0.0.1:58039;https=127.0.0.1:58039 ProxyServer: [HKLM-x32] => http=127.0.0.1:58039;https=127.0.0.1:58039 AutoConfigURL: [HKLM] => http=127.0.0.1:58039;https=127.0.0.1:58039 Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4a1fad1a-0eef-41f8-8287-881a3ba3943c}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{bd71d21a-105f-4373-847e-0523c572c004}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130960216718203138&GUID=D6779D41-B3B3-4189-A7B5-3352496BC9CC HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.se/ HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.babal.net/?gjj HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11ENUS/WOL_WCP SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 -> {215008E8-E834-48F6-8730-525AE55113C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0C10295D-0704-4F42-A489-093BF416CB9D} URL = hxxps://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} URL = SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {8505C2C0-B8ED-4612-86AC-134CD63DD49F} URL = hxxp://maps.google.se/maps?q={searchTerms} SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {C14D3986-D040-4DE4-A13D-A3864D96A29B} URL = hxxps://www.google.com/search?q={searchTerms} BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-02-04] (Oracle Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-02-04] (Oracle Corporation) Toolbar: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> No Name - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} - No File DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: gopher - No CLSID Value FireFox: ======== FF ProfilePath: C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default FF DefaultSearchEngine: yoursearching FF SelectedSearchEngine: Google FF Homepage: hxxps://www.google.se/ FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-02-04] () FF Plugin: @java.com/DTPlugin,version=1.6.0_43 -> C:\Windows\system32\npdeployJava1.dll [2013-03-05] (Sun Microsystems, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-02-04] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-22] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-02-04] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-02-04] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-17] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-17] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2436640913-3975503498-2043303906-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leffan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS) FF SearchPlugin: C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\searchplugins\yoursearching.xml [2016-01-25] FF Extension: Adblock Plus - C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20] FF HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Leffan\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found Chrome: ======= CHR HomePage: Profile 2 -> hxxps://www.google.se/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8 CHR StartupUrls: Profile 2 -> "hxxps://www.google.se/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8" CHR DefaultSearchURL: Profile 2 -> hxxp://yoursearching.com/web?type=ds&ts=1453735116&z=4a9e7198e19aef820e60986gfz0wccem9c4wbgdodz&from=free&uid=ST31500341AS_9VS46FW1&q={searchTerms} CHR DefaultSearchKeyword: Profile 2 -> yoursearching CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll => No File CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\pdf.dll => No File CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin.dll => No File CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin2.dll => No File CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin3.dll => No File CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin4.dll => No File CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin5.dll => No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\BankID\npBispBrowser.dll => No File CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => No File CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => No File CHR Plugin: (Java Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Unity Player) - C:\Users\Leffan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File CHR Profile: C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-30] CHR Extension: (YouTube) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-30] CHR Extension: (Sök på Google) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-30] CHR Extension: (Gmail) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-30] CHR Profile: C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2 CHR Extension: (Sveriges Radio Spelare) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\agojbidllejeebbhcbonnlpodicladdk [2015-10-26] CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (YouTube) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Adblock Plus) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04] CHR Extension: (Google Search) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Wallet) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION CHR Extension: (Gmail) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url> CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [dbehnicccappldhpklckppjcdhlhcpmj] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [idiadiegplldnjnnhjfcggldbkjokmmd] - <no Path/update_url> CHR HKLM-x32\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url> ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) S3 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [File not signed] R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation) R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit) S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed] R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [File not signed] S3 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed] S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [File not signed] S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [289792 2011-12-26] (Puran Software) [File not signed] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-02-01] (Realtek Semiconductor) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO) S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] () S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider) R1 ElRawDisk; C:\WINDOWS\system32\drivers\ElRawDsk.sys [30752 2013-03-17] (EldoS Corporation) R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-11-03] () R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-24] (REALiX) S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO) S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) S3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.) R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.) S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.) R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.) S3 NvStUSB; C:\Windows\system32\DRIVERS\nvstusb.sys [55912 2010-03-25] () S3 PcdrNdisuio; C:\Windows\SysWow64\drivers\pcdrndisuio.sys [26096 2010-01-19] (Windows ® Codename Longhorn DDK provider) S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [57928 2011-03-10] (Panda Security) R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-12-30] (Realtek ) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-07] (Synaptics Incorporated) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-12] (Anchorfree Inc.) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) U5 WmFilter; C:\Windows\System32\Drivers\WmFilter.sys [43976 2010-04-27] (Logitech Inc.) S0 cffkog; System32\drivers\gatk.sys [X] U3 idsvc; no ImagePath S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X] S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-16 13:13 - 2016-02-16 13:13 - 00016148 _____ C:\WINDOWS\system32\LEFFAN-HP_Leffan_HistoryPrediction.bin 2016-02-15 10:25 - 2016-02-15 10:25 - 00002490 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Leffan 2016-02-15 10:25 - 2016-02-15 10:25 - 00000300 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Leffan.job 2016-02-12 12:41 - 2016-02-12 12:41 - 00104904 _____ C:\Users\Leffan\AppData\Local\GDIPFONTCACHEV1.DAT 2016-02-11 11:17 - 2016-02-11 11:18 - 00000337 _____ C:\Users\Leffan\Desktop\Sport på TV Idag.url 2016-02-11 08:12 - 2016-02-12 08:15 - 4252365016 _____ C:\WINDOWS\MEMORY.DMP 2016-02-10 23:54 - 2016-02-15 23:05 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Everything 2016-02-06 10:09 - 2016-02-06 10:09 - 00000000 ____D C:\NPE 2016-02-06 07:27 - 2016-02-06 07:27 - 00000254 __RSH C:\ProgramData\ntuser.pol 2016-02-05 13:42 - 2016-02-06 05:15 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler 2016-02-05 13:42 - 2016-02-06 05:15 - 00003078 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan) 2016-02-05 12:46 - 2016-02-05 12:46 - 00000000 ____D C:\Users\Public\Thunder Network 2016-02-05 12:46 - 2016-02-05 12:46 - 00000000 ____D C:\ProgramData\Thunder Network 2016-02-05 12:45 - 2016-02-05 12:45 - 00000000 ____D C:\OSTotoFolder 2016-02-05 12:44 - 2016-02-05 12:53 - 00000000 ____D C:\Program Files (x86)\OSTotoSoft 2016-02-04 10:19 - 2016-02-04 10:19 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-02-04 10:07 - 2016-02-05 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 2016-02-03 08:25 - 2016-02-03 08:25 - 00000389 _____ C:\Users\Leffan\Desktop\Streaming Länkar.txt 2016-02-02 14:15 - 2016-02-16 13:20 - 00001022 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-02 14:15 - 2016-02-16 07:22 - 00001018 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-01 08:43 - 2016-02-01 08:43 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2016-02-01 08:43 - 2016-02-01 08:43 - 04686592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2016-02-01 08:43 - 2016-02-01 08:43 - 04307112 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2016-02-01 08:43 - 2016-02-01 08:43 - 03282032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 03040488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2016-02-01 08:43 - 2016-02-01 08:43 - 02130584 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 02030208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 01601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 01356512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 01328496 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 01020208 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2016-02-01 08:43 - 2016-02-01 08:43 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2016-01-28 09:17 - 2016-02-06 07:16 - 00000378 _____ C:\Users\Leffan\Desktop\Swedbank.url 2016-01-27 09:01 - 2016-01-27 09:01 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-01-27 09:01 - 2016-01-27 09:01 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-01-25 10:42 - 2016-02-12 12:32 - 00000000 ____D C:\Users\Leffan\AppData\Local\NPE 2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\Norton ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-16 13:54 - 2014-04-18 08:32 - 00000000 ____D C:\FRST 2016-02-16 13:54 - 2010-10-23 15:32 - 00000000 ___RD C:\Users\Leffan\Desktop\Filhämtaren 2016-02-16 11:10 - 2012-01-25 17:01 - 00000000 ____D C:\Users\Leffan\AppData\Local\CrashDumps 2016-02-16 09:13 - 2010-10-25 16:50 - 00000000 ____D C:\Users\Leffan\AppData\Local\ElevatedDiagnostics 2016-02-16 08:50 - 2013-02-20 21:36 - 00000000 ___RD C:\Users\Leffan\Desktop\Till M Disk 2016-02-16 07:20 - 2015-08-20 06:31 - 00000000 ____D C:\ProgramData\NVIDIA 2016-02-16 07:20 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-15 23:05 - 2015-12-03 09:42 - 00000260 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_Leffan.job 2016-02-15 23:05 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-15 20:41 - 2013-11-15 18:42 - 00000000 ____D C:\ProgramData\ProductData 2016-02-15 17:56 - 2011-11-06 19:20 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\uTorrent 2016-02-15 17:24 - 2015-08-20 06:33 - 02039452 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-15 17:24 - 2015-07-10 16:48 - 00841736 _____ C:\WINDOWS\system32\perfh01D.dat 2016-02-15 17:24 - 2015-07-10 16:48 - 00191588 _____ C:\WINDOWS\system32\perfc01D.dat 2016-02-15 17:24 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF 2016-02-15 10:25 - 2015-12-13 15:26 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\.ACEStream 2016-02-15 10:05 - 2010-10-25 16:50 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\HpUpdate 2016-02-13 09:59 - 2010-10-23 15:30 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Macromedia 2016-02-13 08:30 - 2014-09-03 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-12 15:40 - 2015-09-17 07:19 - 00000000 ____D C:\Users\Leffan\Desktop\Ny Jobbmapp 2016-02-12 12:27 - 2015-09-03 09:33 - 00000000 ____D C:\WINDOWS\Minidump 2016-02-12 12:27 - 2012-09-05 21:23 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Geek Uninstaller 2016-02-12 08:22 - 2014-09-03 15:55 - 00001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-12 08:21 - 2016-01-04 08:56 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-02-11 13:04 - 2013-09-14 21:38 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\vlc 2016-02-11 11:26 - 2011-08-21 09:03 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\dvdcss 2016-02-11 08:23 - 2013-05-21 16:04 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-09 13:58 - 2016-01-12 13:02 - 00000000 ____D C:\Users\Leffan\AppData\Local\Spotify 2016-02-09 13:57 - 2016-01-12 13:02 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Spotify 2016-02-08 09:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-02-06 10:04 - 2010-12-11 08:46 - 00000000 ___RD C:\Users\Leffan\Desktop\Väskan 2016-02-06 08:57 - 2014-09-03 10:08 - 00000000 ____D C:\Users\Leffan\Desktop\HockeyMapp 2016-02-06 07:28 - 2010-07-29 09:31 - 00000000 ____D C:\ProgramData\Temp 2016-02-06 07:27 - 2016-01-10 10:36 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster 2016-02-05 08:12 - 2012-04-01 17:24 - 00000868 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-04 10:26 - 2015-08-24 11:04 - 00000000 ____D C:\Users\DefaultAppPool 2016-02-04 10:19 - 2015-08-20 04:12 - 00000000 ____D C:\Users\Leffan\.oracle_jre_usage 2016-02-04 10:19 - 2014-08-08 05:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-02-04 10:19 - 2011-08-07 22:15 - 00000000 ____D C:\Program Files (x86)\Java 2016-02-04 10:18 - 2015-02-16 12:30 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-04 10:07 - 2012-12-26 14:08 - 00000000 ____D C:\ProgramData\IObit 2016-02-04 10:07 - 2012-12-26 14:01 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\IObit 2016-02-04 10:07 - 2012-12-26 14:01 - 00000000 ____D C:\Program Files (x86)\IObit 2016-02-02 14:15 - 2012-01-28 10:58 - 00004080 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-02 14:15 - 2012-01-28 10:58 - 00003848 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-01 08:43 - 2015-08-20 06:30 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2016-01-30 10:04 - 2015-08-20 07:10 - 00000000 ____D C:\inetpub 2016-01-30 10:04 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\System 2016-01-30 10:04 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-01-30 10:04 - 2015-04-21 13:49 - 00000000 ____D C:\Qoobox 2016-01-30 10:04 - 2013-10-27 15:25 - 00000000 ____D C:\AllMySongs Database 2016-01-30 10:04 - 2011-06-03 12:35 - 00000000 ____D C:\Program Files (x86)\QuickTime Alternative 2016-01-30 10:04 - 2010-12-15 17:48 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-01-30 10:04 - 2010-10-27 17:47 - 00000000 ____D C:\Program Files (x86)\SopCast 2016-01-30 10:04 - 2010-10-23 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8 2016-01-30 10:04 - 2010-07-29 09:32 - 00000000 ____D C:\Program Files (x86)\Hp 2016-01-30 10:04 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games 2016-01-25 23:00 - 2015-08-20 06:34 - 00000000 ____D C:\Users\Leffan 2016-01-25 18:51 - 2014-08-21 03:53 - 00000000 ____D C:\Users\Leffan\AppData\Local\Adobe 2016-01-25 11:02 - 2012-11-11 20:40 - 01409024 _____ C:\Users\Leffan\Documents\Tillgångar.accdb 2016-01-25 09:28 - 2014-10-13 15:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-25 09:22 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\AVAST Software 2016-01-25 00:21 - 2010-10-23 15:09 - 00000448 _____ C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job 2016-01-24 09:33 - 2010-11-06 14:14 - 00000000 ____D C:\ProgramData\MFAData 2016-01-24 07:26 - 2016-01-12 13:02 - 00001843 _____ C:\Users\Leffan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2016-01-23 11:38 - 2011-02-09 22:36 - 00003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForLeffan 2016-01-23 11:38 - 2011-02-09 22:36 - 00000336 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLeffan.job 2016-01-22 09:03 - 2015-12-07 09:14 - 00000000 ____D C:\WINDOWS\LastGood 2016-01-21 12:32 - 2015-03-02 16:38 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\3E001880-1425314280-1016-826C-CD2F7FAD0E65 2016-01-21 10:23 - 2014-09-03 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\HomeGroupUser$ 2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\Gäst 2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\Administratör 2016-01-20 11:13 - 2011-12-21 20:05 - 00000000 ____D C:\Users\UpdatusUser 2016-01-20 11:13 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated ==================== Files in the root of some directories ======= 2014-08-24 08:53 - 2014-07-03 12:10 - 0204752 _____ (Igor Pavlov) C:\Program Files (x86)\7zxa.dll 2014-08-24 08:53 - 2014-07-03 12:10 - 0060368 _____ () C:\Program Files (x86)\Ace32Loader.exe 2010-11-08 18:32 - 2014-06-06 16:29 - 0210432 _____ () C:\Program Files (x86)\Default.SFX 2010-11-08 18:32 - 2014-06-06 16:29 - 0258560 _____ () C:\Program Files (x86)\Default64.SFX 2010-11-08 18:32 - 2014-05-08 22:16 - 0000852 _____ () C:\Program Files (x86)\Descript.ion 2010-11-08 18:32 - 2010-03-11 17:59 - 0000495 _____ () C:\Program Files (x86)\File_Id.diz 2010-11-08 18:32 - 2014-06-10 12:12 - 0003268 _____ () C:\Program Files (x86)\Order.htm 2010-11-08 18:32 - 2014-07-03 12:10 - 0523216 _____ (Alexander Roshal) C:\Program Files (x86)\Rar.exe 2010-11-08 18:32 - 2014-05-18 13:00 - 0099263 _____ () C:\Program Files (x86)\Rar.txt 2010-11-08 18:32 - 2014-07-03 12:10 - 0316880 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt.dll 2014-08-24 08:53 - 2014-07-03 12:10 - 0266192 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt32.dll 2010-11-08 18:32 - 2014-03-18 21:09 - 0001241 _____ () C:\Program Files (x86)\RarFiles.lst 2010-11-08 18:32 - 2010-11-08 18:32 - 0000020 _____ () C:\Program Files (x86)\rarnew.dat 2010-12-17 23:21 - 2010-12-17 22:54 - 0000474 _____ () C:\Program Files (x86)\rarreg.key 2010-11-08 18:32 - 2013-01-11 18:13 - 0001284 _____ () C:\Program Files (x86)\ReadMe.txt 2010-11-08 18:32 - 2010-03-11 17:59 - 0009232 _____ () C:\Program Files (x86)\TechNote.txt 2014-08-24 08:53 - 2005-08-26 01:50 - 0077312 _____ () C:\Program Files (x86)\UNACEV2.DLL 2010-11-08 18:32 - 2014-06-06 16:29 - 0000443 _____ () C:\Program Files (x86)\Uninstall.lst 2010-11-08 18:32 - 2014-07-03 12:10 - 0329680 _____ (Alexander Roshal) C:\Program Files (x86)\UnRAR.exe 2010-11-08 18:32 - 2005-05-12 17:02 - 0000090 _____ () C:\Program Files (x86)\UnrarSrc.txt 2013-12-26 10:31 - 2013-12-26 10:31 - 0802136 _____ (BitTorrent Inc.) C:\Program Files (x86)\uTorrent.exe 2010-11-08 18:32 - 2014-06-06 15:34 - 0044393 _____ () C:\Program Files (x86)\WhatsNew.txt 2010-11-08 18:32 - 2014-06-06 16:29 - 0197632 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon.SFX 2010-11-08 18:32 - 2014-06-06 16:29 - 0238592 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon64.SFX 2010-11-08 18:32 - 2014-06-06 16:29 - 0297978 _____ () C:\Program Files (x86)\WinRAR.chm 2010-11-08 18:32 - 2014-07-03 12:10 - 1479632 _____ (Alexander Roshal) C:\Program Files (x86)\WinRAR.exe 2010-11-08 18:32 - 2014-06-06 16:29 - 0156672 _____ () C:\Program Files (x86)\Zip.SFX 2010-11-08 18:32 - 2014-06-06 16:29 - 0180224 _____ () C:\Program Files (x86)\Zip64.SFX 2010-11-08 18:32 - 2010-11-08 18:32 - 0000022 _____ () C:\Program Files (x86)\zipnew.dat 2013-09-10 19:05 - 2013-11-13 21:55 - 0000000 _____ () C:\Users\Leffan\AppData\Roaming\bitlord_log.txt 2010-12-30 12:22 - 2011-11-20 19:50 - 0000518 _____ () C:\Users\Leffan\AppData\Roaming\burnaware.ini 2011-05-25 20:18 - 2011-09-14 20:11 - 0001854 _____ () C:\Users\Leffan\AppData\Roaming\GhostObjGAFix.xml 2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Leffan\AppData\Roaming\LCEFUOWD 2014-11-18 19:42 - 2014-11-18 19:43 - 0000498 _____ () C:\Users\Leffan\AppData\Roaming\WinInstallFlashLog.ini 2014-10-10 07:55 - 2014-10-10 07:55 - 0003584 _____ () C:\Users\Leffan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-09-10 19:22 - 2013-09-10 19:22 - 0000218 _____ () C:\Users\Leffan\AppData\Local\recently-used.xbel 2011-08-21 13:06 - 2015-09-13 09:28 - 0007630 _____ () C:\Users\Leffan\AppData\Local\Resmon.ResmonCfg 2012-08-20 19:00 - 2012-08-20 19:00 - 0000000 _____ () C:\ProgramData\0x0304A000.sfl 2015-10-20 07:47 - 2015-10-20 07:47 - 0045323 _____ () C:\ProgramData\1445323628.bdinstall.bin 2015-10-20 07:57 - 2015-10-20 07:57 - 0045185 _____ () C:\ProgramData\1445324239.bdinstall.bin 2015-10-20 09:35 - 2015-10-20 09:35 - 0045190 _____ () C:\ProgramData\1445330108.bdinstall.bin 2013-11-23 08:56 - 2013-11-23 08:56 - 0000000 _____ () C:\ProgramData\242c35322e3c542039_c 2014-11-30 18:54 - 2014-11-30 12:41 - 1979240 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe 2014-10-02 10:36 - 2014-10-02 10:36 - 0000261 _____ () C:\ProgramData\fontcacheev1.dat 2011-09-17 21:41 - 2011-09-17 21:46 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2013-06-10 21:18 - 2013-06-10 21:18 - 0000000 ____H () C:\ProgramData\rifmasterlic.lic Files to move or delete: ==================== C:\ProgramData\BavPro_Setup_Mini_GL1.exe C:\ProgramData\fontcacheev1.dat C:\Users\Leffan\link.vbs C:\Users\Leffan\reg-bak.reg ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-02-08 09:10 ==================== End of FRST.txt ============================
  20. Har inga problem med att ansluta till internet. Fungerar kanon i Chrome, kan bara inte ansluta i Microsoft Edge+Windows update
  21. Programet hittade några fel och åtgärdade felen. Då kom följande upp : Kan inte ansluta till proxyservernProva detta Kontrollera att inte brandväggsinställningarna blockerar webbåtkomsten Be systemadministratören om hjälp
  22. Kör bara Windows Defender, IObit malware fighter.
×
×
  • Skapa nytt...