Just nu i M3-nätverket
Gå till innehåll

Leffan55

Medlem
  • Antal inlägg

    37
  • Gick med

  • Senaste besök

Foruminlägg postade av Leffan55


  1. Du måste ju ha startat en vanlig kommandotolk för att få ett felmeddelande av DISM-kommandot.

     

    Några alternativ för att starta en kommandotolk med fulla rättigheter:

     

    Håll nere Windows-tangenten medan du trycker på X-tangenten.

    Välj Kommandotolk (Admin).

     

    Öppna Utforskaren genom att trycka Windows+E.

    Leta fram mappen C:\Windows\System32

    Högerklicka på programfilen cmd och välj Kör som administratör.

     

    Pröva med att i den vanliga kommandotolken skriva:

    powershell.exe -Command "Start-Process cmd -Verb RunAs"

     

    windows resource protection did not find any intergrity violations.


  2. I Windows-knappens högerklicksmeny väljer du Kommandotolken (Admin) eller något liknande (eller om det går att högerklicka på vanliga Kommandotolken och välja "Kör som administratör").

     

    Kommer ju inte åt kommandotolken, händer ingenting


  3. Har du prövat med att starta om datorn några gånger?

    Det brukar få igång Windows Update.

     

    När man råkar ut för det vanliga problemet med start-menyn och apparna brukar det fortfarande fungera att högerklicka på startknappen och i den menyn finns Kommandotolken. Det brukar också gå att trycka Ctrl+Alt+Del och välja Aktivitetshanteraren, sen i Aktivitetshanteraren kan man välja "Ny aktivitet" i en meny och om man då skriver in cmd kommer Kommandotolken att startas.

     

    Varje gång du har kört FRST har det skapats en systemåterställningspunkt så du kan ju välja den senaste.

    Detta kom upp vid kommandotolken: Error 740 

     

    Har du prövat med att starta om datorn några gånger?

    Det brukar få igång Windows Update.

     

    När man råkar ut för det vanliga problemet med start-menyn och apparna brukar det fortfarande fungera att högerklicka på startknappen och i den menyn finns Kommandotolken. Det brukar också gå att trycka Ctrl+Alt+Del och välja Aktivitetshanteraren, sen i Aktivitetshanteraren kan man välja "Ny aktivitet" i en meny och om man då skriver in cmd kommer Kommandotolken att startas.

     

    Varje gång du har kört FRST har det skapats en systemåterställningspunkt så du kan ju välja den senaste.

    Fick Error 740 elevated permission are required to runDISM

    Use an elevated command prompt to complete these tasks.


  4. Själva avinstallationen av FRST tar bara bort FRST-filerna och -mappen så det ska inte påverka Windows. Är du säker på att problemet inte uppstod tidigare?

     

    Innan du ger dig på det utmärkta förslaget från Pelle Penna kan du kolla att det inte hjälper med att kolla att alla Windows-uppdateringar har kommit in och att det inte räcker med att starta om datorn ett par gånger.

    Problemet var inte tidigare.

    Om jag gör en systemåterställning, kommer allt skit som jag tagit bort tillbaka då ?


  5. Själva avinstallationen av FRST tar bara bort FRST-filerna och -mappen så det ska inte påverka Windows. Är du säker på att problemet inte uppstod tidigare?

     

    Innan du ger dig på det utmärkta förslaget från Pelle Penna kan du kolla att det inte hjälper med att kolla att alla Windows-uppdateringar har kommit in och att det inte räcker med att starta om datorn ett par gånger.

     

    Jag kommer inte åt några program via windowsknappen, inte inställningar eller kommandotolken.


  6. Starta programmet Anteckningar.

    Kopiera alla rader i rutan:

    CreateRestorePoint:
    CloseProcesses:
    AlternateDataStreams: C:\ProgramData\Temp:073341D1
    AlternateDataStreams: C:\ProgramData\Temp:07BF512B
    AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
    AlternateDataStreams: C:\ProgramData\Temp:373E1720
    AlternateDataStreams: C:\ProgramData\Temp:56E2E879
    AlternateDataStreams: C:\ProgramData\Temp:5C321E34
    AlternateDataStreams: C:\ProgramData\Temp:6DFF1A8A
    AlternateDataStreams: C:\ProgramData\Temp:98181191
    AlternateDataStreams: C:\ProgramData\Temp:C05ABBB5
    AlternateDataStreams: C:\ProgramData\Temp:C5760A8B
    Reboot:
    

    och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

    Spara filen på skrivbordet med namnet fixlist.txt.

     

    Stäng av alla program.

    Starta FRST som finns på skrivbordet.

    Klicka på knappen Fix.

    Vänta tills programmet är klart.

    Om datorn inte startas om automatiskt så gör det själv.

     

    Programmet skapar en logg Fixlog.txt på skrivbordet.

    Klistra in innehållet i den i ditt svar.

     

     

    Fix result of Farbar Recovery Scan Tool (x64) Version:17-02-2016
    Ran by Leffan (2016-02-18 17:28:04) Run:1
    Running from C:\Users\Leffan\Desktop
    Loaded Profiles: Leffan (Available Profiles: Leffan & DefaultAppPool)
    Boot Mode: Normal
    ==============================================
     
    fixlist content:
    *****************
    CreateRestorePoint:
    CloseProcesses:
    AlternateDataStreams: C:\ProgramData\Temp:073341D1
    AlternateDataStreams: C:\ProgramData\Temp:07BF512B
    AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
    AlternateDataStreams: C:\ProgramData\Temp:373E1720
    AlternateDataStreams: C:\ProgramData\Temp:56E2E879
    AlternateDataStreams: C:\ProgramData\Temp:5C321E34
    AlternateDataStreams: C:\ProgramData\Temp:6DFF1A8A
    AlternateDataStreams: C:\ProgramData\Temp:98181191
    AlternateDataStreams: C:\ProgramData\Temp:C05ABBB5
    AlternateDataStreams: C:\ProgramData\Temp:C5760A8B
    Reboot:
    *****************
     
    Restore point was successfully created.
    Processes closed successfully.
    C:\ProgramData\Temp => ":073341D1" ADS removed successfully.
    C:\ProgramData\Temp => ":07BF512B" ADS removed successfully.
    C:\ProgramData\Temp => ":0B4227B4" ADS removed successfully.
    C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
    C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
    C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.
    C:\ProgramData\Temp => ":6DFF1A8A" ADS removed successfully.
    C:\ProgramData\Temp => ":98181191" ADS removed successfully.
    C:\ProgramData\Temp => ":C05ABBB5" ADS removed successfully.
    C:\ProgramData\Temp => ":C5760A8B" ADS removed successfully.
     
     
    The system needed a reboot.
     
    ==== End of Fixlog 17:28:40 ====

  7. Fix result of Farbar Recovery Scan Tool (x64) Version:17-02-2016

    Ran by Leffan (2016-02-18 13:32:33) Run:6

    Running from C:\Users\Leffan\Desktop

    Loaded Profiles: Leffan & DefaultAppPool (Available Profiles: Leffan & DefaultAppPool)

    Boot Mode: Normal

    ==============================================

     

    fixlist content:

    *****************

    CreateRestorePoint:

    CloseProcesses:

    Task: {B44DCCB2-CBCF-43CA-9AB4-DF65EEB3BDDD} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-1 -> No File <==== ATTENTION

    Task: {BCCF1E13-4ADA-4182-97D7-E996AD2B877E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

    Task: {BDA71962-EA5D-4385-81B3-48EFF84EBB70} - \94A46359-5537-4201-BEFD-1EC63DFD0949 -> No File <==== ATTENTION

    Task: {C0D0348D-C956-46A1-B30F-B57043226A65} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-7 -> No File <==== ATTENTION

    Task: {C6FA3A30-ECA9-4DD0-85B3-7845A3DD0CCB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-4 -> No File <==== ATTENTION

    Task: {C7B71700-04D1-4AEC-8975-2B954CF4CA3D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

    Task: {C9482E4C-B40B-42BD-8020-2AAC7828AC83} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit)

    Task: {CD41C298-24DD-4BF6-9270-1017E4B9D929} - System32\Tasks\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => pcalua.exe -a Z:\SETUP.EXE -d Z:\

    Task: {D1A30C2B-02ED-4D75-8DDB-9D13BF40EC9E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-1 -> No File <==== ATTENTION

    Task: {D3DA3BE4-9D44-4387-9A8A-77A70F3DD1CD} - System32\Tasks\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\CloudAntivirus.exe -d C:\Users\Leffan\Desktop\Filhämtaren

    Task: {D41550B9-1CE4-4475-A57B-43C3155818D2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

    Task: {D6BBD0A2-36BA-4F27-A243-E3D982AA8323} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

    Task: {E3022D0E-ECFA-4AA9-A2A9-E563007E921C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

    Task: {E48E7272-8EFE-40BA-8172-A9B5426507E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

    Task: {E6423FD3-6C70-4406-81ED-A50E74108523} - \SpyHunter4Startup -> No File <==== ATTENTION

    Task: {E7E05EA5-8067-4E1E-8904-3B8FE7CE21BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

    Task: {FC8AF801-5C9D-4E5D-973B-D3A3F36DB387} - System32\Tasks\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => K:\autorunce.exe

    Reboot:

    *****************

     

    Restore point was successfully created.

    Processes closed successfully.

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B44DCCB2-CBCF-43CA-9AB4-DF65EEB3BDDD} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-1 => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCCF1E13-4ADA-4182-97D7-E996AD2B877E} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDA71962-EA5D-4385-81B3-48EFF84EBB70} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\94A46359-5537-4201-BEFD-1EC63DFD0949 => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0D0348D-C956-46A1-B30F-B57043226A65} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-7 => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6FA3A30-ECA9-4DD0-85B3-7845A3DD0CCB} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-4 => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7B71700-04D1-4AEC-8975-2B954CF4CA3D} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9482E4C-B40B-42BD-8020-2AAC7828AC83} => key not found. 

    C:\WINDOWS\System32\Tasks\Driver Booster Scheduler => not found.

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD41C298-24DD-4BF6-9270-1017E4B9D929} => key not found. 

    C:\WINDOWS\System32\Tasks\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => not found.

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1A30C2B-02ED-4D75-8DDB-9D13BF40EC9E} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-1 => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3DA3BE4-9D44-4387-9A8A-77A70F3DD1CD} => key not found. 

    C:\WINDOWS\System32\Tasks\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => not found.

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D41550B9-1CE4-4475-A57B-43C3155818D2} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6BBD0A2-36BA-4F27-A243-E3D982AA8323} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3022D0E-ECFA-4AA9-A2A9-E563007E921C} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E48E7272-8EFE-40BA-8172-A9B5426507E1} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6423FD3-6C70-4406-81ED-A50E74108523} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7E05EA5-8067-4E1E-8904-3B8FE7CE21BD} => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found. 

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC8AF801-5C9D-4E5D-973B-D3A3F36DB387} => key not found. 

    C:\WINDOWS\System32\Tasks\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => not found.

    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => key not found. 

     

     

    The system needed a reboot.

     

    ==== End of Fixlog 13:32:52 ====

     


    Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-02-2016

    Ran by Leffan (2016-02-18 13:29:11)

    Running from C:\Users\Leffan\Desktop

    Windows 10 Home (X64) (2016-02-17 10:04:41)

    Boot Mode: Normal

    ==========================================================

     

     

    ==================== Accounts: =============================

     

    Administratör (S-1-5-21-2436640913-3975503498-2043303906-500 - Administrator - Disabled)

    DefaultAccount (S-1-5-21-2436640913-3975503498-2043303906-503 - Limited - Disabled)

    Gäst (S-1-5-21-2436640913-3975503498-2043303906-501 - Limited - Disabled)

    Leffan (S-1-5-21-2436640913-3975503498-2043303906-1001 - Administrator - Enabled) => C:\Users\Leffan

     

    ==================== Security Center ========================

     

    (If an entry is included in the fixlist, it will be removed.)

     

    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

     

    ==================== Installed Programs ======================

     

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

     

    µTorrent (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\uTorrent) (Version: 3.4.5.41073 - BitTorrent Inc.)

    64 Bit HP CIO Components Installer (Version: 17.2.1 - Hewlett-Packard) Hidden

    Adobe Acrobat Reader DC - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)

    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)

    Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)

    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)

    Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)

    Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit)

    Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{AB71D51A-DD83-4C22-98E2-DF8CB803F65D}) (Version: 1.14.17.06729 - Alcor Micro Corp.)

    Alcor Micro USB Card Reader (x32 Version: 1.14.17.06729 - Alcor Micro Corp.) Hidden

    Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)

    Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)

    Apple-programstöd (32-bitar) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)

    Apple-programstöd (64-bitar) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)

    AVCWare Ringtone Maker (HKLM-x32\...\AVCWare Ringtone Maker) (Version: 2.0.5.20120712 - AVCWare)

    AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6172 - AVG Technologies)

    AVG 2015 (Version: 15.0.6172 - AVG Technologies) Hidden

    BankID säkerhetsprogram (HKLM-x32\...\{1BDBF557-BA87-438F-9B28-AE4D836E35BA}) (Version: 7.1.0.20 - Finansiell ID-Teknik BID AB)

    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

    Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version:  - )

    Compatibility Pack för Office 2007-systemet (HKLM-x32\...\{90120000-0020-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

    CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.)

    DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)

    DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden

    Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)

    Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )

    EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 2.7 - Poikosoft)

    Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)

    FileSearchy Pro (HKLM-x32\...\FileSearchy Pro) (Version: 1.11 - Midlinesoft)

    FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)

    FSS Google Maps Downloader version 2.0.8.1 (HKLM-x32\...\FSS Google Maps Downloader_is1) (Version: 2.0.8.1 - FreeSmartSoft)

    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)

    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)

    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

    Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden

    Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.)

    HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)

    HP MAINSTREAM KEYBOARD (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.4.3.0 - Hewlett-Packard)

    HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)

    HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)

    HP Product Detection (HKLM-x32\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP)

    HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)

    HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard)

    HP Support Assistant (HKLM-x32\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company)

    HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)

    HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)

    HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)

    HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)

    HTC Sync (HKLM-x32\...\{1F9E5C64-165D-4679-BBB3-498D216D017B}) (Version: 3.3.7 - HTC Corporation)

    HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.13.0 - HTC)

    Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)

    IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)

    IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)

    IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.41 - Irfan Skiljan)

    iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)

    Kursomvandlaren 1.0 (HKLM-x32\...\Kursomvandlaren) (Version: 1.0 - Kursomvandlaren.se)

    Leapic Audio Cutter 3.0 (HKLM-x32\...\Leapic Audio Cutter_is1) (Version:  - Leapic Software)

    LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)

    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

    Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

    Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_ENTERPRISE_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version:  - Microsoft)

    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

    Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_ENTERPRISE_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version:  - Microsoft)

    Microsoft Office PowerPoint Viewer 2007 (Swedish) (HKLM-x32\...\{95120000-00AF-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

    Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_ENTERPRISE_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version:  - Microsoft)

    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)

    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

    Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard)

    Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden

    Mozilla Firefox 43.0.1 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 sv-SE)) (Version: 43.0.1 - Mozilla)

    Mozilla Firefox 44.0.2 (x64 sv-SE) (HKLM\...\Mozilla Firefox 44.0.2 (x64 sv-SE)) (Version: 44.0.2 - Mozilla)

    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)

    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

    MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

    MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)

    Nordea NCR1 Installationspaket (HKLM-x32\...\{CD9A35D4-8A81-4188-98AF-14D759083FB4}) (Version: 1.00.000 - Todos Data System AB)

    NVIDIA 3D Vision drivrutin 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)

    NVIDIA 3D Vision drivrutin för styrenhet 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.70 - NVIDIA Corporation)

    NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation)

    NVIDIA Grafikdrivrutin 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)

    NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)

    NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

    NVIDIA-uppdatering 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)

    OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

    Panda Cloud Antivirus (HKLM\...\{8BA78FA6-E817-454C-9D32-8DE04404119E}) (Version: 4.02.00.0000 - Panda Security)

    PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)

    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

    PopChar 6.0 (HKLM\...\ergonis PopChar_is1) (Version: 6.0 - Ergonis Software)

    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.)

    Power2Go (x32 Version: 6.1.3810 - CyberLink Corp.) Hidden

    Privacy Eraser (HKLM\...\{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 4.4.0.1580 - Cybertron Software Co., Ltd.)

    PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden

    QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)

    QuickTime Alternative 3.1.1 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.1.1 - )

    Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.23.0 - Mediatek)

    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.30.1019.2010 - Realtek)

    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)

    Recovery Manager (x32 Version: 5.5.2719 - CyberLink Corp.) Hidden

    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

    Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)

    SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com)

    Spotify (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Spotify) (Version: 1.0.20.101.ge6957e14 - Spotify AB)

    SpringFiles (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\SpringFiles) (Version: 29.15.38 - hxxp://www.spring-file.com)

    SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)

    Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)

    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

    System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )

    System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)

    UniPDF 1.0.5 (HKLM-x32\...\UniPDF) (Version: 1.0.5 - UniPDF.com)

    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)

    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

    Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)

    Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

    WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

    Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)

    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

     

    ==================== Custom CLSID (Whitelisted): ==========================

     

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

     

    CustomCLSID: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Leffan\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

     

    ==================== Scheduled Tasks (Whitelisted) =============

     

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

     

    Task: {015D92BF-3905-4212-8E37-9573EF8946D3} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe

    Task: {017E6A68-2D3A-4FA1-B9C4-489B1D3AE6D0} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-05-29] ()

    Task: {047C2F9F-5DEA-4650-B407-DC0512536094} - System32\Tasks\{5EC01EB6-9E5A-404A-99B8-6CF97B7ED3DD} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe

    Task: {0809A89E-404A-4D5D-9B26-081576289B9C} - System32\Tasks\Cybertron\Privacy Eraser\SkipUAC_Leffan => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser.exe [2015-10-02] (Cybertron Software, Co., Ltd.)

    Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe

    Task: {0D55A894-4243-46AA-BE55-3FFB87D20595} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()

    Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe

    Task: {13353C5F-3569-4E84-A2EE-1A5DC2B78CEF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-16] (Microsoft Corporation)

    Task: {13802080-A435-460E-A8C8-EE026D9DF1F0} - System32\Tasks\{B1087BD8-E5F8-459E-BA42-82D7589A720E} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {1537EDA8-027A-4507-AC4E-93A4E0BFC640} - \Driver Booster SkipUAC (Leffan) -> No File <==== ATTENTION

    Task: {1BE0B7D9-F640-4E4D-BF8A-D035646B5661} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

    Task: {1D3967CC-676A-486B-A20A-3DA07F5B7958} - System32\Tasks\{0FB8EBCC-9766-45A7-A303-D09B0B9BD45F} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {2341FCA8-7C90-436F-8B08-84E93950E58A} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

    Task: {2575C29E-BA05-48B9-B0EF-6862BF8429B2} - System32\Tasks\{39A1BCC2-0D94-4E8E-8E99-434667EC37F3} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {27122E99-4230-4EE8-856C-CC8CD289A0AC} - System32\Tasks\{1E89BF2A-0738-4751-B74F-BCC148691285} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe

    Task: {29990644-B79A-4F9B-B184-45225F368080} - System32\Tasks\{2FC1D531-7D62-49B0-92F6-4B6A33DC012C} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe

    Task: {30EEFFE7-99F8-4860-A81D-2AFAEDBE4098} - System32\Tasks\{998C7732-8855-4A08-BA4C-F1AA473C9E70} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {315B28B0-9835-4E3F-B81E-0E16ADEAA9C8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

    Task: {32ABA5C1-E0ED-4BDF-86A9-C75D45B0BB89} - System32\Tasks\{BF677917-AD42-4C99-9564-FF7DBC764A70} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {33589691-0896-46B4-82DB-FA2BA62038EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)

    Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe

    Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe

    Task: {3A32527B-676D-44D5-A90F-6BFEC2A4F8B3} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

    Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe

    Task: {420544F1-038F-40DC-BCED-EE3CA989F9F6} - \CCleanerSkipUAC -> No File <==== ATTENTION

    Task: {444C3CA9-1CE7-4575-9A68-6A1FDBB08DBB} - System32\Tasks\{20ECD2CE-4BE8-4120-86B6-DA4CED53A141} => pcalua.exe -a "J:\Program\Logitech Mus MX310\mw9791sve.exe" -d "J:\Program\Logitech Mus MX310"

    Task: {4D515E26-8912-4948-B044-54DA5F548274} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)

    Task: {4D714B6F-CC7F-434B-B049-EC548F68FAF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

    Task: {4E644A8D-2A48-4553-8495-CD9AC56C475A} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2010-02-02] (PC-Doctor, Inc.)

    Task: {5B252DF3-DD42-4593-8E1F-70DA4CD5C926} - System32\Tasks\HPCeeScheduleForLeffan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)

    Task: {5C3682DC-00C4-42B6-BDF4-291CE450520B} - System32\Tasks\{F72B7057-8A2E-4A3A-B919-8BDB5F2C34D5} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {6AEB90CA-E25E-4F7A-B6D0-7D1E6D95B5F8} - System32\Tasks\{3408CB37-2C67-46A7-928D-1F3F71DBEED5} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe

    Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe

    Task: {80D92798-093B-468D-B973-D733520C10F6} - System32\Tasks\ASC7U_SkipUac_Leffan => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe

    Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe

    Task: {8B42502E-AF26-4A3D-AB75-BFDE38F8AF19} - System32\Tasks\{649C94FF-5E42-4F31-9F1C-CDDB2C654B8B} => pcalua.exe -a "C:\Program Files (x86)\AVS4YOU\Uninstall.exe"

    Task: {8E7FC1F8-9DB1-46F7-AF7B-71F743F23BC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

    Task: {93AA24D5-D9E4-469D-B51A-E507DFB86F5F} - System32\Tasks\{8696F1B7-7B49-4C88-86BE-E5436E6B9BE6} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\daemon-tools.exe -d "C:\Program Files (x86)\Mozilla Firefox"

    Task: {94725C4A-D8DC-4E84-AEC9-35897AA0FFD5} - System32\Tasks\{4A6B5362-1860-456A-8FAB-6FC474D30AD7} => pcalua.exe -a "C:\Windows\SysWOW64\Adobe\Shockwave 11\syminstallstub.exe" -d C:\Users\Leffan\Desktop -c /partnerid=adobe /productlist=nss /staging=false /debug /delay=0

    Task: {9A7CE315-F2C2-4B0B-8DA0-9CAF1E927ACA} - System32\Tasks\{8A0B35A7-C76F-4160-875B-0BB3716F167C} => pcalua.exe -a "C:\Users\Leffan\Desktop\Eget\Olika Prog\wmp11-windowsxp-x86-SV-SE.exe" -d "C:\Users\Leffan\Desktop\Eget\Olika Prog"

    Task: {9CD1E83E-15B1-4314-8AC2-A61E697DE0A4} - System32\Tasks\{1490BFE5-F5BB-46E0-B4CD-3438C4957884} => pcalua.exe -a E:\SETUP.EXE -d E:\

    Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe

    Task: {9FD1CE56-EE7B-46D6-9B34-6DA76FB6DC3D} - System32\Tasks\{5B06E479-555D-4864-88DE-72A2B6FBB1FD} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {A16E9003-48D6-4F34-8636-B33F3D67537A} - System32\Tasks\{6EBDE3E0-2BE7-4C3C-B5E1-2605F8CB5563} => K:\autorunce.exe

    Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

    Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe

    Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe

    Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe

    Task: {B615642F-8AF5-4AD7-91F3-7A384DC7BAC1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

    Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe

    Task: {BA1D5441-965F-4AE2-B6B4-DE072B4F1248} - System32\Tasks\{7BB7C00D-46F6-4294-BD6C-567F503637BE} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {BF83FDDD-7C67-489B-96E9-2F7FB75415A5} - System32\Tasks\ASC9_SkipUac_Leffan => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2015-11-30] (IObit)

    Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe

    Task: {D5202B90-EDB2-4155-A1EC-894D7B408267} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-04] (Adobe Systems Incorporated)

    Task: {D8638B38-356A-42C6-AA41-E91C12A2A6E8} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)

    Task: {D98F64A5-ECB7-4D90-9CC0-A4EEBC4B262E} - System32\Tasks\FileSearchyPro_SkipUAC => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [2014-02-14] ()

    Task: {DF59405B-CB86-427C-A8D5-0EA50790CFFF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

    Task: {E47DC616-F79D-4ECC-A214-5E9F4131EE24} - System32\Tasks\{5BA75C5D-537E-401B-BB74-A1494BA2FCE4} => pcalua.exe -a "C:\Program Files (x86)\Personal\bin\persinst.exe" -d "C:\Program Files (x86)\Personal\bin"

    Task: {E604A3F7-FC9F-4A15-B8C2-9EFFB0635A06} - System32\Tasks\Google Updater and Installer => C:\Users\Leffan\AppData\Local\Google\Update\GoogleUpdate.exe

    Task: {E886E1C4-44AE-44C1-87C7-9AAC8FB9DAA1} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()

    Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

    Task: {EA2197B3-EBEC-433D-9B3E-FEA775E25760} - System32\Tasks\{F7F5755D-563D-42D9-89E1-5872D836B8EB} => C:\Users\Leffan\Desktop\Eget\EuroC\setup.exe

    Task: {EC34AB08-DCA1-477E-A034-5DB7B65F6B87} - System32\Tasks\{D6F371CA-08A1-4B7E-9E2D-7585D37A4DC2} => K:\Program\CD-LP Skivor Cardfile\Cardfile.exe

    Task: {F29CE86A-3B32-4B44-A08F-964AF154EA4E} - System32\Tasks\{803EC8C1-976B-466E-8FEE-A1E65CA27538} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {F6FC083E-8783-4D79-B152-E051CE275512} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

    Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

    Task: {FAEA5001-7894-4392-AAEB-83E6A5C0C348} - System32\Tasks\{FF41CD49-FDD3-43FC-8C2F-819BCD47E52D} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

    Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe

     

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

     

    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Leffan.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe

    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    Task: C:\WINDOWS\Tasks\HPCeeScheduleForLeffan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

    Task: C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml

     

    ==================== Shortcuts =============================

     

    (The entries could be listed to be restored or removed.)

     

    ==================== Loaded Modules (Whitelisted) ==============

     

    2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

    2016-02-17 10:31 - 2015-10-13 18:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

    2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

    2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

    2016-02-17 10:19 - 2016-02-17 10:19 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

    2016-02-17 10:19 - 2016-02-17 10:19 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

    2014-05-27 11:33 - 2014-05-27 11:33 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

    2016-02-17 10:19 - 2016-02-17 10:19 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll

    2016-02-17 10:19 - 2016-02-17 10:19 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

    2016-02-17 10:19 - 2016-02-17 10:19 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

    2016-02-17 10:19 - 2016-02-17 10:19 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

    2016-02-17 10:19 - 2016-02-17 10:19 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

    2016-02-17 10:19 - 2016-02-17 10:19 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

    2016-02-17 11:48 - 2016-02-17 11:49 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe

    2014-03-24 10:31 - 2014-03-24 10:31 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll

    2014-05-27 11:32 - 2014-05-27 11:32 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll

    2014-03-24 10:32 - 2014-03-24 10:32 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll

    2014-03-24 10:32 - 2014-03-24 10:32 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll

    2014-03-24 10:32 - 2014-03-24 10:32 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll

    2014-03-24 10:34 - 2014-03-24 10:34 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll

    2014-03-24 10:36 - 2014-03-24 10:36 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

    2013-11-15 18:42 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll

    2016-02-11 08:23 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll

    2016-02-11 08:23 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll

    2016-02-17 11:48 - 2016-02-17 11:49 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll

    2016-02-17 11:48 - 2016-02-17 11:49 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll

     

    ==================== Alternate Data Streams (Whitelisted) =========

     

    (If an entry is included in the fixlist, only the ADS will be removed.)

     

    AlternateDataStreams: C:\ProgramData\Temp:073341D1

    AlternateDataStreams: C:\ProgramData\Temp:07BF512B

    AlternateDataStreams: C:\ProgramData\Temp:0B4227B4

    AlternateDataStreams: C:\ProgramData\Temp:373E1720

    AlternateDataStreams: C:\ProgramData\Temp:56E2E879

    AlternateDataStreams: C:\ProgramData\Temp:5C321E34

    AlternateDataStreams: C:\ProgramData\Temp:6DFF1A8A

    AlternateDataStreams: C:\ProgramData\Temp:98181191

    AlternateDataStreams: C:\ProgramData\Temp:C05ABBB5

    AlternateDataStreams: C:\ProgramData\Temp:C5760A8B

     

    ==================== Safe Mode (Whitelisted) ===================

     

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

     

     

    ==================== EXE Association (Whitelisted) ===============

     

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

     

     

    ==================== Internet Explorer trusted/restricted ===============

     

    (If an entry is included in the fixlist, it will be removed from the registry.)

     

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\008i.com -> 008i.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\008k.com -> 008k.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\00hq.com -> 00hq.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0190-dialers.com -> 0190-dialers.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\01i.info -> 01i.info

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0411dd.com -> 0411dd.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0511zfhl.com -> 0511zfhl.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\05p.com -> 05p.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0632qyw.com -> 0632qyw.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0calories.net -> 0calories.net

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0cj.net -> 0cj.net

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0scan.com -> 0scan.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\1-domains-registrations.com -> 1-domains-registrations.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\1-se.com -> 1-se.com

    IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\1001movie.com -> 1001movie.com

     

    There are 6127 more sites.

     

     

    ==================== Hosts content: ==========================

     

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

     

    2009-07-14 03:34 - 2015-09-21 15:46 - 00000949 ____A C:\WINDOWS\system32\Drivers\etc\hosts

     

    127.0.0.1 localhost

    127.0.0.1 www.iobit.com

    127.0.0.1 www.asc55.iobit.com

     

    ==================== Other Areas ============================

     

    (Currently there is no automatic fix for this section.)

     

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leffan\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp

    HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> 

    DNS Servers: 192.168.1.1

    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

    Windows Firewall is enabled.

     

    ==================== MSCONFIG/TASK MANAGER disabled items ==

     

    (Currently there is no automatic fix for this section.)

     

    MSCONFIG\Services: Apple Mobile Device => 2

    MSCONFIG\Services: LightScribeService => 3

    MSCONFIG\Services: MozillaMaintenance => 3

    MSCONFIG\Services: NAUpdate => 3

    MSCONFIG\Services: Secunia PSI Agent => 2

    MSCONFIG\Services: Secunia Update Agent => 2

    MSCONFIG\Services: SpyHunter 4 Service => 2

    MSCONFIG\Services: WinDefend => 2

    MSCONFIG\Services: WiseBootAssistant => 2

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BankID säkerhetsprogram.lnk => C:\Windows\pss\BankID säkerhetsprogram.lnk.CommonStartup

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup

    MSCONFIG\startupfolder: C:^Users^Leffan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Setup.lnk => C:\Windows\pss\Setup.lnk.Startup

    MSCONFIG\startupfolder: C:^Users^Leffan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^YoWindow.lnk => 

    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    MSCONFIG\startupreg: Adobe Reader Speed Launcher => 

    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

    MSCONFIG\startupreg: AVG_UI => 

    MSCONFIG\startupreg: Browsers Protector => 

    MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

    MSCONFIG\startupreg: CommonToolkitTray => 

    MSCONFIG\startupreg: CPA => 

    MSCONFIG\startupreg: Google Update => 

    MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

    MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

    MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe

    MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup

    MSCONFIG\startupreg: IAStorIcon => 

    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

    MSCONFIG\startupreg: Logitech Utility => LOGI_MWX.EXE

    MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Leffan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

    MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

    MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup

    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime Alternative\QTTask.exe" -atboottime

    MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

    MSCONFIG\startupreg: SDTray => 

    MSCONFIG\startupreg: SearchSettings => 

    MSCONFIG\startupreg: sfagent => 

    MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background

    MSCONFIG\startupreg: Spybot-S&D Cleaning => 

    MSCONFIG\startupreg: SpybotSD TeaTimer => 

    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

    MSCONFIG\startupreg: Telia => 

    HKLM\...\StartupApproved\Run: => "iTunesHelper"

    HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

    HKLM\...\StartupApproved\Run32: => "SDTray"

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "uTorrent"

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "OneDrive"

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "FileSearchy Pro"

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "Spotify"

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "Spotify Web Helper"

     

    ==================== FirewallRules (Whitelisted) ===============

     

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

     

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

    FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

    FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

    FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

    FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

    FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808

    FirewallRules: [{6B1D7C96-BCB3-4CA5-98B3-2B275CA0F642}] => (Block) C:\users\leffan\appdata\roaming\spotify\spotify.exe

    FirewallRules: [{2505942A-00EC-459D-9FBE-A749E520EAAB}] => (Block) C:\users\leffan\appdata\roaming\spotify\spotify.exe

    FirewallRules: [uDP Query User{BDEF94DD-FCDA-4F33-9CEE-6BCD7F48624B}C:\users\leffan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leffan\appdata\roaming\spotify\spotify.exe

    FirewallRules: [TCP Query User{7FBA5499-5F04-4324-9E55-E53B4D075F48}C:\users\leffan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leffan\appdata\roaming\spotify\spotify.exe

    FirewallRules: [{99C4FCC9-849E-4A2F-9371-8F09DEB7F6CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

    FirewallRules: [{77100609-AF62-4E05-9D6B-328B187CB96D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

    FirewallRules: [{50DB1AD2-57AF-46B5-AD32-B0F5CF878655}] => (Allow) C:\Program Files\iTunes\iTunes.exe

    FirewallRules: [{FF2E9711-5D11-451D-9378-8CCB479EF96A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    FirewallRules: [{53AC1C04-B420-492E-9261-3263116AA84D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    FirewallRules: [{0BA1D425-7352-4A30-8E13-54FE2BB5B487}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

    FirewallRules: [{D3210709-F65D-433A-AFC8-2C8DB89AEBBD}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

    FirewallRules: [{23CED342-45A6-4B53-AE9C-C590CDD84CF8}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

    FirewallRules: [{0C9B086A-472D-4803-A2B9-869EFFE3B3D7}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

    FirewallRules: [{8B1EB20C-507A-4285-B609-5A252554FC65}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

    FirewallRules: [{82E67E65-D8D1-420B-A3E5-EFBA05E91C1D}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

    FirewallRules: [{08AD2175-9C59-410C-874E-D09D1F301738}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

    FirewallRules: [{E39CA200-0F33-44F5-9A7B-9650A14E2E70}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

    FirewallRules: [{2BF69994-4495-4298-8923-51066558E4FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

    FirewallRules: [{20B04BB7-7D9A-4995-B306-CB902B36D93C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

    FirewallRules: [TCP Query User{232693B7-0B9B-4B06-BF78-6A7263CBA1C5}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe

    FirewallRules: [uDP Query User{67C6D7D6-5C3C-4470-992E-90312FA30D1F}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe

    FirewallRules: [TCP Query User{5579ED67-C65C-4EC8-BD0A-F7C5294232F6}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe

    FirewallRules: [uDP Query User{AB9F266D-DD59-4304-A141-E14B84A63464}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe

    FirewallRules: [{01149F99-49F3-40DF-9C1E-E3A30A3283E6}] => (Allow) C:\Windows\SysWOW64\msiexec.exe

    FirewallRules: [{FA88A1AC-3745-4E4B-B54B-C66E2E01D226}] => (Allow) C:\Windows\SysWOW64\msiexec.exe

    FirewallRules: [TCP Query User{73A9521C-0D38-4123-8771-C8F1BCAD70D4}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops\blackops.exe

    FirewallRules: [uDP Query User{32F2739C-25AB-4EF8-ABCF-3BE7532946AA}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops\blackops.exe

    FirewallRules: [TCP Query User{99F0F9AB-FEDA-4514-BEF2-CAFD9749D793}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe

    FirewallRules: [uDP Query User{C74B7532-6DE7-4512-8F60-9CE5B5C4DF10}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe

    FirewallRules: [TCP Query User{17073FEE-EC8E-4B73-B4EB-5136E9BBCD09}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe

    FirewallRules: [uDP Query User{456024A2-EECA-41DF-8DCB-5BE0CE2C9A65}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe

    FirewallRules: [TCP Query User{1E7B6E7F-8DFA-4BF9-A7A9-E038E30C413E}C:\program files (x86)\utorrent.exe] => (Allow) C:\program files (x86)\utorrent.exe

    FirewallRules: [uDP Query User{B6D56527-655A-44B0-9B3C-6F8C9ADD9565}C:\program files (x86)\utorrent.exe] => (Allow) C:\program files (x86)\utorrent.exe

    FirewallRules: [{47BCD015-8C25-4976-9489-EC0990529AB3}] => (Block) C:\program files (x86)\utorrent.exe

    FirewallRules: [{8B481F7A-E28A-421F-997C-E81C94C96E2B}] => (Block) C:\program files (x86)\utorrent.exe

    FirewallRules: [TCP Query User{E8002486-FC7A-41FC-B15C-77763877274D}C:\users\leffan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\leffan\appdata\roaming\utorrent\utorrent.exe

    FirewallRules: [uDP Query User{403B1697-4BFC-4554-A0C3-B4BCEBC988D2}C:\users\leffan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\leffan\appdata\roaming\utorrent\utorrent.exe

    FirewallRules: [{6D1688F0-0A73-4D68-95D2-8C8B73653695}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

    FirewallRules: [{37AF9967-E0CE-4DD9-AC91-97FC980C56A0}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

    FirewallRules: [{2E131DD2-BA3D-4629-9017-B8B17CFB9E03}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe

    FirewallRules: [{C68DC0A4-8072-4895-8643-C3C9A2B4B71E}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe

    FirewallRules: [TCP Query User{682DDBFB-3A51-47F5-A1A5-77B7F1B158C6}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe

    FirewallRules: [uDP Query User{F79188FF-B780-4047-AEDE-4B2431F1E67D}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe

    FirewallRules: [{1932C498-C858-47B3-9A07-EA7FA7E506AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    FirewallRules: [{12EA3144-6F12-49C7-95BA-9C79CBE11EF3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

    FirewallRules: [TCP Query User{C91C2882-0D8B-4501-8C76-C5BE700687D8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

    FirewallRules: [uDP Query User{EDCD2296-5E21-478A-A5E6-5657B2F41079}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

    FirewallRules: [{9A5B3D93-837E-4A64-A0F9-2BC4813DFCE1}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe

    FirewallRules: [{FC826B1C-502F-4B67-B045-1DB4E7F337E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

     

    ==================== Restore Points =========================

     

    17-02-2016 11:41:52 Revo Uninstaller Pro's restore point - Spybot - Search & Destroy

    17-02-2016 11:53:11 Restore Point Created by FRST

    18-02-2016 12:59:17 Revo Uninstaller Pro's restore point - Driver Booster 3.2

    18-02-2016 13:04:23 Restore Point Created by FRST

    18-02-2016 13:12:23 Revo Uninstaller Pro's restore point - IObit Malware Fighter 3

    18-02-2016 13:15:58 Revo Uninstaller Pro's restore point - IObit Uninstaller

    18-02-2016 13:17:32 Revo Uninstaller Pro's restore point - Smart Defrag 4

    18-02-2016 13:18:52 Revo Uninstaller Pro's restore point - Java 8 Update 65

    18-02-2016 13:19:08 Removed Java 8 Update 65

    18-02-2016 13:20:10 Revo Uninstaller Pro's restore point - Java 8 Update 66

    18-02-2016 13:20:30 Removed Java 8 Update 66

    18-02-2016 13:21:38 Revo Uninstaller Pro's restore point - Java 8 Update 72

    18-02-2016 13:22:03 Removed Java 8 Update 72

     

    ==================== Faulty Device Manager Devices =============

     

     

    ==================== Event log errors: =========================

     

    Application errors:

    ==================

    Error: (02/18/2016 01:22:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

    Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

     

    Details:

    AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

     

    System Error:

    Det går inte att hitta filen.

    .

     

    Error: (02/18/2016 01:22:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

    Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

     

    Details:

    AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

     

    System Error:

    Åtkomst nekad.

    .

     

    Error: (02/18/2016 01:21:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

    Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

     

    Details:

    AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

     

    System Error:

    Det går inte att hitta filen.

    .

     

    Error: (02/18/2016 01:21:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

    Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

     

    Details:

    AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

     

    System Error:

    Åtkomst nekad.

    .

     

    Error: (02/18/2016 01:20:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

    Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

     

    Details:

    AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

     

    System Error:

    Det går inte att hitta filen.

    .

     

    Error: (02/18/2016 01:20:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

    Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

     

    Details:

    AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

     

    System Error:

    Åtkomst nekad.

    .

     

    Error: (02/18/2016 01:20:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

    Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

     

    Details:

    AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

     

    System Error:

    Det går inte att hitta filen.

    .

     

    Error: (02/18/2016 01:20:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

    Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

     

    Details:

    AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

     

    System Error:

    Åtkomst nekad.

    .

     

    Error: (02/18/2016 01:19:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

    Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

     

    Details:

    AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

     

    System Error:

    Det går inte att hitta filen.

    .

     

    Error: (02/18/2016 01:19:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

    Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

     

    Details:

    AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

     

    System Error:

    Åtkomst nekad.

    .

     

     

    System errors:

    =============

    Error: (02/18/2016 01:21:08 PM) (Source: DCOM) (EventID: 10016) (User: Leffan-HP)

    Description: datorstandardvärdeLokalAktivering{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Leffan-HPLeffanS-1-5-21-2436640913-3975503498-2043303906-1001LocalHost (med LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

     

    Error: (02/18/2016 01:21:07 PM) (Source: DCOM) (EventID: 10016) (User: Leffan-HP)

    Description: datorstandardvärdeLokalAktivering{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Leffan-HPLeffanS-1-5-21-2436640913-3975503498-2043303906-1001LocalHost (med LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

     

    Error: (02/18/2016 01:05:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

    Description: Tjänsten Windows Search kunde inte startas på grund av följande fel: 

    %%3

     

    Error: (02/18/2016 01:04:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

    Description: Tjänsten Synkroniseringsvärd_4b6dbd avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 10000 millisekunder: Starta om tjänsten.

     

    Error: (02/18/2016 01:04:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

    Description: Tjänsten Print Spooler avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 5000 millisekunder: Starta om tjänsten.

     

    Error: (02/18/2016 01:04:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

    Description: Tjänsten Message Queuing avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 120000 millisekunder: Starta om tjänsten.

     

    Error: (02/18/2016 01:04:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

    Description: Tjänsten Net.Pipe Lyssnaradapter avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 120000 millisekunder: Starta om tjänsten.

     

    Error: (02/18/2016 01:04:37 PM) (Source: WAS) (EventID: 5175) (User: )

    Description: Lyssnaradaptern som servar protokollet net.pipe kopplades oväntat bort.

     

    Error: (02/18/2016 01:04:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

    Description: Tjänsten Windows Modules Installer avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 120000 millisekunder: Starta om tjänsten.

     

    Error: (02/18/2016 01:04:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

    Description: Tjänsten Windows Search avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

     

     

    CodeIntegrity:

    ===================================

      Date: 2016-02-18 13:28:40.220

      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

     

      Date: 2016-02-18 13:28:40.214

      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

     

      Date: 2016-02-18 13:25:24.482

      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

     

      Date: 2016-02-18 13:25:24.476

      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

     

      Date: 2016-02-18 12:48:19.702

      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

     

      Date: 2016-02-18 12:48:19.695

      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

     

      Date: 2016-02-18 12:48:19.621

      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

     

      Date: 2016-02-18 12:48:19.613

      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

     

      Date: 2016-02-18 12:48:19.603

      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

     

      Date: 2016-02-18 12:48:08.651

      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

     

     

    ==================== Memory info =========================== 

     

    Processor: Intel® Core i7 CPU 860 @ 2.80GHz

    Percentage of memory in use: 26%

    Total physical RAM: 8151.07 MB

    Available physical RAM: 5969.16 MB

    Total Virtual: 16855.07 MB

    Available Virtual: 14593.68 MB

     

    ==================== Drives ================================

     

    Drive c: (OS) (Fixed) (Total:1383.85 GB) (Free:978.16 GB) NTFS

    Drive d: (HP_RECOVERY) (Fixed) (Total:12.88 GB) (Free:1.52 GB) NTFS ==>[system with boot components (obtained from drive)]

    Drive z: (På Emirates) (Fixed) (Total:931.51 GB) (Free:586.57 GB) NTFS

     

    ==================== MBR & Partition Table ==================

     

    ========================================================

    Disk: 0 (Size: 1397.3 GB) (Disk ID: 6E198BB1)

    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

    Partition 2: (Not Active) - (Size=1383.8 GB) - (Type=07 NTFS)

    Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

    Partition 4: (Not Active) - (Size=12.9 GB) - (Type=07 NTFS)

     

    ========================================================

    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 57BA3405)

    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

     

    ==================== End of Addition.txt ============================


  8. Starta programmet Anteckningar.

    Kopiera alla rader i rutan:

    CreateRestorePoint:
    CloseProcesses:
    HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
    HKLM\...\Policies\Explorer: [NoInternetOpenWhith] 1
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
    BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    GroupPolicyScripts-x32: Restriction <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.babal.net/?gjj
    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} URL = 
    Toolbar: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> No Name - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} -  No File
    Handler: gopher - No CLSID Value
    FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
    FF HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Leffan\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
    CHR DefaultSearchURL: Profile 2 -> hxxp://yoursearching.com/web?type=ds&ts=1453735116&z=4a9e7198e19aef820e60986gfz0wccem9c4wbgdodz&from=free&uid=ST31500341AS_9VS46FW1&q={searchTerms}
    CHR DefaultSearchKeyword: Profile 2 -> yoursearching
    CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => No File
    CHR Plugin: (Java™ Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => No File
    CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => No File
    CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
    CHR Extension: (Google Wallet) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
    CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
    CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [dbehnicccappldhpklckppjcdhlhcpmj] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [idiadiegplldnjnnhjfcggldbkjokmmd] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
    R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO)
    R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO)
    S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()
    R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-11-03] ()
    S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO)
    R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.)
    S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.)
    R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.)
    S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [57928 2011-03-10] (Panda Security)
    S0 cffkog; System32\drivers\gatk.sys [X]
    U3 idsvc; no ImagePath
    U3 wpcsvc; no ImagePath
    2016-02-05 13:42 - 2016-02-06 05:15 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
    2016-02-05 13:42 - 2016-02-06 05:15 - 00003078 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan)
    2016-02-04 10:07 - 2016-02-05 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
    2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\Norton
    2016-01-25 09:22 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\AVAST Software
    2014-11-30 18:54 - 2014-11-30 12:41 - 1979240 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe
    Panda Cloud Antivirus (Version: 4.02.00.0000 - Panda Security) Hidden
    Task: {004BD1B3-5175-4FFF-8847-36552271C71A} - \Ad-Aware Antivirus Scheduled Scan -> No File <==== ATTENTION
    Task: {11DBE9C2-672A-4B9F-B337-91F4F6AECE6D} - System32\Tasks\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\irfanview_lang_svenska.exe -d C:\Users\Leffan\Desktop\Filhämtaren
    Task: {164D37C2-FBAD-47B4-93B5-3062D9BB06C8} - System32\Tasks\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(1).exe -d C:\Users\Leffan\Desktop\Filhämtaren
    Task: {16847A77-A515-451B-AD81-A369021D3F38} - System32\Tasks\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75} => K:\autorunce.exe
    Task: {16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD} - System32\Tasks\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4} => K:\autorunce.exe
    Task: {1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7} - System32\Tasks\{A3E12639-911A-493D-8291-C43934499F4D} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35\MacDrive_Pro_9.0.3.35_en_Setup.exe -d C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35
    Task: {223310F3-934C-496C-A4FE-9810DEC59970} - System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => C:\ProgramData\UpdaterSrv\UpdaterSrv.exe [2015-11-27] () <==== ATTENTION
    Task: {2889796A-E8F9-4520-99FA-821415487847} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-4 -> No File <==== ATTENTION
    Task: {295C9287-7247-4241-A63A-13C569A31320} - System32\Tasks\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467} => K:\autorunce.exe
    Task: {29D5864E-025B-4966-A15A-DE22A64F2268} - System32\Tasks\{F1B96DF2-1E4B-4B84-B964-E431146708E6} => E:\SETUP.EXE
    Task: {30648DF9-E656-4A7A-89E0-13E228B8D121} - System32\Tasks\{AC2E07DB-99E6-453D-AA25-78F464F22D37} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(2).exe -d C:\Users\Leffan\Desktop\Filhämtaren
    Task: {317ABD25-4807-4239-9D10-2E7091227F3E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-5 -> No File <==== ATTENTION
    Task: {356EBFDA-3CC2-4016-8ED7-636D5E28828E} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION
    Task: {3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284} - System32\Tasks\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB} => Z:\Panda Internet Security 2012 16.00\PANDAIS12PROMO1M.exe
    Task: {444E300E-8607-4E58-8F83-E6C10EB96832} - System32\Tasks\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001 => Chrome.exe 
    Task: {4D35091C-063F-4653-8089-D1F27F254E4A} - System32\Tasks\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734} => K:\autorunce.exe
    Task: {4EFDB5BD-5CF7-4748-A9BF-644E48425207} - System32\Tasks\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3} => E:\SETUP.EXE
    Task: {58C96A45-1DD1-4A30-8713-791B8136D6BC} - \060184C3-9766-46a0-B258-F4518A0B2633 -> No File <==== ATTENTION
    Task: {652D917A-B005-4661-AC63-65A9D11E503D} - \Trojan Killer -> No File <==== ATTENTION
    Task: {69EE0CD2-9496-49FC-A7BD-D1125394A0DB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-3 -> No File <==== ATTENTION
    Task: {6B448F61-307A-4135-AD66-6F550557B5DE} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-5 -> No File <==== ATTENTION
    Task: {6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-2 -> No File <==== ATTENTION
    Task: {74D6BFB7-14FC-4A5B-8098-40C8CC043052} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {77EB921A-148E-4F20-BA05-D35731BCCA98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {78039CD5-5495-42E4-BE47-5E3558F8B528} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-6 -> No File <==== ATTENTION
    Task: {85070D5E-1745-4C48-8902-71A36068310A} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-3 -> No File <==== ATTENTION
    Task: {898B9353-42B6-461F-82B1-7A6D54A86697} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {8EBC57F6-CD69-4FB0-A11D-E82261535D49} - System32\Tasks\{D296527F-224B-4CB7-8A65-6E8492A3448E} => E:\SETUP.EXE
    Task: {939CE0A3-F6DD-4A69-95CD-0E1B19588965} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-2 -> No File <==== ATTENTION
    Task: {AA8CC61F-0624-4AC9-89C5-F8AD72D82401} - \DealPlyUpdate -> No File <==== ATTENTION
    Task: {AADCE8B4-4F47-473C-84ED-6137DB7AC4F2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Reboot:
    

    och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

    Spara filen på skrivbordet med namnet fixlist.txt.

     

    Stäng av alla program.

    Starta FRST som finns på skrivbordet.

    Klicka på knappen Fix.

    Vänta tills programmet är klart.

    Om datorn inte startas om automatiskt så gör det själv.

     

    Programmet skapar en logg Fixlog.txt på skrivbordet.

    Klistra in innehållet i den i ditt svar.

    Fix result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
    Ran by Leffan (2016-02-17 11:53:10) Run:4
    Running from C:\Users\Leffan\Desktop
    Loaded Profiles: Leffan (Available Profiles: Leffan & DefaultAppPool)
    Boot Mode: Normal
    ==============================================
     
    fixlist content:
    *****************
    CreateRestorePoint:
    CloseProcesses:
    HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
    HKLM\...\Policies\Explorer: [NoInternetOpenWhith] 1
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
    BootExecute: autocheck autochk * ?????????????
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    GroupPolicyScripts-x32: Restriction <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.babal.net/?gjj
    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} URL = 
    Toolbar: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> No Name - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} -  No File
    Handler: gopher - No CLSID Value
    FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
    FF HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Leffan\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
    CHR DefaultSearchURL: Profile 2 -> hxxp://yoursearching.com/web?type=ds&ts=1453735116&z=4a9e7198e19aef820e60986gfz0wccem9c4wbgdodz&from=free&uid=ST31500341AS_9VS46FW1&q={searchTerms}
    CHR DefaultSearchKeyword: Profile 2 -> yoursearching
    CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => No File
    CHR Plugin: (Java™ Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => No File
    CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => No File
    CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
    CHR Extension: (Google Wallet) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
    CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
    CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [dbehnicccappldhpklckppjcdhlhcpmj] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [idiadiegplldnjnnhjfcggldbkjokmmd] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
    R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO)
    R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO)
    S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()
    R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-11-03] ()
    S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO)
    R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.)
    S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.)
    R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.)
    S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [57928 2011-03-10] (Panda Security)
    S0 cffkog; System32\drivers\gatk.sys [X]
    U3 idsvc; no ImagePath
    U3 wpcsvc; no ImagePath
    2016-02-05 13:42 - 2016-02-06 05:15 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
    2016-02-05 13:42 - 2016-02-06 05:15 - 00003078 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan)
    2016-02-04 10:07 - 2016-02-05 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
    2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\Norton
    2016-01-25 09:22 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\AVAST Software
    2014-11-30 18:54 - 2014-11-30 12:41 - 1979240 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe
    Panda Cloud Antivirus (Version: 4.02.00.0000 - Panda Security) Hidden
    Task: {004BD1B3-5175-4FFF-8847-36552271C71A} - \Ad-Aware Antivirus Scheduled Scan -> No File <==== ATTENTION
    Task: {11DBE9C2-672A-4B9F-B337-91F4F6AECE6D} - System32\Tasks\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\irfanview_lang_svenska.exe -d C:\Users\Leffan\Desktop\Filhämtaren
    Task: {164D37C2-FBAD-47B4-93B5-3062D9BB06C8} - System32\Tasks\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(1).exe -d C:\Users\Leffan\Desktop\Filhämtaren
    Task: {16847A77-A515-451B-AD81-A369021D3F38} - System32\Tasks\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75} => K:\autorunce.exe
    Task: {16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD} - System32\Tasks\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4} => K:\autorunce.exe
    Task: {1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7} - System32\Tasks\{A3E12639-911A-493D-8291-C43934499F4D} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35\MacDrive_Pro_9.0.3.35_en_Setup.exe -d C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35
    Task: {223310F3-934C-496C-A4FE-9810DEC59970} - System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => C:\ProgramData\UpdaterSrv\UpdaterSrv.exe [2015-11-27] () <==== ATTENTION
    Task: {2889796A-E8F9-4520-99FA-821415487847} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-4 -> No File <==== ATTENTION
    Task: {295C9287-7247-4241-A63A-13C569A31320} - System32\Tasks\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467} => K:\autorunce.exe
    Task: {29D5864E-025B-4966-A15A-DE22A64F2268} - System32\Tasks\{F1B96DF2-1E4B-4B84-B964-E431146708E6} => E:\SETUP.EXE
    Task: {30648DF9-E656-4A7A-89E0-13E228B8D121} - System32\Tasks\{AC2E07DB-99E6-453D-AA25-78F464F22D37} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(2).exe -d C:\Users\Leffan\Desktop\Filhämtaren
    Task: {317ABD25-4807-4239-9D10-2E7091227F3E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-5 -> No File <==== ATTENTION
    Task: {356EBFDA-3CC2-4016-8ED7-636D5E28828E} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION
    Task: {3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284} - System32\Tasks\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB} => Z:\Panda Internet Security 2012 16.00\PANDAIS12PROMO1M.exe
    Task: {444E300E-8607-4E58-8F83-E6C10EB96832} - System32\Tasks\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001 => Chrome.exe 
    Task: {4D35091C-063F-4653-8089-D1F27F254E4A} - System32\Tasks\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734} => K:\autorunce.exe
    Task: {4EFDB5BD-5CF7-4748-A9BF-644E48425207} - System32\Tasks\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3} => E:\SETUP.EXE
    Task: {58C96A45-1DD1-4A30-8713-791B8136D6BC} - \060184C3-9766-46a0-B258-F4518A0B2633 -> No File <==== ATTENTION
    Task: {652D917A-B005-4661-AC63-65A9D11E503D} - \Trojan Killer -> No File <==== ATTENTION
    Task: {69EE0CD2-9496-49FC-A7BD-D1125394A0DB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-3 -> No File <==== ATTENTION
    Task: {6B448F61-307A-4135-AD66-6F550557B5DE} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-5 -> No File <==== ATTENTION
    Task: {6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-2 -> No File <==== ATTENTION
    Task: {74D6BFB7-14FC-4A5B-8098-40C8CC043052} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {77EB921A-148E-4F20-BA05-D35731BCCA98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {78039CD5-5495-42E4-BE47-5E3558F8B528} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-6 -> No File <==== ATTENTION
    Task: {85070D5E-1745-4C48-8902-71A36068310A} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-3 -> No File <==== ATTENTION
    Task: {898B9353-42B6-461F-82B1-7A6D54A86697} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {8EBC57F6-CD69-4FB0-A11D-E82261535D49} - System32\Tasks\{D296527F-224B-4CB7-8A65-6E8492A3448E} => E:\SETUP.EXE
    Task: {939CE0A3-F6DD-4A69-95CD-0E1B19588965} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-2 -> No File <==== ATTENTION
    Task: {AA8CC61F-0624-4AC9-89C5-F8AD72D82401} - \DealPlyUpdate -> No File <==== ATTENTION
    Task: {AADCE8B4-4F47-473C-84ED-6137DB7AC4F2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Reboot:
    *****************
     
    Restore point was successfully created.
    Processes closed successfully.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value removed successfully
    HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInternetOpenWhith => value removed successfully
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value removed successfully
    "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
    HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
    hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
    C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
    C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
    C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
    C:\WINDOWS\SysWOW64\GroupPolicy\Machine => moved successfully
    "HKLM\SOFTWARE\Policies\Google" => key removed successfully
    "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
    "HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully
    "HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75CC006D-9CF6-4B1D-84CA-A8B8122B71FD}" => key removed successfully
    HKCR\CLSID\{75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} => key not found. 
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D554D8FC-B36D-4BB4-93DB-4A3394D505E3} => value removed successfully
    HKCR\CLSID\{D554D8FC-B36D-4BB4-93DB-4A3394D505E3} => key not found. 
    HKCR\PROTOCOLS\Handler\gopher => key not found. 
    Firefox "Keyword.URL" removed successfully
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Mozilla\Firefox\Extensions\\acewebextension_unlisted@acestream.org => value removed successfully
    Chrome DefaultSearchURL => removed successfully
    Chrome DefaultSearchKeyword => removed successfully
    C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => not found.
    C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => not found.
    C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => not found.
    C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => not found.
    C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf <==== ATTENTION => not found
    C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda <==== ATTENTION => not found
    "HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\adkocghdlgfalpfkdohnkeaknpmcejpo" => key removed successfully
    "HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\jpmkmilbnbcikglaaonnlcfboiniggbf" => key removed successfully
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\adkocghdlgfalpfkdohnkeaknpmcejpo" => key removed successfully
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dbehnicccappldhpklckppjcdhlhcpmj" => key removed successfully
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\idiadiegplldnjnnhjfcggldbkjokmmd" => key removed successfully
    "HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmkmilbnbcikglaaonnlcfboiniggbf" => key removed successfully
    cmdGuard => Unable to stop service.
    cmdGuard => service removed successfully
    cmdHlp => Unable to stop service.
    cmdHlp => service removed successfully
    cpudrv64 => service removed successfully
    fsbts => Unable to stop service.
    fsbts => service removed successfully
    inspect => service removed successfully
    NNSALPC => Unable to stop service.
    NNSALPC => service removed successfully
    NNSPIHSW => service removed successfully
    NNSPRV => Unable to stop service.
    NNSPRV => service removed successfully
    PSKMAD => service removed successfully
    cffkog => service not found.
    idsvc => service removed successfully
    wpcsvc => service not found.
    C:\WINDOWS\System32\Tasks\Driver Booster Scheduler => moved successfully
    C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan) => moved successfully
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 => moved successfully
    C:\ProgramData\Norton => moved successfully
    C:\ProgramData\AVAST Software => moved successfully
    C:\ProgramData\BavPro_Setup_Mini_GL1.exe => moved successfully
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8BA78FA6-E817-454C-9D32-8DE04404119E}\\SystemComponent => value removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{004BD1B3-5175-4FFF-8847-36552271C71A}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{004BD1B3-5175-4FFF-8847-36552271C71A}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Antivirus Scheduled Scan" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11DBE9C2-672A-4B9F-B337-91F4F6AECE6D}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11DBE9C2-672A-4B9F-B337-91F4F6AECE6D}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{164D37C2-FBAD-47B4-93B5-3062D9BB06C8}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{164D37C2-FBAD-47B4-93B5-3062D9BB06C8}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16847A77-A515-451B-AD81-A369021D3F38}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16847A77-A515-451B-AD81-A369021D3F38}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{A3E12639-911A-493D-8291-C43934499F4D} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3E12639-911A-493D-8291-C43934499F4D}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{223310F3-934C-496C-A4FE-9810DEC59970}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{223310F3-934C-496C-A4FE-9810DEC59970}" => key removed successfully
    C:\WINDOWS\System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Software\UpdaterSrv" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2889796A-E8F9-4520-99FA-821415487847}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2889796A-E8F9-4520-99FA-821415487847}" => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-4 => key not found. 
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{295C9287-7247-4241-A63A-13C569A31320}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{295C9287-7247-4241-A63A-13C569A31320}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29D5864E-025B-4966-A15A-DE22A64F2268}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29D5864E-025B-4966-A15A-DE22A64F2268}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{F1B96DF2-1E4B-4B84-B964-E431146708E6} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F1B96DF2-1E4B-4B84-B964-E431146708E6}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30648DF9-E656-4A7A-89E0-13E228B8D121}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30648DF9-E656-4A7A-89E0-13E228B8D121}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{AC2E07DB-99E6-453D-AA25-78F464F22D37} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AC2E07DB-99E6-453D-AA25-78F464F22D37}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{317ABD25-4807-4239-9D10-2E7091227F3E}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{317ABD25-4807-4239-9D10-2E7091227F3E}" => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-5 => key not found. 
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{356EBFDA-3CC2-4016-8ED7-636D5E28828E}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{356EBFDA-3CC2-4016-8ED7-636D5E28828E}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (SYSTEM)" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{444E300E-8607-4E58-8F83-E6C10EB96832}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{444E300E-8607-4E58-8F83-E6C10EB96832}" => key removed successfully
    C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001 => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D35091C-063F-4653-8089-D1F27F254E4A}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D35091C-063F-4653-8089-D1F27F254E4A}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EFDB5BD-5CF7-4748-A9BF-644E48425207}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EFDB5BD-5CF7-4748-A9BF-644E48425207}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{58C96A45-1DD1-4A30-8713-791B8136D6BC}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58C96A45-1DD1-4A30-8713-791B8136D6BC}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{652D917A-B005-4661-AC63-65A9D11E503D}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{652D917A-B005-4661-AC63-65A9D11E503D}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trojan Killer" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69EE0CD2-9496-49FC-A7BD-D1125394A0DB}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69EE0CD2-9496-49FC-A7BD-D1125394A0DB}" => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-3 => key not found. 
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B448F61-307A-4135-AD66-6F550557B5DE}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B448F61-307A-4135-AD66-6F550557B5DE}" => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-5 => key not found. 
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69}" => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-2 => key not found. 
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74D6BFB7-14FC-4A5B-8098-40C8CC043052}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74D6BFB7-14FC-4A5B-8098-40C8CC043052}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77EB921A-148E-4F20-BA05-D35731BCCA98}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77EB921A-148E-4F20-BA05-D35731BCCA98}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{78039CD5-5495-42E4-BE47-5E3558F8B528}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78039CD5-5495-42E4-BE47-5E3558F8B528}" => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-6 => key not found. 
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{85070D5E-1745-4C48-8902-71A36068310A}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85070D5E-1745-4C48-8902-71A36068310A}" => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-3 => key not found. 
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{898B9353-42B6-461F-82B1-7A6D54A86697}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{898B9353-42B6-461F-82B1-7A6D54A86697}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EBC57F6-CD69-4FB0-A11D-E82261535D49}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EBC57F6-CD69-4FB0-A11D-E82261535D49}" => key removed successfully
    C:\WINDOWS\System32\Tasks\{D296527F-224B-4CB7-8A65-6E8492A3448E} => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D296527F-224B-4CB7-8A65-6E8492A3448E}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{939CE0A3-F6DD-4A69-95CD-0E1B19588965}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{939CE0A3-F6DD-4A69-95CD-0E1B19588965}" => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-2 => key not found. 
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA8CC61F-0624-4AC9-89C5-F8AD72D82401}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA8CC61F-0624-4AC9-89C5-F8AD72D82401}" => key removed successfully
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => key not found. 
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AADCE8B4-4F47-473C-84ED-6137DB7AC4F2}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AADCE8B4-4F47-473C-84ED-6137DB7AC4F2}" => key removed successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
     
     
    The system needed a reboot.
     
    ==== End of Fixlog 11:54:06 ====

  9. C:\Users\All Users\InstallMate\{92AB2A58-E310-E82F-0AC4-AB32494808AE}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application

    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application cleaned by deleting

    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe a variant of Win32/Hao123.A potentially unwanted application cleaned by deleting

    C:\Program Files (x86)\Portable\Trojan Killer v2.1.5.0\trojankiller.exe a variant of Win32/1AntiVirus potentially unwanted application cleaned by deleting

    C:\Program Files (x86)\ringtonemaker_setup\ringtonemaker_setup\ringtonemaker_setup.exe a variant of Win32/InstallCore.ACZ potentially unwanted application cleaned by deleting

    C:\ProgramData\InstallMate\{92AB2A58-E310-E82F-0AC4-AB32494808AE}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application cleaned by deleting

    C:\Users\Leffan\AppData\Roaming\LCEFUOWD JS/Toolbar.Crossrider.C potentially unwanted application deleted

    C:\Users\Leffan\Desktop\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application deleted

    C:\Users\Leffan\Desktop\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application deleted

    C:\Users\Leffan\Desktop\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted

    C:\Windows\Installer\MSI3319.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSI3319.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSI3319.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Infrastructure.Utilities.dll a variant of MSIL/Toolbar.Linkury.T potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSI92B2.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSI92B2.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSI92B2.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSI92B2.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Infrastructure.Utilities.dll a variant of MSIL/Toolbar.Linkury.T potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSIE47C.tmp-\spbe.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSIE47C.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSIE47C.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSIE47C.tmp-\srbs.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSIE47C.tmp-\srbu.dll a variant of MSIL/Toolbar.Linkury.F potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSIE47C.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

    C:\Windows\Installer\MSIE47C.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application cleaned by deleting

    Z:\Program\FreemakeVideoConverter_4.1.4.1.exe Win32/OpenCandy potentially unsafe application deleted

    Z:\Program\SweetHome3D-4.3-windows-oc.exe Win32/OpenCandy potentially unsafe application deleted

    Z:\Program\NCH Switch Sound File Converter Plus v4.35 LAXiTY\switchsetup_engl.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted

    Z:\Väskan\Olika Prog\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application deleted

    Z:\Väskan\Olika Prog\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application deleted

    Z:\Väskan\Olika Prog\Trojan Killer v2.1.5.0 (1-click run)(registred)\Trojan Killer v2.1.5.0 (1-click run)(registred).exe a variant of Win32/1AntiVirus potentially unwanted application deleted

    Z:\Väskan\Program\FreeRingtoneMakerPlatinum.exe Win32/OpenCandy potentially unsafe application deleted

    Z:\Väskan\Program\RingToneMakerOC.exe Win32/OpenCandy potentially unsafe application deleted

    Z:\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application deleted

    Z:\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application deleted

    Z:\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted

  10. Du har laddat ner många program som kommer att vilja installera reklamprogram, så det är väldigt viktigt att du alltid läser noga under installationerna, väljer anpassad installation och väljer bort alla typer av extra program/tillägg.

    C:\Users\Leffan\Desktop\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application
    C:\Users\Leffan\Desktop\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application
    C:\Users\Leffan\Desktop\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application
    Z:\Program\FreemakeVideoConverter_4.1.4.1.exe Win32/OpenCandy potentially unsafe application
    Z:\Program\SweetHome3D-4.3-windows-oc.exe Win32/OpenCandy potentially unsafe application
    Z:\Program\NCH Switch Sound File Converter Plus v4.35 LAXiTY\switchsetup_engl.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
    Z:\Väskan\Olika Prog\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application
    Z:\Väskan\Olika Prog\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application
    Z:\Väskan\Olika Prog\Trojan Killer v2.1.5.0 (1-click run)(registred)\Trojan Killer v2.1.5.0 (1-click run)(registred).exe a variant of Win32/1AntiVirus potentially unwanted application
    Z:\Väskan\Program\FreeRingtoneMakerPlatinum.exe Win32/OpenCandy potentially unsafe application
    Z:\Väskan\Program\RingToneMakerOC.exe Win32/OpenCandy potentially unsafe application
    Z:\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application
    Z:\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application
    Z:\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application

     

     

    Då väntar jag på resultatet från punkt 2.

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
    Ran by Leffan (administrator) on LEFFAN-HP (17-02-2016 08:58:58)
    Running from C:\Users\Leffan\Desktop
    Loaded Profiles: Leffan (Available Profiles: Leffan & DefaultAppPool)
    Platform: Windows 10 Home (X64) Language: Svenska (Sverige)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    (Microsoft Corporation) C:\Windows\System32\mqsvc.exe
    (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
    () C:\Program Files\Everything\Everything.exe
    (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
    (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
    (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
    () C:\Program Files\Everything\Everything.exe
    (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
    (Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.4.9241.0_x64__8wekyb3d8bbwe\Solitaire.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\XboxIdp.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Microsoft Corporation) C:\Windows\System32\wimserv.exe
    (ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
    () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
    (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
     
     
    ==================== Registry (Whitelisted) ===========================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2016-02-01] (Realtek Semiconductor)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
    HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [iObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit)
    HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)
    HKLM-x32\...\Run: [stereoLinksInstall] => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [1100920 2015-10-13] (NVIDIA Corporation)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
    HKLM\...\Policies\Explorer: [NoInternetOpenWhith] 1
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [FileSearchy Pro] => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [1525248 2014-02-14] ()
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-30] (IObit)
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spotify Web Helper] => C:\Users\Leffan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-24] (Spotify Ltd)
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spotify] => C:\Users\Leffan\AppData\Roaming\Spotify\Spotify.exe [8316528 2016-01-24] (Spotify Ltd)
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\system: [DisableLockWorkstation] 0
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\system: [DisableChangePassword] 0
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
    BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀
    GroupPolicy: Restriction - Chrome <======= ATTENTION
    GroupPolicyScripts-x32: Restriction <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{4a1fad1a-0eef-41f8-8287-881a3ba3943c}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{bd71d21a-105f-4373-847e-0523c572c004}: [DhcpNameServer] 192.168.1.1
     
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130960216718203138&GUID=D6779D41-B3B3-4189-A7B5-3352496BC9CC
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.se/
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.babal.net/?gjj
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11ENUS/WOL_WCP
    SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKLM-x32 -> {215008E8-E834-48F6-8730-525AE55113C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0C10295D-0704-4F42-A489-093BF416CB9D} URL = hxxps://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} URL = 
    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {8505C2C0-B8ED-4612-86AC-134CD63DD49F} URL = hxxp://maps.google.se/maps?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {C14D3986-D040-4DE4-A13D-A3864D96A29B} URL = hxxps://www.google.com/search?q={searchTerms}
    BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-02-04] (Oracle Corporation)
    BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-02-04] (Oracle Corporation)
    Toolbar: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> No Name - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} -  No File
    DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: gopher - No CLSID Value
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default
    FF SelectedSearchEngine: Google
    FF Homepage: hxxps://www.google.se/
    FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
    FF NetworkProxy: "type", 0
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-02-04] ()
    FF Plugin: @java.com/DTPlugin,version=1.6.0_43 -> C:\Windows\system32\npdeployJava1.dll [2013-03-05] (Sun Microsystems, Inc.)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-02-04] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-22] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-02-04] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-02-04] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-2436640913-3975503498-2043303906-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leffan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
    FF Extension: Adblock Plus - C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
    FF HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Leffan\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
     
    Chrome: 
    =======
    CHR HomePage: Profile 2 -> hxxps://www.google.se/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8
    CHR StartupUrls: Profile 2 -> "hxxps://www.google.se/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8"
    CHR DefaultSearchURL: Profile 2 -> hxxp://yoursearching.com/web?type=ds&ts=1453735116&z=4a9e7198e19aef820e60986gfz0wccem9c4wbgdodz&from=free&uid=ST31500341AS_9VS46FW1&q={searchTerms}
    CHR DefaultSearchKeyword: Profile 2 -> yoursearching
    CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll => No File
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\pdf.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin2.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin3.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin4.dll => No File
    CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin5.dll => No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File
    CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\BankID\npBispBrowser.dll => No File
    CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => No File
    CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => No File
    CHR Plugin: (Java Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => No File
    CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    CHR Plugin: (Unity Player) - C:\Users\Leffan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => No File
    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => No File
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File
    CHR Profile: C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-30]
    CHR Extension: (YouTube) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-30]
    CHR Extension: (Sök på Google) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-30]
    CHR Extension: (Gmail) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-30]
    CHR Profile: C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2
    CHR Extension: (Sveriges Radio Spelare) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\agojbidllejeebbhcbonnlpodicladdk [2015-10-26]
    CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
    CHR Extension: (YouTube) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
    CHR Extension: (Adblock Plus) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
    CHR Extension: (Google Search) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
    CHR Extension: (Google Wallet) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
    CHR Extension: (Gmail) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
    CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
    CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [dbehnicccappldhpklckppjcdhlhcpmj] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [idiadiegplldnjnnhjfcggldbkjokmmd] - <no Path/update_url>
    CHR HKLM-x32\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
     
    ==================== Services (Whitelisted) ========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
    S3 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [File not signed]
    R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
    R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)
    S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
    R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [File not signed]
    S3 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
    R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [File not signed]
    S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [289792 2011-12-26] (Puran Software) [File not signed]
    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-02-01] (Realtek Semiconductor)
    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
     
    ===================== Drivers (Whitelisted) ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO)
    R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO)
    S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()
    S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
    R1 ElRawDisk; C:\WINDOWS\system32\drivers\ElRawDsk.sys [30752 2013-03-17] (EldoS Corporation)
    R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
    R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-11-03] ()
    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-24] (REALiX)
    S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO)
    S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
    S3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
    R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.)
    S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.)
    R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.)
    S3 NvStUSB; C:\Windows\system32\DRIVERS\nvstusb.sys [55912 2010-03-25] ()
    S3 PcdrNdisuio; C:\Windows\SysWow64\drivers\pcdrndisuio.sys [26096 2010-01-19] (Windows ® Codename Longhorn DDK provider)
    S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [57928 2011-03-10] (Panda Security)
    R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
    R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-12-30] (Realtek                                            )
    R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
    R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-07] (Synaptics Incorporated)
    S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-12] (Anchorfree Inc.)
    S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
    R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
    S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
    R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
    R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
    U5 WmFilter; C:\Windows\System32\Drivers\WmFilter.sys [43976 2010-04-27] (Logitech Inc.)
    S0 cffkog; System32\drivers\gatk.sys [X]
    U3 idsvc; no ImagePath
    S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
    U3 wpcsvc; no ImagePath
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-02-17 08:58 - 2016-02-17 08:59 - 00025365 _____ C:\Users\Leffan\Desktop\FRST.txt
    2016-02-17 08:52 - 2016-02-17 08:52 - 00016148 _____ C:\WINDOWS\system32\LEFFAN-HP_Leffan_HistoryPrediction.bin
    2016-02-16 21:33 - 2016-02-16 21:33 - 00002490 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Leffan
    2016-02-16 21:33 - 2016-02-16 21:33 - 00000300 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Leffan.job
    2016-02-16 20:27 - 2016-02-16 20:27 - 00010018 _____ C:\Users\Leffan\Desktop\bra.txt
    2016-02-16 18:11 - 2015-10-13 16:26 - 00608048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
    2016-02-16 18:10 - 2016-02-16 18:11 - 00000000 ____D C:\WINDOWS\LastGood
    2016-02-16 18:10 - 2016-02-16 18:10 - 31523000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 24208056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 23001912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 18805920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 17721840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 16278496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 15301816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 14633232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 14047120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 13957976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 12907704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
    2016-02-16 18:10 - 2016-02-16 18:10 - 11379416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 11316168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 04254336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 03995320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 03246848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 02857536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 01917240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434192.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 01565368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434192.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 00953016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 00916152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 00912184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 00877752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2016-02-16 18:10 - 2016-02-16 18:10 - 00026155 _____ C:\WINDOWS\system32\nvinfo.pb
    2016-02-16 18:09 - 2016-02-16 18:09 - 00000000 ____D C:\Program Files (x86)\ESET
    2016-02-16 17:52 - 2016-02-02 23:47 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2016-02-16 17:52 - 2016-02-02 23:47 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2016-02-16 17:30 - 2016-02-16 17:30 - 00001048 _____ C:\Users\Leffan\Desktop\OK.txt
    2016-02-16 17:22 - 2016-02-16 17:22 - 00270928 _____ C:\WINDOWS\Minidump\021616-18828-01.dmp
    2016-02-16 17:03 - 2016-02-16 17:21 - 4252365016 _____ C:\WINDOWS\MEMORY.DMP
    2016-02-16 17:03 - 2016-02-16 17:03 - 00270928 _____ C:\WINDOWS\Minidump\021616-18421-01.dmp
    2016-02-16 16:54 - 2016-02-16 16:55 - 00001829 _____ C:\Users\Leffan\Desktop\Fixlog.txt
    2016-02-16 16:47 - 2016-02-16 16:47 - 00270928 _____ C:\WINDOWS\Minidump\021616-22515-01.dmp
    2016-02-16 16:37 - 2016-02-16 16:55 - 01508352 _____ C:\Users\Leffan\Desktop\adwcleaner_5.033.exe
    2016-02-16 13:54 - 2016-02-16 13:54 - 02370560 _____ (Farbar) C:\Users\Leffan\Desktop\FRST64.exe
    2016-02-12 12:41 - 2016-02-12 12:41 - 00104904 _____ C:\Users\Leffan\AppData\Local\GDIPFONTCACHEV1.DAT
    2016-02-11 11:17 - 2016-02-11 11:18 - 00000337 _____ C:\Users\Leffan\Desktop\Sport på TV Idag.url
    2016-02-10 23:54 - 2016-02-16 17:31 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Everything
    2016-02-06 10:09 - 2016-02-06 10:09 - 00000000 ____D C:\NPE
    2016-02-06 07:27 - 2016-02-06 07:27 - 00000254 __RSH C:\ProgramData\ntuser.pol
    2016-02-05 13:42 - 2016-02-06 05:15 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
    2016-02-05 13:42 - 2016-02-06 05:15 - 00003078 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan)
    2016-02-05 12:46 - 2016-02-05 12:46 - 00000000 ____D C:\Users\Public\Thunder Network
    2016-02-05 12:46 - 2016-02-05 12:46 - 00000000 ____D C:\ProgramData\Thunder Network
    2016-02-05 12:45 - 2016-02-05 12:45 - 00000000 ____D C:\OSTotoFolder
    2016-02-05 12:44 - 2016-02-05 12:53 - 00000000 ____D C:\Program Files (x86)\OSTotoSoft
    2016-02-04 10:19 - 2016-02-04 10:19 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2016-02-04 10:07 - 2016-02-05 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
    2016-02-02 14:15 - 2016-02-17 08:20 - 00001022 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-02-02 14:15 - 2016-02-16 17:23 - 00001018 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-02-01 08:43 - 2016-02-01 08:43 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
    2016-02-01 08:43 - 2016-02-01 08:43 - 04686592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
    2016-02-01 08:43 - 2016-02-01 08:43 - 04307112 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
    2016-02-01 08:43 - 2016-02-01 08:43 - 03282032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 03040488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
    2016-02-01 08:43 - 2016-02-01 08:43 - 02130584 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 02030208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 01601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 01356512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 01328496 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 01020208 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
    2016-02-01 08:43 - 2016-02-01 08:43 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
    2016-01-28 09:17 - 2016-02-16 16:29 - 00000455 _____ C:\Users\Leffan\Desktop\Swedbank.url
    2016-01-27 09:01 - 2016-01-27 09:01 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
    2016-01-27 09:01 - 2016-01-27 09:01 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2016-01-25 10:42 - 2016-02-12 12:32 - 00000000 ____D C:\Users\Leffan\AppData\Local\NPE
    2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\Norton
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-02-17 08:58 - 2014-04-18 08:32 - 00000000 ____D C:\FRST
    2016-02-17 08:52 - 2012-01-25 17:01 - 00000000 ____D C:\Users\Leffan\AppData\Local\CrashDumps
    2016-02-17 05:24 - 2013-11-15 18:42 - 00000000 ____D C:\ProgramData\ProductData
    2016-02-16 21:39 - 2010-10-23 15:32 - 00000000 ___RD C:\Users\Leffan\Desktop\Filhämtaren
    2016-02-16 18:52 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-02-16 18:51 - 2015-08-20 07:22 - 00000000 ___DC C:\WINDOWS\Panther
    2016-02-16 18:26 - 2015-10-30 20:02 - 00000000 ___HD C:\$WINDOWS.~BT
    2016-02-16 18:22 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
    2016-02-16 18:11 - 2015-08-20 06:31 - 00000000 ____D C:\ProgramData\NVIDIA
    2016-02-16 17:57 - 2015-04-16 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2016-02-16 17:56 - 2015-04-16 15:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2016-02-16 17:56 - 2015-04-16 15:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2016-02-16 17:51 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-02-16 17:51 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-02-16 17:49 - 2013-08-14 11:13 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-02-16 17:43 - 2010-10-23 15:57 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-02-16 17:22 - 2015-09-03 09:33 - 00000000 ____D C:\WINDOWS\Minidump
    2016-02-16 17:22 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-02-16 17:18 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
    2016-02-16 17:17 - 2015-03-04 13:08 - 00000000 ____D C:\AdwCleaner
    2016-02-16 17:11 - 2010-12-11 08:46 - 00000000 ___RD C:\Users\Leffan\Desktop\Väskan
    2016-02-16 09:13 - 2010-10-25 16:50 - 00000000 ____D C:\Users\Leffan\AppData\Local\ElevatedDiagnostics
    2016-02-16 08:50 - 2013-02-20 21:36 - 00000000 ___RD C:\Users\Leffan\Desktop\Till M Disk
    2016-02-15 23:05 - 2015-12-03 09:42 - 00000260 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_Leffan.job
    2016-02-15 17:56 - 2011-11-06 19:20 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\uTorrent
    2016-02-15 17:24 - 2015-08-20 06:33 - 02039452 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-02-15 17:24 - 2015-07-10 16:48 - 00841736 _____ C:\WINDOWS\system32\perfh01D.dat
    2016-02-15 17:24 - 2015-07-10 16:48 - 00191588 _____ C:\WINDOWS\system32\perfc01D.dat
    2016-02-15 10:05 - 2010-10-25 16:50 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\HpUpdate
    2016-02-13 09:59 - 2010-10-23 15:30 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Macromedia
    2016-02-13 08:30 - 2014-09-03 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2016-02-12 15:40 - 2015-09-17 07:19 - 00000000 ____D C:\Users\Leffan\Desktop\Ny Jobbmapp
    2016-02-12 12:27 - 2012-09-05 21:23 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Geek Uninstaller
    2016-02-12 08:22 - 2014-09-03 15:55 - 00001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2016-02-12 08:21 - 2016-01-04 08:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
    2016-02-11 13:04 - 2013-09-14 21:38 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\vlc
    2016-02-11 11:26 - 2011-08-21 09:03 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\dvdcss
    2016-02-11 08:23 - 2013-05-21 16:04 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-02-09 13:58 - 2016-01-12 13:02 - 00000000 ____D C:\Users\Leffan\AppData\Local\Spotify
    2016-02-09 13:57 - 2016-01-12 13:02 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Spotify
    2016-02-08 09:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
    2016-02-06 08:57 - 2014-09-03 10:08 - 00000000 ____D C:\Users\Leffan\Desktop\HockeyMapp
    2016-02-06 07:28 - 2010-07-29 09:31 - 00000000 ____D C:\ProgramData\Temp
    2016-02-06 07:27 - 2016-01-10 10:36 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
    2016-02-05 08:12 - 2012-04-01 17:24 - 00000868 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
    2016-02-04 10:26 - 2015-08-24 11:04 - 00000000 ____D C:\Users\DefaultAppPool
    2016-02-04 10:19 - 2015-08-20 04:12 - 00000000 ____D C:\Users\Leffan\.oracle_jre_usage
    2016-02-04 10:19 - 2014-08-08 05:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2016-02-04 10:19 - 2011-08-07 22:15 - 00000000 ____D C:\Program Files (x86)\Java
    2016-02-04 10:18 - 2015-02-16 12:30 - 00000000 ____D C:\ProgramData\Package Cache
    2016-02-04 10:07 - 2012-12-26 14:08 - 00000000 ____D C:\ProgramData\IObit
    2016-02-04 10:07 - 2012-12-26 14:01 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\IObit
    2016-02-04 10:07 - 2012-12-26 14:01 - 00000000 ____D C:\Program Files (x86)\IObit
    2016-02-02 14:15 - 2012-01-28 10:58 - 00004080 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-02-02 14:15 - 2012-01-28 10:58 - 00003848 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-02-01 08:43 - 2015-08-20 06:30 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2016-01-30 10:04 - 2015-08-20 07:10 - 00000000 ____D C:\inetpub
    2016-01-30 10:04 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\System
    2016-01-30 10:04 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
    2016-01-30 10:04 - 2015-04-21 13:49 - 00000000 ____D C:\Qoobox
    2016-01-30 10:04 - 2013-10-27 15:25 - 00000000 ____D C:\AllMySongs Database
    2016-01-30 10:04 - 2011-06-03 12:35 - 00000000 ____D C:\Program Files (x86)\QuickTime Alternative
    2016-01-30 10:04 - 2010-12-15 17:48 - 00000000 ____D C:\Program Files (x86)\Adobe
    2016-01-30 10:04 - 2010-10-27 17:47 - 00000000 ____D C:\Program Files (x86)\SopCast
    2016-01-30 10:04 - 2010-10-23 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
    2016-01-30 10:04 - 2010-07-29 09:32 - 00000000 ____D C:\Program Files (x86)\Hp
    2016-01-30 10:04 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
    2016-01-25 23:00 - 2015-08-20 06:34 - 00000000 ____D C:\Users\Leffan
    2016-01-25 18:51 - 2014-08-21 03:53 - 00000000 ____D C:\Users\Leffan\AppData\Local\Adobe
    2016-01-25 11:02 - 2012-11-11 20:40 - 01409024 _____ C:\Users\Leffan\Documents\Tillgångar.accdb
    2016-01-25 09:28 - 2014-10-13 15:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
    2016-01-25 09:22 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\AVAST Software
    2016-01-25 00:21 - 2010-10-23 15:09 - 00000448 _____ C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job
    2016-01-24 09:33 - 2010-11-06 14:14 - 00000000 ____D C:\ProgramData\MFAData
    2016-01-24 07:26 - 2016-01-12 13:02 - 00001843 _____ C:\Users\Leffan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
    2016-01-23 11:38 - 2011-02-09 22:36 - 00003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForLeffan
    2016-01-23 11:38 - 2011-02-09 22:36 - 00000336 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLeffan.job
    2016-01-21 12:32 - 2015-03-02 16:38 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\3E001880-1425314280-1016-826C-CD2F7FAD0E65
    2016-01-21 10:23 - 2014-09-03 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\HomeGroupUser$
    2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\Gäst
    2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\Administratör
    2016-01-20 11:13 - 2011-12-21 20:05 - 00000000 ____D C:\Users\UpdatusUser
    2016-01-20 11:13 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
     
    ==================== Files in the root of some directories =======
     
    2014-08-24 08:53 - 2014-07-03 12:10 - 0204752 _____ (Igor Pavlov) C:\Program Files (x86)\7zxa.dll
    2014-08-24 08:53 - 2014-07-03 12:10 - 0060368 _____ () C:\Program Files (x86)\Ace32Loader.exe
    2010-11-08 18:32 - 2014-06-06 16:29 - 0210432 _____ () C:\Program Files (x86)\Default.SFX
    2010-11-08 18:32 - 2014-06-06 16:29 - 0258560 _____ () C:\Program Files (x86)\Default64.SFX
    2010-11-08 18:32 - 2014-05-08 22:16 - 0000852 _____ () C:\Program Files (x86)\Descript.ion
    2010-11-08 18:32 - 2010-03-11 17:59 - 0000495 _____ () C:\Program Files (x86)\File_Id.diz
    2010-11-08 18:32 - 2014-06-10 12:12 - 0003268 _____ () C:\Program Files (x86)\Order.htm
    2010-11-08 18:32 - 2014-07-03 12:10 - 0523216 _____ (Alexander Roshal) C:\Program Files (x86)\Rar.exe
    2010-11-08 18:32 - 2014-05-18 13:00 - 0099263 _____ () C:\Program Files (x86)\Rar.txt
    2010-11-08 18:32 - 2014-07-03 12:10 - 0316880 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt.dll
    2014-08-24 08:53 - 2014-07-03 12:10 - 0266192 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt32.dll
    2010-11-08 18:32 - 2014-03-18 21:09 - 0001241 _____ () C:\Program Files (x86)\RarFiles.lst
    2010-11-08 18:32 - 2010-11-08 18:32 - 0000020 _____ () C:\Program Files (x86)\rarnew.dat
    2010-12-17 23:21 - 2010-12-17 22:54 - 0000474 _____ () C:\Program Files (x86)\rarreg.key
    2010-11-08 18:32 - 2013-01-11 18:13 - 0001284 _____ () C:\Program Files (x86)\ReadMe.txt
    2010-11-08 18:32 - 2010-03-11 17:59 - 0009232 _____ () C:\Program Files (x86)\TechNote.txt
    2014-08-24 08:53 - 2005-08-26 01:50 - 0077312 _____ () C:\Program Files (x86)\UNACEV2.DLL
    2010-11-08 18:32 - 2014-06-06 16:29 - 0000443 _____ () C:\Program Files (x86)\Uninstall.lst
    2010-11-08 18:32 - 2014-07-03 12:10 - 0329680 _____ (Alexander Roshal) C:\Program Files (x86)\UnRAR.exe
    2010-11-08 18:32 - 2005-05-12 17:02 - 0000090 _____ () C:\Program Files (x86)\UnrarSrc.txt
    2013-12-26 10:31 - 2013-12-26 10:31 - 0802136 _____ (BitTorrent Inc.) C:\Program Files (x86)\uTorrent.exe
    2010-11-08 18:32 - 2014-06-06 15:34 - 0044393 _____ () C:\Program Files (x86)\WhatsNew.txt
    2010-11-08 18:32 - 2014-06-06 16:29 - 0197632 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon.SFX
    2010-11-08 18:32 - 2014-06-06 16:29 - 0238592 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon64.SFX
    2010-11-08 18:32 - 2014-06-06 16:29 - 0297978 _____ () C:\Program Files (x86)\WinRAR.chm
    2010-11-08 18:32 - 2014-07-03 12:10 - 1479632 _____ (Alexander Roshal) C:\Program Files (x86)\WinRAR.exe
    2010-11-08 18:32 - 2014-06-06 16:29 - 0156672 _____ () C:\Program Files (x86)\Zip.SFX
    2010-11-08 18:32 - 2014-06-06 16:29 - 0180224 _____ () C:\Program Files (x86)\Zip64.SFX
    2010-11-08 18:32 - 2010-11-08 18:32 - 0000022 _____ () C:\Program Files (x86)\zipnew.dat
    2013-09-10 19:05 - 2013-11-13 21:55 - 0000000 _____ () C:\Users\Leffan\AppData\Roaming\bitlord_log.txt
    2010-12-30 12:22 - 2011-11-20 19:50 - 0000518 _____ () C:\Users\Leffan\AppData\Roaming\burnaware.ini
    2011-05-25 20:18 - 2011-09-14 20:11 - 0001854 _____ () C:\Users\Leffan\AppData\Roaming\GhostObjGAFix.xml
    2014-11-18 19:42 - 2014-11-18 19:43 - 0000498 _____ () C:\Users\Leffan\AppData\Roaming\WinInstallFlashLog.ini
    2014-10-10 07:55 - 2014-10-10 07:55 - 0003584 _____ () C:\Users\Leffan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2013-09-10 19:22 - 2013-09-10 19:22 - 0000218 _____ () C:\Users\Leffan\AppData\Local\recently-used.xbel
    2011-08-21 13:06 - 2015-09-13 09:28 - 0007630 _____ () C:\Users\Leffan\AppData\Local\Resmon.ResmonCfg
    2012-08-20 19:00 - 2012-08-20 19:00 - 0000000 _____ () C:\ProgramData\0x0304A000.sfl
    2015-10-20 07:47 - 2015-10-20 07:47 - 0045323 _____ () C:\ProgramData\1445323628.bdinstall.bin
    2015-10-20 07:57 - 2015-10-20 07:57 - 0045185 _____ () C:\ProgramData\1445324239.bdinstall.bin
    2015-10-20 09:35 - 2015-10-20 09:35 - 0045190 _____ () C:\ProgramData\1445330108.bdinstall.bin
    2013-11-23 08:56 - 2013-11-23 08:56 - 0000000 _____ () C:\ProgramData\242c35322e3c542039_c
    2014-11-30 18:54 - 2014-11-30 12:41 - 1979240 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe
    2014-10-02 10:36 - 2014-10-02 10:36 - 0000261 _____ () C:\ProgramData\fontcacheev1.dat
    2011-09-17 21:41 - 2011-09-17 21:46 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
    2013-06-10 21:18 - 2013-06-10 21:18 - 0000000 ____H () C:\ProgramData\rifmasterlic.lic
     
    Files to move or delete:
    ====================
    C:\ProgramData\BavPro_Setup_Mini_GL1.exe
    C:\ProgramData\fontcacheev1.dat
    C:\Users\Leffan\link.vbs
    C:\Users\Leffan\reg-bak.reg
     
     
    Some files in TEMP:
    ====================
    C:\Users\Leffan\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
    Ran by Leffan (2016-02-17 09:00:10)
    Running from C:\Users\Leffan\Desktop
    Windows 10 Home (X64) (2015-08-20 06:07:07)
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administratör (S-1-5-21-2436640913-3975503498-2043303906-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-2436640913-3975503498-2043303906-503 - Limited - Disabled)
    Gäst (S-1-5-21-2436640913-3975503498-2043303906-501 - Limited - Disabled)
    Leffan (S-1-5-21-2436640913-3975503498-2043303906-1001 - Administrator - Enabled) => C:\Users\Leffan
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: IObit Malware Fighter (Disabled - Out of date) {A751AC20-3B48-5237-898A-78C4436BB78D}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    µTorrent (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\uTorrent) (Version: 3.4.5.41073 - BitTorrent Inc.)
    64 Bit HP CIO Components Installer (Version: 17.2.1 - Hewlett-Packard) Hidden
    Adobe Acrobat Reader DC - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
    Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
    Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
    Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit)
    Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{AB71D51A-DD83-4C22-98E2-DF8CB803F65D}) (Version: 1.14.17.06729 - Alcor Micro Corp.)
    Alcor Micro USB Card Reader (x32 Version: 1.14.17.06729 - Alcor Micro Corp.) Hidden
    Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
    Apple-programstöd (32-bitar) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
    Apple-programstöd (64-bitar) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
    AVCWare Ringtone Maker (HKLM-x32\...\AVCWare Ringtone Maker) (Version: 2.0.5.20120712 - AVCWare)
    AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6172 - AVG Technologies)
    AVG 2015 (Version: 15.0.6172 - AVG Technologies) Hidden
    BankID säkerhetsprogram (HKLM-x32\...\{1BDBF557-BA87-438F-9B28-AE4D836E35BA}) (Version: 7.1.0.20 - Finansiell ID-Teknik BID AB)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version:  - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
    Compatibility Pack för Office 2007-systemet (HKLM-x32\...\{90120000-0020-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.)
    Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)
    DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)
    DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
    ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
    Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
    Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
    EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 2.7 - Poikosoft)
    Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
    FileSearchy Pro (HKLM-x32\...\FileSearchy Pro) (Version: 1.11 - Midlinesoft)
    FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
    FSS Google Maps Downloader version 2.0.8.1 (HKLM-x32\...\FSS Google Maps Downloader_is1) (Version: 2.0.8.1 - FreeSmartSoft)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
    Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
    Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.)
    HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
    HP MAINSTREAM KEYBOARD (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.4.3.0 - Hewlett-Packard)
    HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
    HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
    HP Product Detection (HKLM-x32\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP)
    HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
    HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard)
    HP Support Assistant (HKLM-x32\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company)
    HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
    HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
    HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
    HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)
    HTC Sync (HKLM-x32\...\{1F9E5C64-165D-4679-BBB3-498D216D017B}) (Version: 3.3.7 - HTC Corporation)
    HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.13.0 - HTC)
    Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
    IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.0 - IObit)
    IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.37 - IObit)
    IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
    IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
    IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.41 - Irfan Skiljan)
    iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
    Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
    Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.17 - Oracle Corporation)
    Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)
    Kursomvandlaren 1.0 (HKLM-x32\...\Kursomvandlaren) (Version: 1.0 - Kursomvandlaren.se)
    Leapic Audio Cutter 3.0 (HKLM-x32\...\Leapic Audio Cutter_is1) (Version:  - Leapic Software)
    LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_ENTERPRISE_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version:  - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_ENTERPRISE_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version:  - Microsoft)
    Microsoft Office PowerPoint Viewer 2007 (Swedish) (HKLM-x32\...\{95120000-00AF-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_ENTERPRISE_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version:  - Microsoft)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard)
    Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
    Mozilla Firefox 43.0.1 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 sv-SE)) (Version: 43.0.1 - Mozilla)
    Mozilla Firefox 44.0.2 (x64 sv-SE) (HKLM\...\Mozilla Firefox 44.0.2 (x64 sv-SE)) (Version: 44.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
    Nordea NCR1 Installationspaket (HKLM-x32\...\{CD9A35D4-8A81-4188-98AF-14D759083FB4}) (Version: 1.00.000 - Todos Data System AB)
    NVIDIA 3D Vision drivrutin 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)
    NVIDIA 3D Vision drivrutin för styrenhet 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.70 - NVIDIA Corporation)
    NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation)
    NVIDIA Grafikdrivrutin 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
    NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
    NVIDIA-uppdatering 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
    OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
    Panda Cloud Antivirus (Version: 4.02.00.0000 - Panda Security) Hidden
    PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    PopChar 6.0 (HKLM\...\ergonis PopChar_is1) (Version: 6.0 - Ergonis Software)
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.)
    Power2Go (x32 Version: 6.1.3810 - CyberLink Corp.) Hidden
    Privacy Eraser (HKLM\...\{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 4.4.0.1580 - Cybertron Software Co., Ltd.)
    PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
    QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
    QuickTime Alternative 3.1.1 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.1.1 - )
    Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.23.0 - Mediatek)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.30.1019.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.2719 - CyberLink Corp.) Hidden
    Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
    Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
    SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com)
    Spotify (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Spotify) (Version: 1.0.20.101.ge6957e14 - Spotify AB)
    SpringFiles (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\SpringFiles) (Version: 29.15.38 - hxxp://www.spring-file.com)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)
    Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
    System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
    UniPDF 1.0.5 (HKLM-x32\...\UniPDF) (Version: 1.0.5 - UniPDF.com)
    Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
    Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
    Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    CustomCLSID: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Leffan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {004BD1B3-5175-4FFF-8847-36552271C71A} - \Ad-Aware Antivirus Scheduled Scan -> No File <==== ATTENTION
    Task: {015D92BF-3905-4212-8E37-9573EF8946D3} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
    Task: {017E6A68-2D3A-4FA1-B9C4-489B1D3AE6D0} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-05-29] ()
    Task: {047C2F9F-5DEA-4650-B407-DC0512536094} - System32\Tasks\{5EC01EB6-9E5A-404A-99B8-6CF97B7ED3DD} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
    Task: {0809A89E-404A-4D5D-9B26-081576289B9C} - System32\Tasks\Cybertron\Privacy Eraser\SkipUAC_Leffan => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser.exe [2015-10-02] (Cybertron Software, Co., Ltd.)
    Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {0D55A894-4243-46AA-BE55-3FFB87D20595} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
    Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
    Task: {11DBE9C2-672A-4B9F-B337-91F4F6AECE6D} - System32\Tasks\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\irfanview_lang_svenska.exe -d C:\Users\Leffan\Desktop\Filhämtaren
    Task: {13353C5F-3569-4E84-A2EE-1A5DC2B78CEF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-16] (Microsoft Corporation)
    Task: {13802080-A435-460E-A8C8-EE026D9DF1F0} - System32\Tasks\{B1087BD8-E5F8-459E-BA42-82D7589A720E} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {1537EDA8-027A-4507-AC4E-93A4E0BFC640} - System32\Tasks\Driver Booster SkipUAC (Leffan) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-01-18] (IObit)
    Task: {164D37C2-FBAD-47B4-93B5-3062D9BB06C8} - System32\Tasks\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(1).exe -d C:\Users\Leffan\Desktop\Filhämtaren
    Task: {16847A77-A515-451B-AD81-A369021D3F38} - System32\Tasks\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75} => K:\autorunce.exe
    Task: {16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD} - System32\Tasks\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4} => K:\autorunce.exe
    Task: {1BE0B7D9-F640-4E4D-BF8A-D035646B5661} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
    Task: {1D3967CC-676A-486B-A20A-3DA07F5B7958} - System32\Tasks\{0FB8EBCC-9766-45A7-A303-D09B0B9BD45F} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7} - System32\Tasks\{A3E12639-911A-493D-8291-C43934499F4D} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35\MacDrive_Pro_9.0.3.35_en_Setup.exe -d C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35
    Task: {1EB96C60-F185-4B08-8DAD-F45E67717DD6} - System32\Tasks\Uninstaller_SkipUac_Leffan => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-10-30] (IObit)
    Task: {223310F3-934C-496C-A4FE-9810DEC59970} - System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => C:\ProgramData\UpdaterSrv\UpdaterSrv.exe [2015-11-27] () <==== ATTENTION
    Task: {2341FCA8-7C90-436F-8B08-84E93950E58A} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-10-30] (IObit)
    Task: {2575C29E-BA05-48B9-B0EF-6862BF8429B2} - System32\Tasks\{39A1BCC2-0D94-4E8E-8E99-434667EC37F3} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {27122E99-4230-4EE8-856C-CC8CD289A0AC} - System32\Tasks\{1E89BF2A-0738-4751-B74F-BCC148691285} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
    Task: {2889796A-E8F9-4520-99FA-821415487847} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-4 -> No File <==== ATTENTION
    Task: {295C9287-7247-4241-A63A-13C569A31320} - System32\Tasks\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467} => K:\autorunce.exe
    Task: {29990644-B79A-4F9B-B184-45225F368080} - System32\Tasks\{2FC1D531-7D62-49B0-92F6-4B6A33DC012C} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {29D5864E-025B-4966-A15A-DE22A64F2268} - System32\Tasks\{F1B96DF2-1E4B-4B84-B964-E431146708E6} => E:\SETUP.EXE
    Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
    Task: {30648DF9-E656-4A7A-89E0-13E228B8D121} - System32\Tasks\{AC2E07DB-99E6-453D-AA25-78F464F22D37} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(2).exe -d C:\Users\Leffan\Desktop\Filhämtaren
    Task: {30EEFFE7-99F8-4860-A81D-2AFAEDBE4098} - System32\Tasks\{998C7732-8855-4A08-BA4C-F1AA473C9E70} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {315B28B0-9835-4E3F-B81E-0E16ADEAA9C8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
    Task: {317ABD25-4807-4239-9D10-2E7091227F3E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-5 -> No File <==== ATTENTION
    Task: {32ABA5C1-E0ED-4BDF-86A9-C75D45B0BB89} - System32\Tasks\{BF677917-AD42-4C99-9564-FF7DBC764A70} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {33589691-0896-46B4-82DB-FA2BA62038EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
    Task: {356EBFDA-3CC2-4016-8ED7-636D5E28828E} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION
    Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
    Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
    Task: {3A32527B-676D-44D5-A90F-6BFEC2A4F8B3} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-10-06] (Oracle Corporation)
    Task: {3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284} - System32\Tasks\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB} => Z:\Panda Internet Security 2012 16.00\PANDAIS12PROMO1M.exe
    Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {420544F1-038F-40DC-BCED-EE3CA989F9F6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
    Task: {444C3CA9-1CE7-4575-9A68-6A1FDBB08DBB} - System32\Tasks\{20ECD2CE-4BE8-4120-86B6-DA4CED53A141} => pcalua.exe -a "J:\Program\Logitech Mus MX310\mw9791sve.exe" -d "J:\Program\Logitech Mus MX310"
    Task: {444E300E-8607-4E58-8F83-E6C10EB96832} - System32\Tasks\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001 => Chrome.exe 
    Task: {4D35091C-063F-4653-8089-D1F27F254E4A} - System32\Tasks\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734} => K:\autorunce.exe
    Task: {4D515E26-8912-4948-B044-54DA5F548274} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
    Task: {4D714B6F-CC7F-434B-B049-EC548F68FAF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {4E644A8D-2A48-4553-8495-CD9AC56C475A} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2010-02-02] (PC-Doctor, Inc.)
    Task: {4EFDB5BD-5CF7-4748-A9BF-644E48425207} - System32\Tasks\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3} => E:\SETUP.EXE
    Task: {58C96A45-1DD1-4A30-8713-791B8136D6BC} - \060184C3-9766-46a0-B258-F4518A0B2633 -> No File <==== ATTENTION
    Task: {5B252DF3-DD42-4593-8E1F-70DA4CD5C926} - System32\Tasks\HPCeeScheduleForLeffan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
    Task: {5C3682DC-00C4-42B6-BDF4-291CE450520B} - System32\Tasks\{F72B7057-8A2E-4A3A-B919-8BDB5F2C34D5} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {652D917A-B005-4661-AC63-65A9D11E503D} - \Trojan Killer -> No File <==== ATTENTION
    Task: {69EE0CD2-9496-49FC-A7BD-D1125394A0DB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-3 -> No File <==== ATTENTION
    Task: {6AEB90CA-E25E-4F7A-B6D0-7D1E6D95B5F8} - System32\Tasks\{3408CB37-2C67-46A7-928D-1F3F71DBEED5} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {6B448F61-307A-4135-AD66-6F550557B5DE} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-5 -> No File <==== ATTENTION
    Task: {6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-2 -> No File <==== ATTENTION
    Task: {74D6BFB7-14FC-4A5B-8098-40C8CC043052} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
    Task: {77EB921A-148E-4F20-BA05-D35731BCCA98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {78039CD5-5495-42E4-BE47-5E3558F8B528} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-6 -> No File <==== ATTENTION
    Task: {79321947-476E-4235-A7BA-1DFC4DD8FC9F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
    Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
    Task: {80D92798-093B-468D-B973-D733520C10F6} - System32\Tasks\ASC7U_SkipUac_Leffan => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe
    Task: {8230B32A-D160-4D4B-9895-9471C7F677A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
    Task: {85070D5E-1745-4C48-8902-71A36068310A} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-3 -> No File <==== ATTENTION
    Task: {87A22366-8990-43BA-9656-EB3D09BB8615} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-08-21] (IObit)
    Task: {898B9353-42B6-461F-82B1-7A6D54A86697} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {8B42502E-AF26-4A3D-AB75-BFDE38F8AF19} - System32\Tasks\{649C94FF-5E42-4F31-9F1C-CDDB2C654B8B} => pcalua.exe -a "C:\Program Files (x86)\AVS4YOU\Uninstall.exe"
    Task: {8E7FC1F8-9DB1-46F7-AF7B-71F743F23BC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {8EBC57F6-CD69-4FB0-A11D-E82261535D49} - System32\Tasks\{D296527F-224B-4CB7-8A65-6E8492A3448E} => E:\SETUP.EXE
    Task: {939CE0A3-F6DD-4A69-95CD-0E1B19588965} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-2 -> No File <==== ATTENTION
    Task: {93AA24D5-D9E4-469D-B51A-E507DFB86F5F} - System32\Tasks\{8696F1B7-7B49-4C88-86BE-E5436E6B9BE6} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\daemon-tools.exe -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {94725C4A-D8DC-4E84-AEC9-35897AA0FFD5} - System32\Tasks\{4A6B5362-1860-456A-8FAB-6FC474D30AD7} => pcalua.exe -a "C:\Windows\SysWOW64\Adobe\Shockwave 11\syminstallstub.exe" -d C:\Users\Leffan\Desktop -c /partnerid=adobe /productlist=nss /staging=false /debug /delay=0
    Task: {9A7CE315-F2C2-4B0B-8DA0-9CAF1E927ACA} - System32\Tasks\{8A0B35A7-C76F-4160-875B-0BB3716F167C} => pcalua.exe -a "C:\Users\Leffan\Desktop\Eget\Olika Prog\wmp11-windowsxp-x86-SV-SE.exe" -d "C:\Users\Leffan\Desktop\Eget\Olika Prog"
    Task: {9CD1E83E-15B1-4314-8AC2-A61E697DE0A4} - System32\Tasks\{1490BFE5-F5BB-46E0-B4CD-3438C4957884} => pcalua.exe -a E:\SETUP.EXE -d E:\
    Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
    Task: {9FD1CE56-EE7B-46D6-9B34-6DA76FB6DC3D} - System32\Tasks\{5B06E479-555D-4864-88DE-72A2B6FBB1FD} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {A16E9003-48D6-4F34-8636-B33F3D67537A} - System32\Tasks\{6EBDE3E0-2BE7-4C3C-B5E1-2605F8CB5563} => K:\autorunce.exe
    Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
    Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
    Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
    Task: {AA8CC61F-0624-4AC9-89C5-F8AD72D82401} - \DealPlyUpdate -> No File <==== ATTENTION
    Task: {AADCE8B4-4F47-473C-84ED-6137DB7AC4F2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
    Task: {B44DCCB2-CBCF-43CA-9AB4-DF65EEB3BDDD} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-1 -> No File <==== ATTENTION
    Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
    Task: {BA1D5441-965F-4AE2-B6B4-DE072B4F1248} - System32\Tasks\{7BB7C00D-46F6-4294-BD6C-567F503637BE} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {BCCF1E13-4ADA-4182-97D7-E996AD2B877E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {BDA71962-EA5D-4385-81B3-48EFF84EBB70} - \94A46359-5537-4201-BEFD-1EC63DFD0949 -> No File <==== ATTENTION
    Task: {BF83FDDD-7C67-489B-96E9-2F7FB75415A5} - System32\Tasks\ASC9_SkipUac_Leffan => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2015-11-30] (IObit)
    Task: {C0D0348D-C956-46A1-B30F-B57043226A65} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-7 -> No File <==== ATTENTION
    Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
    Task: {C6FA3A30-ECA9-4DD0-85B3-7845A3DD0CCB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-4 -> No File <==== ATTENTION
    Task: {C7B71700-04D1-4AEC-8975-2B954CF4CA3D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {C9482E4C-B40B-42BD-8020-2AAC7828AC83} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit)
    Task: {CD41C298-24DD-4BF6-9270-1017E4B9D929} - System32\Tasks\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => pcalua.exe -a Z:\SETUP.EXE -d Z:\
    Task: {D1A30C2B-02ED-4D75-8DDB-9D13BF40EC9E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-1 -> No File <==== ATTENTION
    Task: {D3DA3BE4-9D44-4387-9A8A-77A70F3DD1CD} - System32\Tasks\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\CloudAntivirus.exe -d C:\Users\Leffan\Desktop\Filhämtaren
    Task: {D41550B9-1CE4-4475-A57B-43C3155818D2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {D5202B90-EDB2-4155-A1EC-894D7B408267} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-04] (Adobe Systems Incorporated)
    Task: {D6BBD0A2-36BA-4F27-A243-E3D982AA8323} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
    Task: {D8638B38-356A-42C6-AA41-E91C12A2A6E8} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
    Task: {D98F64A5-ECB7-4D90-9CC0-A4EEBC4B262E} - System32\Tasks\FileSearchyPro_SkipUAC => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [2014-02-14] ()
    Task: {E3022D0E-ECFA-4AA9-A2A9-E563007E921C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {E47DC616-F79D-4ECC-A214-5E9F4131EE24} - System32\Tasks\{5BA75C5D-537E-401B-BB74-A1494BA2FCE4} => pcalua.exe -a "C:\Program Files (x86)\Personal\bin\persinst.exe" -d "C:\Program Files (x86)\Personal\bin"
    Task: {E48E7272-8EFE-40BA-8172-A9B5426507E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {E604A3F7-FC9F-4A15-B8C2-9EFFB0635A06} - System32\Tasks\Google Updater and Installer => C:\Users\Leffan\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: {E6423FD3-6C70-4406-81ED-A50E74108523} - \SpyHunter4Startup -> No File <==== ATTENTION
    Task: {E7E05EA5-8067-4E1E-8904-3B8FE7CE21BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {E886E1C4-44AE-44C1-87C7-9AAC8FB9DAA1} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
    Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {EA2197B3-EBEC-433D-9B3E-FEA775E25760} - System32\Tasks\{F7F5755D-563D-42D9-89E1-5872D836B8EB} => C:\Users\Leffan\Desktop\Eget\EuroC\setup.exe
    Task: {EC34AB08-DCA1-477E-A034-5DB7B65F6B87} - System32\Tasks\{D6F371CA-08A1-4B7E-9E2D-7585D37A4DC2} => K:\Program\CD-LP Skivor Cardfile\Cardfile.exe
    Task: {F29CE86A-3B32-4B44-A08F-964AF154EA4E} - System32\Tasks\{803EC8C1-976B-466E-8FEE-A1E65CA27538} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
    Task: {FAEA5001-7894-4392-AAEB-83E6A5C0C348} - System32\Tasks\{FF41CD49-FDD3-43FC-8C2F-819BCD47E52D} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
    Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
    Task: {FC8AF801-5C9D-4E5D-973B-D3A3F36DB387} - System32\Tasks\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => K:\autorunce.exe
    Task: {FFF387A5-D463-45F0-AFC4-5BA55C0A9685} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Leffan.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\HPCeeScheduleForLeffan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml
    Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Leffan.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     

  11. C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application

    C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe a variant of Win32/Hao123.A potentially unwanted application

    C:\Program Files (x86)\Portable\Trojan Killer v2.1.5.0\trojankiller.exe a variant of Win32/1AntiVirus potentially unwanted application

    C:\Program Files (x86)\ringtonemaker_setup\ringtonemaker_setup\ringtonemaker_setup.exe a variant of Win32/InstallCore.ACZ potentially unwanted application

    C:\ProgramData\InstallMate\{92AB2A58-E310-E82F-0AC4-AB32494808AE}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application

    C:\Users\All Users\InstallMate\{92AB2A58-E310-E82F-0AC4-AB32494808AE}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application

    C:\Users\Leffan\AppData\Roaming\LCEFUOWD JS/Toolbar.Crossrider.C potentially unwanted application

    C:\Users\Leffan\Desktop\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application

    C:\Users\Leffan\Desktop\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application

    C:\Users\Leffan\Desktop\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application

    C:\Windows\Installer\MSI3319.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application

    C:\Windows\Installer\MSI3319.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

    C:\Windows\Installer\MSI3319.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application

    C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application

    C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Infrastructure.Utilities.dll a variant of MSIL/Toolbar.Linkury.T potentially unwanted application

    C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application

    C:\Windows\Installer\MSI92B2.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

    C:\Windows\Installer\MSI92B2.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

    C:\Windows\Installer\MSI92B2.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

    C:\Windows\Installer\MSI92B2.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application

    C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application

    C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Infrastructure.Utilities.dll a variant of MSIL/Toolbar.Linkury.T potentially unwanted application

    C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application

    C:\Windows\Installer\MSIE47C.tmp-\spbe.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application

    C:\Windows\Installer\MSIE47C.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

    C:\Windows\Installer\MSIE47C.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

    C:\Windows\Installer\MSIE47C.tmp-\srbs.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application

    C:\Windows\Installer\MSIE47C.tmp-\srbu.dll a variant of MSIL/Toolbar.Linkury.F potentially unwanted application

    C:\Windows\Installer\MSIE47C.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

    C:\Windows\Installer\MSIE47C.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application

    Z:\Program\FreemakeVideoConverter_4.1.4.1.exe Win32/OpenCandy potentially unsafe application

    Z:\Program\SweetHome3D-4.3-windows-oc.exe Win32/OpenCandy potentially unsafe application

    Z:\Program\NCH Switch Sound File Converter Plus v4.35 LAXiTY\switchsetup_engl.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application

    Z:\Väskan\Olika Prog\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application

    Z:\Väskan\Olika Prog\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application

    Z:\Väskan\Olika Prog\Trojan Killer v2.1.5.0 (1-click run)(registred)\Trojan Killer v2.1.5.0 (1-click run)(registred).exe a variant of Win32/1AntiVirus potentially unwanted application

    Z:\Väskan\Program\FreeRingtoneMakerPlatinum.exe Win32/OpenCandy potentially unsafe application

    Z:\Väskan\Program\RingToneMakerOC.exe Win32/OpenCandy potentially unsafe application

    Z:\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application

    Z:\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application

    Z:\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application

  12. 1. Stäng alla program, inklusive webbläsare.

    Dubbelklicka på AdwCleaner för att starta programmet.

     

    Klicka på Scan-knappen.

    Vänta tills sökningen är klar.

     

    Klicka på Clean-knappen.

    Tryck på OK.

    Tryck på OK fler gånger om det kommer upp meddelanden.

     

    Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.

    En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

    Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s0].txt

     

     

    2. Starta FRST.

    Bocka för Addition.txt.

    Skanna med programmet och bifoga sen de två loggfilerna FRST.txt och Addition.txt.

     

     

    3. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.

    För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

     

    Välj alternativet Enable detection of potentially unwanted applications.

     

    Klicka på Advanced Settings.

    Ta bort bocken framför Remove found threats.

    Bocka för:

    Scan Archives

    Scan for potentially unsafe applications

    Enable Anti-Stealth Technology

     

    Klicka på Start

     

    När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

    Var på sidan hittar jag scanningsprogramet?


  13. # AdwCleaner v5.033 - Logfile created 16/02/2016 at 17:17:44

    # Updated 07/02/2016 by Xplode

    # Database : 2016-02-15.1 [server]

    # Operating system : Windows 10 Home  (x64)

    # Username : Leffan - LEFFAN-HP

    # Running from : C:\Users\Leffan\Desktop\adwcleaner_5.033.exe

    # Option : Cleaning


     

    ***** [ Services ] *****

     

     

    ***** [ Folders ] *****

     

    [-] Folder Deleted : C:\_acestream_cache_

    [-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\SpringFiles

    [-] Folder Deleted : C:\Users\Leffan\AppData\LocalLow\.acestream

    [-] Folder Deleted : C:\Users\Leffan\AppData\Roaming\.acestream

    [-] Folder Deleted : C:\Users\Leffan\AppData\Roaming\Easeware

     

    ***** [ Files ] *****

     

    [-] File Deleted : C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\searchplugins\yoursearching.xml

     

    ***** [ DLLs ] *****

     

     

    ***** [ Shortcuts ] *****

     

     

    ***** [ Scheduled tasks ] *****

     

     

    ***** [ Registry ] *****

     

    [-] Key Deleted : HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.0

    [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [TheHDvid-Codec V10-bg.exe]

    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aeea7232-07c1-4296-a0d5-5bb6efc76c16}

    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{231047C5-F7E9-45BE-9EFD-6E9BB6D59A9F}

    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{82443621-A29A-473E-8335-F5C958A7A4CA}

    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aeea7232-07c1-4296-a0d5-5bb6efc76c16}

    [-] Key Deleted : HKLM\SOFTWARE\yoursearchingSoftware

    [-] Key Deleted : HKLM\SOFTWARE\Caphyon

    [-] Key Deleted : HKCU\Software\Classes\.acestream

     

    ***** [ Web browsers ] *****

     

    [-] [C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename", "yoursearching");

     

    *************************

     

    :: "Tracing" keys removed

    :: Winsock settings cleared

     

    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2098 bytes] ##########

     


  14.  

    Ja, där finns det en proxyserver och en del reklamprogram, det kommer att behövas flera omgångar med åtgärder för att få bort det.
     
    1.
    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
    Är Spybot S&D avinstallerad och sen installerad på nytt med senaste versionen efter uppgraderingen till Windows 10?
     
     
    2. Starta programmet Anteckningar.

    Kopiera alla rader i rutan:

    CreateRestorePoint:
    CloseProcesses:
    HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Restriction - ProxySettings)
    ProxyEnable: [HKLM] => Proxy is enabled.
    ProxyEnable: [HKLM-x32] => Proxy is enabled.
    ProxyServer: [HKLM] => http=127.0.0.1:58039;https=127.0.0.1:58039
    ProxyServer: [HKLM-x32] => http=127.0.0.1:58039;https=127.0.0.1:58039
    AutoConfigURL: [HKLM] => http=127.0.0.1:58039;https=127.0.0.1:58039
    CMD: ipconfig /flushdns
    och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

    Spara filen på skrivbordet med namnet fixlist.txt.

     

    Stäng av alla program.

    Starta FRST som finns på skrivbordet.

    Klicka på knappen Fix.

    Vänta tills programmet är klart.

     
     
    3. Utan att starta om datorn spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

     

    Stäng alla program, inklusive webbläsare.

    Dubbelklicka på AdwCleaner för att starta programmet.

     

    Klicka på Scan-knappen.

    Vänta tills sökningen är klar.

    Klicka på knappen Log file.

    En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

    Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[R0].txt

     

     

    # AdwCleaner v5.033 - Logfile created 16/02/2016 at 16:55:58
    # Updated 07/02/2016 by Xplode
    # Database : 2016-02-15.1 [server]
    # Operating system : Windows 10 Home  (x64)
    # Username : Leffan - LEFFAN-HP
    # Running from : C:\Users\Leffan\Desktop\adwcleaner_5.033.exe
    # Option : Scan
     
    ***** [ Services ] *****
     
     
    ***** [ Folders ] *****
     
    Folder Found : C:\_acestream_cache_
    Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\SpringFiles
    Folder Found : C:\Users\Leffan\AppData\LocalLow\.acestream
    Folder Found : C:\Users\Leffan\AppData\Roaming\.acestream
    Folder Found : C:\Users\Leffan\AppData\Roaming\Easeware
     
    ***** [ Files ] *****
     
    File Found : C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\searchplugins\yoursearching.xml
     
    ***** [ DLL ] *****
     
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Scheduled tasks ] *****
     
     
    ***** [ Registry ] *****
     
    Key Found : HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.0
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [TheHDvid-Codec V10-bg.exe]
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aeea7232-07c1-4296-a0d5-5bb6efc76c16}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{231047C5-F7E9-45BE-9EFD-6E9BB6D59A9F}
    Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{82443621-A29A-473E-8335-F5C958A7A4CA}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aeea7232-07c1-4296-a0d5-5bb6efc76c16}
    Key Found : HKLM\SOFTWARE\yoursearchingSoftware
    Key Found : HKLM\SOFTWARE\Caphyon
    Key Found : HKCU\Software\Classes\.acestream
     
    ***** [ Web browsers ] *****
     
    [C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\prefs.js] [Preference] Found : user_pref("browser.search.defaultenginename", "yoursearching");
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1910 bytes] ##########
     

  15.  

    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016

    Ran by Leffan (administrator) on LEFFAN-HP (16-02-2016 13:54:54)

    Running from C:\Users\Leffan\Desktop\Filhämtaren

    Loaded Profiles: Leffan (Available Profiles: Leffan & DefaultAppPool)

    Platform: Windows 10 Home (X64) Language: Svenska (Sverige)

    Internet Explorer Version 11 (Default browser: Chrome)

    Boot Mode: Normal


     

    ==================== Processes (Whitelisted) =================

     

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

     

    (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

    (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

    (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

    (Microsoft Corporation) C:\Windows\System32\mqsvc.exe

    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

    () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

    (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

    (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe

    (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe

    (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe

    (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

    (Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe

    (Microsoft Corporation) C:\Windows\System32\dllhost.exe

    (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe

    (Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.4.9241.0_x64__8wekyb3d8bbwe\Solitaire.exe

    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\XboxIdp.exe

    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe

    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

     

     

    ==================== Registry (Whitelisted) ===========================

     

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

     

    HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2016-02-01] (Realtek Semiconductor)

    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)

    HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)

    HKLM-x32\...\Run: [iObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit)

    HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)

    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

    HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1

    HKLM\...\Policies\Explorer: [NoInternetOpenWhith] 1

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [FileSearchy Pro] => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [1525248 2014-02-14] ()

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-30] (IObit)

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spotify Web Helper] => C:\Users\Leffan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-24] (Spotify Ltd)

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spotify] => C:\Users\Leffan\AppData\Roaming\Spotify\Spotify.exe [8316528 2016-01-24] (Spotify Ltd)

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\system: [DisableLockWorkstation] 0

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\system: [DisableChangePassword] 0

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

    BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀

    GroupPolicy: Restriction - Chrome <======= ATTENTION

    GroupPolicyScripts-x32: Restriction <======= ATTENTION

    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

     

    ==================== Internet (Whitelisted) ====================

     

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

     

    HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Restriction - ProxySettings)

    ProxyEnable: [HKLM] => Proxy is enabled.

    ProxyEnable: [HKLM-x32] => Proxy is enabled.

    ProxyServer: [HKLM] => http=127.0.0.1:58039;https=127.0.0.1:58039

    ProxyServer: [HKLM-x32] => http=127.0.0.1:58039;https=127.0.0.1:58039

    AutoConfigURL: [HKLM] => http=127.0.0.1:58039;https=127.0.0.1:58039

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    Tcpip\..\Interfaces\{4a1fad1a-0eef-41f8-8287-881a3ba3943c}: [DhcpNameServer] 192.168.1.1

    Tcpip\..\Interfaces\{bd71d21a-105f-4373-847e-0523c572c004}: [DhcpNameServer] 192.168.1.1

     

    Internet Explorer:

    ==================

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130960216718203138&GUID=D6779D41-B3B3-4189-A7B5-3352496BC9CC

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.se/

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.babal.net/?gjj

    HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11ENUS/WOL_WCP

    SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}

    SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}

    SearchScopes: HKLM-x32 -> {215008E8-E834-48F6-8730-525AE55113C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

    SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

    SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}

    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox

    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}

    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox

    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0C10295D-0704-4F42-A489-093BF416CB9D} URL = hxxps://www.google.com/search?q={searchTerms}

    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} URL = 

    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {8505C2C0-B8ED-4612-86AC-134CD63DD49F} URL = hxxp://maps.google.se/maps?q={searchTerms}

    SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {C14D3986-D040-4DE4-A13D-A3864D96A29B} URL = hxxps://www.google.com/search?q={searchTerms}

    BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-02-04] (Oracle Corporation)

    BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-02-04] (Oracle Corporation)

    Toolbar: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> No Name - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} -  No File

    DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    Handler: gopher - No CLSID Value

     

    FireFox:

    ========

    FF ProfilePath: C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default

    FF DefaultSearchEngine: yoursearching

    FF SelectedSearchEngine: Google

    FF Homepage: hxxps://www.google.se/

    FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006

    FF NetworkProxy: "type", 0

    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-02-04] ()

    FF Plugin: @java.com/DTPlugin,version=1.6.0_43 -> C:\Windows\system32\npdeployJava1.dll [2013-03-05] (Sun Microsystems, Inc.)

    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)

    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-02-04] ()

    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-22] (Adobe Systems, Inc.)

    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()

    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)

    FF Plugin-x32: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-02-04] (Oracle Corporation)

    FF Plugin-x32: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-02-04] (Oracle Corporation)

    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)

    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-17] (NVIDIA Corporation)

    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-17] (NVIDIA Corporation)

    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

    FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

    FF Plugin HKU\S-1-5-21-2436640913-3975503498-2043303906-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leffan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)

    FF SearchPlugin: C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\searchplugins\yoursearching.xml [2016-01-25]

    FF Extension: Adblock Plus - C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]

    FF HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Leffan\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found

     

    Chrome: 

    =======

    CHR HomePage: Profile 2 -> hxxps://www.google.se/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8

    CHR StartupUrls: Profile 2 -> "hxxps://www.google.se/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8"

    CHR DefaultSearchURL: Profile 2 -> hxxp://yoursearching.com/web?type=ds&ts=1453735116&z=4a9e7198e19aef820e60986gfz0wccem9c4wbgdodz&from=free&uid=ST31500341AS_9VS46FW1&q={searchTerms}

    CHR DefaultSearchKeyword: Profile 2 -> yoursearching

    CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll => No File

    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll ()

    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\pdf.dll => No File

    CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin.dll => No File

    CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin2.dll => No File

    CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin3.dll => No File

    CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin4.dll => No File

    CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin5.dll => No File

    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File

    CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\BankID\npBispBrowser.dll => No File

    CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => No File

    CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => No File

    CHR Plugin: (Java Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => No File

    CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

    CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

    CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

    CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

    CHR Plugin: (Unity Player) - C:\Users\Leffan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

    CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => No File

    CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => No File

    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File

    CHR Profile: C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default

    CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-30]

    CHR Extension: (YouTube) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-30]

    CHR Extension: (Sök på Google) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-30]

    CHR Extension: (Gmail) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-30]

    CHR Profile: C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2

    CHR Extension: (Sveriges Radio Spelare) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\agojbidllejeebbhcbonnlpodicladdk [2015-10-26]

    CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION

    CHR Extension: (YouTube) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]

    CHR Extension: (Adblock Plus) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]

    CHR Extension: (Google Search) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]

    CHR Extension: (Google Wallet) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION

    CHR Extension: (Gmail) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]

    CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>

    CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>

    CHR HKLM-x32\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>

    CHR HKLM-x32\...\Chrome\Extension: [dbehnicccappldhpklckppjcdhlhcpmj] - <no Path/update_url>

    CHR HKLM-x32\...\Chrome\Extension: [idiadiegplldnjnnhjfcggldbkjokmmd] - <no Path/update_url>

    CHR HKLM-x32\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>

     

    ==================== Services (Whitelisted) ========================

     

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

     

    R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)

    S3 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [File not signed]

    R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)

    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)

    R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)

    S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]

    R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)

    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

    S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [File not signed]

    S3 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]

    S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [File not signed]

    S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [289792 2011-12-26] (Puran Software) [File not signed]

    R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-02-01] (Realtek Semiconductor)

    R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)

    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

     

    ===================== Drivers (Whitelisted) ==========================

     

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

     

    R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO)

    R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO)

    S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()

    S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)

    R1 ElRawDisk; C:\WINDOWS\system32\drivers\ElRawDsk.sys [30752 2013-03-17] (EldoS Corporation)

    R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)

    R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-11-03] ()

    R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-24] (REALiX)

    S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO)

    S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)

    R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)

    S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)

    S3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)

    R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.)

    S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.)

    R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.)

    S3 NvStUSB; C:\Windows\system32\DRIVERS\nvstusb.sys [55912 2010-03-25] ()

    S3 PcdrNdisuio; C:\Windows\SysWow64\drivers\pcdrndisuio.sys [26096 2010-01-19] (Windows ® Codename Longhorn DDK provider)

    S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [57928 2011-03-10] (Panda Security)

    R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)

    R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-12-30] (Realtek                                            )

    R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)

    R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-07] (Synaptics Incorporated)

    S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-12] (Anchorfree Inc.)

    S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()

    R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)

    S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)

    R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)

    R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)

    U5 WmFilter; C:\Windows\System32\Drivers\WmFilter.sys [43976 2010-04-27] (Logitech Inc.)

    S0 cffkog; System32\drivers\gatk.sys [X]

    U3 idsvc; no ImagePath

    S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]

    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

    U3 wpcsvc; no ImagePath

     

    ==================== NetSvcs (Whitelisted) ===================

     

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

     

     

    ==================== One Month Created files and folders ========

     

    (If an entry is included in the fixlist, the file/folder will be moved.)

     

    2016-02-16 13:13 - 2016-02-16 13:13 - 00016148 _____ C:\WINDOWS\system32\LEFFAN-HP_Leffan_HistoryPrediction.bin

    2016-02-15 10:25 - 2016-02-15 10:25 - 00002490 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Leffan

    2016-02-15 10:25 - 2016-02-15 10:25 - 00000300 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Leffan.job

    2016-02-12 12:41 - 2016-02-12 12:41 - 00104904 _____ C:\Users\Leffan\AppData\Local\GDIPFONTCACHEV1.DAT

    2016-02-11 11:17 - 2016-02-11 11:18 - 00000337 _____ C:\Users\Leffan\Desktop\Sport på TV Idag.url

    2016-02-11 08:12 - 2016-02-12 08:15 - 4252365016 _____ C:\WINDOWS\MEMORY.DMP

    2016-02-10 23:54 - 2016-02-15 23:05 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Everything

    2016-02-06 10:09 - 2016-02-06 10:09 - 00000000 ____D C:\NPE

    2016-02-06 07:27 - 2016-02-06 07:27 - 00000254 __RSH C:\ProgramData\ntuser.pol

    2016-02-05 13:42 - 2016-02-06 05:15 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler

    2016-02-05 13:42 - 2016-02-06 05:15 - 00003078 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan)

    2016-02-05 12:46 - 2016-02-05 12:46 - 00000000 ____D C:\Users\Public\Thunder Network

    2016-02-05 12:46 - 2016-02-05 12:46 - 00000000 ____D C:\ProgramData\Thunder Network

    2016-02-05 12:45 - 2016-02-05 12:45 - 00000000 ____D C:\OSTotoFolder

    2016-02-05 12:44 - 2016-02-05 12:53 - 00000000 ____D C:\Program Files (x86)\OSTotoSoft

    2016-02-04 10:19 - 2016-02-04 10:19 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

    2016-02-04 10:07 - 2016-02-05 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3

    2016-02-03 08:25 - 2016-02-03 08:25 - 00000389 _____ C:\Users\Leffan\Desktop\Streaming Länkar.txt

    2016-02-02 14:15 - 2016-02-16 13:20 - 00001022 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

    2016-02-02 14:15 - 2016-02-16 07:22 - 00001018 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

    2016-02-01 08:43 - 2016-02-01 08:43 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat

    2016-02-01 08:43 - 2016-02-01 08:43 - 04686592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys

    2016-02-01 08:43 - 2016-02-01 08:43 - 04307112 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT

    2016-02-01 08:43 - 2016-02-01 08:43 - 03282032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 03040488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl

    2016-02-01 08:43 - 2016-02-01 08:43 - 02130584 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 02030208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 01601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 01356512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 01328496 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 01020208 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll

    2016-02-01 08:43 - 2016-02-01 08:43 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll

    2016-01-28 09:17 - 2016-02-06 07:16 - 00000378 _____ C:\Users\Leffan\Desktop\Swedbank.url

    2016-01-27 09:01 - 2016-01-27 09:01 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

    2016-01-27 09:01 - 2016-01-27 09:01 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

    2016-01-25 10:42 - 2016-02-12 12:32 - 00000000 ____D C:\Users\Leffan\AppData\Local\NPE

    2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\Norton

     

    ==================== One Month Modified files and folders ========

     

    (If an entry is included in the fixlist, the file/folder will be moved.)

     

    2016-02-16 13:54 - 2014-04-18 08:32 - 00000000 ____D C:\FRST

    2016-02-16 13:54 - 2010-10-23 15:32 - 00000000 ___RD C:\Users\Leffan\Desktop\Filhämtaren

    2016-02-16 11:10 - 2012-01-25 17:01 - 00000000 ____D C:\Users\Leffan\AppData\Local\CrashDumps

    2016-02-16 09:13 - 2010-10-25 16:50 - 00000000 ____D C:\Users\Leffan\AppData\Local\ElevatedDiagnostics

    2016-02-16 08:50 - 2013-02-20 21:36 - 00000000 ___RD C:\Users\Leffan\Desktop\Till M Disk

    2016-02-16 07:20 - 2015-08-20 06:31 - 00000000 ____D C:\ProgramData\NVIDIA

    2016-02-16 07:20 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

    2016-02-15 23:05 - 2015-12-03 09:42 - 00000260 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_Leffan.job

    2016-02-15 23:05 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

    2016-02-15 20:41 - 2013-11-15 18:42 - 00000000 ____D C:\ProgramData\ProductData

    2016-02-15 17:56 - 2011-11-06 19:20 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\uTorrent

    2016-02-15 17:24 - 2015-08-20 06:33 - 02039452 _____ C:\WINDOWS\system32\PerfStringBackup.INI

    2016-02-15 17:24 - 2015-07-10 16:48 - 00841736 _____ C:\WINDOWS\system32\perfh01D.dat

    2016-02-15 17:24 - 2015-07-10 16:48 - 00191588 _____ C:\WINDOWS\system32\perfc01D.dat

    2016-02-15 17:24 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF

    2016-02-15 10:25 - 2015-12-13 15:26 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\.ACEStream

    2016-02-15 10:05 - 2010-10-25 16:50 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\HpUpdate

    2016-02-13 09:59 - 2010-10-23 15:30 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Macromedia

    2016-02-13 08:30 - 2014-09-03 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

    2016-02-12 15:40 - 2015-09-17 07:19 - 00000000 ____D C:\Users\Leffan\Desktop\Ny Jobbmapp

    2016-02-12 12:27 - 2015-09-03 09:33 - 00000000 ____D C:\WINDOWS\Minidump

    2016-02-12 12:27 - 2012-09-05 21:23 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Geek Uninstaller

    2016-02-12 08:22 - 2014-09-03 15:55 - 00001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

    2016-02-12 08:21 - 2016-01-04 08:56 - 00000000 ____D C:\Program Files\Mozilla Firefox

    2016-02-11 13:04 - 2013-09-14 21:38 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\vlc

    2016-02-11 11:26 - 2011-08-21 09:03 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\dvdcss

    2016-02-11 08:23 - 2013-05-21 16:04 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

    2016-02-09 13:58 - 2016-01-12 13:02 - 00000000 ____D C:\Users\Leffan\AppData\Local\Spotify

    2016-02-09 13:57 - 2016-01-12 13:02 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Spotify

    2016-02-08 09:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF

    2016-02-06 10:04 - 2010-12-11 08:46 - 00000000 ___RD C:\Users\Leffan\Desktop\Väskan

    2016-02-06 08:57 - 2014-09-03 10:08 - 00000000 ____D C:\Users\Leffan\Desktop\HockeyMapp

    2016-02-06 07:28 - 2010-07-29 09:31 - 00000000 ____D C:\ProgramData\Temp

    2016-02-06 07:27 - 2016-01-10 10:36 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster

    2016-02-05 08:12 - 2012-04-01 17:24 - 00000868 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

    2016-02-04 10:26 - 2015-08-24 11:04 - 00000000 ____D C:\Users\DefaultAppPool

    2016-02-04 10:19 - 2015-08-20 04:12 - 00000000 ____D C:\Users\Leffan\.oracle_jre_usage

    2016-02-04 10:19 - 2014-08-08 05:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

    2016-02-04 10:19 - 2011-08-07 22:15 - 00000000 ____D C:\Program Files (x86)\Java

    2016-02-04 10:18 - 2015-02-16 12:30 - 00000000 ____D C:\ProgramData\Package Cache

    2016-02-04 10:07 - 2012-12-26 14:08 - 00000000 ____D C:\ProgramData\IObit

    2016-02-04 10:07 - 2012-12-26 14:01 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\IObit

    2016-02-04 10:07 - 2012-12-26 14:01 - 00000000 ____D C:\Program Files (x86)\IObit

    2016-02-02 14:15 - 2012-01-28 10:58 - 00004080 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

    2016-02-02 14:15 - 2012-01-28 10:58 - 00003848 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

    2016-02-01 08:43 - 2015-08-20 06:30 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

    2016-01-30 10:04 - 2015-08-20 07:10 - 00000000 ____D C:\inetpub

    2016-01-30 10:04 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\System

    2016-01-30 10:04 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

    2016-01-30 10:04 - 2015-04-21 13:49 - 00000000 ____D C:\Qoobox

    2016-01-30 10:04 - 2013-10-27 15:25 - 00000000 ____D C:\AllMySongs Database

    2016-01-30 10:04 - 2011-06-03 12:35 - 00000000 ____D C:\Program Files (x86)\QuickTime Alternative

    2016-01-30 10:04 - 2010-12-15 17:48 - 00000000 ____D C:\Program Files (x86)\Adobe

    2016-01-30 10:04 - 2010-10-27 17:47 - 00000000 ____D C:\Program Files (x86)\SopCast

    2016-01-30 10:04 - 2010-10-23 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8

    2016-01-30 10:04 - 2010-07-29 09:32 - 00000000 ____D C:\Program Files (x86)\Hp

    2016-01-30 10:04 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games

    2016-01-25 23:00 - 2015-08-20 06:34 - 00000000 ____D C:\Users\Leffan

    2016-01-25 18:51 - 2014-08-21 03:53 - 00000000 ____D C:\Users\Leffan\AppData\Local\Adobe

    2016-01-25 11:02 - 2012-11-11 20:40 - 01409024 _____ C:\Users\Leffan\Documents\Tillgångar.accdb

    2016-01-25 09:28 - 2014-10-13 15:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

    2016-01-25 09:22 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\AVAST Software

    2016-01-25 00:21 - 2010-10-23 15:09 - 00000448 _____ C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job

    2016-01-24 09:33 - 2010-11-06 14:14 - 00000000 ____D C:\ProgramData\MFAData

    2016-01-24 07:26 - 2016-01-12 13:02 - 00001843 _____ C:\Users\Leffan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

    2016-01-23 11:38 - 2011-02-09 22:36 - 00003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForLeffan

    2016-01-23 11:38 - 2011-02-09 22:36 - 00000336 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLeffan.job

    2016-01-22 09:03 - 2015-12-07 09:14 - 00000000 ____D C:\WINDOWS\LastGood

    2016-01-21 12:32 - 2015-03-02 16:38 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\3E001880-1425314280-1016-826C-CD2F7FAD0E65

    2016-01-21 10:23 - 2014-09-03 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

    2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\HomeGroupUser$

    2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\Gäst

    2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\Administratör

    2016-01-20 11:13 - 2011-12-21 20:05 - 00000000 ____D C:\Users\UpdatusUser

    2016-01-20 11:13 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated

     

    ==================== Files in the root of some directories =======

     

    2014-08-24 08:53 - 2014-07-03 12:10 - 0204752 _____ (Igor Pavlov) C:\Program Files (x86)\7zxa.dll

    2014-08-24 08:53 - 2014-07-03 12:10 - 0060368 _____ () C:\Program Files (x86)\Ace32Loader.exe

    2010-11-08 18:32 - 2014-06-06 16:29 - 0210432 _____ () C:\Program Files (x86)\Default.SFX

    2010-11-08 18:32 - 2014-06-06 16:29 - 0258560 _____ () C:\Program Files (x86)\Default64.SFX

    2010-11-08 18:32 - 2014-05-08 22:16 - 0000852 _____ () C:\Program Files (x86)\Descript.ion

    2010-11-08 18:32 - 2010-03-11 17:59 - 0000495 _____ () C:\Program Files (x86)\File_Id.diz

    2010-11-08 18:32 - 2014-06-10 12:12 - 0003268 _____ () C:\Program Files (x86)\Order.htm

    2010-11-08 18:32 - 2014-07-03 12:10 - 0523216 _____ (Alexander Roshal) C:\Program Files (x86)\Rar.exe

    2010-11-08 18:32 - 2014-05-18 13:00 - 0099263 _____ () C:\Program Files (x86)\Rar.txt

    2010-11-08 18:32 - 2014-07-03 12:10 - 0316880 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt.dll

    2014-08-24 08:53 - 2014-07-03 12:10 - 0266192 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt32.dll

    2010-11-08 18:32 - 2014-03-18 21:09 - 0001241 _____ () C:\Program Files (x86)\RarFiles.lst

    2010-11-08 18:32 - 2010-11-08 18:32 - 0000020 _____ () C:\Program Files (x86)\rarnew.dat

    2010-12-17 23:21 - 2010-12-17 22:54 - 0000474 _____ () C:\Program Files (x86)\rarreg.key

    2010-11-08 18:32 - 2013-01-11 18:13 - 0001284 _____ () C:\Program Files (x86)\ReadMe.txt

    2010-11-08 18:32 - 2010-03-11 17:59 - 0009232 _____ () C:\Program Files (x86)\TechNote.txt

    2014-08-24 08:53 - 2005-08-26 01:50 - 0077312 _____ () C:\Program Files (x86)\UNACEV2.DLL

    2010-11-08 18:32 - 2014-06-06 16:29 - 0000443 _____ () C:\Program Files (x86)\Uninstall.lst

    2010-11-08 18:32 - 2014-07-03 12:10 - 0329680 _____ (Alexander Roshal) C:\Program Files (x86)\UnRAR.exe

    2010-11-08 18:32 - 2005-05-12 17:02 - 0000090 _____ () C:\Program Files (x86)\UnrarSrc.txt

    2013-12-26 10:31 - 2013-12-26 10:31 - 0802136 _____ (BitTorrent Inc.) C:\Program Files (x86)\uTorrent.exe

    2010-11-08 18:32 - 2014-06-06 15:34 - 0044393 _____ () C:\Program Files (x86)\WhatsNew.txt

    2010-11-08 18:32 - 2014-06-06 16:29 - 0197632 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon.SFX

    2010-11-08 18:32 - 2014-06-06 16:29 - 0238592 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon64.SFX

    2010-11-08 18:32 - 2014-06-06 16:29 - 0297978 _____ () C:\Program Files (x86)\WinRAR.chm

    2010-11-08 18:32 - 2014-07-03 12:10 - 1479632 _____ (Alexander Roshal) C:\Program Files (x86)\WinRAR.exe

    2010-11-08 18:32 - 2014-06-06 16:29 - 0156672 _____ () C:\Program Files (x86)\Zip.SFX

    2010-11-08 18:32 - 2014-06-06 16:29 - 0180224 _____ () C:\Program Files (x86)\Zip64.SFX

    2010-11-08 18:32 - 2010-11-08 18:32 - 0000022 _____ () C:\Program Files (x86)\zipnew.dat

    2013-09-10 19:05 - 2013-11-13 21:55 - 0000000 _____ () C:\Users\Leffan\AppData\Roaming\bitlord_log.txt

    2010-12-30 12:22 - 2011-11-20 19:50 - 0000518 _____ () C:\Users\Leffan\AppData\Roaming\burnaware.ini

    2011-05-25 20:18 - 2011-09-14 20:11 - 0001854 _____ () C:\Users\Leffan\AppData\Roaming\GhostObjGAFix.xml

    2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Leffan\AppData\Roaming\LCEFUOWD

    2014-11-18 19:42 - 2014-11-18 19:43 - 0000498 _____ () C:\Users\Leffan\AppData\Roaming\WinInstallFlashLog.ini

    2014-10-10 07:55 - 2014-10-10 07:55 - 0003584 _____ () C:\Users\Leffan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    2013-09-10 19:22 - 2013-09-10 19:22 - 0000218 _____ () C:\Users\Leffan\AppData\Local\recently-used.xbel

    2011-08-21 13:06 - 2015-09-13 09:28 - 0007630 _____ () C:\Users\Leffan\AppData\Local\Resmon.ResmonCfg

    2012-08-20 19:00 - 2012-08-20 19:00 - 0000000 _____ () C:\ProgramData\0x0304A000.sfl

    2015-10-20 07:47 - 2015-10-20 07:47 - 0045323 _____ () C:\ProgramData\1445323628.bdinstall.bin

    2015-10-20 07:57 - 2015-10-20 07:57 - 0045185 _____ () C:\ProgramData\1445324239.bdinstall.bin

    2015-10-20 09:35 - 2015-10-20 09:35 - 0045190 _____ () C:\ProgramData\1445330108.bdinstall.bin

    2013-11-23 08:56 - 2013-11-23 08:56 - 0000000 _____ () C:\ProgramData\242c35322e3c542039_c

    2014-11-30 18:54 - 2014-11-30 12:41 - 1979240 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe

    2014-10-02 10:36 - 2014-10-02 10:36 - 0000261 _____ () C:\ProgramData\fontcacheev1.dat

    2011-09-17 21:41 - 2011-09-17 21:46 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

    2013-06-10 21:18 - 2013-06-10 21:18 - 0000000 ____H () C:\ProgramData\rifmasterlic.lic

     

    Files to move or delete:

    ====================

    C:\ProgramData\BavPro_Setup_Mini_GL1.exe

    C:\ProgramData\fontcacheev1.dat

    C:\Users\Leffan\link.vbs

    C:\Users\Leffan\reg-bak.reg

     

     

    ==================== Bamital & volsnap =================

     

    (There is no automatic fix for files that do not pass verification.)

     

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed

    C:\WINDOWS\system32\wininit.exe => File is digitally signed

    C:\WINDOWS\explorer.exe => File is digitally signed

    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

    C:\WINDOWS\system32\svchost.exe => File is digitally signed

    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

    C:\WINDOWS\system32\services.exe => File is digitally signed

    C:\WINDOWS\system32\User32.dll => File is digitally signed

    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

    C:\WINDOWS\system32\userinit.exe => File is digitally signed

    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

    C:\WINDOWS\system32\rpcss.dll => File is digitally signed

    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

     

     

    LastRegBack: 2016-02-08 09:10

     

    ==================== End of FRST.txt ============================


  16. Ja det är precis som Cecilia skriver så kan man få problem efteråt.

     

    Vad får du för resultat om du laddar ner Windows Update Troubleshooter? 

    Programet hittade några fel och åtgärdade felen.

    Då kom följande upp :

    Kan inte ansluta till proxyservern

    Prova detta

    • Kontrollera att inte brandväggsinställningarna blockerar webbåtkomsten
    • Be systemadministratören om hjälp

  17. Hej!

     

    Vad har du för antivirusprogram, brandvägg och liknande?

    Om man har sådana program installerade när man gör uppgraderingen kan man få problem efteråt.

    Kör bara Windows Defender,  IObit malware fighter.

×
×
  • Skapa nytt...