Just nu i M3-nätverket
Gå till innehåll
Leffan55

Windows 10 update

Rekommendera Poster

Hej!

När jag uppgraderade från W7 till w10 home så kan

jag inte använda windows update ej heller microsoft edge.

När jag ska använda update står det följande :

"Det gick inte att ansluta online för att ladda ned uppdateringar. Vi försöker igen senare, eller så kan du försöka igen nu. Kontrollera att du är ansluten till Internet om det fortfarande inte fungerar"

 

Men det är inget fel på anslutningen. Vad göra ?

Leffan

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skriver du till eforum, startade den här tråden på W10 datorn ??

 

En annan möjlighet är att du ska se över dina  internetinställningar.

Kan du koppla upp dig mot internet med W10 datorn?

kan du köra cmd.exe och sedan köra

ping -n 5 eforum.idg.se    (går det fungerar din DNS server)

ping -n 5 164.40.179.146 (går detta men inte OVAN så har du fel på DNS-servern)

 

Kanske avvakta till imorgon och se om det löser sig.

MS servrar kan vara överbelastade.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej!

 

Vad har du för antivirusprogram, brandvägg och liknande?

Om man har sådana program installerade när man gör uppgraderingen kan man få problem efteråt.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej!

 

Vad har du för antivirusprogram, brandvägg och liknande?

Om man har sådana program installerade när man gör uppgraderingen kan man få problem efteråt.

Kör bara Windows Defender,  IObit malware fighter.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Ja det är precis som Cecilia skriver så kan man få problem efteråt.

 

Vad får du för resultat om du laddar ner Windows Update Troubleshooter? 

Programet hittade några fel och åtgärdade felen.

Då kom följande upp :

Kan inte ansluta till proxyservern

Prova detta

  • Kontrollera att inte brandväggsinställningarna blockerar webbåtkomsten
  • Be systemadministratören om hjälp

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Använder du mobilt bredband??

Det kan i så fall vara spärrat på nedladdningar som drar mobildata. Om du har detta så kolla under Inställningar och Enheter så finns ett litet reglage att ändra på en bit ned på sidan.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Kör bara Windows Defender,  IObit malware fighter.

Avinstallera IObit-programmet innan uppgraderingen nu.

 

 

Programet hittade några fel och åtgärdade felen.

Då kom följande upp :

Kan inte ansluta till proxyservern

Prova detta

  • Kontrollera att inte brandväggsinställningarna blockerar webbåtkomsten
  • Be systemadministratören om hjälp

 

Om datorn är inställd på att använda en proxyserver är det troligt att det finns (eller har funnits) besvärliga reklamprogram i datorn som har ställt in en falsk proxyserver och sådana stoppar ofta åtkomst till vissa webbplatser, framför allt för att förhindra åtkomst till sidor som kan hjälpa en att bli av med reklamprogrammet.

 

Jag föreslår en genomgång av datorn: //eforum.idg.se/topic/218337-till-dig-med-virus-eller-andra-skadliga-program-i-datorn/

Redigerad av Cecilia

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016

Ran by Leffan (administrator) on LEFFAN-HP (16-02-2016 13:54:54)

Running from C:\Users\Leffan\Desktop\Filhämtaren

Loaded Profiles: Leffan (Available Profiles: Leffan & DefaultAppPool)

Platform: Windows 10 Home (X64) Language: Svenska (Sverige)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe

(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe

(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.4.9241.0_x64__8wekyb3d8bbwe\Solitaire.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\XboxIdp.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2016-02-01] (Realtek Semiconductor)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)

HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)

HKLM-x32\...\Run: [iObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1

HKLM\...\Policies\Explorer: [NoInternetOpenWhith] 1

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [FileSearchy Pro] => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [1525248 2014-02-14] ()

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-30] (IObit)

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spotify Web Helper] => C:\Users\Leffan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-24] (Spotify Ltd)

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spotify] => C:\Users\Leffan\AppData\Roaming\Spotify\Spotify.exe [8316528 2016-01-24] (Spotify Ltd)

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\system: [DisableLockWorkstation] 0

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\system: [DisableChangePassword] 0

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀

GroupPolicy: Restriction - Chrome <======= ATTENTION

GroupPolicyScripts-x32: Restriction <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Restriction - ProxySettings)

ProxyEnable: [HKLM] => Proxy is enabled.

ProxyEnable: [HKLM-x32] => Proxy is enabled.

ProxyServer: [HKLM] => http=127.0.0.1:58039;https=127.0.0.1:58039

ProxyServer: [HKLM-x32] => http=127.0.0.1:58039;https=127.0.0.1:58039

AutoConfigURL: [HKLM] => http=127.0.0.1:58039;https=127.0.0.1:58039

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{4a1fad1a-0eef-41f8-8287-881a3ba3943c}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{bd71d21a-105f-4373-847e-0523c572c004}: [DhcpNameServer] 192.168.1.1

 

Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130960216718203138&GUID=D6779D41-B3B3-4189-A7B5-3352496BC9CC

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.se/

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.babal.net/?gjj

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11ENUS/WOL_WCP

SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}

SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}

SearchScopes: HKLM-x32 -> {215008E8-E834-48F6-8730-525AE55113C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0C10295D-0704-4F42-A489-093BF416CB9D} URL = hxxps://www.google.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} URL = 

SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {8505C2C0-B8ED-4612-86AC-134CD63DD49F} URL = hxxp://maps.google.se/maps?q={searchTerms}

SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {C14D3986-D040-4DE4-A13D-A3864D96A29B} URL = hxxps://www.google.com/search?q={searchTerms}

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-02-04] (Oracle Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-02-04] (Oracle Corporation)

Toolbar: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> No Name - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} -  No File

DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: gopher - No CLSID Value

 

FireFox:

========

FF ProfilePath: C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default

FF DefaultSearchEngine: yoursearching

FF SelectedSearchEngine: Google

FF Homepage: hxxps://www.google.se/

FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-02-04] ()

FF Plugin: @java.com/DTPlugin,version=1.6.0_43 -> C:\Windows\system32\npdeployJava1.dll [2013-03-05] (Sun Microsystems, Inc.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-02-04] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-22] (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-02-04] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-02-04] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-17] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-17] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-2436640913-3975503498-2043303906-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leffan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)

FF SearchPlugin: C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\searchplugins\yoursearching.xml [2016-01-25]

FF Extension: Adblock Plus - C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]

FF HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Leffan\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found

 

Chrome: 

=======

CHR HomePage: Profile 2 -> hxxps://www.google.se/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8

CHR StartupUrls: Profile 2 -> "hxxps://www.google.se/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8"

CHR DefaultSearchURL: Profile 2 -> hxxp://yoursearching.com/web?type=ds&ts=1453735116&z=4a9e7198e19aef820e60986gfz0wccem9c4wbgdodz&from=free&uid=ST31500341AS_9VS46FW1&q={searchTerms}

CHR DefaultSearchKeyword: Profile 2 -> yoursearching

CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll => No File

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\pdf.dll => No File

CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin.dll => No File

CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin2.dll => No File

CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin3.dll => No File

CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin4.dll => No File

CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin5.dll => No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File

CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\BankID\npBispBrowser.dll => No File

CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => No File

CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => No File

CHR Plugin: (Java Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => No File

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Unity Player) - C:\Users\Leffan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File

CHR Profile: C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-30]

CHR Extension: (YouTube) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-30]

CHR Extension: (Sök på Google) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-30]

CHR Extension: (Gmail) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-30]

CHR Profile: C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2

CHR Extension: (Sveriges Radio Spelare) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\agojbidllejeebbhcbonnlpodicladdk [2015-10-26]

CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION

CHR Extension: (YouTube) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]

CHR Extension: (Adblock Plus) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]

CHR Extension: (Google Search) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]

CHR Extension: (Google Wallet) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION

CHR Extension: (Gmail) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]

CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>

CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>

CHR HKLM-x32\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>

CHR HKLM-x32\...\Chrome\Extension: [dbehnicccappldhpklckppjcdhlhcpmj] - <no Path/update_url>

CHR HKLM-x32\...\Chrome\Extension: [idiadiegplldnjnnhjfcggldbkjokmmd] - <no Path/update_url>

CHR HKLM-x32\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>

 

==================== Services (Whitelisted) ========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)

S3 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [File not signed]

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)

R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)

S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]

R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [File not signed]

S3 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]

S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [File not signed]

S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [289792 2011-12-26] (Puran Software) [File not signed]

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-02-01] (Realtek Semiconductor)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO)

R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO)

S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()

S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)

R1 ElRawDisk; C:\WINDOWS\system32\drivers\ElRawDsk.sys [30752 2013-03-17] (EldoS Corporation)

R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)

R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-11-03] ()

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-24] (REALiX)

S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO)

S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)

S3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)

R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.)

S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.)

R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.)

S3 NvStUSB; C:\Windows\system32\DRIVERS\nvstusb.sys [55912 2010-03-25] ()

S3 PcdrNdisuio; C:\Windows\SysWow64\drivers\pcdrndisuio.sys [26096 2010-01-19] (Windows ® Codename Longhorn DDK provider)

S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [57928 2011-03-10] (Panda Security)

R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-12-30] (Realtek                                            )

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-07] (Synaptics Incorporated)

S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-12] (Anchorfree Inc.)

S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()

R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)

S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)

R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)

U5 WmFilter; C:\Windows\System32\Drivers\WmFilter.sys [43976 2010-04-27] (Logitech Inc.)

S0 cffkog; System32\drivers\gatk.sys [X]

U3 idsvc; no ImagePath

S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]

S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

U3 wpcsvc; no ImagePath

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-02-16 13:13 - 2016-02-16 13:13 - 00016148 _____ C:\WINDOWS\system32\LEFFAN-HP_Leffan_HistoryPrediction.bin

2016-02-15 10:25 - 2016-02-15 10:25 - 00002490 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Leffan

2016-02-15 10:25 - 2016-02-15 10:25 - 00000300 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Leffan.job

2016-02-12 12:41 - 2016-02-12 12:41 - 00104904 _____ C:\Users\Leffan\AppData\Local\GDIPFONTCACHEV1.DAT

2016-02-11 11:17 - 2016-02-11 11:18 - 00000337 _____ C:\Users\Leffan\Desktop\Sport på TV Idag.url

2016-02-11 08:12 - 2016-02-12 08:15 - 4252365016 _____ C:\WINDOWS\MEMORY.DMP

2016-02-10 23:54 - 2016-02-15 23:05 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Everything

2016-02-06 10:09 - 2016-02-06 10:09 - 00000000 ____D C:\NPE

2016-02-06 07:27 - 2016-02-06 07:27 - 00000254 __RSH C:\ProgramData\ntuser.pol

2016-02-05 13:42 - 2016-02-06 05:15 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler

2016-02-05 13:42 - 2016-02-06 05:15 - 00003078 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan)

2016-02-05 12:46 - 2016-02-05 12:46 - 00000000 ____D C:\Users\Public\Thunder Network

2016-02-05 12:46 - 2016-02-05 12:46 - 00000000 ____D C:\ProgramData\Thunder Network

2016-02-05 12:45 - 2016-02-05 12:45 - 00000000 ____D C:\OSTotoFolder

2016-02-05 12:44 - 2016-02-05 12:53 - 00000000 ____D C:\Program Files (x86)\OSTotoSoft

2016-02-04 10:19 - 2016-02-04 10:19 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2016-02-04 10:07 - 2016-02-05 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3

2016-02-03 08:25 - 2016-02-03 08:25 - 00000389 _____ C:\Users\Leffan\Desktop\Streaming Länkar.txt

2016-02-02 14:15 - 2016-02-16 13:20 - 00001022 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2016-02-02 14:15 - 2016-02-16 07:22 - 00001018 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2016-02-01 08:43 - 2016-02-01 08:43 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat

2016-02-01 08:43 - 2016-02-01 08:43 - 04686592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys

2016-02-01 08:43 - 2016-02-01 08:43 - 04307112 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT

2016-02-01 08:43 - 2016-02-01 08:43 - 03282032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 03040488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl

2016-02-01 08:43 - 2016-02-01 08:43 - 02130584 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 02030208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 01601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 01356512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 01328496 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 01020208 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll

2016-02-01 08:43 - 2016-02-01 08:43 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll

2016-01-28 09:17 - 2016-02-06 07:16 - 00000378 _____ C:\Users\Leffan\Desktop\Swedbank.url

2016-01-27 09:01 - 2016-01-27 09:01 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2016-01-27 09:01 - 2016-01-27 09:01 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2016-01-25 10:42 - 2016-02-12 12:32 - 00000000 ____D C:\Users\Leffan\AppData\Local\NPE

2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\Norton

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2016-02-16 13:54 - 2014-04-18 08:32 - 00000000 ____D C:\FRST

2016-02-16 13:54 - 2010-10-23 15:32 - 00000000 ___RD C:\Users\Leffan\Desktop\Filhämtaren

2016-02-16 11:10 - 2012-01-25 17:01 - 00000000 ____D C:\Users\Leffan\AppData\Local\CrashDumps

2016-02-16 09:13 - 2010-10-25 16:50 - 00000000 ____D C:\Users\Leffan\AppData\Local\ElevatedDiagnostics

2016-02-16 08:50 - 2013-02-20 21:36 - 00000000 ___RD C:\Users\Leffan\Desktop\Till M Disk

2016-02-16 07:20 - 2015-08-20 06:31 - 00000000 ____D C:\ProgramData\NVIDIA

2016-02-16 07:20 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2016-02-15 23:05 - 2015-12-03 09:42 - 00000260 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_Leffan.job

2016-02-15 23:05 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2016-02-15 20:41 - 2013-11-15 18:42 - 00000000 ____D C:\ProgramData\ProductData

2016-02-15 17:56 - 2011-11-06 19:20 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\uTorrent

2016-02-15 17:24 - 2015-08-20 06:33 - 02039452 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2016-02-15 17:24 - 2015-07-10 16:48 - 00841736 _____ C:\WINDOWS\system32\perfh01D.dat

2016-02-15 17:24 - 2015-07-10 16:48 - 00191588 _____ C:\WINDOWS\system32\perfc01D.dat

2016-02-15 17:24 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF

2016-02-15 10:25 - 2015-12-13 15:26 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\.ACEStream

2016-02-15 10:05 - 2010-10-25 16:50 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\HpUpdate

2016-02-13 09:59 - 2010-10-23 15:30 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Macromedia

2016-02-13 08:30 - 2014-09-03 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-02-12 15:40 - 2015-09-17 07:19 - 00000000 ____D C:\Users\Leffan\Desktop\Ny Jobbmapp

2016-02-12 12:27 - 2015-09-03 09:33 - 00000000 ____D C:\WINDOWS\Minidump

2016-02-12 12:27 - 2012-09-05 21:23 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Geek Uninstaller

2016-02-12 08:22 - 2014-09-03 15:55 - 00001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2016-02-12 08:21 - 2016-01-04 08:56 - 00000000 ____D C:\Program Files\Mozilla Firefox

2016-02-11 13:04 - 2013-09-14 21:38 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\vlc

2016-02-11 11:26 - 2011-08-21 09:03 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\dvdcss

2016-02-11 08:23 - 2013-05-21 16:04 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-02-09 13:58 - 2016-01-12 13:02 - 00000000 ____D C:\Users\Leffan\AppData\Local\Spotify

2016-02-09 13:57 - 2016-01-12 13:02 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Spotify

2016-02-08 09:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF

2016-02-06 10:04 - 2010-12-11 08:46 - 00000000 ___RD C:\Users\Leffan\Desktop\Väskan

2016-02-06 08:57 - 2014-09-03 10:08 - 00000000 ____D C:\Users\Leffan\Desktop\HockeyMapp

2016-02-06 07:28 - 2010-07-29 09:31 - 00000000 ____D C:\ProgramData\Temp

2016-02-06 07:27 - 2016-01-10 10:36 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster

2016-02-05 08:12 - 2012-04-01 17:24 - 00000868 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2016-02-04 10:26 - 2015-08-24 11:04 - 00000000 ____D C:\Users\DefaultAppPool

2016-02-04 10:19 - 2015-08-20 04:12 - 00000000 ____D C:\Users\Leffan\.oracle_jre_usage

2016-02-04 10:19 - 2014-08-08 05:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2016-02-04 10:19 - 2011-08-07 22:15 - 00000000 ____D C:\Program Files (x86)\Java

2016-02-04 10:18 - 2015-02-16 12:30 - 00000000 ____D C:\ProgramData\Package Cache

2016-02-04 10:07 - 2012-12-26 14:08 - 00000000 ____D C:\ProgramData\IObit

2016-02-04 10:07 - 2012-12-26 14:01 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\IObit

2016-02-04 10:07 - 2012-12-26 14:01 - 00000000 ____D C:\Program Files (x86)\IObit

2016-02-02 14:15 - 2012-01-28 10:58 - 00004080 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2016-02-02 14:15 - 2012-01-28 10:58 - 00003848 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2016-02-01 08:43 - 2015-08-20 06:30 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2016-01-30 10:04 - 2015-08-20 07:10 - 00000000 ____D C:\inetpub

2016-01-30 10:04 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\System

2016-01-30 10:04 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2016-01-30 10:04 - 2015-04-21 13:49 - 00000000 ____D C:\Qoobox

2016-01-30 10:04 - 2013-10-27 15:25 - 00000000 ____D C:\AllMySongs Database

2016-01-30 10:04 - 2011-06-03 12:35 - 00000000 ____D C:\Program Files (x86)\QuickTime Alternative

2016-01-30 10:04 - 2010-12-15 17:48 - 00000000 ____D C:\Program Files (x86)\Adobe

2016-01-30 10:04 - 2010-10-27 17:47 - 00000000 ____D C:\Program Files (x86)\SopCast

2016-01-30 10:04 - 2010-10-23 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8

2016-01-30 10:04 - 2010-07-29 09:32 - 00000000 ____D C:\Program Files (x86)\Hp

2016-01-30 10:04 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games

2016-01-25 23:00 - 2015-08-20 06:34 - 00000000 ____D C:\Users\Leffan

2016-01-25 18:51 - 2014-08-21 03:53 - 00000000 ____D C:\Users\Leffan\AppData\Local\Adobe

2016-01-25 11:02 - 2012-11-11 20:40 - 01409024 _____ C:\Users\Leffan\Documents\Tillgångar.accdb

2016-01-25 09:28 - 2014-10-13 15:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2016-01-25 09:22 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\AVAST Software

2016-01-25 00:21 - 2010-10-23 15:09 - 00000448 _____ C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job

2016-01-24 09:33 - 2010-11-06 14:14 - 00000000 ____D C:\ProgramData\MFAData

2016-01-24 07:26 - 2016-01-12 13:02 - 00001843 _____ C:\Users\Leffan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

2016-01-23 11:38 - 2011-02-09 22:36 - 00003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForLeffan

2016-01-23 11:38 - 2011-02-09 22:36 - 00000336 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLeffan.job

2016-01-22 09:03 - 2015-12-07 09:14 - 00000000 ____D C:\WINDOWS\LastGood

2016-01-21 12:32 - 2015-03-02 16:38 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\3E001880-1425314280-1016-826C-CD2F7FAD0E65

2016-01-21 10:23 - 2014-09-03 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\HomeGroupUser$

2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\Gäst

2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\Administratör

2016-01-20 11:13 - 2011-12-21 20:05 - 00000000 ____D C:\Users\UpdatusUser

2016-01-20 11:13 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated

 

==================== Files in the root of some directories =======

 

2014-08-24 08:53 - 2014-07-03 12:10 - 0204752 _____ (Igor Pavlov) C:\Program Files (x86)\7zxa.dll

2014-08-24 08:53 - 2014-07-03 12:10 - 0060368 _____ () C:\Program Files (x86)\Ace32Loader.exe

2010-11-08 18:32 - 2014-06-06 16:29 - 0210432 _____ () C:\Program Files (x86)\Default.SFX

2010-11-08 18:32 - 2014-06-06 16:29 - 0258560 _____ () C:\Program Files (x86)\Default64.SFX

2010-11-08 18:32 - 2014-05-08 22:16 - 0000852 _____ () C:\Program Files (x86)\Descript.ion

2010-11-08 18:32 - 2010-03-11 17:59 - 0000495 _____ () C:\Program Files (x86)\File_Id.diz

2010-11-08 18:32 - 2014-06-10 12:12 - 0003268 _____ () C:\Program Files (x86)\Order.htm

2010-11-08 18:32 - 2014-07-03 12:10 - 0523216 _____ (Alexander Roshal) C:\Program Files (x86)\Rar.exe

2010-11-08 18:32 - 2014-05-18 13:00 - 0099263 _____ () C:\Program Files (x86)\Rar.txt

2010-11-08 18:32 - 2014-07-03 12:10 - 0316880 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt.dll

2014-08-24 08:53 - 2014-07-03 12:10 - 0266192 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt32.dll

2010-11-08 18:32 - 2014-03-18 21:09 - 0001241 _____ () C:\Program Files (x86)\RarFiles.lst

2010-11-08 18:32 - 2010-11-08 18:32 - 0000020 _____ () C:\Program Files (x86)\rarnew.dat

2010-12-17 23:21 - 2010-12-17 22:54 - 0000474 _____ () C:\Program Files (x86)\rarreg.key

2010-11-08 18:32 - 2013-01-11 18:13 - 0001284 _____ () C:\Program Files (x86)\ReadMe.txt

2010-11-08 18:32 - 2010-03-11 17:59 - 0009232 _____ () C:\Program Files (x86)\TechNote.txt

2014-08-24 08:53 - 2005-08-26 01:50 - 0077312 _____ () C:\Program Files (x86)\UNACEV2.DLL

2010-11-08 18:32 - 2014-06-06 16:29 - 0000443 _____ () C:\Program Files (x86)\Uninstall.lst

2010-11-08 18:32 - 2014-07-03 12:10 - 0329680 _____ (Alexander Roshal) C:\Program Files (x86)\UnRAR.exe

2010-11-08 18:32 - 2005-05-12 17:02 - 0000090 _____ () C:\Program Files (x86)\UnrarSrc.txt

2013-12-26 10:31 - 2013-12-26 10:31 - 0802136 _____ (BitTorrent Inc.) C:\Program Files (x86)\uTorrent.exe

2010-11-08 18:32 - 2014-06-06 15:34 - 0044393 _____ () C:\Program Files (x86)\WhatsNew.txt

2010-11-08 18:32 - 2014-06-06 16:29 - 0197632 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon.SFX

2010-11-08 18:32 - 2014-06-06 16:29 - 0238592 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon64.SFX

2010-11-08 18:32 - 2014-06-06 16:29 - 0297978 _____ () C:\Program Files (x86)\WinRAR.chm

2010-11-08 18:32 - 2014-07-03 12:10 - 1479632 _____ (Alexander Roshal) C:\Program Files (x86)\WinRAR.exe

2010-11-08 18:32 - 2014-06-06 16:29 - 0156672 _____ () C:\Program Files (x86)\Zip.SFX

2010-11-08 18:32 - 2014-06-06 16:29 - 0180224 _____ () C:\Program Files (x86)\Zip64.SFX

2010-11-08 18:32 - 2010-11-08 18:32 - 0000022 _____ () C:\Program Files (x86)\zipnew.dat

2013-09-10 19:05 - 2013-11-13 21:55 - 0000000 _____ () C:\Users\Leffan\AppData\Roaming\bitlord_log.txt

2010-12-30 12:22 - 2011-11-20 19:50 - 0000518 _____ () C:\Users\Leffan\AppData\Roaming\burnaware.ini

2011-05-25 20:18 - 2011-09-14 20:11 - 0001854 _____ () C:\Users\Leffan\AppData\Roaming\GhostObjGAFix.xml

2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Leffan\AppData\Roaming\LCEFUOWD

2014-11-18 19:42 - 2014-11-18 19:43 - 0000498 _____ () C:\Users\Leffan\AppData\Roaming\WinInstallFlashLog.ini

2014-10-10 07:55 - 2014-10-10 07:55 - 0003584 _____ () C:\Users\Leffan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2013-09-10 19:22 - 2013-09-10 19:22 - 0000218 _____ () C:\Users\Leffan\AppData\Local\recently-used.xbel

2011-08-21 13:06 - 2015-09-13 09:28 - 0007630 _____ () C:\Users\Leffan\AppData\Local\Resmon.ResmonCfg

2012-08-20 19:00 - 2012-08-20 19:00 - 0000000 _____ () C:\ProgramData\0x0304A000.sfl

2015-10-20 07:47 - 2015-10-20 07:47 - 0045323 _____ () C:\ProgramData\1445323628.bdinstall.bin

2015-10-20 07:57 - 2015-10-20 07:57 - 0045185 _____ () C:\ProgramData\1445324239.bdinstall.bin

2015-10-20 09:35 - 2015-10-20 09:35 - 0045190 _____ () C:\ProgramData\1445330108.bdinstall.bin

2013-11-23 08:56 - 2013-11-23 08:56 - 0000000 _____ () C:\ProgramData\242c35322e3c542039_c

2014-11-30 18:54 - 2014-11-30 12:41 - 1979240 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe

2014-10-02 10:36 - 2014-10-02 10:36 - 0000261 _____ () C:\ProgramData\fontcacheev1.dat

2011-09-17 21:41 - 2011-09-17 21:46 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

2013-06-10 21:18 - 2013-06-10 21:18 - 0000000 ____H () C:\ProgramData\rifmasterlic.lic

 

Files to move or delete:

====================

C:\ProgramData\BavPro_Setup_Mini_GL1.exe

C:\ProgramData\fontcacheev1.dat

C:\Users\Leffan\link.vbs

C:\Users\Leffan\reg-bak.reg

 

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2016-02-08 09:10

 

==================== End of FRST.txt ============================

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Ja, där finns det en proxyserver och en del reklamprogram, det kommer att behövas flera omgångar med åtgärder för att få bort det.
 
1.
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Är Spybot S&D avinstallerad och sen installerad på nytt med senaste versionen efter uppgraderingen till Windows 10?
 
 
2. Starta programmet Anteckningar.
Kopiera alla rader i rutan:
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Restriction - ProxySettings)
ProxyEnable: [HKLM] => Proxy is enabled.
ProxyEnable: [HKLM-x32] => Proxy is enabled.
ProxyServer: [HKLM] => http=127.0.0.1:58039;https=127.0.0.1:58039
ProxyServer: [HKLM-x32] => http=127.0.0.1:58039;https=127.0.0.1:58039
AutoConfigURL: [HKLM] => http=127.0.0.1:58039;https=127.0.0.1:58039
CMD: ipconfig /flushdns
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.
Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.
 
 
3. Utan att starta om datorn spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på knappen Log file.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[R0].txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

 

Ja, där finns det en proxyserver och en del reklamprogram, det kommer att behövas flera omgångar med åtgärder för att få bort det.
 
1.
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Är Spybot S&D avinstallerad och sen installerad på nytt med senaste versionen efter uppgraderingen till Windows 10?
 
 
2. Starta programmet Anteckningar.

Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ATTENTION (Restriction - ProxySettings)
ProxyEnable: [HKLM] => Proxy is enabled.
ProxyEnable: [HKLM-x32] => Proxy is enabled.
ProxyServer: [HKLM] => http=127.0.0.1:58039;https=127.0.0.1:58039
ProxyServer: [HKLM-x32] => http=127.0.0.1:58039;https=127.0.0.1:58039
AutoConfigURL: [HKLM] => http=127.0.0.1:58039;https=127.0.0.1:58039
CMD: ipconfig /flushdns
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Stäng av alla program.

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

 
 
3. Utan att starta om datorn spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på knappen Log file.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[R0].txt

 

 

# AdwCleaner v5.033 - Logfile created 16/02/2016 at 16:55:58
# Updated 07/02/2016 by Xplode
# Database : 2016-02-15.1 [server]
# Operating system : Windows 10 Home  (x64)
# Username : Leffan - LEFFAN-HP
# Running from : C:\Users\Leffan\Desktop\adwcleaner_5.033.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
Folder Found : C:\_acestream_cache_
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\SpringFiles
Folder Found : C:\Users\Leffan\AppData\LocalLow\.acestream
Folder Found : C:\Users\Leffan\AppData\Roaming\.acestream
Folder Found : C:\Users\Leffan\AppData\Roaming\Easeware
 
***** [ Files ] *****
 
File Found : C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\searchplugins\yoursearching.xml
 
***** [ DLL ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.0
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [TheHDvid-Codec V10-bg.exe]
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aeea7232-07c1-4296-a0d5-5bb6efc76c16}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{231047C5-F7E9-45BE-9EFD-6E9BB6D59A9F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{82443621-A29A-473E-8335-F5C958A7A4CA}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aeea7232-07c1-4296-a0d5-5bb6efc76c16}
Key Found : HKLM\SOFTWARE\yoursearchingSoftware
Key Found : HKLM\SOFTWARE\Caphyon
Key Found : HKCU\Software\Classes\.acestream
 
***** [ Web browsers ] *****
 
[C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\prefs.js] [Preference] Found : user_pref("browser.search.defaultenginename", "yoursearching");
 
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1910 bytes] ##########
 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.

Klicka på Clean-knappen.
Tryck på OK.
Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s0].txt

 

 

2. Starta FRST.

Bocka för Addition.txt.

Skanna med programmet och bifoga sen de två loggfilerna FRST.txt och Addition.txt.

 

 

3. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Välj alternativet Enable detection of potentially unwanted applications.

Klicka på Advanced Settings.
Ta bort bocken framför Remove found threats.
Bocka för:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
# AdwCleaner v5.033 - Logfile created 16/02/2016 at 17:17:44

# Updated 07/02/2016 by Xplode

# Database : 2016-02-15.1 [server]

# Operating system : Windows 10 Home  (x64)

# Username : Leffan - LEFFAN-HP

# Running from : C:\Users\Leffan\Desktop\adwcleaner_5.033.exe

# Option : Cleaning


 

***** [ Services ] *****

 

 

***** [ Folders ] *****

 

[-] Folder Deleted : C:\_acestream_cache_

[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\SpringFiles

[-] Folder Deleted : C:\Users\Leffan\AppData\LocalLow\.acestream

[-] Folder Deleted : C:\Users\Leffan\AppData\Roaming\.acestream

[-] Folder Deleted : C:\Users\Leffan\AppData\Roaming\Easeware

 

***** [ Files ] *****

 

[-] File Deleted : C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\searchplugins\yoursearching.xml

 

***** [ DLLs ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

 

***** [ Registry ] *****

 

[-] Key Deleted : HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.0

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [TheHDvid-Codec V10-bg.exe]

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aeea7232-07c1-4296-a0d5-5bb6efc76c16}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{231047C5-F7E9-45BE-9EFD-6E9BB6D59A9F}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{82443621-A29A-473E-8335-F5C958A7A4CA}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aeea7232-07c1-4296-a0d5-5bb6efc76c16}

[-] Key Deleted : HKLM\SOFTWARE\yoursearchingSoftware

[-] Key Deleted : HKLM\SOFTWARE\Caphyon

[-] Key Deleted : HKCU\Software\Classes\.acestream

 

***** [ Web browsers ] *****

 

[-] [C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename", "yoursearching");

 

*************************

 

:: "Tracing" keys removed

:: Winsock settings cleared

 

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2098 bytes] ##########

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

1. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

 

Klicka på Clean-knappen.

Tryck på OK.

Tryck på OK fler gånger om det kommer upp meddelanden.

 

Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s0].txt

 

 

2. Starta FRST.

Bocka för Addition.txt.

Skanna med programmet och bifoga sen de två loggfilerna FRST.txt och Addition.txt.

 

 

3. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Välj alternativet Enable detection of potentially unwanted applications.

 

Klicka på Advanced Settings.

Ta bort bocken framför Remove found threats.

Bocka för:

Scan Archives

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Start

 

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Var på sidan hittar jag scanningsprogramet?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application

C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe a variant of Win32/Hao123.A potentially unwanted application

C:\Program Files (x86)\Portable\Trojan Killer v2.1.5.0\trojankiller.exe a variant of Win32/1AntiVirus potentially unwanted application

C:\Program Files (x86)\ringtonemaker_setup\ringtonemaker_setup\ringtonemaker_setup.exe a variant of Win32/InstallCore.ACZ potentially unwanted application

C:\ProgramData\InstallMate\{92AB2A58-E310-E82F-0AC4-AB32494808AE}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application

C:\Users\All Users\InstallMate\{92AB2A58-E310-E82F-0AC4-AB32494808AE}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application

C:\Users\Leffan\AppData\Roaming\LCEFUOWD JS/Toolbar.Crossrider.C potentially unwanted application

C:\Users\Leffan\Desktop\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application

C:\Users\Leffan\Desktop\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application

C:\Users\Leffan\Desktop\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application

C:\Windows\Installer\MSI3319.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application

C:\Windows\Installer\MSI3319.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

C:\Windows\Installer\MSI3319.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application

C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application

C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Infrastructure.Utilities.dll a variant of MSIL/Toolbar.Linkury.T potentially unwanted application

C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application

C:\Windows\Installer\MSI92B2.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

C:\Windows\Installer\MSI92B2.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

C:\Windows\Installer\MSI92B2.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

C:\Windows\Installer\MSI92B2.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application

C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application

C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Infrastructure.Utilities.dll a variant of MSIL/Toolbar.Linkury.T potentially unwanted application

C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application

C:\Windows\Installer\MSIE47C.tmp-\spbe.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application

C:\Windows\Installer\MSIE47C.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

C:\Windows\Installer\MSIE47C.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

C:\Windows\Installer\MSIE47C.tmp-\srbs.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application

C:\Windows\Installer\MSIE47C.tmp-\srbu.dll a variant of MSIL/Toolbar.Linkury.F potentially unwanted application

C:\Windows\Installer\MSIE47C.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application

C:\Windows\Installer\MSIE47C.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application

Z:\Program\FreemakeVideoConverter_4.1.4.1.exe Win32/OpenCandy potentially unsafe application

Z:\Program\SweetHome3D-4.3-windows-oc.exe Win32/OpenCandy potentially unsafe application

Z:\Program\NCH Switch Sound File Converter Plus v4.35 LAXiTY\switchsetup_engl.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application

Z:\Väskan\Olika Prog\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application

Z:\Väskan\Olika Prog\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application

Z:\Väskan\Olika Prog\Trojan Killer v2.1.5.0 (1-click run)(registred)\Trojan Killer v2.1.5.0 (1-click run)(registred).exe a variant of Win32/1AntiVirus potentially unwanted application

Z:\Väskan\Program\FreeRingtoneMakerPlatinum.exe Win32/OpenCandy potentially unsafe application

Z:\Väskan\Program\RingToneMakerOC.exe Win32/OpenCandy potentially unsafe application

Z:\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application

Z:\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application

Z:\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Du har laddat ner många program som kommer att vilja installera reklamprogram, så det är väldigt viktigt att du alltid läser noga under installationerna, väljer anpassad installation och väljer bort alla typer av extra program/tillägg.

C:\Users\Leffan\Desktop\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application
C:\Users\Leffan\Desktop\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application
C:\Users\Leffan\Desktop\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application
Z:\Program\FreemakeVideoConverter_4.1.4.1.exe Win32/OpenCandy potentially unsafe application
Z:\Program\SweetHome3D-4.3-windows-oc.exe Win32/OpenCandy potentially unsafe application
Z:\Program\NCH Switch Sound File Converter Plus v4.35 LAXiTY\switchsetup_engl.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
Z:\Väskan\Olika Prog\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application
Z:\Väskan\Olika Prog\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application
Z:\Väskan\Olika Prog\Trojan Killer v2.1.5.0 (1-click run)(registred)\Trojan Killer v2.1.5.0 (1-click run)(registred).exe a variant of Win32/1AntiVirus potentially unwanted application
Z:\Väskan\Program\FreeRingtoneMakerPlatinum.exe Win32/OpenCandy potentially unsafe application
Z:\Väskan\Program\RingToneMakerOC.exe Win32/OpenCandy potentially unsafe application
Z:\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application
Z:\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application
Z:\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application

 

 

Då väntar jag på resultatet från punkt 2.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Du har laddat ner många program som kommer att vilja installera reklamprogram, så det är väldigt viktigt att du alltid läser noga under installationerna, väljer anpassad installation och väljer bort alla typer av extra program/tillägg.

C:\Users\Leffan\Desktop\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application
C:\Users\Leffan\Desktop\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application
C:\Users\Leffan\Desktop\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application
Z:\Program\FreemakeVideoConverter_4.1.4.1.exe Win32/OpenCandy potentially unsafe application
Z:\Program\SweetHome3D-4.3-windows-oc.exe Win32/OpenCandy potentially unsafe application
Z:\Program\NCH Switch Sound File Converter Plus v4.35 LAXiTY\switchsetup_engl.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application
Z:\Väskan\Olika Prog\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application
Z:\Väskan\Olika Prog\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application
Z:\Väskan\Olika Prog\Trojan Killer v2.1.5.0 (1-click run)(registred)\Trojan Killer v2.1.5.0 (1-click run)(registred).exe a variant of Win32/1AntiVirus potentially unwanted application
Z:\Väskan\Program\FreeRingtoneMakerPlatinum.exe Win32/OpenCandy potentially unsafe application
Z:\Väskan\Program\RingToneMakerOC.exe Win32/OpenCandy potentially unsafe application
Z:\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application
Z:\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application
Z:\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application

 

 

Då väntar jag på resultatet från punkt 2.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Leffan (administrator) on LEFFAN-HP (17-02-2016 08:58:58)
Running from C:\Users\Leffan\Desktop
Loaded Profiles: Leffan (Available Profiles: Leffan & DefaultAppPool)
Platform: Windows 10 Home (X64) Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
() C:\Program Files\Everything\Everything.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files\Everything\Everything.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Inc.) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.4.9241.0_x64__8wekyb3d8bbwe\Solitaire.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.XboxIdentityProvider_cw5n1h2txyewy\XboxIdp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AccountsControl_cw5n1h2txyewy\AccountsControlHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16409496 2016-02-01] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [iObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [stereoLinksInstall] => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe [1100920 2015-10-13] (NVIDIA Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWhith] 1
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [FileSearchy Pro] => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [1525248 2014-02-14] ()
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-30] (IObit)
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spotify Web Helper] => C:\Users\Leffan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-24] (Spotify Ltd)
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Run: [spotify] => C:\Users\Leffan\AppData\Roaming\Spotify\Spotify.exe [8316528 2016-01-24] (Spotify Ltd)
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts-x32: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4a1fad1a-0eef-41f8-8287-881a3ba3943c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bd71d21a-105f-4373-847e-0523c572c004}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130960216718203138&GUID=D6779D41-B3B3-4189-A7B5-3352496BC9CC
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.se/
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.babal.net/?gjj
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11ENUS/WOL_WCP
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {215008E8-E834-48F6-8730-525AE55113C3} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {0C10295D-0704-4F42-A489-093BF416CB9D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} URL = 
SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {8505C2C0-B8ED-4612-86AC-134CD63DD49F} URL = hxxp://maps.google.se/maps?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {C14D3986-D040-4DE4-A13D-A3864D96A29B} URL = hxxps://www.google.com/search?q={searchTerms}
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-02-04] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-02-04] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> No Name - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} -  No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - No CLSID Value
 
FireFox:
========
FF ProfilePath: C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.se/
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-02-04] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_43 -> C:\Windows\system32\npdeployJava1.dll [2013-03-05] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-02-04] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll [2015-12-22] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1.dll [2016-02-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files (x86)\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-02-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2436640913-3975503498-2043303906-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leffan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Leffan\AppData\Roaming\Mozilla\Firefox\Profiles\calvn1dd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
FF HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Leffan\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
 
Chrome: 
=======
CHR HomePage: Profile 2 -> hxxps://www.google.se/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8
CHR StartupUrls: Profile 2 -> "hxxps://www.google.se/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8"
CHR DefaultSearchURL: Profile 2 -> hxxp://yoursearching.com/web?type=ds&ts=1453735116&z=4a9e7198e19aef820e60986gfz0wccem9c4wbgdodz&from=free&uid=ST31500341AS_9VS46FW1&q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> yoursearching
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\pdf.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin3.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin4.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime Alternative\plugins\npqtplugin5.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File
CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\BankID\npBispBrowser.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Leffan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll => No File
CHR Profile: C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-30]
CHR Extension: (YouTube) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-30]
CHR Extension: (Sök på Google) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-30]
CHR Extension: (Gmail) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-30]
CHR Profile: C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Sveriges Radio Spelare) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\agojbidllejeebbhcbonnlpodicladdk [2015-10-26]
CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (YouTube) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (Google Search) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Wallet) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Gmail) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [dbehnicccappldhpklckppjcdhlhcpmj] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [idiadiegplldnjnnhjfcggldbkjokmmd] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-11-18] (Nero AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-08] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-04-28] (Hewlett-Packard) [File not signed]
S3 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-04-28] (Hewlett-Packard) [File not signed]
S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [289792 2011-12-26] (Puran Software) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-02-01] (Realtek Semiconductor)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\ElRawDsk.sys [30752 2013-03-17] (EldoS Corporation)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-11-03] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-24] (REALiX)
S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [36568 2013-09-30] (IObit)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.)
S3 NvStUSB; C:\Windows\system32\DRIVERS\nvstusb.sys [55912 2010-03-25] ()
S3 PcdrNdisuio; C:\Windows\SysWow64\drivers\pcdrndisuio.sys [26096 2010-01-19] (Windows ® Codename Longhorn DDK provider)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [57928 2011-03-10] (Panda Security)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-12-30] (Realtek                                            )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-12-07] (Synaptics Incorporated)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-12] (Anchorfree Inc.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U5 WmFilter; C:\Windows\System32\Drivers\WmFilter.sys [43976 2010-04-27] (Logitech Inc.)
S0 cffkog; System32\drivers\gatk.sys [X]
U3 idsvc; no ImagePath
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-17 08:58 - 2016-02-17 08:59 - 00025365 _____ C:\Users\Leffan\Desktop\FRST.txt
2016-02-17 08:52 - 2016-02-17 08:52 - 00016148 _____ C:\WINDOWS\system32\LEFFAN-HP_Leffan_HistoryPrediction.bin
2016-02-16 21:33 - 2016-02-16 21:33 - 00002490 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Leffan
2016-02-16 21:33 - 2016-02-16 21:33 - 00000300 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Leffan.job
2016-02-16 20:27 - 2016-02-16 20:27 - 00010018 _____ C:\Users\Leffan\Desktop\bra.txt
2016-02-16 18:11 - 2015-10-13 16:26 - 00608048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-02-16 18:10 - 2016-02-16 18:11 - 00000000 ____D C:\WINDOWS\LastGood
2016-02-16 18:10 - 2016-02-16 18:10 - 31523000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 24208056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 23001912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 18805920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 17721840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 16278496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 15301816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 14633232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 14047120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 13957976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 12907704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-02-16 18:10 - 2016-02-16 18:10 - 11379416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 11316168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 04254336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 03995320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 03246848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 02857536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 01917240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434192.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 01565368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434192.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 00953016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 00916152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 00912184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 00877752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-02-16 18:10 - 2016-02-16 18:10 - 00026155 _____ C:\WINDOWS\system32\nvinfo.pb
2016-02-16 18:09 - 2016-02-16 18:09 - 00000000 ____D C:\Program Files (x86)\ESET
2016-02-16 17:52 - 2016-02-02 23:47 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-16 17:52 - 2016-02-02 23:47 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-16 17:30 - 2016-02-16 17:30 - 00001048 _____ C:\Users\Leffan\Desktop\OK.txt
2016-02-16 17:22 - 2016-02-16 17:22 - 00270928 _____ C:\WINDOWS\Minidump\021616-18828-01.dmp
2016-02-16 17:03 - 2016-02-16 17:21 - 4252365016 _____ C:\WINDOWS\MEMORY.DMP
2016-02-16 17:03 - 2016-02-16 17:03 - 00270928 _____ C:\WINDOWS\Minidump\021616-18421-01.dmp
2016-02-16 16:54 - 2016-02-16 16:55 - 00001829 _____ C:\Users\Leffan\Desktop\Fixlog.txt
2016-02-16 16:47 - 2016-02-16 16:47 - 00270928 _____ C:\WINDOWS\Minidump\021616-22515-01.dmp
2016-02-16 16:37 - 2016-02-16 16:55 - 01508352 _____ C:\Users\Leffan\Desktop\adwcleaner_5.033.exe
2016-02-16 13:54 - 2016-02-16 13:54 - 02370560 _____ (Farbar) C:\Users\Leffan\Desktop\FRST64.exe
2016-02-12 12:41 - 2016-02-12 12:41 - 00104904 _____ C:\Users\Leffan\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-11 11:17 - 2016-02-11 11:18 - 00000337 _____ C:\Users\Leffan\Desktop\Sport på TV Idag.url
2016-02-10 23:54 - 2016-02-16 17:31 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Everything
2016-02-06 10:09 - 2016-02-06 10:09 - 00000000 ____D C:\NPE
2016-02-06 07:27 - 2016-02-06 07:27 - 00000254 __RSH C:\ProgramData\ntuser.pol
2016-02-05 13:42 - 2016-02-06 05:15 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-02-05 13:42 - 2016-02-06 05:15 - 00003078 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan)
2016-02-05 12:46 - 2016-02-05 12:46 - 00000000 ____D C:\Users\Public\Thunder Network
2016-02-05 12:46 - 2016-02-05 12:46 - 00000000 ____D C:\ProgramData\Thunder Network
2016-02-05 12:45 - 2016-02-05 12:45 - 00000000 ____D C:\OSTotoFolder
2016-02-05 12:44 - 2016-02-05 12:53 - 00000000 ____D C:\Program Files (x86)\OSTotoSoft
2016-02-04 10:19 - 2016-02-04 10:19 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-02-04 10:07 - 2016-02-05 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-02-02 14:15 - 2016-02-17 08:20 - 00001022 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-02 14:15 - 2016-02-16 17:23 - 00001018 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-01 08:43 - 2016-02-01 08:43 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-02-01 08:43 - 2016-02-01 08:43 - 04686592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-02-01 08:43 - 2016-02-01 08:43 - 04307112 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-02-01 08:43 - 2016-02-01 08:43 - 03282032 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 03040488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-02-01 08:43 - 2016-02-01 08:43 - 02130584 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 02030208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 01601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 01435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 01356512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 01328496 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 01020208 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00467168 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-02-01 08:43 - 2016-02-01 08:43 - 00023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-01-28 09:17 - 2016-02-16 16:29 - 00000455 _____ C:\Users\Leffan\Desktop\Swedbank.url
2016-01-27 09:01 - 2016-01-27 09:01 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-27 09:01 - 2016-01-27 09:01 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-25 10:42 - 2016-02-12 12:32 - 00000000 ____D C:\Users\Leffan\AppData\Local\NPE
2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\Norton
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-17 08:58 - 2014-04-18 08:32 - 00000000 ____D C:\FRST
2016-02-17 08:52 - 2012-01-25 17:01 - 00000000 ____D C:\Users\Leffan\AppData\Local\CrashDumps
2016-02-17 05:24 - 2013-11-15 18:42 - 00000000 ____D C:\ProgramData\ProductData
2016-02-16 21:39 - 2010-10-23 15:32 - 00000000 ___RD C:\Users\Leffan\Desktop\Filhämtaren
2016-02-16 18:52 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-16 18:51 - 2015-08-20 07:22 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-16 18:26 - 2015-10-30 20:02 - 00000000 ___HD C:\$WINDOWS.~BT
2016-02-16 18:22 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2016-02-16 18:11 - 2015-08-20 06:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-16 17:57 - 2015-04-16 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-16 17:56 - 2015-04-16 15:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-16 17:56 - 2015-04-16 15:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-16 17:51 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-16 17:51 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-16 17:49 - 2013-08-14 11:13 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-16 17:43 - 2010-10-23 15:57 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-16 17:22 - 2015-09-03 09:33 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-16 17:22 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-16 17:18 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-16 17:17 - 2015-03-04 13:08 - 00000000 ____D C:\AdwCleaner
2016-02-16 17:11 - 2010-12-11 08:46 - 00000000 ___RD C:\Users\Leffan\Desktop\Väskan
2016-02-16 09:13 - 2010-10-25 16:50 - 00000000 ____D C:\Users\Leffan\AppData\Local\ElevatedDiagnostics
2016-02-16 08:50 - 2013-02-20 21:36 - 00000000 ___RD C:\Users\Leffan\Desktop\Till M Disk
2016-02-15 23:05 - 2015-12-03 09:42 - 00000260 _____ C:\WINDOWS\Tasks\ASC9_SkipUac_Leffan.job
2016-02-15 17:56 - 2011-11-06 19:20 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\uTorrent
2016-02-15 17:24 - 2015-08-20 06:33 - 02039452 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-15 17:24 - 2015-07-10 16:48 - 00841736 _____ C:\WINDOWS\system32\perfh01D.dat
2016-02-15 17:24 - 2015-07-10 16:48 - 00191588 _____ C:\WINDOWS\system32\perfc01D.dat
2016-02-15 10:05 - 2010-10-25 16:50 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\HpUpdate
2016-02-13 09:59 - 2010-10-23 15:30 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Macromedia
2016-02-13 08:30 - 2014-09-03 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-12 15:40 - 2015-09-17 07:19 - 00000000 ____D C:\Users\Leffan\Desktop\Ny Jobbmapp
2016-02-12 12:27 - 2012-09-05 21:23 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Geek Uninstaller
2016-02-12 08:22 - 2014-09-03 15:55 - 00001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-12 08:21 - 2016-01-04 08:56 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-11 13:04 - 2013-09-14 21:38 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\vlc
2016-02-11 11:26 - 2011-08-21 09:03 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\dvdcss
2016-02-11 08:23 - 2013-05-21 16:04 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-09 13:58 - 2016-01-12 13:02 - 00000000 ____D C:\Users\Leffan\AppData\Local\Spotify
2016-02-09 13:57 - 2016-01-12 13:02 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\Spotify
2016-02-08 09:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-06 08:57 - 2014-09-03 10:08 - 00000000 ____D C:\Users\Leffan\Desktop\HockeyMapp
2016-02-06 07:28 - 2010-07-29 09:31 - 00000000 ____D C:\ProgramData\Temp
2016-02-06 07:27 - 2016-01-10 10:36 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-02-05 08:12 - 2012-04-01 17:24 - 00000868 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-04 10:26 - 2015-08-24 11:04 - 00000000 ____D C:\Users\DefaultAppPool
2016-02-04 10:19 - 2015-08-20 04:12 - 00000000 ____D C:\Users\Leffan\.oracle_jre_usage
2016-02-04 10:19 - 2014-08-08 05:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-04 10:19 - 2011-08-07 22:15 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-04 10:18 - 2015-02-16 12:30 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-04 10:07 - 2012-12-26 14:08 - 00000000 ____D C:\ProgramData\IObit
2016-02-04 10:07 - 2012-12-26 14:01 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\IObit
2016-02-04 10:07 - 2012-12-26 14:01 - 00000000 ____D C:\Program Files (x86)\IObit
2016-02-02 14:15 - 2012-01-28 10:58 - 00004080 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 14:15 - 2012-01-28 10:58 - 00003848 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-01 08:43 - 2015-08-20 06:30 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-01-30 10:04 - 2015-08-20 07:10 - 00000000 ____D C:\inetpub
2016-01-30 10:04 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\System
2016-01-30 10:04 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-30 10:04 - 2015-04-21 13:49 - 00000000 ____D C:\Qoobox
2016-01-30 10:04 - 2013-10-27 15:25 - 00000000 ____D C:\AllMySongs Database
2016-01-30 10:04 - 2011-06-03 12:35 - 00000000 ____D C:\Program Files (x86)\QuickTime Alternative
2016-01-30 10:04 - 2010-12-15 17:48 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-30 10:04 - 2010-10-27 17:47 - 00000000 ____D C:\Program Files (x86)\SopCast
2016-01-30 10:04 - 2010-10-23 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-01-30 10:04 - 2010-07-29 09:32 - 00000000 ____D C:\Program Files (x86)\Hp
2016-01-30 10:04 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-01-25 23:00 - 2015-08-20 06:34 - 00000000 ____D C:\Users\Leffan
2016-01-25 18:51 - 2014-08-21 03:53 - 00000000 ____D C:\Users\Leffan\AppData\Local\Adobe
2016-01-25 11:02 - 2012-11-11 20:40 - 01409024 _____ C:\Users\Leffan\Documents\Tillgångar.accdb
2016-01-25 09:28 - 2014-10-13 15:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-25 09:22 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-25 00:21 - 2010-10-23 15:09 - 00000448 _____ C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job
2016-01-24 09:33 - 2010-11-06 14:14 - 00000000 ____D C:\ProgramData\MFAData
2016-01-24 07:26 - 2016-01-12 13:02 - 00001843 _____ C:\Users\Leffan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-01-23 11:38 - 2011-02-09 22:36 - 00003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForLeffan
2016-01-23 11:38 - 2011-02-09 22:36 - 00000336 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLeffan.job
2016-01-21 12:32 - 2015-03-02 16:38 - 00000000 ____D C:\Users\Leffan\AppData\Roaming\3E001880-1425314280-1016-826C-CD2F7FAD0E65
2016-01-21 10:23 - 2014-09-03 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\HomeGroupUser$
2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\Gäst
2016-01-20 11:13 - 2013-12-22 13:02 - 00000000 ____D C:\Users\Administratör
2016-01-20 11:13 - 2011-12-21 20:05 - 00000000 ____D C:\Users\UpdatusUser
2016-01-20 11:13 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
 
==================== Files in the root of some directories =======
 
2014-08-24 08:53 - 2014-07-03 12:10 - 0204752 _____ (Igor Pavlov) C:\Program Files (x86)\7zxa.dll
2014-08-24 08:53 - 2014-07-03 12:10 - 0060368 _____ () C:\Program Files (x86)\Ace32Loader.exe
2010-11-08 18:32 - 2014-06-06 16:29 - 0210432 _____ () C:\Program Files (x86)\Default.SFX
2010-11-08 18:32 - 2014-06-06 16:29 - 0258560 _____ () C:\Program Files (x86)\Default64.SFX
2010-11-08 18:32 - 2014-05-08 22:16 - 0000852 _____ () C:\Program Files (x86)\Descript.ion
2010-11-08 18:32 - 2010-03-11 17:59 - 0000495 _____ () C:\Program Files (x86)\File_Id.diz
2010-11-08 18:32 - 2014-06-10 12:12 - 0003268 _____ () C:\Program Files (x86)\Order.htm
2010-11-08 18:32 - 2014-07-03 12:10 - 0523216 _____ (Alexander Roshal) C:\Program Files (x86)\Rar.exe
2010-11-08 18:32 - 2014-05-18 13:00 - 0099263 _____ () C:\Program Files (x86)\Rar.txt
2010-11-08 18:32 - 2014-07-03 12:10 - 0316880 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt.dll
2014-08-24 08:53 - 2014-07-03 12:10 - 0266192 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt32.dll
2010-11-08 18:32 - 2014-03-18 21:09 - 0001241 _____ () C:\Program Files (x86)\RarFiles.lst
2010-11-08 18:32 - 2010-11-08 18:32 - 0000020 _____ () C:\Program Files (x86)\rarnew.dat
2010-12-17 23:21 - 2010-12-17 22:54 - 0000474 _____ () C:\Program Files (x86)\rarreg.key
2010-11-08 18:32 - 2013-01-11 18:13 - 0001284 _____ () C:\Program Files (x86)\ReadMe.txt
2010-11-08 18:32 - 2010-03-11 17:59 - 0009232 _____ () C:\Program Files (x86)\TechNote.txt
2014-08-24 08:53 - 2005-08-26 01:50 - 0077312 _____ () C:\Program Files (x86)\UNACEV2.DLL
2010-11-08 18:32 - 2014-06-06 16:29 - 0000443 _____ () C:\Program Files (x86)\Uninstall.lst
2010-11-08 18:32 - 2014-07-03 12:10 - 0329680 _____ (Alexander Roshal) C:\Program Files (x86)\UnRAR.exe
2010-11-08 18:32 - 2005-05-12 17:02 - 0000090 _____ () C:\Program Files (x86)\UnrarSrc.txt
2013-12-26 10:31 - 2013-12-26 10:31 - 0802136 _____ (BitTorrent Inc.) C:\Program Files (x86)\uTorrent.exe
2010-11-08 18:32 - 2014-06-06 15:34 - 0044393 _____ () C:\Program Files (x86)\WhatsNew.txt
2010-11-08 18:32 - 2014-06-06 16:29 - 0197632 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon.SFX
2010-11-08 18:32 - 2014-06-06 16:29 - 0238592 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon64.SFX
2010-11-08 18:32 - 2014-06-06 16:29 - 0297978 _____ () C:\Program Files (x86)\WinRAR.chm
2010-11-08 18:32 - 2014-07-03 12:10 - 1479632 _____ (Alexander Roshal) C:\Program Files (x86)\WinRAR.exe
2010-11-08 18:32 - 2014-06-06 16:29 - 0156672 _____ () C:\Program Files (x86)\Zip.SFX
2010-11-08 18:32 - 2014-06-06 16:29 - 0180224 _____ () C:\Program Files (x86)\Zip64.SFX
2010-11-08 18:32 - 2010-11-08 18:32 - 0000022 _____ () C:\Program Files (x86)\zipnew.dat
2013-09-10 19:05 - 2013-11-13 21:55 - 0000000 _____ () C:\Users\Leffan\AppData\Roaming\bitlord_log.txt
2010-12-30 12:22 - 2011-11-20 19:50 - 0000518 _____ () C:\Users\Leffan\AppData\Roaming\burnaware.ini
2011-05-25 20:18 - 2011-09-14 20:11 - 0001854 _____ () C:\Users\Leffan\AppData\Roaming\GhostObjGAFix.xml
2014-11-18 19:42 - 2014-11-18 19:43 - 0000498 _____ () C:\Users\Leffan\AppData\Roaming\WinInstallFlashLog.ini
2014-10-10 07:55 - 2014-10-10 07:55 - 0003584 _____ () C:\Users\Leffan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-10 19:22 - 2013-09-10 19:22 - 0000218 _____ () C:\Users\Leffan\AppData\Local\recently-used.xbel
2011-08-21 13:06 - 2015-09-13 09:28 - 0007630 _____ () C:\Users\Leffan\AppData\Local\Resmon.ResmonCfg
2012-08-20 19:00 - 2012-08-20 19:00 - 0000000 _____ () C:\ProgramData\0x0304A000.sfl
2015-10-20 07:47 - 2015-10-20 07:47 - 0045323 _____ () C:\ProgramData\1445323628.bdinstall.bin
2015-10-20 07:57 - 2015-10-20 07:57 - 0045185 _____ () C:\ProgramData\1445324239.bdinstall.bin
2015-10-20 09:35 - 2015-10-20 09:35 - 0045190 _____ () C:\ProgramData\1445330108.bdinstall.bin
2013-11-23 08:56 - 2013-11-23 08:56 - 0000000 _____ () C:\ProgramData\242c35322e3c542039_c
2014-11-30 18:54 - 2014-11-30 12:41 - 1979240 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe
2014-10-02 10:36 - 2014-10-02 10:36 - 0000261 _____ () C:\ProgramData\fontcacheev1.dat
2011-09-17 21:41 - 2011-09-17 21:46 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2013-06-10 21:18 - 2013-06-10 21:18 - 0000000 ____H () C:\ProgramData\rifmasterlic.lic
 
Files to move or delete:
====================
C:\ProgramData\BavPro_Setup_Mini_GL1.exe
C:\ProgramData\fontcacheev1.dat
C:\Users\Leffan\link.vbs
C:\Users\Leffan\reg-bak.reg
 
 
Some files in TEMP:
====================
C:\Users\Leffan\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Leffan (2016-02-17 09:00:10)
Running from C:\Users\Leffan\Desktop
Windows 10 Home (X64) (2015-08-20 06:07:07)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administratör (S-1-5-21-2436640913-3975503498-2043303906-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2436640913-3975503498-2043303906-503 - Limited - Disabled)
Gäst (S-1-5-21-2436640913-3975503498-2043303906-501 - Limited - Disabled)
Leffan (S-1-5-21-2436640913-3975503498-2043303906-1001 - Administrator - Enabled) => C:\Users\Leffan
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: IObit Malware Fighter (Disabled - Out of date) {A751AC20-3B48-5237-898A-78C4436BB78D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\uTorrent) (Version: 3.4.5.41073 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 17.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{AB71D51A-DD83-4C22-98E2-DF8CB803F65D}) (Version: 1.14.17.06729 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.14.17.06729 - Alcor Micro Corp.) Hidden
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Apple-programstöd (32-bitar) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple-programstöd (64-bitar) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
AVCWare Ringtone Maker (HKLM-x32\...\AVCWare Ringtone Maker) (Version: 2.0.5.20120712 - AVCWare)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6172 - AVG Technologies)
AVG 2015 (Version: 15.0.6172 - AVG Technologies) Hidden
BankID säkerhetsprogram (HKLM-x32\...\{1BDBF557-BA87-438F-9B28-AE4D836E35BA}) (Version: 7.1.0.20 - Finansiell ID-Teknik BID AB)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Compatibility Pack för Office 2007-systemet (HKLM-x32\...\{90120000-0020-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.)
Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 2.7 - Poikosoft)
Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
FileSearchy Pro (HKLM-x32\...\FileSearchy Pro) (Version: 1.11 - Midlinesoft)
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
FSS Google Maps Downloader version 2.0.8.1 (HKLM-x32\...\FSS Google Maps Downloader_is1) (Version: 2.0.8.1 - FreeSmartSoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)
HP MAINSTREAM KEYBOARD (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.4.3.0 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)
HTC Sync (HKLM-x32\...\{1F9E5C64-165D-4679-BBB3-498D216D017B}) (Version: 3.3.7 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.13.0 - HTC)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.0 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.37 - IObit)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.41 - Irfan Skiljan)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Java 8 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Kursomvandlaren 1.0 (HKLM-x32\...\Kursomvandlaren) (Version: 1.0 - Kursomvandlaren.se)
Leapic Audio Cutter 3.0 (HKLM-x32\...\Leapic Audio Cutter_is1) (Version:  - Leapic Software)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_ENTERPRISE_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_ENTERPRISE_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version:  - Microsoft)
Microsoft Office PowerPoint Viewer 2007 (Swedish) (HKLM-x32\...\{95120000-00AF-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_ENTERPRISE_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden
Mozilla Firefox 43.0.1 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 sv-SE)) (Version: 43.0.1 - Mozilla)
Mozilla Firefox 44.0.2 (x64 sv-SE) (HKLM\...\Mozilla Firefox 44.0.2 (x64 sv-SE)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nordea NCR1 Installationspaket (HKLM-x32\...\{CD9A35D4-8A81-4188-98AF-14D759083FB4}) (Version: 1.00.000 - Todos Data System AB)
NVIDIA 3D Vision drivrutin 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)
NVIDIA 3D Vision drivrutin för styrenhet 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.70 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation)
NVIDIA Grafikdrivrutin 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA-uppdatering 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Panda Cloud Antivirus (Version: 4.02.00.0000 - Panda Security) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PopChar 6.0 (HKLM\...\ergonis PopChar_is1) (Version: 6.0 - Ergonis Software)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.3810 - CyberLink Corp.) Hidden
Privacy Eraser (HKLM\...\{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 4.4.0.1580 - Cybertron Software Co., Ltd.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
QuickTime Alternative 3.1.1 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.1.1 - )
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.23.0 - Mediatek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.30.1019.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2719 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com)
Spotify (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Spotify) (Version: 1.0.20.101.ge6957e14 - Spotify AB)
SpringFiles (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\SpringFiles) (Version: 29.15.38 - hxxp://www.spring-file.com)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
UniPDF 1.0.5 (HKLM-x32\...\UniPDF) (Version: 1.0.5 - UniPDF.com)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Leffan\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {004BD1B3-5175-4FFF-8847-36552271C71A} - \Ad-Aware Antivirus Scheduled Scan -> No File <==== ATTENTION
Task: {015D92BF-3905-4212-8E37-9573EF8946D3} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {017E6A68-2D3A-4FA1-B9C4-489B1D3AE6D0} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-05-29] ()
Task: {047C2F9F-5DEA-4650-B407-DC0512536094} - System32\Tasks\{5EC01EB6-9E5A-404A-99B8-6CF97B7ED3DD} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {0809A89E-404A-4D5D-9B26-081576289B9C} - System32\Tasks\Cybertron\Privacy Eraser\SkipUAC_Leffan => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser.exe [2015-10-02] (Cybertron Software, Co., Ltd.)
Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0D55A894-4243-46AA-BE55-3FFB87D20595} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {11DBE9C2-672A-4B9F-B337-91F4F6AECE6D} - System32\Tasks\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\irfanview_lang_svenska.exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {13353C5F-3569-4E84-A2EE-1A5DC2B78CEF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-16] (Microsoft Corporation)
Task: {13802080-A435-460E-A8C8-EE026D9DF1F0} - System32\Tasks\{B1087BD8-E5F8-459E-BA42-82D7589A720E} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {1537EDA8-027A-4507-AC4E-93A4E0BFC640} - System32\Tasks\Driver Booster SkipUAC (Leffan) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-01-18] (IObit)
Task: {164D37C2-FBAD-47B4-93B5-3062D9BB06C8} - System32\Tasks\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(1).exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {16847A77-A515-451B-AD81-A369021D3F38} - System32\Tasks\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75} => K:\autorunce.exe
Task: {16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD} - System32\Tasks\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4} => K:\autorunce.exe
Task: {1BE0B7D9-F640-4E4D-BF8A-D035646B5661} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {1D3967CC-676A-486B-A20A-3DA07F5B7958} - System32\Tasks\{0FB8EBCC-9766-45A7-A303-D09B0B9BD45F} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7} - System32\Tasks\{A3E12639-911A-493D-8291-C43934499F4D} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35\MacDrive_Pro_9.0.3.35_en_Setup.exe -d C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35
Task: {1EB96C60-F185-4B08-8DAD-F45E67717DD6} - System32\Tasks\Uninstaller_SkipUac_Leffan => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-10-30] (IObit)
Task: {223310F3-934C-496C-A4FE-9810DEC59970} - System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => C:\ProgramData\UpdaterSrv\UpdaterSrv.exe [2015-11-27] () <==== ATTENTION
Task: {2341FCA8-7C90-436F-8B08-84E93950E58A} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-10-30] (IObit)
Task: {2575C29E-BA05-48B9-B0EF-6862BF8429B2} - System32\Tasks\{39A1BCC2-0D94-4E8E-8E99-434667EC37F3} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {27122E99-4230-4EE8-856C-CC8CD289A0AC} - System32\Tasks\{1E89BF2A-0738-4751-B74F-BCC148691285} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2889796A-E8F9-4520-99FA-821415487847} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-4 -> No File <==== ATTENTION
Task: {295C9287-7247-4241-A63A-13C569A31320} - System32\Tasks\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467} => K:\autorunce.exe
Task: {29990644-B79A-4F9B-B184-45225F368080} - System32\Tasks\{2FC1D531-7D62-49B0-92F6-4B6A33DC012C} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {29D5864E-025B-4966-A15A-DE22A64F2268} - System32\Tasks\{F1B96DF2-1E4B-4B84-B964-E431146708E6} => E:\SETUP.EXE
Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {30648DF9-E656-4A7A-89E0-13E228B8D121} - System32\Tasks\{AC2E07DB-99E6-453D-AA25-78F464F22D37} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(2).exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {30EEFFE7-99F8-4860-A81D-2AFAEDBE4098} - System32\Tasks\{998C7732-8855-4A08-BA4C-F1AA473C9E70} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {315B28B0-9835-4E3F-B81E-0E16ADEAA9C8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {317ABD25-4807-4239-9D10-2E7091227F3E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-5 -> No File <==== ATTENTION
Task: {32ABA5C1-E0ED-4BDF-86A9-C75D45B0BB89} - System32\Tasks\{BF677917-AD42-4C99-9564-FF7DBC764A70} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {33589691-0896-46B4-82DB-FA2BA62038EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {356EBFDA-3CC2-4016-8ED7-636D5E28828E} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION
Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {3A32527B-676D-44D5-A90F-6BFEC2A4F8B3} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-10-06] (Oracle Corporation)
Task: {3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284} - System32\Tasks\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB} => Z:\Panda Internet Security 2012 16.00\PANDAIS12PROMO1M.exe
Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {420544F1-038F-40DC-BCED-EE3CA989F9F6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {444C3CA9-1CE7-4575-9A68-6A1FDBB08DBB} - System32\Tasks\{20ECD2CE-4BE8-4120-86B6-DA4CED53A141} => pcalua.exe -a "J:\Program\Logitech Mus MX310\mw9791sve.exe" -d "J:\Program\Logitech Mus MX310"
Task: {444E300E-8607-4E58-8F83-E6C10EB96832} - System32\Tasks\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001 => Chrome.exe 
Task: {4D35091C-063F-4653-8089-D1F27F254E4A} - System32\Tasks\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734} => K:\autorunce.exe
Task: {4D515E26-8912-4948-B044-54DA5F548274} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {4D714B6F-CC7F-434B-B049-EC548F68FAF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {4E644A8D-2A48-4553-8495-CD9AC56C475A} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2010-02-02] (PC-Doctor, Inc.)
Task: {4EFDB5BD-5CF7-4748-A9BF-644E48425207} - System32\Tasks\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3} => E:\SETUP.EXE
Task: {58C96A45-1DD1-4A30-8713-791B8136D6BC} - \060184C3-9766-46a0-B258-F4518A0B2633 -> No File <==== ATTENTION
Task: {5B252DF3-DD42-4593-8E1F-70DA4CD5C926} - System32\Tasks\HPCeeScheduleForLeffan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {5C3682DC-00C4-42B6-BDF4-291CE450520B} - System32\Tasks\{F72B7057-8A2E-4A3A-B919-8BDB5F2C34D5} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {652D917A-B005-4661-AC63-65A9D11E503D} - \Trojan Killer -> No File <==== ATTENTION
Task: {69EE0CD2-9496-49FC-A7BD-D1125394A0DB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-3 -> No File <==== ATTENTION
Task: {6AEB90CA-E25E-4F7A-B6D0-7D1E6D95B5F8} - System32\Tasks\{3408CB37-2C67-46A7-928D-1F3F71DBEED5} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {6B448F61-307A-4135-AD66-6F550557B5DE} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-5 -> No File <==== ATTENTION
Task: {6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-2 -> No File <==== ATTENTION
Task: {74D6BFB7-14FC-4A5B-8098-40C8CC043052} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {77EB921A-148E-4F20-BA05-D35731BCCA98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {78039CD5-5495-42E4-BE47-5E3558F8B528} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-6 -> No File <==== ATTENTION
Task: {79321947-476E-4235-A7BA-1DFC4DD8FC9F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {80D92798-093B-468D-B973-D733520C10F6} - System32\Tasks\ASC7U_SkipUac_Leffan => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe
Task: {8230B32A-D160-4D4B-9895-9471C7F677A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {85070D5E-1745-4C48-8902-71A36068310A} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-3 -> No File <==== ATTENTION
Task: {87A22366-8990-43BA-9656-EB3D09BB8615} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-08-21] (IObit)
Task: {898B9353-42B6-461F-82B1-7A6D54A86697} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8B42502E-AF26-4A3D-AB75-BFDE38F8AF19} - System32\Tasks\{649C94FF-5E42-4F31-9F1C-CDDB2C654B8B} => pcalua.exe -a "C:\Program Files (x86)\AVS4YOU\Uninstall.exe"
Task: {8E7FC1F8-9DB1-46F7-AF7B-71F743F23BC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {8EBC57F6-CD69-4FB0-A11D-E82261535D49} - System32\Tasks\{D296527F-224B-4CB7-8A65-6E8492A3448E} => E:\SETUP.EXE
Task: {939CE0A3-F6DD-4A69-95CD-0E1B19588965} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-2 -> No File <==== ATTENTION
Task: {93AA24D5-D9E4-469D-B51A-E507DFB86F5F} - System32\Tasks\{8696F1B7-7B49-4C88-86BE-E5436E6B9BE6} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\daemon-tools.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {94725C4A-D8DC-4E84-AEC9-35897AA0FFD5} - System32\Tasks\{4A6B5362-1860-456A-8FAB-6FC474D30AD7} => pcalua.exe -a "C:\Windows\SysWOW64\Adobe\Shockwave 11\syminstallstub.exe" -d C:\Users\Leffan\Desktop -c /partnerid=adobe /productlist=nss /staging=false /debug /delay=0
Task: {9A7CE315-F2C2-4B0B-8DA0-9CAF1E927ACA} - System32\Tasks\{8A0B35A7-C76F-4160-875B-0BB3716F167C} => pcalua.exe -a "C:\Users\Leffan\Desktop\Eget\Olika Prog\wmp11-windowsxp-x86-SV-SE.exe" -d "C:\Users\Leffan\Desktop\Eget\Olika Prog"
Task: {9CD1E83E-15B1-4314-8AC2-A61E697DE0A4} - System32\Tasks\{1490BFE5-F5BB-46E0-B4CD-3438C4957884} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {9FD1CE56-EE7B-46D6-9B34-6DA76FB6DC3D} - System32\Tasks\{5B06E479-555D-4864-88DE-72A2B6FBB1FD} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {A16E9003-48D6-4F34-8636-B33F3D67537A} - System32\Tasks\{6EBDE3E0-2BE7-4C3C-B5E1-2605F8CB5563} => K:\autorunce.exe
Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {AA8CC61F-0624-4AC9-89C5-F8AD72D82401} - \DealPlyUpdate -> No File <==== ATTENTION
Task: {AADCE8B4-4F47-473C-84ED-6137DB7AC4F2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {B44DCCB2-CBCF-43CA-9AB4-DF65EEB3BDDD} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-1 -> No File <==== ATTENTION
Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {BA1D5441-965F-4AE2-B6B4-DE072B4F1248} - System32\Tasks\{7BB7C00D-46F6-4294-BD6C-567F503637BE} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {BCCF1E13-4ADA-4182-97D7-E996AD2B877E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {BDA71962-EA5D-4385-81B3-48EFF84EBB70} - \94A46359-5537-4201-BEFD-1EC63DFD0949 -> No File <==== ATTENTION
Task: {BF83FDDD-7C67-489B-96E9-2F7FB75415A5} - System32\Tasks\ASC9_SkipUac_Leffan => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2015-11-30] (IObit)
Task: {C0D0348D-C956-46A1-B30F-B57043226A65} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-7 -> No File <==== ATTENTION
Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C6FA3A30-ECA9-4DD0-85B3-7845A3DD0CCB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-4 -> No File <==== ATTENTION
Task: {C7B71700-04D1-4AEC-8975-2B954CF4CA3D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C9482E4C-B40B-42BD-8020-2AAC7828AC83} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit)
Task: {CD41C298-24DD-4BF6-9270-1017E4B9D929} - System32\Tasks\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => pcalua.exe -a Z:\SETUP.EXE -d Z:\
Task: {D1A30C2B-02ED-4D75-8DDB-9D13BF40EC9E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-1 -> No File <==== ATTENTION
Task: {D3DA3BE4-9D44-4387-9A8A-77A70F3DD1CD} - System32\Tasks\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\CloudAntivirus.exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {D41550B9-1CE4-4475-A57B-43C3155818D2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D5202B90-EDB2-4155-A1EC-894D7B408267} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-04] (Adobe Systems Incorporated)
Task: {D6BBD0A2-36BA-4F27-A243-E3D982AA8323} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D8638B38-356A-42C6-AA41-E91C12A2A6E8} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {D98F64A5-ECB7-4D90-9CC0-A4EEBC4B262E} - System32\Tasks\FileSearchyPro_SkipUAC => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [2014-02-14] ()
Task: {E3022D0E-ECFA-4AA9-A2A9-E563007E921C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E47DC616-F79D-4ECC-A214-5E9F4131EE24} - System32\Tasks\{5BA75C5D-537E-401B-BB74-A1494BA2FCE4} => pcalua.exe -a "C:\Program Files (x86)\Personal\bin\persinst.exe" -d "C:\Program Files (x86)\Personal\bin"
Task: {E48E7272-8EFE-40BA-8172-A9B5426507E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E604A3F7-FC9F-4A15-B8C2-9EFFB0635A06} - System32\Tasks\Google Updater and Installer => C:\Users\Leffan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {E6423FD3-6C70-4406-81ED-A50E74108523} - \SpyHunter4Startup -> No File <==== ATTENTION
Task: {E7E05EA5-8067-4E1E-8904-3B8FE7CE21BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E886E1C4-44AE-44C1-87C7-9AAC8FB9DAA1} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()
Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EA2197B3-EBEC-433D-9B3E-FEA775E25760} - System32\Tasks\{F7F5755D-563D-42D9-89E1-5872D836B8EB} => C:\Users\Leffan\Desktop\Eget\EuroC\setup.exe
Task: {EC34AB08-DCA1-477E-A034-5DB7B65F6B87} - System32\Tasks\{D6F371CA-08A1-4B7E-9E2D-7585D37A4DC2} => K:\Program\CD-LP Skivor Cardfile\Cardfile.exe
Task: {F29CE86A-3B32-4B44-A08F-964AF154EA4E} - System32\Tasks\{803EC8C1-976B-466E-8FEE-A1E65CA27538} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {FAEA5001-7894-4392-AAEB-83E6A5C0C348} - System32\Tasks\{FF41CD49-FDD3-43FC-8C2F-819BCD47E52D} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE
Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FC8AF801-5C9D-4E5D-973B-D3A3F36DB387} - System32\Tasks\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => K:\autorunce.exe
Task: {FFF387A5-D463-45F0-AFC4-5BA55C0A9685} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Leffan.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForLeffan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Leffan.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
C:\Users\All Users\InstallMate\{92AB2A58-E310-E82F-0AC4-AB32494808AE}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application

C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application cleaned by deleting

C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe a variant of Win32/Hao123.A potentially unwanted application cleaned by deleting

C:\Program Files (x86)\Portable\Trojan Killer v2.1.5.0\trojankiller.exe a variant of Win32/1AntiVirus potentially unwanted application cleaned by deleting

C:\Program Files (x86)\ringtonemaker_setup\ringtonemaker_setup\ringtonemaker_setup.exe a variant of Win32/InstallCore.ACZ potentially unwanted application cleaned by deleting

C:\ProgramData\InstallMate\{92AB2A58-E310-E82F-0AC4-AB32494808AE}\_Setupx.dll Win32/InstalleRex.T potentially unwanted application cleaned by deleting

C:\Users\Leffan\AppData\Roaming\LCEFUOWD JS/Toolbar.Crossrider.C potentially unwanted application deleted

C:\Users\Leffan\Desktop\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application deleted

C:\Users\Leffan\Desktop\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application deleted

C:\Users\Leffan\Desktop\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted

C:\Windows\Installer\MSI3319.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSI3319.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSI3319.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Infrastructure.Utilities.dll a variant of MSIL/Toolbar.Linkury.T potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSI92B2.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSI92B2.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSI92B2.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSI92B2.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSI92B2.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Communication.NamedPipe.dll a variant of MSIL/Toolbar.Linkury.W potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Infrastructure.Utilities.dll a variant of MSIL/Toolbar.Linkury.T potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSIE47C.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSIE47C.tmp-\spbe.dll a variant of MSIL/Toolbar.Linkury.I potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSIE47C.tmp-\sppsm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSIE47C.tmp-\spusm.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSIE47C.tmp-\srbs.dll a variant of MSIL/Toolbar.Linkury.C potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSIE47C.tmp-\srbu.dll a variant of MSIL/Toolbar.Linkury.F potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSIE47C.tmp-\srptc.dll a variant of MSIL/Toolbar.Linkury.G potentially unwanted application cleaned by deleting

C:\Windows\Installer\MSIE47C.tmp-\srut.dll a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application cleaned by deleting

Z:\Program\FreemakeVideoConverter_4.1.4.1.exe Win32/OpenCandy potentially unsafe application deleted

Z:\Program\SweetHome3D-4.3-windows-oc.exe Win32/OpenCandy potentially unsafe application deleted

Z:\Program\NCH Switch Sound File Converter Plus v4.35 LAXiTY\switchsetup_engl.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted

Z:\Väskan\Olika Prog\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application deleted

Z:\Väskan\Olika Prog\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application deleted

Z:\Väskan\Olika Prog\Trojan Killer v2.1.5.0 (1-click run)(registred)\Trojan Killer v2.1.5.0 (1-click run)(registred).exe a variant of Win32/1AntiVirus potentially unwanted application deleted

Z:\Väskan\Program\FreeRingtoneMakerPlatinum.exe Win32/OpenCandy potentially unsafe application deleted

Z:\Väskan\Program\RingToneMakerOC.exe Win32/OpenCandy potentially unsafe application deleted

Z:\Väskan\Program Olika\cdbxp_setup_4.4.0.2905.exe Win32/OpenCandy potentially unsafe application deleted

Z:\Väskan\Program Olika\CPP-ProductKeyFinder.exe Win32/OpenCandy potentially unsafe application deleted

Z:\Väskan\Program Olika\drivermax.exe a variant of Win32/OpenCandy.A potentially unsafe application deleted

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Starta programmet Anteckningar.
Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWhith] 1
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts-x32: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.babal.net/?gjj
SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} URL = 
Toolbar: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> No Name - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} -  No File
Handler: gopher - No CLSID Value
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Leffan\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
CHR DefaultSearchURL: Profile 2 -> hxxp://yoursearching.com/web?type=ds&ts=1453735116&z=4a9e7198e19aef820e60986gfz0wccem9c4wbgdodz&from=free&uid=ST31500341AS_9VS46FW1&q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> yoursearching
CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java™ Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => No File
CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Wallet) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [dbehnicccappldhpklckppjcdhlhcpmj] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [idiadiegplldnjnnhjfcggldbkjokmmd] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-11-03] ()
S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [57928 2011-03-10] (Panda Security)
S0 cffkog; System32\drivers\gatk.sys [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
2016-02-05 13:42 - 2016-02-06 05:15 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-02-05 13:42 - 2016-02-06 05:15 - 00003078 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan)
2016-02-04 10:07 - 2016-02-05 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\Norton
2016-01-25 09:22 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\AVAST Software
2014-11-30 18:54 - 2014-11-30 12:41 - 1979240 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe
Panda Cloud Antivirus (Version: 4.02.00.0000 - Panda Security) Hidden
Task: {004BD1B3-5175-4FFF-8847-36552271C71A} - \Ad-Aware Antivirus Scheduled Scan -> No File <==== ATTENTION
Task: {11DBE9C2-672A-4B9F-B337-91F4F6AECE6D} - System32\Tasks\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\irfanview_lang_svenska.exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {164D37C2-FBAD-47B4-93B5-3062D9BB06C8} - System32\Tasks\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(1).exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {16847A77-A515-451B-AD81-A369021D3F38} - System32\Tasks\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75} => K:\autorunce.exe
Task: {16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD} - System32\Tasks\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4} => K:\autorunce.exe
Task: {1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7} - System32\Tasks\{A3E12639-911A-493D-8291-C43934499F4D} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35\MacDrive_Pro_9.0.3.35_en_Setup.exe -d C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35
Task: {223310F3-934C-496C-A4FE-9810DEC59970} - System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => C:\ProgramData\UpdaterSrv\UpdaterSrv.exe [2015-11-27] () <==== ATTENTION
Task: {2889796A-E8F9-4520-99FA-821415487847} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-4 -> No File <==== ATTENTION
Task: {295C9287-7247-4241-A63A-13C569A31320} - System32\Tasks\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467} => K:\autorunce.exe
Task: {29D5864E-025B-4966-A15A-DE22A64F2268} - System32\Tasks\{F1B96DF2-1E4B-4B84-B964-E431146708E6} => E:\SETUP.EXE
Task: {30648DF9-E656-4A7A-89E0-13E228B8D121} - System32\Tasks\{AC2E07DB-99E6-453D-AA25-78F464F22D37} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(2).exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {317ABD25-4807-4239-9D10-2E7091227F3E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-5 -> No File <==== ATTENTION
Task: {356EBFDA-3CC2-4016-8ED7-636D5E28828E} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION
Task: {3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284} - System32\Tasks\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB} => Z:\Panda Internet Security 2012 16.00\PANDAIS12PROMO1M.exe
Task: {444E300E-8607-4E58-8F83-E6C10EB96832} - System32\Tasks\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001 => Chrome.exe 
Task: {4D35091C-063F-4653-8089-D1F27F254E4A} - System32\Tasks\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734} => K:\autorunce.exe
Task: {4EFDB5BD-5CF7-4748-A9BF-644E48425207} - System32\Tasks\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3} => E:\SETUP.EXE
Task: {58C96A45-1DD1-4A30-8713-791B8136D6BC} - \060184C3-9766-46a0-B258-F4518A0B2633 -> No File <==== ATTENTION
Task: {652D917A-B005-4661-AC63-65A9D11E503D} - \Trojan Killer -> No File <==== ATTENTION
Task: {69EE0CD2-9496-49FC-A7BD-D1125394A0DB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-3 -> No File <==== ATTENTION
Task: {6B448F61-307A-4135-AD66-6F550557B5DE} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-5 -> No File <==== ATTENTION
Task: {6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-2 -> No File <==== ATTENTION
Task: {74D6BFB7-14FC-4A5B-8098-40C8CC043052} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77EB921A-148E-4F20-BA05-D35731BCCA98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {78039CD5-5495-42E4-BE47-5E3558F8B528} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-6 -> No File <==== ATTENTION
Task: {85070D5E-1745-4C48-8902-71A36068310A} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-3 -> No File <==== ATTENTION
Task: {898B9353-42B6-461F-82B1-7A6D54A86697} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8EBC57F6-CD69-4FB0-A11D-E82261535D49} - System32\Tasks\{D296527F-224B-4CB7-8A65-6E8492A3448E} => E:\SETUP.EXE
Task: {939CE0A3-F6DD-4A69-95CD-0E1B19588965} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-2 -> No File <==== ATTENTION
Task: {AA8CC61F-0624-4AC9-89C5-F8AD72D82401} - \DealPlyUpdate -> No File <==== ATTENTION
Task: {AADCE8B4-4F47-473C-84ED-6137DB7AC4F2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Reboot:

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.
Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.
Om datorn inte startas om automatiskt så gör det själv.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Starta programmet Anteckningar.

Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWhith] 1
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts-x32: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.babal.net/?gjj
SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} URL = 
Toolbar: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> No Name - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} -  No File
Handler: gopher - No CLSID Value
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Leffan\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
CHR DefaultSearchURL: Profile 2 -> hxxp://yoursearching.com/web?type=ds&ts=1453735116&z=4a9e7198e19aef820e60986gfz0wccem9c4wbgdodz&from=free&uid=ST31500341AS_9VS46FW1&q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> yoursearching
CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java™ Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => No File
CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Wallet) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [dbehnicccappldhpklckppjcdhlhcpmj] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [idiadiegplldnjnnhjfcggldbkjokmmd] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-11-03] ()
S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [57928 2011-03-10] (Panda Security)
S0 cffkog; System32\drivers\gatk.sys [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
2016-02-05 13:42 - 2016-02-06 05:15 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-02-05 13:42 - 2016-02-06 05:15 - 00003078 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan)
2016-02-04 10:07 - 2016-02-05 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\Norton
2016-01-25 09:22 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\AVAST Software
2014-11-30 18:54 - 2014-11-30 12:41 - 1979240 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe
Panda Cloud Antivirus (Version: 4.02.00.0000 - Panda Security) Hidden
Task: {004BD1B3-5175-4FFF-8847-36552271C71A} - \Ad-Aware Antivirus Scheduled Scan -> No File <==== ATTENTION
Task: {11DBE9C2-672A-4B9F-B337-91F4F6AECE6D} - System32\Tasks\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\irfanview_lang_svenska.exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {164D37C2-FBAD-47B4-93B5-3062D9BB06C8} - System32\Tasks\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(1).exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {16847A77-A515-451B-AD81-A369021D3F38} - System32\Tasks\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75} => K:\autorunce.exe
Task: {16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD} - System32\Tasks\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4} => K:\autorunce.exe
Task: {1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7} - System32\Tasks\{A3E12639-911A-493D-8291-C43934499F4D} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35\MacDrive_Pro_9.0.3.35_en_Setup.exe -d C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35
Task: {223310F3-934C-496C-A4FE-9810DEC59970} - System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => C:\ProgramData\UpdaterSrv\UpdaterSrv.exe [2015-11-27] () <==== ATTENTION
Task: {2889796A-E8F9-4520-99FA-821415487847} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-4 -> No File <==== ATTENTION
Task: {295C9287-7247-4241-A63A-13C569A31320} - System32\Tasks\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467} => K:\autorunce.exe
Task: {29D5864E-025B-4966-A15A-DE22A64F2268} - System32\Tasks\{F1B96DF2-1E4B-4B84-B964-E431146708E6} => E:\SETUP.EXE
Task: {30648DF9-E656-4A7A-89E0-13E228B8D121} - System32\Tasks\{AC2E07DB-99E6-453D-AA25-78F464F22D37} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(2).exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {317ABD25-4807-4239-9D10-2E7091227F3E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-5 -> No File <==== ATTENTION
Task: {356EBFDA-3CC2-4016-8ED7-636D5E28828E} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION
Task: {3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284} - System32\Tasks\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB} => Z:\Panda Internet Security 2012 16.00\PANDAIS12PROMO1M.exe
Task: {444E300E-8607-4E58-8F83-E6C10EB96832} - System32\Tasks\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001 => Chrome.exe 
Task: {4D35091C-063F-4653-8089-D1F27F254E4A} - System32\Tasks\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734} => K:\autorunce.exe
Task: {4EFDB5BD-5CF7-4748-A9BF-644E48425207} - System32\Tasks\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3} => E:\SETUP.EXE
Task: {58C96A45-1DD1-4A30-8713-791B8136D6BC} - \060184C3-9766-46a0-B258-F4518A0B2633 -> No File <==== ATTENTION
Task: {652D917A-B005-4661-AC63-65A9D11E503D} - \Trojan Killer -> No File <==== ATTENTION
Task: {69EE0CD2-9496-49FC-A7BD-D1125394A0DB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-3 -> No File <==== ATTENTION
Task: {6B448F61-307A-4135-AD66-6F550557B5DE} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-5 -> No File <==== ATTENTION
Task: {6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-2 -> No File <==== ATTENTION
Task: {74D6BFB7-14FC-4A5B-8098-40C8CC043052} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77EB921A-148E-4F20-BA05-D35731BCCA98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {78039CD5-5495-42E4-BE47-5E3558F8B528} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-6 -> No File <==== ATTENTION
Task: {85070D5E-1745-4C48-8902-71A36068310A} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-3 -> No File <==== ATTENTION
Task: {898B9353-42B6-461F-82B1-7A6D54A86697} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8EBC57F6-CD69-4FB0-A11D-E82261535D49} - System32\Tasks\{D296527F-224B-4CB7-8A65-6E8492A3448E} => E:\SETUP.EXE
Task: {939CE0A3-F6DD-4A69-95CD-0E1B19588965} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-2 -> No File <==== ATTENTION
Task: {AA8CC61F-0624-4AC9-89C5-F8AD72D82401} - \DealPlyUpdate -> No File <==== ATTENTION
Task: {AADCE8B4-4F47-473C-84ED-6137DB7AC4F2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Reboot:

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Stäng av alla program.

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Om datorn inte startas om automatiskt så gör det själv.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

Fix result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Leffan (2016-02-17 11:53:10) Run:4
Running from C:\Users\Leffan\Desktop
Loaded Profiles: Leffan (Available Profiles: Leffan & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWhith] 1
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * ?????????????
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicyScripts-x32: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.babal.net/?gjj
SearchScopes: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> {75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} URL = 
Toolbar: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001 -> No Name - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} -  No File
Handler: gopher - No CLSID Value
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Leffan\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
CHR DefaultSearchURL: Profile 2 -> hxxp://yoursearching.com/web?type=ds&ts=1453735116&z=4a9e7198e19aef820e60986gfz0wccem9c4wbgdodz&from=free&uid=ST31500341AS_9VS46FW1&q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> yoursearching
CHR Plugin: (Java Deployment Toolkit 8.0.400.26) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java™ Platform SE 8 U40) - C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => No File
CHR Extension: (Google Drive) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Wallet) - C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-27] [updateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
CHR HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [adkocghdlgfalpfkdohnkeaknpmcejpo] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [dbehnicccappldhpklckppjcdhlhcpmj] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [idiadiegplldnjnnhjfcggldbkjokmmd] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jpmkmilbnbcikglaaonnlcfboiniggbf] - <no Path/update_url>
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-11-03] ()
S1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [89128 2012-06-27] (Panda Security, S.L.)
S4 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [68648 2012-06-27] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [109096 2012-06-27] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [57928 2011-03-10] (Panda Security)
S0 cffkog; System32\drivers\gatk.sys [X]
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
2016-02-05 13:42 - 2016-02-06 05:15 - 00003428 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-02-05 13:42 - 2016-02-06 05:15 - 00003078 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan)
2016-02-04 10:07 - 2016-02-05 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-01-25 10:42 - 2016-01-25 10:42 - 00000000 ____D C:\ProgramData\Norton
2016-01-25 09:22 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\AVAST Software
2014-11-30 18:54 - 2014-11-30 12:41 - 1979240 _____ (Baidu, Inc.) C:\ProgramData\BavPro_Setup_Mini_GL1.exe
Panda Cloud Antivirus (Version: 4.02.00.0000 - Panda Security) Hidden
Task: {004BD1B3-5175-4FFF-8847-36552271C71A} - \Ad-Aware Antivirus Scheduled Scan -> No File <==== ATTENTION
Task: {11DBE9C2-672A-4B9F-B337-91F4F6AECE6D} - System32\Tasks\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\irfanview_lang_svenska.exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {164D37C2-FBAD-47B4-93B5-3062D9BB06C8} - System32\Tasks\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(1).exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {16847A77-A515-451B-AD81-A369021D3F38} - System32\Tasks\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75} => K:\autorunce.exe
Task: {16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD} - System32\Tasks\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4} => K:\autorunce.exe
Task: {1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7} - System32\Tasks\{A3E12639-911A-493D-8291-C43934499F4D} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35\MacDrive_Pro_9.0.3.35_en_Setup.exe -d C:\Users\Leffan\Desktop\Filhämtaren\MacDrive.Pro.9.0.3.35
Task: {223310F3-934C-496C-A4FE-9810DEC59970} - System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => C:\ProgramData\UpdaterSrv\UpdaterSrv.exe [2015-11-27] () <==== ATTENTION
Task: {2889796A-E8F9-4520-99FA-821415487847} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-4 -> No File <==== ATTENTION
Task: {295C9287-7247-4241-A63A-13C569A31320} - System32\Tasks\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467} => K:\autorunce.exe
Task: {29D5864E-025B-4966-A15A-DE22A64F2268} - System32\Tasks\{F1B96DF2-1E4B-4B84-B964-E431146708E6} => E:\SETUP.EXE
Task: {30648DF9-E656-4A7A-89E0-13E228B8D121} - System32\Tasks\{AC2E07DB-99E6-453D-AA25-78F464F22D37} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\Shockwave_Installer_Slim(2).exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {317ABD25-4807-4239-9D10-2E7091227F3E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-5 -> No File <==== ATTENTION
Task: {356EBFDA-3CC2-4016-8ED7-636D5E28828E} - \Driver Booster SkipUAC (SYSTEM) -> No File <==== ATTENTION
Task: {3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284} - System32\Tasks\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB} => Z:\Panda Internet Security 2012 16.00\PANDAIS12PROMO1M.exe
Task: {444E300E-8607-4E58-8F83-E6C10EB96832} - System32\Tasks\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001 => Chrome.exe 
Task: {4D35091C-063F-4653-8089-D1F27F254E4A} - System32\Tasks\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734} => K:\autorunce.exe
Task: {4EFDB5BD-5CF7-4748-A9BF-644E48425207} - System32\Tasks\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3} => E:\SETUP.EXE
Task: {58C96A45-1DD1-4A30-8713-791B8136D6BC} - \060184C3-9766-46a0-B258-F4518A0B2633 -> No File <==== ATTENTION
Task: {652D917A-B005-4661-AC63-65A9D11E503D} - \Trojan Killer -> No File <==== ATTENTION
Task: {69EE0CD2-9496-49FC-A7BD-D1125394A0DB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-3 -> No File <==== ATTENTION
Task: {6B448F61-307A-4135-AD66-6F550557B5DE} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-5 -> No File <==== ATTENTION
Task: {6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-2 -> No File <==== ATTENTION
Task: {74D6BFB7-14FC-4A5B-8098-40C8CC043052} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {77EB921A-148E-4F20-BA05-D35731BCCA98} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {78039CD5-5495-42E4-BE47-5E3558F8B528} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-6 -> No File <==== ATTENTION
Task: {85070D5E-1745-4C48-8902-71A36068310A} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-3 -> No File <==== ATTENTION
Task: {898B9353-42B6-461F-82B1-7A6D54A86697} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8EBC57F6-CD69-4FB0-A11D-E82261535D49} - System32\Tasks\{D296527F-224B-4CB7-8A65-6E8492A3448E} => E:\SETUP.EXE
Task: {939CE0A3-F6DD-4A69-95CD-0E1B19588965} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-2 -> No File <==== ATTENTION
Task: {AA8CC61F-0624-4AC9-89C5-F8AD72D82401} - \DealPlyUpdate -> No File <==== ATTENTION
Task: {AADCE8B4-4F47-473C-84ED-6137DB7AC4F2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Reboot:
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInternetOpenWhith => value removed successfully
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\Machine => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully
"HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75CC006D-9CF6-4B1D-84CA-A8B8122B71FD}" => key removed successfully
HKCR\CLSID\{75CC006D-9CF6-4B1D-84CA-A8B8122B71FD} => key not found. 
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D554D8FC-B36D-4BB4-93DB-4A3394D505E3} => value removed successfully
HKCR\CLSID\{D554D8FC-B36D-4BB4-93DB-4A3394D505E3} => key not found. 
HKCR\PROTOCOLS\Handler\gopher => key not found. 
Firefox "Keyword.URL" removed successfully
HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Software\Mozilla\Firefox\Extensions\\acewebextension_unlisted@acestream.org => value removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll => not found.
C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll => not found.
C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll => not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll => not found.
C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf <==== ATTENTION => not found
C:\Users\Leffan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda <==== ATTENTION => not found
"HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\adkocghdlgfalpfkdohnkeaknpmcejpo" => key removed successfully
"HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\SOFTWARE\Google\Chrome\Extensions\jpmkmilbnbcikglaaonnlcfboiniggbf" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\adkocghdlgfalpfkdohnkeaknpmcejpo" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dbehnicccappldhpklckppjcdhlhcpmj" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\idiadiegplldnjnnhjfcggldbkjokmmd" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmkmilbnbcikglaaonnlcfboiniggbf" => key removed successfully
cmdGuard => Unable to stop service.
cmdGuard => service removed successfully
cmdHlp => Unable to stop service.
cmdHlp => service removed successfully
cpudrv64 => service removed successfully
fsbts => Unable to stop service.
fsbts => service removed successfully
inspect => service removed successfully
NNSALPC => Unable to stop service.
NNSALPC => service removed successfully
NNSPIHSW => service removed successfully
NNSPRV => Unable to stop service.
NNSPRV => service removed successfully
PSKMAD => service removed successfully
cffkog => service not found.
idsvc => service removed successfully
wpcsvc => service not found.
C:\WINDOWS\System32\Tasks\Driver Booster Scheduler => moved successfully
C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Leffan) => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 => moved successfully
C:\ProgramData\Norton => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\ProgramData\BavPro_Setup_Mini_GL1.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8BA78FA6-E817-454C-9D32-8DE04404119E}\\SystemComponent => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{004BD1B3-5175-4FFF-8847-36552271C71A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{004BD1B3-5175-4FFF-8847-36552271C71A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Antivirus Scheduled Scan" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11DBE9C2-672A-4B9F-B337-91F4F6AECE6D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11DBE9C2-672A-4B9F-B337-91F4F6AECE6D}" => key removed successfully
C:\WINDOWS\System32\Tasks\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BC714B4B-89C3-40CA-8F23-B9BBF6CAD63F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{164D37C2-FBAD-47B4-93B5-3062D9BB06C8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{164D37C2-FBAD-47B4-93B5-3062D9BB06C8}" => key removed successfully
C:\WINDOWS\System32\Tasks\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{59F96B7A-73E5-44E4-B5AD-AF03F5886C1A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16847A77-A515-451B-AD81-A369021D3F38}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16847A77-A515-451B-AD81-A369021D3F38}" => key removed successfully
C:\WINDOWS\System32\Tasks\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F4359D6F-85B6-4AFB-AE38-C6AE331AEC75}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16B1B04B-5ED2-48EE-8870-9D7D3D0BDBAD}" => key removed successfully
C:\WINDOWS\System32\Tasks\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C37273C0-39BA-4AE6-B0E3-E13EA5DAB9B4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E1C1BE6-68FA-4F6D-A1E4-E231A5C8A5E7}" => key removed successfully
C:\WINDOWS\System32\Tasks\{A3E12639-911A-493D-8291-C43934499F4D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3E12639-911A-493D-8291-C43934499F4D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{223310F3-934C-496C-A4FE-9810DEC59970}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{223310F3-934C-496C-A4FE-9810DEC59970}" => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Software\UpdaterSrv => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Software\UpdaterSrv" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2889796A-E8F9-4520-99FA-821415487847}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2889796A-E8F9-4520-99FA-821415487847}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-4 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{295C9287-7247-4241-A63A-13C569A31320}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{295C9287-7247-4241-A63A-13C569A31320}" => key removed successfully
C:\WINDOWS\System32\Tasks\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DA30E9A0-8F21-4EF2-9BE1-1217EDC7A467}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29D5864E-025B-4966-A15A-DE22A64F2268}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29D5864E-025B-4966-A15A-DE22A64F2268}" => key removed successfully
C:\WINDOWS\System32\Tasks\{F1B96DF2-1E4B-4B84-B964-E431146708E6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F1B96DF2-1E4B-4B84-B964-E431146708E6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30648DF9-E656-4A7A-89E0-13E228B8D121}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30648DF9-E656-4A7A-89E0-13E228B8D121}" => key removed successfully
C:\WINDOWS\System32\Tasks\{AC2E07DB-99E6-453D-AA25-78F464F22D37} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AC2E07DB-99E6-453D-AA25-78F464F22D37}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{317ABD25-4807-4239-9D10-2E7091227F3E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{317ABD25-4807-4239-9D10-2E7091227F3E}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-5 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{356EBFDA-3CC2-4016-8ED7-636D5E28828E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{356EBFDA-3CC2-4016-8ED7-636D5E28828E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (SYSTEM)" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E0B49E5-8BA7-4BBF-80D7-CF2BD832B284}" => key removed successfully
C:\WINDOWS\System32\Tasks\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7DD28194-6AFC-4E6C-AC62-B654047CD0AB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{444E300E-8607-4E58-8F83-E6C10EB96832}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{444E300E-8607-4E58-8F83-E6C10EB96832}" => key removed successfully
C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestartS-1-5-21-2436640913-3975503498-2043303906-1001" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D35091C-063F-4653-8089-D1F27F254E4A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D35091C-063F-4653-8089-D1F27F254E4A}" => key removed successfully
C:\WINDOWS\System32\Tasks\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3BF14F7F-7CCD-4902-AD32-09D6B4CF3734}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4EFDB5BD-5CF7-4748-A9BF-644E48425207}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EFDB5BD-5CF7-4748-A9BF-644E48425207}" => key removed successfully
C:\WINDOWS\System32\Tasks\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{06208045-6DD4-4CF1-80E0-4AB9CA83A4B3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{58C96A45-1DD1-4A30-8713-791B8136D6BC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58C96A45-1DD1-4A30-8713-791B8136D6BC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{652D917A-B005-4661-AC63-65A9D11E503D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{652D917A-B005-4661-AC63-65A9D11E503D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trojan Killer" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{69EE0CD2-9496-49FC-A7BD-D1125394A0DB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69EE0CD2-9496-49FC-A7BD-D1125394A0DB}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-3 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B448F61-307A-4135-AD66-6F550557B5DE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B448F61-307A-4135-AD66-6F550557B5DE}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-5 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD29950-7CF3-4C0E-9CBB-AFE7FBE52A69}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-2 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74D6BFB7-14FC-4A5B-8098-40C8CC043052}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74D6BFB7-14FC-4A5B-8098-40C8CC043052}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77EB921A-148E-4F20-BA05-D35731BCCA98}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77EB921A-148E-4F20-BA05-D35731BCCA98}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{78039CD5-5495-42E4-BE47-5E3558F8B528}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78039CD5-5495-42E4-BE47-5E3558F8B528}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-6 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{85070D5E-1745-4C48-8902-71A36068310A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85070D5E-1745-4C48-8902-71A36068310A}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-3 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{898B9353-42B6-461F-82B1-7A6D54A86697}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{898B9353-42B6-461F-82B1-7A6D54A86697}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EBC57F6-CD69-4FB0-A11D-E82261535D49}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EBC57F6-CD69-4FB0-A11D-E82261535D49}" => key removed successfully
C:\WINDOWS\System32\Tasks\{D296527F-224B-4CB7-8A65-6E8492A3448E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D296527F-224B-4CB7-8A65-6E8492A3448E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{939CE0A3-F6DD-4A69-95CD-0E1B19588965}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{939CE0A3-F6DD-4A69-95CD-0E1B19588965}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-2 => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AA8CC61F-0624-4AC9-89C5-F8AD72D82401}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA8CC61F-0624-4AC9-89C5-F8AD72D82401}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AADCE8B4-4F47-473C-84ED-6137DB7AC4F2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AADCE8B4-4F47-473C-84ED-6137DB7AC4F2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
 
 
The system needed a reboot.
 
==== End of Fixlog 11:54:06 ====

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Utmärkt!
 
1. När du avinstallerar antivirusprogram, brandväggar och liknande är det nödvändigt att också hämta tillverkarens särskilda Removal/Uninstall Tool för att få bort allt av programmet eftersom en kvarliggande drivrutin kan krocka med nästa program och orsaka problem. I din dator hittade jag rester av Comodo, Panda, Norton, AVG och Avast, vilket kan orsaka många olika sorters problem och inte bara med Windows-uppdateringar. En del av resterna har skriptet med FRST tagit bort men det finns med all säkerhet mer i registret. Din dator skulle faktiskt må bra av en ren ominstallation av Windows 10 utan att något gammalt behålls, så att där inte ligger kvar (rester av) en massa program som du inte längre använder.
 
2. Använd inte program som Driver Booster för dessa drivrutinshittarprogram orsakar mer problem i längden eftersom de förr eller senare kommer att ta in en drivrutin som inte är bra för datorn.
 
Det finns ingen anledning att ha IObit Malware Fighter när du har det mycket bättre Malwarebytes Anti-Malware, och när det gäller realtidsskydd är det bättre att du installerar ett bra antivirusprogram i stället, gärna ett som kan upptäcka reklamprogram. Likaså behöver du inte IObit Uninstaller när du har det bättre Revo Uninstaller. Smart Defrag eller andra defragmenteringsprogram behövs inte i Windows 10 eftersom det defragmenteringsprogrammet som redan finns i Windows 10 är så bra.
 
Du har tre gamla versioner av Java installerade och dessa innehåller kända säkerhetshål som kan användas att infektera datorn från en webbsida. De flesta klarar sig utmärkt utan att ha Java installerat men om du måste ha det är det viktigt att alltid ha den senaste versionen.
 
 
3. Jag var tidigare idag tvungen att avbryta innan jag hade plockat bort alla gamla rester som syns i loggarna så här kommer resten.
 
Starta programmet Anteckningar.
Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
Task: {B44DCCB2-CBCF-43CA-9AB4-DF65EEB3BDDD} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-1 -> No File <==== ATTENTION
Task: {BCCF1E13-4ADA-4182-97D7-E996AD2B877E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {BDA71962-EA5D-4385-81B3-48EFF84EBB70} - \94A46359-5537-4201-BEFD-1EC63DFD0949 -> No File <==== ATTENTION
Task: {C0D0348D-C956-46A1-B30F-B57043226A65} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-7 -> No File <==== ATTENTION
Task: {C6FA3A30-ECA9-4DD0-85B3-7845A3DD0CCB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-4 -> No File <==== ATTENTION
Task: {C7B71700-04D1-4AEC-8975-2B954CF4CA3D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C9482E4C-B40B-42BD-8020-2AAC7828AC83} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit)
Task: {CD41C298-24DD-4BF6-9270-1017E4B9D929} - System32\Tasks\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => pcalua.exe -a Z:\SETUP.EXE -d Z:\
Task: {D1A30C2B-02ED-4D75-8DDB-9D13BF40EC9E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-1 -> No File <==== ATTENTION
Task: {D3DA3BE4-9D44-4387-9A8A-77A70F3DD1CD} - System32\Tasks\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\CloudAntivirus.exe -d C:\Users\Leffan\Desktop\Filhämtaren
Task: {D41550B9-1CE4-4475-A57B-43C3155818D2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D6BBD0A2-36BA-4F27-A243-E3D982AA8323} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E3022D0E-ECFA-4AA9-A2A9-E563007E921C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E48E7272-8EFE-40BA-8172-A9B5426507E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E6423FD3-6C70-4406-81ED-A50E74108523} - \SpyHunter4Startup -> No File <==== ATTENTION
Task: {E7E05EA5-8067-4E1E-8904-3B8FE7CE21BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {FC8AF801-5C9D-4E5D-973B-D3A3F36DB387} - System32\Tasks\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => K:\autorunce.exe
Reboot:

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.
Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.
Om datorn inte startas om automatiskt så gör det själv.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.


4. Jag ser nu att du inte fick med hela Addition.txt i inlägg 20 så om du vill ha en genomgång av hela får du klistra in den på nytt.

 

 

5. Avinstallation av AdwCleaner:

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.
Klicka på Uninstall-knappen.

6. Avinstallation av FRST (om du inte vill ha någon ytterligare genomgång):

Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe
Dubbelklicka på filen för att starta programmet.
Tryck på knappen CleanUp! och FRST m.fl. rensningsprogram kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.
 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



×
×
  • Skapa nytt...