Just nu i M3-nätverket
Gå till innehåll
Leffan55

Windows 10 update

Rekommendera Poster

Fix result of Farbar Recovery Scan Tool (x64) Version:17-02-2016

Ran by Leffan (2016-02-18 13:32:33) Run:6

Running from C:\Users\Leffan\Desktop

Loaded Profiles: Leffan & DefaultAppPool (Available Profiles: Leffan & DefaultAppPool)

Boot Mode: Normal

==============================================

 

fixlist content:

*****************

CreateRestorePoint:

CloseProcesses:

Task: {B44DCCB2-CBCF-43CA-9AB4-DF65EEB3BDDD} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-1 -> No File <==== ATTENTION

Task: {BCCF1E13-4ADA-4182-97D7-E996AD2B877E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {BDA71962-EA5D-4385-81B3-48EFF84EBB70} - \94A46359-5537-4201-BEFD-1EC63DFD0949 -> No File <==== ATTENTION

Task: {C0D0348D-C956-46A1-B30F-B57043226A65} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-7 -> No File <==== ATTENTION

Task: {C6FA3A30-ECA9-4DD0-85B3-7845A3DD0CCB} - \00e1002c-7029-4aa8-96af-5a4f99b861b7-4 -> No File <==== ATTENTION

Task: {C7B71700-04D1-4AEC-8975-2B954CF4CA3D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {C9482E4C-B40B-42BD-8020-2AAC7828AC83} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit)

Task: {CD41C298-24DD-4BF6-9270-1017E4B9D929} - System32\Tasks\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => pcalua.exe -a Z:\SETUP.EXE -d Z:\

Task: {D1A30C2B-02ED-4D75-8DDB-9D13BF40EC9E} - \2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-1 -> No File <==== ATTENTION

Task: {D3DA3BE4-9D44-4387-9A8A-77A70F3DD1CD} - System32\Tasks\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\CloudAntivirus.exe -d C:\Users\Leffan\Desktop\Filhämtaren

Task: {D41550B9-1CE4-4475-A57B-43C3155818D2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

Task: {D6BBD0A2-36BA-4F27-A243-E3D982AA8323} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Task: {E3022D0E-ECFA-4AA9-A2A9-E563007E921C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {E48E7272-8EFE-40BA-8172-A9B5426507E1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {E6423FD3-6C70-4406-81ED-A50E74108523} - \SpyHunter4Startup -> No File <==== ATTENTION

Task: {E7E05EA5-8067-4E1E-8904-3B8FE7CE21BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {FC8AF801-5C9D-4E5D-973B-D3A3F36DB387} - System32\Tasks\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => K:\autorunce.exe

Reboot:

*****************

 

Restore point was successfully created.

Processes closed successfully.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B44DCCB2-CBCF-43CA-9AB4-DF65EEB3BDDD} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-1 => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCCF1E13-4ADA-4182-97D7-E996AD2B877E} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BDA71962-EA5D-4385-81B3-48EFF84EBB70} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\94A46359-5537-4201-BEFD-1EC63DFD0949 => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0D0348D-C956-46A1-B30F-B57043226A65} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-7 => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6FA3A30-ECA9-4DD0-85B3-7845A3DD0CCB} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\00e1002c-7029-4aa8-96af-5a4f99b861b7-4 => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7B71700-04D1-4AEC-8975-2B954CF4CA3D} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9482E4C-B40B-42BD-8020-2AAC7828AC83} => key not found. 

C:\WINDOWS\System32\Tasks\Driver Booster Scheduler => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD41C298-24DD-4BF6-9270-1017E4B9D929} => key not found. 

C:\WINDOWS\System32\Tasks\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A902D564-1FC2-4F00-8BD4-87BCD4C0AADE} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1A30C2B-02ED-4D75-8DDB-9D13BF40EC9E} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2e10d0f9-1239-4dc7-85f8-42db6a7eaea5-1 => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3DA3BE4-9D44-4387-9A8A-77A70F3DD1CD} => key not found. 

C:\WINDOWS\System32\Tasks\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8A820D50-A31C-4E71-B1E8-8BB1FBEF31D4} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D41550B9-1CE4-4475-A57B-43C3155818D2} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6BBD0A2-36BA-4F27-A243-E3D982AA8323} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3022D0E-ECFA-4AA9-A2A9-E563007E921C} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E48E7272-8EFE-40BA-8172-A9B5426507E1} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6423FD3-6C70-4406-81ED-A50E74108523} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7E05EA5-8067-4E1E-8904-3B8FE7CE21BD} => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key not found. 

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC8AF801-5C9D-4E5D-973B-D3A3F36DB387} => key not found. 

C:\WINDOWS\System32\Tasks\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => not found.

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6EF34E5D-A5E9-4717-AEDF-B3DF67F71C63} => key not found. 

 

 

The system needed a reboot.

 

==== End of Fixlog 13:32:52 ====

 


Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-02-2016

Ran by Leffan (2016-02-18 13:29:11)

Running from C:\Users\Leffan\Desktop

Windows 10 Home (X64) (2016-02-17 10:04:41)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administratör (S-1-5-21-2436640913-3975503498-2043303906-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-2436640913-3975503498-2043303906-503 - Limited - Disabled)

Gäst (S-1-5-21-2436640913-3975503498-2043303906-501 - Limited - Disabled)

Leffan (S-1-5-21-2436640913-3975503498-2043303906-1001 - Administrator - Enabled) => C:\Users\Leffan

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\uTorrent) (Version: 3.4.5.41073 - BitTorrent Inc.)

64 Bit HP CIO Components Installer (Version: 17.2.1 - Hewlett-Packard) Hidden

Adobe Acrobat Reader DC - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated)

Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)

Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.3.183 - Adobe Systems, Inc.)

Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit)

Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{AB71D51A-DD83-4C22-98E2-DF8CB803F65D}) (Version: 1.14.17.06729 - Alcor Micro Corp.)

Alcor Micro USB Card Reader (x32 Version: 1.14.17.06729 - Alcor Micro Corp.) Hidden

Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)

Apple-programstöd (32-bitar) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)

Apple-programstöd (64-bitar) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)

AVCWare Ringtone Maker (HKLM-x32\...\AVCWare Ringtone Maker) (Version: 2.0.5.20120712 - AVCWare)

AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6172 - AVG Technologies)

AVG 2015 (Version: 15.0.6172 - AVG Technologies) Hidden

BankID säkerhetsprogram (HKLM-x32\...\{1BDBF557-BA87-438F-9B28-AE4D836E35BA}) (Version: 7.1.0.20 - Finansiell ID-Teknik BID AB)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Call of Duty: Black Ops (HKLM-x32\...\Call of Duty: Black Ops_is1) (Version:  - )

Compatibility Pack för Office 2007-systemet (HKLM-x32\...\{90120000-0020-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2712 - CyberLink Corp.)

DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.0.3715 - Hewlett-Packard)

DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden

Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)

Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )

EZ CD Audio Converter (HKLM-x32\...\EZ CD Audio Converter) (Version: 2.7 - Poikosoft)

Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)

FileSearchy Pro (HKLM-x32\...\FileSearchy Pro) (Version: 1.11 - Midlinesoft)

FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)

FSS Google Maps Downloader version 2.0.8.1 (HKLM-x32\...\FSS Google Maps Downloader_is1) (Version: 2.0.8.1 - FreeSmartSoft)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)

Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden

Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5418.39 - PC-Doctor, Inc.)

HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.12850.3526 - Hewlett-Packard)

HP MAINSTREAM KEYBOARD (HKLM-x32\...\{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}) (Version: 1.4.3.0 - Hewlett-Packard)

HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)

HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)

HP Product Detection (HKLM-x32\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP)

HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)

HP Setup (HKLM-x32\...\{F5C7FD70-2C0A-401E-95E9-916363567DDA}) (Version: 1.2.4048.3310 - Hewlett-Packard)

HP Support Assistant (HKLM-x32\...\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}) (Version: 6.0.5.4 - Hewlett-Packard Company)

HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)

HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)

HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)

HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)

HTC Sync (HKLM-x32\...\{1F9E5C64-165D-4679-BBB3-498D216D017B}) (Version: 3.3.7 - HTC Corporation)

HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.13.0 - HTC)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)

IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)

IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.41 - Irfan Skiljan)

iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)

Kursomvandlaren 1.0 (HKLM-x32\...\Kursomvandlaren) (Version: 1.0 - Kursomvandlaren.se)

Leapic Audio Cutter 3.0 (HKLM-x32\...\Leapic Audio Cutter_is1) (Version:  - Leapic Software)

LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)

Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_ENTERPRISE_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version:  - Microsoft)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_ENTERPRISE_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version:  - Microsoft)

Microsoft Office PowerPoint Viewer 2007 (Swedish) (HKLM-x32\...\{95120000-00AF-041D-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_ENTERPRISE_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version:  - Microsoft)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.0.3715 - Hewlett-Packard)

Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.0.3715 - Hewlett-Packard) Hidden

Mozilla Firefox 43.0.1 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 sv-SE)) (Version: 43.0.1 - Mozilla)

Mozilla Firefox 44.0.2 (x64 sv-SE) (HKLM\...\Mozilla Firefox 44.0.2 (x64 sv-SE)) (Version: 44.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)

Nordea NCR1 Installationspaket (HKLM-x32\...\{CD9A35D4-8A81-4188-98AF-14D759083FB4}) (Version: 1.00.000 - Todos Data System AB)

NVIDIA 3D Vision drivrutin 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.92 - NVIDIA Corporation)

NVIDIA 3D Vision drivrutin för styrenhet 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.70 - NVIDIA Corporation)

NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5936 - NVIDIA Corporation)

NVIDIA Grafikdrivrutin 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)

NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

NVIDIA-uppdatering 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

Panda Cloud Antivirus (HKLM\...\{8BA78FA6-E817-454C-9D32-8DE04404119E}) (Version: 4.02.00.0000 - Panda Security)

PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PopChar 6.0 (HKLM\...\ergonis PopChar_is1) (Version: 6.0 - Ergonis Software)

Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3810 - CyberLink Corp.)

Power2Go (x32 Version: 6.1.3810 - CyberLink Corp.) Hidden

Privacy Eraser (HKLM\...\{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 4.4.0.1580 - Cybertron Software Co., Ltd.)

PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden

QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)

QuickTime Alternative 3.1.1 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.1.1 - )

Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.23.0 - Mediatek)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.30.1019.2010 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)

Recovery Manager (x32 Version: 5.5.2719 - CyberLink Corp.) Hidden

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Revo Uninstaller Pro 3.1.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.1 - VS Revo Group, Ltd.)

SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com)

Spotify (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\Spotify) (Version: 1.0.20.101.ge6957e14 - Spotify AB)

SpringFiles (HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\SpringFiles) (Version: 29.15.38 - hxxp://www.spring-file.com)

SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)

Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )

System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)

UniPDF 1.0.5 (HKLM-x32\...\UniPDF) (Version: 1.0.5 - UniPDF.com)

Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Leffan\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {015D92BF-3905-4212-8E37-9573EF8946D3} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe

Task: {017E6A68-2D3A-4FA1-B9C4-489B1D3AE6D0} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-05-29] ()

Task: {047C2F9F-5DEA-4650-B407-DC0512536094} - System32\Tasks\{5EC01EB6-9E5A-404A-99B8-6CF97B7ED3DD} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {0809A89E-404A-4D5D-9B26-081576289B9C} - System32\Tasks\Cybertron\Privacy Eraser\SkipUAC_Leffan => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser.exe [2015-10-02] (Cybertron Software, Co., Ltd.)

Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {0D55A894-4243-46AA-BE55-3FFB87D20595} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()

Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe

Task: {13353C5F-3569-4E84-A2EE-1A5DC2B78CEF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-16] (Microsoft Corporation)

Task: {13802080-A435-460E-A8C8-EE026D9DF1F0} - System32\Tasks\{B1087BD8-E5F8-459E-BA42-82D7589A720E} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {1537EDA8-027A-4507-AC4E-93A4E0BFC640} - \Driver Booster SkipUAC (Leffan) -> No File <==== ATTENTION

Task: {1BE0B7D9-F640-4E4D-BF8A-D035646B5661} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

Task: {1D3967CC-676A-486B-A20A-3DA07F5B7958} - System32\Tasks\{0FB8EBCC-9766-45A7-A303-D09B0B9BD45F} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {2341FCA8-7C90-436F-8B08-84E93950E58A} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

Task: {2575C29E-BA05-48B9-B0EF-6862BF8429B2} - System32\Tasks\{39A1BCC2-0D94-4E8E-8E99-434667EC37F3} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {27122E99-4230-4EE8-856C-CC8CD289A0AC} - System32\Tasks\{1E89BF2A-0738-4751-B74F-BCC148691285} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {29990644-B79A-4F9B-B184-45225F368080} - System32\Tasks\{2FC1D531-7D62-49B0-92F6-4B6A33DC012C} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe

Task: {30EEFFE7-99F8-4860-A81D-2AFAEDBE4098} - System32\Tasks\{998C7732-8855-4A08-BA4C-F1AA473C9E70} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {315B28B0-9835-4E3F-B81E-0E16ADEAA9C8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe

Task: {32ABA5C1-E0ED-4BDF-86A9-C75D45B0BB89} - System32\Tasks\{BF677917-AD42-4C99-9564-FF7DBC764A70} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {33589691-0896-46B4-82DB-FA2BA62038EF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)

Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe

Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe

Task: {3A32527B-676D-44D5-A90F-6BFEC2A4F8B3} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {420544F1-038F-40DC-BCED-EE3CA989F9F6} - \CCleanerSkipUAC -> No File <==== ATTENTION

Task: {444C3CA9-1CE7-4575-9A68-6A1FDBB08DBB} - System32\Tasks\{20ECD2CE-4BE8-4120-86B6-DA4CED53A141} => pcalua.exe -a "J:\Program\Logitech Mus MX310\mw9791sve.exe" -d "J:\Program\Logitech Mus MX310"

Task: {4D515E26-8912-4948-B044-54DA5F548274} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)

Task: {4D714B6F-CC7F-434B-B049-EC548F68FAF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

Task: {4E644A8D-2A48-4553-8495-CD9AC56C475A} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2010-02-02] (PC-Doctor, Inc.)

Task: {5B252DF3-DD42-4593-8E1F-70DA4CD5C926} - System32\Tasks\HPCeeScheduleForLeffan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)

Task: {5C3682DC-00C4-42B6-BDF4-291CE450520B} - System32\Tasks\{F72B7057-8A2E-4A3A-B919-8BDB5F2C34D5} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {6AEB90CA-E25E-4F7A-B6D0-7D1E6D95B5F8} - System32\Tasks\{3408CB37-2C67-46A7-928D-1F3F71DBEED5} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe

Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe

Task: {80D92798-093B-468D-B973-D733520C10F6} - System32\Tasks\ASC7U_SkipUac_Leffan => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe

Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe

Task: {8B42502E-AF26-4A3D-AB75-BFDE38F8AF19} - System32\Tasks\{649C94FF-5E42-4F31-9F1C-CDDB2C654B8B} => pcalua.exe -a "C:\Program Files (x86)\AVS4YOU\Uninstall.exe"

Task: {8E7FC1F8-9DB1-46F7-AF7B-71F743F23BC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

Task: {93AA24D5-D9E4-469D-B51A-E507DFB86F5F} - System32\Tasks\{8696F1B7-7B49-4C88-86BE-E5436E6B9BE6} => pcalua.exe -a C:\Users\Leffan\Desktop\Filhämtaren\daemon-tools.exe -d "C:\Program Files (x86)\Mozilla Firefox"

Task: {94725C4A-D8DC-4E84-AEC9-35897AA0FFD5} - System32\Tasks\{4A6B5362-1860-456A-8FAB-6FC474D30AD7} => pcalua.exe -a "C:\Windows\SysWOW64\Adobe\Shockwave 11\syminstallstub.exe" -d C:\Users\Leffan\Desktop -c /partnerid=adobe /productlist=nss /staging=false /debug /delay=0

Task: {9A7CE315-F2C2-4B0B-8DA0-9CAF1E927ACA} - System32\Tasks\{8A0B35A7-C76F-4160-875B-0BB3716F167C} => pcalua.exe -a "C:\Users\Leffan\Desktop\Eget\Olika Prog\wmp11-windowsxp-x86-SV-SE.exe" -d "C:\Users\Leffan\Desktop\Eget\Olika Prog"

Task: {9CD1E83E-15B1-4314-8AC2-A61E697DE0A4} - System32\Tasks\{1490BFE5-F5BB-46E0-B4CD-3438C4957884} => pcalua.exe -a E:\SETUP.EXE -d E:\

Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe

Task: {9FD1CE56-EE7B-46D6-9B34-6DA76FB6DC3D} - System32\Tasks\{5B06E479-555D-4864-88DE-72A2B6FBB1FD} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {A16E9003-48D6-4F34-8636-B33F3D67537A} - System32\Tasks\{6EBDE3E0-2BE7-4C3C-B5E1-2605F8CB5563} => K:\autorunce.exe

Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe

Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe

Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe

Task: {B615642F-8AF5-4AD7-91F3-7A384DC7BAC1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {BA1D5441-965F-4AE2-B6B4-DE072B4F1248} - System32\Tasks\{7BB7C00D-46F6-4294-BD6C-567F503637BE} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {BF83FDDD-7C67-489B-96E9-2F7FB75415A5} - System32\Tasks\ASC9_SkipUac_Leffan => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2015-11-30] (IObit)

Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {D5202B90-EDB2-4155-A1EC-894D7B408267} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-04] (Adobe Systems Incorporated)

Task: {D8638B38-356A-42C6-AA41-E91C12A2A6E8} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)

Task: {D98F64A5-ECB7-4D90-9CC0-A4EEBC4B262E} - System32\Tasks\FileSearchyPro_SkipUAC => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [2014-02-14] ()

Task: {DF59405B-CB86-427C-A8D5-0EA50790CFFF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

Task: {E47DC616-F79D-4ECC-A214-5E9F4131EE24} - System32\Tasks\{5BA75C5D-537E-401B-BB74-A1494BA2FCE4} => pcalua.exe -a "C:\Program Files (x86)\Personal\bin\persinst.exe" -d "C:\Program Files (x86)\Personal\bin"

Task: {E604A3F7-FC9F-4A15-B8C2-9EFFB0635A06} - System32\Tasks\Google Updater and Installer => C:\Users\Leffan\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {E886E1C4-44AE-44C1-87C7-9AAC8FB9DAA1} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] ()

Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {EA2197B3-EBEC-433D-9B3E-FEA775E25760} - System32\Tasks\{F7F5755D-563D-42D9-89E1-5872D836B8EB} => C:\Users\Leffan\Desktop\Eget\EuroC\setup.exe

Task: {EC34AB08-DCA1-477E-A034-5DB7B65F6B87} - System32\Tasks\{D6F371CA-08A1-4B7E-9E2D-7585D37A4DC2} => K:\Program\CD-LP Skivor Cardfile\Cardfile.exe

Task: {F29CE86A-3B32-4B44-A08F-964AF154EA4E} - System32\Tasks\{803EC8C1-976B-466E-8FEE-A1E65CA27538} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {F6FC083E-8783-4D79-B152-E051CE275512} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

Task: {FAEA5001-7894-4392-AAEB-83E6A5C0C348} - System32\Tasks\{FF41CD49-FDD3-43FC-8C2F-819BCD47E52D} => C:\Users\Leffan\Desktop\Filhämtaren\CARDFILE.EXE

Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Leffan.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\HPCeeScheduleForLeffan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml

 

==================== Shortcuts =============================

 

(The entries could be listed to be restored or removed.)

 

==================== Loaded Modules (Whitelisted) ==============

 

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2016-02-17 10:31 - 2015-10-13 18:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2016-02-17 10:19 - 2016-02-17 10:19 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2016-02-17 10:19 - 2016-02-17 10:19 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

2014-05-27 11:33 - 2014-05-27 11:33 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

2016-02-17 10:19 - 2016-02-17 10:19 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll

2016-02-17 10:19 - 2016-02-17 10:19 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

2016-02-17 10:19 - 2016-02-17 10:19 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2016-02-17 10:19 - 2016-02-17 10:19 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2016-02-17 10:19 - 2016-02-17 10:19 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2016-02-17 10:19 - 2016-02-17 10:19 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2016-02-17 11:48 - 2016-02-17 11:49 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe

2014-03-24 10:31 - 2014-03-24 10:31 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll

2014-05-27 11:32 - 2014-05-27 11:32 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll

2014-03-24 10:32 - 2014-03-24 10:32 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll

2014-03-24 10:32 - 2014-03-24 10:32 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll

2014-03-24 10:32 - 2014-03-24 10:32 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll

2014-03-24 10:34 - 2014-03-24 10:34 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll

2014-03-24 10:36 - 2014-03-24 10:36 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

2013-11-15 18:42 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll

2016-02-11 08:23 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll

2016-02-11 08:23 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll

2016-02-17 11:48 - 2016-02-17 11:49 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll

2016-02-17 11:48 - 2016-02-17 11:49 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:\ProgramData\Temp:073341D1

AlternateDataStreams: C:\ProgramData\Temp:07BF512B

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4

AlternateDataStreams: C:\ProgramData\Temp:373E1720

AlternateDataStreams: C:\ProgramData\Temp:56E2E879

AlternateDataStreams: C:\ProgramData\Temp:5C321E34

AlternateDataStreams: C:\ProgramData\Temp:6DFF1A8A

AlternateDataStreams: C:\ProgramData\Temp:98181191

AlternateDataStreams: C:\ProgramData\Temp:C05ABBB5

AlternateDataStreams: C:\ProgramData\Temp:C5760A8B

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\008k.com -> 008k.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\00hq.com -> 00hq.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0190-dialers.com -> 0190-dialers.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\01i.info -> 01i.info

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0411dd.com -> 0411dd.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0511zfhl.com -> 0511zfhl.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\05p.com -> 05p.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0632qyw.com -> 0632qyw.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0calories.net -> 0calories.net

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0cj.net -> 0cj.net

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\0scan.com -> 0scan.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\1-domains-registrations.com -> 1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\1-se.com -> 1-se.com

IE restricted site: HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\1001movie.com -> 1001movie.com

 

There are 6127 more sites.

 

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 03:34 - 2015-09-21 15:46 - 00000949 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 

127.0.0.1 localhost

127.0.0.1 www.iobit.com

127.0.0.1 www.asc55.iobit.com

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leffan\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp

HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> 

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\Services: Apple Mobile Device => 2

MSCONFIG\Services: LightScribeService => 3

MSCONFIG\Services: MozillaMaintenance => 3

MSCONFIG\Services: NAUpdate => 3

MSCONFIG\Services: Secunia PSI Agent => 2

MSCONFIG\Services: Secunia Update Agent => 2

MSCONFIG\Services: SpyHunter 4 Service => 2

MSCONFIG\Services: WinDefend => 2

MSCONFIG\Services: WiseBootAssistant => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BankID säkerhetsprogram.lnk => C:\Windows\pss\BankID säkerhetsprogram.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Leffan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Setup.lnk => C:\Windows\pss\Setup.lnk.Startup

MSCONFIG\startupfolder: C:^Users^Leffan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^YoWindow.lnk => 

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Reader Speed Launcher => 

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: AVG_UI => 

MSCONFIG\startupreg: Browsers Protector => 

MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

MSCONFIG\startupreg: CommonToolkitTray => 

MSCONFIG\startupreg: CPA => 

MSCONFIG\startupreg: Google Update => 

MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe

MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup

MSCONFIG\startupreg: IAStorIcon => 

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Logitech Utility => LOGI_MWX.EXE

MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Leffan\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime Alternative\QTTask.exe" -atboottime

MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

MSCONFIG\startupreg: SDTray => 

MSCONFIG\startupreg: SearchSettings => 

MSCONFIG\startupreg: sfagent => 

MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background

MSCONFIG\startupreg: Spybot-S&D Cleaning => 

MSCONFIG\startupreg: SpybotSD TeaTimer => 

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: Telia => 

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

HKLM\...\StartupApproved\Run32: => "SDTray"

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "uTorrent"

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "FileSearchy Pro"

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-2436640913-3975503498-2043303906-1001\...\StartupApproved\Run: => "Spotify Web Helper"

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808

FirewallRules: [{6B1D7C96-BCB3-4CA5-98B3-2B275CA0F642}] => (Block) C:\users\leffan\appdata\roaming\spotify\spotify.exe

FirewallRules: [{2505942A-00EC-459D-9FBE-A749E520EAAB}] => (Block) C:\users\leffan\appdata\roaming\spotify\spotify.exe

FirewallRules: [uDP Query User{BDEF94DD-FCDA-4F33-9CEE-6BCD7F48624B}C:\users\leffan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leffan\appdata\roaming\spotify\spotify.exe

FirewallRules: [TCP Query User{7FBA5499-5F04-4324-9E55-E53B4D075F48}C:\users\leffan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leffan\appdata\roaming\spotify\spotify.exe

FirewallRules: [{99C4FCC9-849E-4A2F-9371-8F09DEB7F6CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{77100609-AF62-4E05-9D6B-328B187CB96D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{50DB1AD2-57AF-46B5-AD32-B0F5CF878655}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{FF2E9711-5D11-451D-9378-8CCB479EF96A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{53AC1C04-B420-492E-9261-3263116AA84D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{0BA1D425-7352-4A30-8E13-54FE2BB5B487}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{D3210709-F65D-433A-AFC8-2C8DB89AEBBD}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{23CED342-45A6-4B53-AE9C-C590CDD84CF8}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{0C9B086A-472D-4803-A2B9-869EFFE3B3D7}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{8B1EB20C-507A-4285-B609-5A252554FC65}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{82E67E65-D8D1-420B-A3E5-EFBA05E91C1D}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{08AD2175-9C59-410C-874E-D09D1F301738}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{E39CA200-0F33-44F5-9A7B-9650A14E2E70}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{2BF69994-4495-4298-8923-51066558E4FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{20B04BB7-7D9A-4995-B306-CB902B36D93C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [TCP Query User{232693B7-0B9B-4B06-BF78-6A7263CBA1C5}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe

FirewallRules: [uDP Query User{67C6D7D6-5C3C-4470-992E-90312FA30D1F}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe

FirewallRules: [TCP Query User{5579ED67-C65C-4EC8-BD0A-F7C5294232F6}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe

FirewallRules: [uDP Query User{AB9F266D-DD59-4304-A141-E14B84A63464}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe

FirewallRules: [{01149F99-49F3-40DF-9C1E-E3A30A3283E6}] => (Allow) C:\Windows\SysWOW64\msiexec.exe

FirewallRules: [{FA88A1AC-3745-4E4B-B54B-C66E2E01D226}] => (Allow) C:\Windows\SysWOW64\msiexec.exe

FirewallRules: [TCP Query User{73A9521C-0D38-4123-8771-C8F1BCAD70D4}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops\blackops.exe

FirewallRules: [uDP Query User{32F2739C-25AB-4EF8-ABCF-3BE7532946AA}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops\blackops.exe

FirewallRules: [TCP Query User{99F0F9AB-FEDA-4514-BEF2-CAFD9749D793}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe

FirewallRules: [uDP Query User{C74B7532-6DE7-4512-8F60-9CE5B5C4DF10}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe

FirewallRules: [TCP Query User{17073FEE-EC8E-4B73-B4EB-5136E9BBCD09}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe

FirewallRules: [uDP Query User{456024A2-EECA-41DF-8DCB-5BE0CE2C9A65}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe

FirewallRules: [TCP Query User{1E7B6E7F-8DFA-4BF9-A7A9-E038E30C413E}C:\program files (x86)\utorrent.exe] => (Allow) C:\program files (x86)\utorrent.exe

FirewallRules: [uDP Query User{B6D56527-655A-44B0-9B3C-6F8C9ADD9565}C:\program files (x86)\utorrent.exe] => (Allow) C:\program files (x86)\utorrent.exe

FirewallRules: [{47BCD015-8C25-4976-9489-EC0990529AB3}] => (Block) C:\program files (x86)\utorrent.exe

FirewallRules: [{8B481F7A-E28A-421F-997C-E81C94C96E2B}] => (Block) C:\program files (x86)\utorrent.exe

FirewallRules: [TCP Query User{E8002486-FC7A-41FC-B15C-77763877274D}C:\users\leffan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\leffan\appdata\roaming\utorrent\utorrent.exe

FirewallRules: [uDP Query User{403B1697-4BFC-4554-A0C3-B4BCEBC988D2}C:\users\leffan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\leffan\appdata\roaming\utorrent\utorrent.exe

FirewallRules: [{6D1688F0-0A73-4D68-95D2-8C8B73653695}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{37AF9967-E0CE-4DD9-AC91-97FC980C56A0}] => (Allow) C:\Users\Leffan\AppData\Roaming\uTorrent\uTorrent.exe

FirewallRules: [{2E131DD2-BA3D-4629-9017-B8B17CFB9E03}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe

FirewallRules: [{C68DC0A4-8072-4895-8643-C3C9A2B4B71E}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe

FirewallRules: [TCP Query User{682DDBFB-3A51-47F5-A1A5-77B7F1B158C6}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe

FirewallRules: [uDP Query User{F79188FF-B780-4047-AEDE-4B2431F1E67D}C:\program files (x86)\activision\call of duty - black ops\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty - black ops\blackops.exe

FirewallRules: [{1932C498-C858-47B3-9A07-EA7FA7E506AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{12EA3144-6F12-49C7-95BA-9C79CBE11EF3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{C91C2882-0D8B-4501-8C76-C5BE700687D8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

FirewallRules: [uDP Query User{EDCD2296-5E21-478A-A5E6-5657B2F41079}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

FirewallRules: [{9A5B3D93-837E-4A64-A0F9-2BC4813DFCE1}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe

FirewallRules: [{FC826B1C-502F-4B67-B045-1DB4E7F337E3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Restore Points =========================

 

17-02-2016 11:41:52 Revo Uninstaller Pro's restore point - Spybot - Search & Destroy

17-02-2016 11:53:11 Restore Point Created by FRST

18-02-2016 12:59:17 Revo Uninstaller Pro's restore point - Driver Booster 3.2

18-02-2016 13:04:23 Restore Point Created by FRST

18-02-2016 13:12:23 Revo Uninstaller Pro's restore point - IObit Malware Fighter 3

18-02-2016 13:15:58 Revo Uninstaller Pro's restore point - IObit Uninstaller

18-02-2016 13:17:32 Revo Uninstaller Pro's restore point - Smart Defrag 4

18-02-2016 13:18:52 Revo Uninstaller Pro's restore point - Java 8 Update 65

18-02-2016 13:19:08 Removed Java 8 Update 65

18-02-2016 13:20:10 Revo Uninstaller Pro's restore point - Java 8 Update 66

18-02-2016 13:20:30 Removed Java 8 Update 66

18-02-2016 13:21:38 Revo Uninstaller Pro's restore point - Java 8 Update 72

18-02-2016 13:22:03 Removed Java 8 Update 72

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (02/18/2016 01:22:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

 

System Error:

Det går inte att hitta filen.

.

 

Error: (02/18/2016 01:22:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Åtkomst nekad.

.

 

Error: (02/18/2016 01:21:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

 

System Error:

Det går inte att hitta filen.

.

 

Error: (02/18/2016 01:21:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Åtkomst nekad.

.

 

Error: (02/18/2016 01:20:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

 

System Error:

Det går inte att hitta filen.

.

 

Error: (02/18/2016 01:20:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Åtkomst nekad.

.

 

Error: (02/18/2016 01:20:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

 

System Error:

Det går inte att hitta filen.

.

 

Error: (02/18/2016 01:20:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Åtkomst nekad.

.

 

Error: (02/18/2016 01:19:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary RegFilter.

 

System Error:

Det går inte att hitta filen.

.

 

Error: (02/18/2016 01:19:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Åtkomst nekad.

.

 

 

System errors:

=============

Error: (02/18/2016 01:21:08 PM) (Source: DCOM) (EventID: 10016) (User: Leffan-HP)

Description: datorstandardvärdeLokalAktivering{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Leffan-HPLeffanS-1-5-21-2436640913-3975503498-2043303906-1001LocalHost (med LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

 

Error: (02/18/2016 01:21:07 PM) (Source: DCOM) (EventID: 10016) (User: Leffan-HP)

Description: datorstandardvärdeLokalAktivering{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Leffan-HPLeffanS-1-5-21-2436640913-3975503498-2043303906-1001LocalHost (med LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

 

Error: (02/18/2016 01:05:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Tjänsten Windows Search kunde inte startas på grund av följande fel: 

%%3

 

Error: (02/18/2016 01:04:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Tjänsten Synkroniseringsvärd_4b6dbd avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 10000 millisekunder: Starta om tjänsten.

 

Error: (02/18/2016 01:04:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Tjänsten Print Spooler avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 5000 millisekunder: Starta om tjänsten.

 

Error: (02/18/2016 01:04:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Tjänsten Message Queuing avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 120000 millisekunder: Starta om tjänsten.

 

Error: (02/18/2016 01:04:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Tjänsten Net.Pipe Lyssnaradapter avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 120000 millisekunder: Starta om tjänsten.

 

Error: (02/18/2016 01:04:37 PM) (Source: WAS) (EventID: 5175) (User: )

Description: Lyssnaradaptern som servar protokollet net.pipe kopplades oväntat bort.

 

Error: (02/18/2016 01:04:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Tjänsten Windows Modules Installer avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 120000 millisekunder: Starta om tjänsten.

 

Error: (02/18/2016 01:04:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Tjänsten Windows Search avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 30000 millisekunder: Starta om tjänsten.

 

 

CodeIntegrity:

===================================

  Date: 2016-02-18 13:28:40.220

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-02-18 13:28:40.214

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-02-18 13:25:24.482

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-02-18 13:25:24.476

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-02-18 12:48:19.702

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-02-18 12:48:19.695

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-02-18 12:48:19.621

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-02-18 12:48:19.613

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-02-18 12:48:19.603

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-02-18 12:48:08.651

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i7 CPU 860 @ 2.80GHz

Percentage of memory in use: 26%

Total physical RAM: 8151.07 MB

Available physical RAM: 5969.16 MB

Total Virtual: 16855.07 MB

Available Virtual: 14593.68 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:1383.85 GB) (Free:978.16 GB) NTFS

Drive d: (HP_RECOVERY) (Fixed) (Total:12.88 GB) (Free:1.52 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive z: (På Emirates) (Fixed) (Total:931.51 GB) (Free:586.57 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 1397.3 GB) (Disk ID: 6E198BB1)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=1383.8 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

Partition 4: (Not Active) - (Size=12.9 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 57BA3405)

Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

 

==================== End of Addition.txt ============================

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Starta programmet Anteckningar.
Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
AlternateDataStreams: C:\ProgramData\Temp:073341D1
AlternateDataStreams: C:\ProgramData\Temp:07BF512B
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:6DFF1A8A
AlternateDataStreams: C:\ProgramData\Temp:98181191
AlternateDataStreams: C:\ProgramData\Temp:C05ABBB5
AlternateDataStreams: C:\ProgramData\Temp:C5760A8B
Reboot:

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.
Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.
Om datorn inte startas om automatiskt så gör det själv.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Starta programmet Anteckningar.

Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
AlternateDataStreams: C:\ProgramData\Temp:073341D1
AlternateDataStreams: C:\ProgramData\Temp:07BF512B
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:6DFF1A8A
AlternateDataStreams: C:\ProgramData\Temp:98181191
AlternateDataStreams: C:\ProgramData\Temp:C05ABBB5
AlternateDataStreams: C:\ProgramData\Temp:C5760A8B
Reboot:

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Stäng av alla program.

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Om datorn inte startas om automatiskt så gör det själv.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:17-02-2016
Ran by Leffan (2016-02-18 17:28:04) Run:1
Running from C:\Users\Leffan\Desktop
Loaded Profiles: Leffan (Available Profiles: Leffan & DefaultAppPool)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
AlternateDataStreams: C:\ProgramData\Temp:073341D1
AlternateDataStreams: C:\ProgramData\Temp:07BF512B
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:6DFF1A8A
AlternateDataStreams: C:\ProgramData\Temp:98181191
AlternateDataStreams: C:\ProgramData\Temp:C05ABBB5
AlternateDataStreams: C:\ProgramData\Temp:C5760A8B
Reboot:
*****************
 
Restore point was successfully created.
Processes closed successfully.
C:\ProgramData\Temp => ":073341D1" ADS removed successfully.
C:\ProgramData\Temp => ":07BF512B" ADS removed successfully.
C:\ProgramData\Temp => ":0B4227B4" ADS removed successfully.
C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.
C:\ProgramData\Temp => ":6DFF1A8A" ADS removed successfully.
C:\ProgramData\Temp => ":98181191" ADS removed successfully.
C:\ProgramData\Temp => ":C05ABBB5" ADS removed successfully.
C:\ProgramData\Temp => ":C5760A8B" ADS removed successfully.
 
 
The system needed a reboot.
 
==== End of Fixlog 17:28:40 ====

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Utmärkt, då kan du avinstallera FRST så som jag skrev tidigare.

 

Efter denna operation så fungerar inte Windows knappen,sök knappen eller meddelande ikonen

på verktygsfältet.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Starta  kommandotolken och kör som admin

 

Kopiera och klistra in

dism /online /cleanup-image /checkhealth

6. Klicka sedan på Enter på ditt tangentbord.

7. När datorn är klar med ovanstående, så kopierar du nästa och trycker Enter

Dism /online /cleanup-image /restorehealth



9. När den är klar så skriver du följande kommando:

Sfc /scannow

10. Klicka sedan på Enter på ditt tangentbord.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Själva avinstallationen av FRST tar bara bort FRST-filerna och -mappen så det ska inte påverka Windows. Är du säker på att problemet inte uppstod tidigare?

 

Innan du ger dig på det utmärkta förslaget från Pelle Penna kan du kolla att det inte hjälper med att kolla att alla Windows-uppdateringar har kommit in och att det inte räcker med att starta om datorn ett par gånger.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Själva avinstallationen av FRST tar bara bort FRST-filerna och -mappen så det ska inte påverka Windows. Är du säker på att problemet inte uppstod tidigare?

 

Innan du ger dig på det utmärkta förslaget från Pelle Penna kan du kolla att det inte hjälper med att kolla att alla Windows-uppdateringar har kommit in och att det inte räcker med att starta om datorn ett par gånger.

 

Jag kommer inte åt några program via windowsknappen, inte inställningar eller kommandotolken.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Själva avinstallationen av FRST tar bara bort FRST-filerna och -mappen så det ska inte påverka Windows. Är du säker på att problemet inte uppstod tidigare?

 

Innan du ger dig på det utmärkta förslaget från Pelle Penna kan du kolla att det inte hjälper med att kolla att alla Windows-uppdateringar har kommit in och att det inte räcker med att starta om datorn ett par gånger.

Problemet var inte tidigare.

Om jag gör en systemåterställning, kommer allt skit som jag tagit bort tillbaka då ?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Har du prövat med att starta om datorn några gånger?

Det brukar få igång Windows Update.

 

När man råkar ut för det vanliga problemet med start-menyn och apparna brukar det fortfarande fungera att högerklicka på startknappen och i den menyn finns Kommandotolken. Det brukar också gå att trycka Ctrl+Alt+Del och välja Aktivitetshanteraren, sen i Aktivitetshanteraren kan man välja "Ny aktivitet" i en meny och om man då skriver in cmd kommer Kommandotolken att startas.

 

Varje gång du har kört FRST har det skapats en systemåterställningspunkt så du kan ju välja den senaste.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Har du prövat med att starta om datorn några gånger?

Det brukar få igång Windows Update.

 

När man råkar ut för det vanliga problemet med start-menyn och apparna brukar det fortfarande fungera att högerklicka på startknappen och i den menyn finns Kommandotolken. Det brukar också gå att trycka Ctrl+Alt+Del och välja Aktivitetshanteraren, sen i Aktivitetshanteraren kan man välja "Ny aktivitet" i en meny och om man då skriver in cmd kommer Kommandotolken att startas.

 

Varje gång du har kört FRST har det skapats en systemåterställningspunkt så du kan ju välja den senaste.

Detta kom upp vid kommandotolken: Error 740 

 

Har du prövat med att starta om datorn några gånger?

Det brukar få igång Windows Update.

 

När man råkar ut för det vanliga problemet med start-menyn och apparna brukar det fortfarande fungera att högerklicka på startknappen och i den menyn finns Kommandotolken. Det brukar också gå att trycka Ctrl+Alt+Del och välja Aktivitetshanteraren, sen i Aktivitetshanteraren kan man välja "Ny aktivitet" i en meny och om man då skriver in cmd kommer Kommandotolken att startas.

 

Varje gång du har kört FRST har det skapats en systemåterställningspunkt så du kan ju välja den senaste.

Fick Error 740 elevated permission are required to runDISM

Use an elevated command prompt to complete these tasks.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

I Windows-knappens högerklicksmeny väljer du Kommandotolken (Admin) eller något liknande (eller om det går att högerklicka på vanliga Kommandotolken och välja "Kör som administratör").

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

I Windows-knappens högerklicksmeny väljer du Kommandotolken (Admin) eller något liknande (eller om det går att högerklicka på vanliga Kommandotolken och välja "Kör som administratör").

 

Kommer ju inte åt kommandotolken, händer ingenting

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Du måste ju ha startat en vanlig kommandotolk för att få ett felmeddelande av DISM-kommandot.

 

Några alternativ för att starta en kommandotolk med fulla rättigheter:

 

Håll nere Windows-tangenten medan du trycker på X-tangenten.

Välj Kommandotolk (Admin).

 

Öppna Utforskaren genom att trycka Windows+E.
Leta fram mappen C:\Windows\System32

Högerklicka på programfilen cmd och välj Kör som administratör.

 

Pröva med att i den vanliga kommandotolken skriva:

powershell.exe -Command "Start-Process cmd -Verb RunAs"

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Du måste ju ha startat en vanlig kommandotolk för att få ett felmeddelande av DISM-kommandot.

 

Några alternativ för att starta en kommandotolk med fulla rättigheter:

 

Håll nere Windows-tangenten medan du trycker på X-tangenten.

Välj Kommandotolk (Admin).

 

Öppna Utforskaren genom att trycka Windows+E.

Leta fram mappen C:\Windows\System32

Högerklicka på programfilen cmd och välj Kör som administratör.

 

Pröva med att i den vanliga kommandotolken skriva:

powershell.exe -Command "Start-Process cmd -Verb RunAs"

 

windows resource protection did not find any intergrity violations.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Var det resultatet från SFC eller DISM?

Har du kört de andra kommandona och kollat det som Lars skrev på sidan jag länkade till?

Det var SFC, kollar just nu.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Var det resultatet från SFC eller DISM?

Har du kört de andra kommandona och kollat det som Lars skrev på sidan jag länkade till?

Inget funkade!

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Systemåterställning i en kommandotolk som är startad som Admin:

 

rstrui

Systemåterställning utförd,allt verkar fungera.

Tack för all hjälp Cecilia.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Systemåterställning utförd,allt verkar fungera.

Tack för all hjälp Cecilia.

Vad  bra!

 

Hur långt tillbaka gjorde du systemåterställningen?

Jag tänker på om det finns någon risk för att något olämpligt blev återställt?

 

I stället för att avinstallera FRST så som jag skrev förut kan du ta bort mappen C:\FRST, om den finns kvar.

 

Bara trevligt att kunna hjälpa till :)

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



×
×
  • Skapa nytt...