Just nu i M3-nätverket
Gå till innehåll
Sangris

Borttagning av Reimage

Rekommendera Poster

Sangris

Jag behöver hjälp med borttagning av ett program som lagt sig i min dator utan min vetskap. Det heter som rubriken säger, Reimage.

Antagligen något antivirusprogram (eller i vart fall utger sig för att vara det) Jag vill inte ha kvar det, men vet inte hur jag ska gå tillväga för att få bort det.

Tacksam för upplysning

/Sangris

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Sangris

Tack Cecilia.

Jag har nu laddat ner FRST och scannat av datorn. Detta är den logg som skapades:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2016
Ran by Kent (2016-07-02 12:23:17)
Running from C:\Users\Kent\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-14 21:07:03)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administratör (S-1-5-21-1046946943-3530856008-3823607057-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1046946943-3530856008-3823607057-503 - Limited - Disabled)
Gäst (S-1-5-21-1046946943-3530856008-3823607057-501 - Limited - Disabled) => C:\Users\Gäst
HomeGroupUser$ (S-1-5-21-1046946943-3530856008-3823607057-1002 - Limited - Enabled)
Kent (S-1-5-21-1046946943-3530856008-3823607057-1001 - Administrator - Enabled) => C:\Users\Kent
Lisbeth (S-1-5-21-1046946943-3530856008-3823607057-1003 - Limited - Enabled) => C:\Users\Lisbeth
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat Reader DC - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Apple-programstöd (32-bitar) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple-programstöd (64-bitar) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
AVG (Version: 16.81.7640 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4613 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.81.7640 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.1.831 - AVG Technologies)
BankID säkerhetsprogram (HKLM-x32\...\{4B2557F9-8C03-4BE7-9984-4DE525076580}) (Version: 6.4.0.22 - Finansiell ID-Teknik BID AB)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq4809) (Version:  - )
Center för Windows Mobile-enheter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Comviq Surf Connect (HKLM-x32\...\Comviq Surf Connect) (Version: 11.300.05.19.56 - Huawei Technologies Co.,Ltd)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.2.4725 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DIAL Communication Framework (HKLM-x32\...\{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}) (Version: 1.2.0.200 - DIAL GmbH)
DIALux 4.11 (HKLM-x32\...\DIALux) (Version: 4.11.0.3 - DIAL GmbH)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1046946943-3530856008-3823607057-1003\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
e-kort (HKLM-x32\...\{BA9632CB-2B93-4FD6-905C-BB325CE1C4DD}) (Version: 3.16.8.0 - FöreningsSparbanken)
e-kort (x32 Version: 1.1.0.0 - FöreningsSparbanken) Hidden
Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
EPSON P50 Series Printer Uninstall (HKLM\...\EPSON P50 Series) (Version:  - SEIKO EPSON Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
Epson Stylus Photo P50_T50 Handbok (HKLM-x32\...\Epson Stylus Photo P50_T50 Användarhandbok) (Version:  - )
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{768A6276-5822-489C-8A2B-67190F745655}) (Version: 4.1.2 - Hewlett-Packard)
Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
Fagerhult catalogue 01 / 2012 (HKLM-x32\...\{CD3B8A65-DFFE-4BD5-8430-5E376F61136E}) (Version: 3.00.0000 - Fagerhult)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden
Free PDF Reader (HKLM-x32\...\Free PDF Reader 1.0.0) (Version: 1.0.0 - Free PDF Soulutions)
Free PDF Reader (x32 Version: 1.0.0 - Free PDF Soulutions) Hidden
Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grundläggande enhetsprogramvara för HP Deskjet 2050 J510 series (HKLM\...\{CEE93371-0274-4691-9152-CA2FB0544148}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (HKLM\...\{DAAB29F9-07C3-4634-B9C6-413CF47B6E02}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{0D3A6808-82B8-4BB1-BE5A-AED75B3F6C02}) (Version: 2.20.11 - Hewlett-Packard Company)
HP Deskjet 2050 J510 series Hjälp (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Documentation (HKLM-x32\...\{16652164-D80F-4EE6-90C6-2E8D5D06092A}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\HP Photo Creations) (Version: 1.0.0.19382 - HP)
HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15109.3899 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{21E6AD46-62D8-45B7-ADB7-BC6A80D4B54F}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{A0E89543-3D17-4218-A28A-06D037E0BF46}) (Version: 12.4.18.7 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6392.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LearnWARE (HKLM-x32\...\LearnWARE) (Version: 11.15.2.0 - P&L Nordic AB)
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_PROPLUS_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Klicka-och-kör 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Outlook 2007 (HKLM-x32\...\OUTLOOKR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_PROPLUS_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - svenska (HKLM-x32\...\{90140011-0066-041D-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_PROPLUS_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 sv-SE)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Produktförbättringsstudie för HP Deskjet 2050 J510 series (HKLM\...\{1C1D7366-58A3-489A-BD74-B7FB1B4BFF22}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Ralink RT5390R 802.11b/g/n Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29004 - Realtek Semiconductor Corp.)
Reimage Protector (HKLM\...\Reimage Protector) (Version:  - Reimage) <==== ATTENTION
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Unity Web Player (HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-drivrutinspaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-drivrutinspaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VolvoOceanRace - Volvo Ocean Race Tracker - Tracker (HKLM-x32\...\VolvoOceanRace Volvo Ocean Race Tracker) (Version: "1.1.1" - "VolvoOceanRace")
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Kent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {070F2527-4116-4AB0-9D92-1E1782648E9E} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Kent\AppData\Roaming\HP Photo Creations\Communicator.exe [2015-10-30] ()
Task: {101DA682-7F50-4F1A-BA21-70F6153C933E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {107FAC4C-8B5D-40A0-87D3-959E48C25884} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {156F8421-5D02-4A94-9D8A-10F3EC39342B} - System32\Tasks\{EFF41288-4250-44EC-8C5E-91E9228F18CE} => pcalua.exe -a "C:\Program Files\Reimage\Reimage Repair\uninst.exe"
Task: {15DB85DF-9163-41C8-B7B2-BD8AF9802CA7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1003Core => C:\Users\Lisbeth\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-24] (Dropbox, Inc.)
Task: {19DBDD16-2F89-4A16-96AF-1AA43419EFB5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-21] (Microsoft Corporation)
Task: {1F27001E-9B50-48C2-8E2F-69406F5013D2} - System32\Tasks\{6A41D6DB-AEDD-4DE6-B246-8CF710D3B14F} => pcalua.exe -a E:\MSETUP.EXE -d E:\
Task: {1FA9ADB1-17CA-41B0-9E0E-184A722B8B70} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {1FD18B76-07CD-4AFC-949C-12C54116A4F4} - System32\Tasks\{8279DC60-AE32-42A2-9512-43359E64BD1B} => Firefox.exe hxxp://ui.skype.com/ui/0/6.9.0.106/sv/abandoninstall?page=tsProgressBar
Task: {26EF4ECB-81AA-4356-9E64-4F042615224B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {39B28C76-B155-4845-80BB-5FA6D746330E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1001UA => C:\Users\Kent\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)
Task: {3B1C0655-E012-410A-A557-264189192DE6} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {3CC34137-3EB3-4A13-BB2E-A5F5D7637E09} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {431EDE83-F894-48D8-983E-B655D3BBC3C8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {4CC3FE3F-6429-4B9C-80BD-A5E87781B5EE} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4CFCC699-2E72-4704-B8E3-A4138624EBA3} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2016-05-27] (Reimage®) <==== ATTENTION
Task: {551CAE88-57C2-4EC8-A540-C967D373836F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5C04B8D7-427D-4100-BEAC-9E0042F18E08} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5D7D321B-EBB6-4A0C-A939-8D79FB3D97C5} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-11-29] (CyberLink)
Task: {62417831-1927-4595-AA19-2E43F3CFDE53} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {63511AE8-BB52-4589-B57D-AEA85102B298} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {735E7182-13A6-4509-B1B2-5677A9128487} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)
Task: {7508A651-43D2-468A-A524-FB5A5A340712} - System32\Tasks\{7BEBCC69-7379-4428-848D-7A58DE162794} => pcalua.exe -a C:\Users\Kent\Downloads\CanoScan_N650U_N656U_CSUv571a.exe -d C:\Users\Kent\Downloads
Task: {7538D294-94FD-4694-BAFF-26A9C1A10487} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {7CECB291-C9F8-4D0C-9A66-B6E970D96A4E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {81EDFAB9-8CC6-4D09-B1EB-B31EA5D09EBB} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()
Task: {87DFAFE4-456F-4E5A-9DB9-02D576EDD20B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {8CB6D627-FCAD-4A62-BDD8-AF849EABA2D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8F5AF116-79AB-4B5F-ACEB-9BF052311BAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {90897CAC-8C06-4A16-B0BD-C0DEDFC5F010} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1001Core => C:\Users\Kent\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)
Task: {94E5FA2C-5D94-4E54-BCB6-A9DAB1A58CF6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {9AD96132-EA4C-4606-8396-3AAD22B50A7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {9D9B1F9E-00E8-4BF1-996E-6BFA75605011} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {A10A50D2-D911-4542-A08E-A7DC65002149} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {A4B75385-5913-461C-80FF-7EC0A4E5BF7C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A5FBEDF1-8943-46A7-B83C-EA35560E9EC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {A74E366D-AD33-4655-877E-9A81252161B5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {AD5C2A0C-AF8F-4BC5-9291-786A8B028BEE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {B139E0E4-24D9-4FB2-AB65-0514DC062688} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B7379767-069B-44DE-B27B-9E0F5D967B25} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {B798B99A-F843-4660-8034-91C94029D676} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {B7A28C43-7D2D-4174-A98A-561327926BC2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {B88BC400-8973-4403-827E-2F8E08E1289A} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {BA3AE41C-216A-413D-B23F-B15045D13B7F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.)
Task: {BAE19852-C5C1-4095-A886-EA4CC3DEFF0B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C14EF530-635D-49B9-BA53-3BC82649FB81} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {C2AE3CC6-7F27-41B6-8FF6-F444E1E4EB19} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C2E5ECF5-D175-4141-A8AE-D9D4D193E400} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {C5036B95-810B-4310-9F4E-E8C1487AFE5D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1003UA => C:\Users\Lisbeth\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-24] (Dropbox, Inc.)
Task: {CD8593EC-2A93-4CE3-8B5D-EA9A4D5D24B2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {DC9C2AFB-9877-4E49-8D19-BA039D2B3E4D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {DDAE5F7A-4C83-488C-BD27-5BA319B5A155} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DFA7FE8B-A988-44FF-B59F-90164E5E7C04} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E04037AF-C9E3-449E-B9B6-F4B0EDAD7538} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {E5068966-F669-45A3-BBC6-C5B477353E75} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {E5C58204-778A-4B3A-9689-2CA7B116CDF8} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-08-19] (Hewlett-Packard Development Company, L.P.)
Task: {F154F509-891E-4F1B-BAA5-954C55BAF9BB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {F21ECEFB-8C75-4307-A446-5559D0AE14C5} - System32\Tasks\0815scUpdateInfo => C:\ProgramData\Avg_Update_0815sc\0815sc_{1192B729-2E86-485F-919E-77BC29767525}.exe [2016-03-22] ()
Task: {F6B32B3F-95B3-4DBE-ABBB-07DF9B94C7C4} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {FDD94712-A4FD-40CD-9929-3A986D8C60CD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.)
Task: {FDDD5FEB-E4A2-4C6E-A000-A530016D8AA9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {FEE792C3-7AFC-4701-8EFD-AD05B2F5F8F0} - System32\Tasks\HPCeeScheduleForKent => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1001Core.job => C:\Users\Kent\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1001UA.job => C:\Users\Kent\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1003Core.job => C:\Users\Lisbeth\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1003UA.job => C:\Users\Lisbeth\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Kent\AppData\Roaming\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForKent.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Public\Desktop\rara Music.lnk -> hxxp://redirect.hp.com/svs/rdr?locale=sv_se&bd=pavilion&tp=dticon&pf=cnnb&c=121&s=RaRa&TYPE=44C:\Program Files (x86)\Online Services\RaRa\RaRa.ico (No File)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-09-09 08:02 - 2016-05-15 12:19 - 00972872 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-13 19:49 - 2009-05-19 19:27 - 00110592 _____ () C:\ProgramData\DatacardService\DCSHost.exe
2012-03-30 11:41 - 2011-12-16 22:37 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
2016-04-14 14:27 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 14:27 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-18 15:45 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 20:48 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-20 09:01 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-20 09:01 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-20 09:02 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-20 09:02 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-03 20:59 - 2015-09-03 20:59 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-09-09 08:02 - 2016-05-15 12:19 - 01941064 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-06-11 14:20 - 2016-06-11 14:23 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-06-11 14:20 - 2016-06-11 14:23 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-11 14:20 - 2016-06-11 14:23 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-03-06 11:04 - 2016-03-06 11:04 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2012-03-30 11:41 - 2011-11-30 05:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-03-30 11:41 - 2011-12-16 20:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2016-06-08 19:36 - 2016-05-25 19:03 - 00034768 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-06-26 22:00 - 2016-05-25 19:03 - 00134088 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-06-26 22:00 - 2016-05-25 19:04 - 00019408 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-06-26 22:00 - 2016-05-25 19:03 - 00116688 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-06-08 19:36 - 2016-05-25 19:03 - 00093640 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-08 19:36 - 2016-05-25 19:03 - 00018376 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-08 19:36 - 2016-06-13 22:13 - 00019760 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00105928 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-06-26 22:00 - 2016-05-25 19:03 - 00392144 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-06-08 19:36 - 2016-06-13 22:13 - 00381752 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-06-08 19:36 - 2016-05-25 19:03 - 00692688 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00020816 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-06-08 19:36 - 2016-05-25 19:04 - 00123856 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 01682760 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00020808 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-06-08 19:36 - 2016-06-13 22:13 - 00021840 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00052024 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00038696 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-26 22:00 - 2016-05-25 19:05 - 00020936 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00024528 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00114640 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00124880 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-06-08 19:36 - 2016-06-13 22:13 - 00021832 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00024016 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00175560 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00030160 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00043472 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00048592 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-06-08 19:36 - 2016-06-13 22:13 - 00023872 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00026456 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00057808 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00024016 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00246592 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00028616 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-06-08 19:36 - 2016-06-13 22:13 - 00020800 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-08 19:36 - 2016-06-13 22:13 - 00019776 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-06-08 19:36 - 2016-06-13 22:13 - 00020800 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-06-08 19:36 - 2016-05-25 19:03 - 00134608 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-06-26 22:00 - 2016-05-25 19:04 - 00240584 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00020280 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-06-08 19:36 - 2016-06-13 22:13 - 00023376 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00350152 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-06-08 19:36 - 2016-06-13 22:13 - 00022352 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00024392 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-06-26 22:00 - 2016-05-25 19:05 - 00036296 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\librsync.dll
2016-06-26 22:00 - 2016-06-13 22:13 - 00031568 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2016-06-26 22:00 - 2016-03-12 02:46 - 00293392 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2016-06-26 22:00 - 2016-06-13 22:13 - 00084280 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-06-26 22:00 - 2016-06-13 22:13 - 01826096 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-08 19:36 - 2016-05-25 19:04 - 00083912 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\sip.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 03928880 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 01971504 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00531248 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00132912 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00223544 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00207672 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-06-08 19:36 - 2016-05-25 19:05 - 00060880 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-06-08 19:36 - 2016-06-13 22:13 - 00025928 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2016-06-08 19:36 - 2016-06-13 22:13 - 00024904 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00546096 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-06-26 22:00 - 2016-06-13 22:13 - 00357680 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-06-26 22:00 - 2016-05-25 19:07 - 00017864 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-06-26 22:00 - 2016-05-25 19:07 - 01631184 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-06-08 19:36 - 2016-05-25 19:09 - 00697304 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-20 08:58 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-20 08:58 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2015-10-24 10:07 - 2016-04-15 16:05 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2015-11-11 04:41 - 2015-11-11 04:41 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2016-05-27 21:19 - 2016-05-27 21:19 - 22345912 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-05-03 16:41 - 2016-05-03 16:41 - 00322232 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2016-05-03 16:41 - 2016-05-03 16:41 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2016-06-20 08:58 - 2016-06-15 11:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Lisbeth\Desktop\Fil 2016-03-22 18 23 02.png:com.dropbox.attributes [211]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-1046946943-3530856008-3823607057-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BankID säkerhetsprogram.lnk => C:\Windows\pss\BankID säkerhetsprogram.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EPSON P50 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFFE.EXE /FU "C:\Windows\TEMP\E_SD608.tmp" /EF "HKCU"
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SetDefault => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "e-kort"
HKLM\...\StartupApproved\Run32: => "Easybits Recovery"
HKLM\...\StartupApproved\Run32: => "HP Quick Launch"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "UVS10 Preload"
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\StartupApproved\Run: => "Spotify Web Helper"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{3B569B35-B35F-4971-B968-01D684B9C2B2}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{E49A7543-A461-4145-B068-8283EB25DEE8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{28957134-5048-4C11-A620-99F91788A962}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{78735E54-8766-4705-A586-22FBAC209CED}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B9C72172-F69A-4F90-9EC8-E24806D0605E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E228A79F-77D4-4F6B-85BF-08603041E60B}] => (Allow) LPort=2869
FirewallRules: [{759B3CD9-1972-484D-8A56-44DBA8AD3879}] => (Allow) LPort=1900
FirewallRules: [{5188406F-8BC6-4257-A6FC-F3067428D770}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A8FEADE3-27D6-4EC0-A4F9-CA0D822A8BE8}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{73E9C6F4-694D-44B2-A3A2-82BCA3C1DB4D}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{C0576A5A-6757-46F3-8D5B-6C371FCED293}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe
FirewallRules: [TCP Query User{AFD967C7-6D55-4008-AD3C-CD9EC3775D4F}C:\users\kent\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\kent\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [uDP Query User{1A4E5B21-4DE5-464E-A860-BB882A1C7B8C}C:\users\kent\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\kent\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{EE74F88F-4C98-499A-802A-750315F5DCAA}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{96D2FF4B-5A3A-42EF-9DAE-9B851C66818A}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [TCP Query User{CAD12D8E-3163-4D57-8E77-2FEEF6A2E1DB}C:\program files (x86)\microsoft office\office12\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office12\outlook.exe
FirewallRules: [uDP Query User{FA38CF5C-B12B-4EF6-A406-F4281B18CCEF}C:\program files (x86)\microsoft office\office12\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office12\outlook.exe
FirewallRules: [TCP Query User{4ECC1659-8DD6-4488-A02B-3DB9928AB654}C:\users\kent\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kent\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{0B9E2C8B-1C12-4125-9167-1D8D62155D23}C:\users\kent\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kent\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CE2058A9-FA1F-45BF-8B88-6502D85F3E66}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{ED682D2B-5683-4A67-A9D3-7888A92536F2}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{4E62B900-2C76-414A-9360-707608034AB5}] => (Allow) C:\Users\Lisbeth\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4398FB54-C0E8-4604-9111-4DE879637F1F}] => (Allow) C:\Users\Lisbeth\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{17B4862E-9EE7-4E81-A6A3-9791F15F3A97}] => (Allow) C:\Users\Kent\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C46C3D1F-A8AB-4B6F-B21E-1F51560D85F8}] => (Allow) C:\Users\Kent\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D2DF08AB-8B8C-4CB1-A9B9-512D88A77C72}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{00997D94-89C7-4780-9A27-F1BAD6796D80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D0920852-50AB-4FA7-8181-5D760C81AAE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{37B44077-E8E4-46D2-BBD1-BE8659A99D05}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{D40CFEF4-3FC0-4193-890F-75449B3E3970}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{BF442266-1976-4B1C-BCF0-E80609B76394}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9897D63F-5B5C-4CA0-8FD4-DAFA18166E98}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1421C2C2-4DFE-4994-B188-7C53B0CCC62D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4EA9E440-15D9-4337-8A4B-89EB1639C15E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{178B656F-7AFA-4E1F-A49E-687F92EB173F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5874B07D-2A2B-4125-A226-C8A48D498B83}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{51029FD3-0251-4F18-BEE8-C90CB563E69B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{35191044-7605-4CEE-B052-58F3C19BA944}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{20C3218A-BD95-4F81-B9DB-32EC0C883AAD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{23858C93-B49D-4EDE-AD4B-3452394DC03C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{96AE43AE-2B28-4D8E-B6D1-BE718BC0F033}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{0A6F7947-A3F3-4146-A5DE-C7BC041AC91B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
11-06-2016 14:36:04 Installed Free PDF Reader
21-06-2016 08:39:34 Windows Update
21-06-2016 08:42:15 Windows Update
26-06-2016 22:16:22 Windows Update
02-07-2016 12:17:04 Återställning
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/02/2016 12:17:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Åtkomst nekad.
.
 
Error: (06/29/2016 06:10:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: AcroRd32.exe, version 15.16.20045.57024, tidsstämpel 0x57488f28
, felet uppstod i modulen med namn: SHELL32.dll, version 10.0.10586.306, tidsstämpel 0x571af6c4
Undantagskod: 0xc0000008
Felförskjutning: 0x010b8c7a
Process-ID: 0x245c
Programmets starttid: 0xAcroRd32.exe0
Sökväg till program: AcroRd32.exe1
Sökväg till modul: AcroRd32.exe2
Rapport-ID: AcroRd32.exe3
Fullständigt namn på felaktigt paket: AcroRd32.exe4
Program-ID relativt till felaktigt paket: AcroRd32.exe5
 
Error: (06/27/2016 03:09:07 PM) (Source: HP Active Health) (EventID: 401) (User: )
Description: SmartDrive executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]
 
Error: (06/27/2016 03:07:22 PM) (Source: HP Active Health) (EventID: 1100) (User: )
Description: Agent DiskPhysical threw an exception: System.NullReferenceException: Objektreferensen har inte angetts till en instans av ett objekt.
   vid HP.ActiveHealth.Agents.DiskPhysical.DiskPhysicalAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
   vid HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)
 
Error: (06/27/2016 03:07:22 PM) (Source: HP Active Health) (EventID: 1101) (User: )
Description: DiskPhysical executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]
 
Error: (06/26/2016 10:17:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Åtkomst nekad.
.
 
Error: (06/22/2016 01:16:53 PM) (Source: HP Active Health) (EventID: 1100) (User: )
Description: Agent DiskPhysical threw an exception: System.NullReferenceException: Objektreferensen har inte angetts till en instans av ett objekt.
   vid HP.ActiveHealth.Agents.DiskPhysical.DiskPhysicalAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
   vid HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)
 
Error: (06/22/2016 01:16:49 PM) (Source: HP Active Health) (EventID: 1101) (User: )
Description: DiskPhysical executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]
 
Error: (06/22/2016 01:16:39 PM) (Source: HP Active Health) (EventID: 401) (User: )
Description: SmartDrive executable didn't pass digital signature validation. Execution aborted: [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\Executable Agent Data\_Shared\DiskCheck\ETD_GetSMART.exe]
 
Error: (06/22/2016 01:15:26 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
 
 
System errors:
=============
Error: (07/02/2016 10:14:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT instans)
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x87af0813: OneNote.
 
Error: (06/29/2016 09:30:54 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT instans)
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x87af0813: OneNote.
 
Error: (06/28/2016 10:49:38 AM) (Source: DCOM) (EventID: 10016) (User: Kent-HP)
Description: datorstandardvärdeLokalAktivering{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Kent-HPKentS-1-5-21-1046946943-3530856008-3823607057-1001LocalHost (med LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 
Error: (06/28/2016 10:49:38 AM) (Source: DCOM) (EventID: 10016) (User: Kent-HP)
Description: datorstandardvärdeLokalAktivering{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Kent-HPKentS-1-5-21-1046946943-3530856008-3823607057-1001LocalHost (med LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
 
Error: (06/27/2016 03:24:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT instans)
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x87af0813: OneNote.
 
Error: (06/27/2016 03:22:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT instans)
Description: WLAN AutoConfig upptäckte anslutningsbegränsningar. Nätverkskortet återställs.
 
 Kod: 8 0x0 0x0
 
Error: (06/27/2016 03:22:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT instans)
Description: WLAN AutoConfig upptäckte anslutningsbegränsningar. Nätverkskortet återställs.
 
 Kod: 2 0xdeaddeed 0xeeec
 
Error: (06/27/2016 03:22:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT instans)
Description: WLAN AutoConfig upptäckte anslutningsbegränsningar. Nätverkskortet återställs.
 
 Kod: 1 0xc 0x4
 
Error: (06/26/2016 10:05:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten Garmin Device Interaction Service kunde inte startas på grund av följande fel: 
%%1053 = Tjänsten svarade inte på start- eller kontrollbegäran i tid.
 
 
Error: (06/26/2016 10:05:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: En timeout (30000 ms) inträffade vid väntan på att tjänsten Garmin Device Interaction Service skulle ansluta.
 
 
CodeIntegrity:
===================================
  Date: 2016-07-02 12:13:35.958
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-07-02 12:13:35.920
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-07-02 12:13:34.981
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-07-02 12:13:34.945
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-07-02 10:04:44.531
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-07-02 10:04:44.445
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-07-01 18:35:16.205
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-07-01 18:35:16.187
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-07-01 18:35:15.676
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-07-01 18:35:15.610
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU B960 @ 2.20GHz
Percentage of memory in use: 62%
Total physical RAM: 3992.36 MB
Available physical RAM: 1505.13 MB
Total Virtual: 8088.36 MB
Available Virtual: 4330.51 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:442.21 GB) (Free:261.4 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery) (Fixed) (Total:23.25 GB) (Free:2.42 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Disc) (CDROM) (Total:0.05 GB) (Free:0 GB) CDFS
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 81FB2120)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=442.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=23.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End of Addition.txt ============================

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Sangris

och här kommer den andra loggen....

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
Ran by Kent (administrator) on KENT-HP (02-07-2016 12:20:23)
Running from C:\Users\Kent\Downloads
Loaded Profiles: Kent & Lisbeth (Available Profiles: Kent & Lisbeth & Gäst & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.1\ToolbarUpdater.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\ProgramData\DatacardService\DCSHOST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DataCardMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\Kent\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-25] (IDT, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2013-05-24] (Intel Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-15] (EasyBits Software AS)
HKLM-x32\...\Run: [e-kort] => C:\Program Files (x86)\ekort\ekort.exe [377856 2008-12-11] (Orbiscom Ltd. All rights reserved.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [uVS10 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [1941064 2016-05-15] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6570256 2016-06-09] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\Run: [spotify Web Helper] => C:\Users\Kent\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-12-19] (Spotify Ltd)
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\Run: [Dropbox Update] => C:\Users\Kent\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\Run: [spotify] => C:\Users\Kent\AppData\Roaming\Spotify\Spotify.exe [8270448 2015-12-19] (Spotify Ltd)
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\MountPoints2: {2565de8a-309c-11e2-a50f-80c16e53536a} - "G:\LaunchU3.exe" -a
HKU\S-1-5-21-1046946943-3530856008-3823607057-1003\...\Run: [Dropbox Update] => C:\Users\Lisbeth\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-24] (Dropbox, Inc.)
HKU\S-1-5-21-1046946943-3530856008-3823607057-1003\...\RunOnce: [uninstall C:\Users\Lisbeth\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lisbeth\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-1046946943-3530856008-3823607057-1003\...\RunOnce: [uninstall C:\Users\Lisbeth\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lisbeth\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
HKU\S-1-5-21-1046946943-3530856008-3823607057-1003\...\RunOnce: [uninstall C:\Users\Lisbeth\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lisbeth\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-03-30] (EasyBits Software Corp.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
Startup: C:\Users\Kent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Kent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Övervaka bläckvarningar - HP Deskjet 2050 J510 series.lnk [2016-06-27]
ShortcutTarget: Övervaka bläckvarningar - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Lisbeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d1193277-b23a-46e0-9e23-cbe3d3f25b41}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={995460F6-AD16-478D-9174-CF7DC8ACA950}&mid=1fcd3f7e447447cdb87e518828b7ba99-7add08b06f0ae5ed2aabc5e2ef83c0e44f10870a&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915av&pr=fr&d=2015-09-09 08:03:00&v=4.1.6.294&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/11
HKU\S-1-5-21-1046946943-3530856008-3823607057-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/11
HKU\S-1-5-21-1046946943-3530856008-3823607057-1003\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPCON/11
HKU\S-1-5-21-1046946943-3530856008-3823607057-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/11
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {5ED31B73-0CDA-4CE7-AE57-8419F02A83B4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {5ED31B73-0CDA-4CE7-AE57-8419F02A83B4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> {5ED31B73-0CDA-4CE7-AE57-8419F02A83B4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={995460F6-AD16-478D-9174-CF7DC8ACA950}&mid=1fcd3f7e447447cdb87e518828b7ba99-7add08b06f0ae5ed2aabc5e2ef83c0e44f10870a&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915av&pr=fr&d=2015-09-09 08:03:00&v=4.1.6.294&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1003 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1003 -> {5ED31B73-0CDA-4CE7-AE57-8419F02A83B4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1003 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1003 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll [2016-05-15] (AVG)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: DIALux 3.1 ULDBrowserHelper Class -> {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} -> C:\Program Files (x86)\DIALux\DLXShellExtension.dll [2013-06-11] (DIAL GmbH, Germany)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: e-kort Helper Class -> {9065E913-4F23-4B47-9B5D-B055D32DB1F3} -> C:\Program Files (x86)\ekort\EKortHelper.dll [2008-12-11] ()
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll [2016-05-15] (AVG)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - e-kort Toolbar - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program Files (x86)\ekort\EKortToolbar.dll [2008-12-11] ()
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: dialux - {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - C:\Program Files (x86)\DIALux\DLXToolBox.dll [2013-06-11] (DIAL GmbH, Germany)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
 
FireFox:
========
FF ProfilePath: C:\Users\Kent\AppData\Roaming\Mozilla\Firefox\Profiles\6gdz15bv.default
FF Homepage: hxxps://mysearch.avg.com/?cid={995460F6-AD16-478D-9174-CF7DC8ACA950}&mid=1fcd3f7e447447cdb87e518828b7ba99-7add08b06f0ae5ed2aabc5e2ef83c0e44f10870a&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915av&pr=fr&d=2015-09-09 08:03:00&v=4.1.6.294&pid=wtu&sg=&sap=hp
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2011-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.1\\npsitesafety.dll [No File]
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.4.0.22 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2015-03-17] (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-02] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll [2013-02-05] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1046946943-3530856008-3823607057-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Kent\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-09-16] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-1046946943-3530856008-3823607057-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kent\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Kent\AppData\Roaming\Mozilla\Firefox\Profiles\6gdz15bv.default\searchplugins\avg-secure-search.xml [2016-05-15]
FF Extension: AVG Web TuneUp - C:\Users\Kent\AppData\Roaming\Mozilla\Firefox\Profiles\6gdz15bv.default\Extensions\avg@toolbar.xpi [2016-05-15]
FF Extension: Adblock Plus - C:\Users\Kent\AppData\Roaming\Mozilla\Firefox\Profiles\6gdz15bv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-29]
FF HKLM-x32\...\Firefox\Extensions: [ekort@orbiscom] - C:\Program Files (x86)\ekort
FF Extension: e-kort for Firefox - C:\Program Files (x86)\ekort [2015-09-30] [not signed]
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08]
CHR Extension: (Google Dokument Offline) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR Extension: (Gmail) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [636312 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5165824 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [705528 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 DCSHost.exe; C:\ProgramData\DatacardService\DCSHost.exe [110592 2009-05-19] () [File not signed]
S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [1934608 2013-05-22] (DIAL GmbH)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7806848 2016-05-27] (Reimage®)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
R2 vToolbarUpdater40.3.1; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.1\ToolbarUpdater.exe [1323080 2016-05-15] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [972872 2016-05-15] ()
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [307456 2016-05-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-05-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [247040 2016-05-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [51968 2016-05-02] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71936 2016-05-05] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-03] ()
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-09] (Malwarebytes)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-12-14] (MediaTek Inc.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-12-14] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [21264 2013-05-25] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-28] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2016-03-16] (HP)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-02 12:20 - 2016-07-02 12:21 - 00034722 _____ C:\Users\Kent\Downloads\FRST.txt
2016-07-02 12:13 - 2016-07-02 12:20 - 00000000 ____D C:\FRST
2016-07-02 12:12 - 2016-07-02 12:12 - 02390016 _____ (Farbar) C:\Users\Kent\Downloads\FRST64.exe
2016-07-01 18:50 - 2016-07-01 18:50 - 00592416 _____ C:\Users\Kent\Desktop\Rear bumper.pdf
2016-07-01 18:48 - 2016-07-01 18:48 - 00749804 _____ C:\Users\Kent\Desktop\Rear bumper slider.pdf
2016-07-01 18:43 - 2016-07-01 18:43 - 00003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForKent
2016-07-01 18:43 - 2016-07-01 18:43 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForKent.job
2016-06-26 22:00 - 2016-06-26 22:00 - 00000000 ____D C:\Users\Kent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-26 21:50 - 2016-06-26 21:50 - 00000000 ____D C:\ProgramData\Avg_Update_0716tb
2016-06-21 17:12 - 2016-06-21 17:12 - 00693709 _____ C:\Users\Kent\Downloads\Naiad.pdf
2016-06-21 11:01 - 2016-06-21 11:01 - 02515691 _____ C:\Users\Kent\Downloads\-Rörkatalog_web.pdf
2016-06-20 09:02 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-20 09:02 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-20 09:02 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-20 09:02 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-20 09:02 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-20 09:02 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-20 09:02 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-20 09:02 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-20 09:02 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-20 09:02 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-20 09:02 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-20 09:02 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-20 09:02 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-20 09:02 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-20 09:02 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-20 09:02 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-20 09:02 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-20 09:02 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-20 09:02 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-20 09:02 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-20 09:02 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-20 09:02 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-20 09:02 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-20 09:02 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-20 09:02 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-20 09:02 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-20 09:02 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-20 09:02 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-20 09:02 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-20 09:02 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-20 09:02 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-20 09:02 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-20 09:02 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-20 09:02 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-20 09:02 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-20 09:02 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-20 09:02 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-20 09:02 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-20 09:02 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-20 09:02 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-20 09:02 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-20 09:02 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-20 09:02 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-20 09:02 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-20 09:02 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-20 09:02 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-20 09:02 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-20 09:02 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-20 09:02 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-20 09:02 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-20 09:02 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-20 09:02 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-20 09:02 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-20 09:02 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-20 09:02 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-20 09:02 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-20 09:02 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-20 09:01 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-20 09:01 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-20 09:01 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-20 09:01 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-20 09:01 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-20 09:01 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-20 09:01 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-20 09:01 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-20 09:01 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-20 09:01 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-20 09:01 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-20 09:01 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-20 09:01 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-20 09:01 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-20 09:01 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-20 09:01 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-20 09:01 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-20 09:01 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-20 09:01 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-20 09:01 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-20 09:01 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-20 09:01 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-20 09:01 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-20 09:01 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-20 09:01 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-20 09:01 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-20 09:01 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-20 09:01 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-20 09:01 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-20 09:01 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-20 09:01 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-20 09:01 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-20 09:01 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-20 09:01 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-20 09:01 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-20 09:01 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-20 09:01 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-20 09:01 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-20 09:01 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-20 09:01 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-20 09:01 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-20 09:01 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-20 09:01 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-20 09:01 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-20 09:01 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-20 09:01 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-20 09:01 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-20 09:01 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-20 09:01 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-20 09:01 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-20 09:01 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-20 09:01 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-20 09:01 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-20 09:01 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-20 09:01 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-20 09:01 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-20 09:01 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-20 09:01 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-20 09:01 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-20 09:01 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-20 09:01 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-20 09:01 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-20 09:01 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-20 09:01 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-20 09:01 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-20 09:01 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-20 09:01 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-20 09:01 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-20 09:01 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-20 09:01 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-20 09:01 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-20 09:01 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-20 09:01 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-20 09:01 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-20 09:01 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-20 09:01 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-20 09:01 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-20 09:01 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-20 09:01 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-20 09:01 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-20 09:01 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-20 09:01 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-20 09:01 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-20 09:01 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-20 09:01 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-20 09:01 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-20 09:01 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-20 09:01 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-20 09:01 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-20 09:01 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-20 09:01 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-20 09:01 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-20 09:01 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-20 09:01 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-20 09:01 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-20 09:01 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-20 09:01 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-20 09:01 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-20 09:01 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-20 09:01 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-20 09:01 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-20 09:01 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-20 09:01 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-20 09:01 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-20 09:01 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-20 09:01 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-20 09:01 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-20 09:01 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-20 09:01 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-20 09:01 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-20 09:01 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-20 09:01 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-20 09:01 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-20 09:01 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-20 09:01 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-20 09:01 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-20 09:01 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-20 09:01 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-20 09:01 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-20 09:01 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-20 09:01 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-20 09:01 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-20 09:01 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-20 09:01 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-20 09:01 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-20 09:01 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-20 09:01 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-20 09:01 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-20 09:01 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-20 09:01 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-20 09:01 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-20 09:01 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-20 09:01 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-20 09:00 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-20 09:00 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-20 09:00 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-20 09:00 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-20 09:00 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-20 09:00 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-20 09:00 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-20 09:00 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-20 09:00 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-20 09:00 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-20 09:00 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-20 09:00 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-20 09:00 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-20 09:00 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-20 09:00 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-20 09:00 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-20 09:00 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-20 09:00 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-16 09:36 - 2016-06-16 09:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-11 15:09 - 2016-06-11 15:10 - 37952656 _____ (Adobe Systems Incorporated) C:\Users\Kent\Downloads\AdbeRdr11000_sv_SE (1).exe
2016-06-11 15:06 - 2016-06-11 15:06 - 01199816 _____ (Adobe Systems Incorporated) C:\Users\Kent\Downloads\reader11_se_jd_install.exe
2016-06-11 14:39 - 2016-06-11 14:39 - 06728584 _____ (Free PDF Soulutions) C:\Users\Kent\Downloads\pdfreader_setup (1).exe
2016-06-11 14:37 - 2016-06-11 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF Reader
2016-06-11 14:37 - 2016-06-11 14:37 - 00000000 ____D C:\ProgramData\Caphyon
2016-06-11 14:32 - 2016-06-11 14:32 - 06728584 _____ (Free PDF Soulutions) C:\Users\Kent\Downloads\pdfreader_setup.exe
2016-06-11 14:32 - 2016-06-11 14:32 - 00000000 ____D C:\Users\Kent\AppData\Roaming\Free PDF Soulutions
2016-06-11 14:30 - 2016-06-11 14:30 - 152900364 _____ C:\Users\Kent\Downloads\AdbeRdrUpd11012.dmg
2016-06-11 14:18 - 2016-06-11 14:18 - 37952656 _____ (Adobe Systems Incorporated) C:\Users\Kent\Downloads\AdbeRdr11000_sv_SE.exe
2016-06-08 20:53 - 2016-06-08 20:53 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-08 20:53 - 2016-06-08 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-08 20:52 - 2016-06-08 20:53 - 00000000 ____D C:\Program Files\iTunes
2016-06-08 20:52 - 2016-06-08 20:52 - 00000000 ____D C:\Program Files\iPod
2016-06-08 20:52 - 2016-06-08 20:52 - 00000000 ____D C:\Program Files (x86)\iTunes
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-02 11:56 - 2015-07-24 20:45 - 00001022 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1003UA.job
2016-07-02 11:55 - 2015-06-23 19:52 - 00001010 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1001UA.job
2016-07-02 11:52 - 2012-11-24 17:49 - 00001018 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-02 11:46 - 2015-10-30 16:22 - 00000412 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2016-07-02 11:29 - 2012-02-11 01:26 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-02 10:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-02 10:14 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-02 10:05 - 2013-01-15 11:01 - 00000000 ____D C:\ProgramData\MFAData
2016-07-02 10:05 - 2012-11-15 19:25 - 00004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3D7A581C-5BF6-4309-AE9D-75B77A19A5B0}
2016-07-01 20:57 - 2015-07-24 20:45 - 00000970 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1003Core.job
2016-07-01 20:55 - 2015-06-23 19:52 - 00000958 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1001Core.job
2016-07-01 19:52 - 2012-11-24 17:49 - 00001014 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-28 11:17 - 2015-12-14 22:34 - 02038604 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-28 11:17 - 2015-10-30 20:12 - 00843914 _____ C:\WINDOWS\system32\perfh01D.dat
2016-06-28 11:17 - 2015-10-30 20:12 - 00191612 _____ C:\WINDOWS\system32\perfc01D.dat
2016-06-28 11:17 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-27 15:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-27 14:54 - 2012-11-17 13:59 - 00000000 ___RD C:\Users\Kent\Dropbox
2016-06-27 14:53 - 2013-03-13 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-26 22:18 - 2013-03-13 23:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-26 22:18 - 2013-03-13 23:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-26 22:07 - 2015-12-14 22:35 - 00000000 ____D C:\Users\Kent
2016-06-26 22:04 - 2015-12-14 23:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-26 22:03 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-26 22:00 - 2012-11-17 13:57 - 00000000 ____D C:\Users\Kent\AppData\Roaming\Dropbox
2016-06-26 21:51 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-06-22 13:03 - 2015-09-03 20:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-21 18:51 - 2015-12-14 22:26 - 00365584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-21 18:47 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-21 18:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-21 18:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-21 09:19 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-21 08:57 - 2013-07-14 17:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-21 08:46 - 2013-04-13 22:12 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-20 08:59 - 2012-11-24 17:50 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-19 22:02 - 2015-12-14 22:35 - 00000000 ____D C:\Users\Lisbeth
2016-06-16 15:38 - 2012-12-11 22:09 - 00000000 ____D C:\Users\Kent\AppData\Roaming\Skype
2016-06-16 09:36 - 2015-08-27 15:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-16 09:36 - 2014-03-11 18:14 - 00000000 ____D C:\Users\Kent\AppData\Local\Skype
2016-06-16 09:36 - 2012-02-11 01:41 - 00000000 ____D C:\ProgramData\Skype
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 19:50 - 2016-01-25 19:19 - 00001009 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-06-11 15:07 - 2012-11-18 12:34 - 00000000 ____D C:\Users\Kent\AppData\Local\Adobe
2016-06-08 20:52 - 2013-01-02 15:13 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-08 19:39 - 2016-04-28 18:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-02 13:32 - 2015-10-04 12:04 - 00000139 _____ C:\WINDOWS\Reimage.ini
 
==================== Files in the root of some directories =======
 
2015-10-30 12:34 - 2015-10-30 12:34 - 0000027 _____ () C:\Program Files\plugins.dat
2015-07-18 14:33 - 2015-07-18 14:33 - 6420480 _____ () C:\Program Files (x86)\GUT824.tmp
2014-08-24 21:27 - 2016-05-14 10:37 - 0476990 _____ () C:\Users\Kent\AppData\Roaming\LW_kenedw@edu.gislaved.se.sd
2014-08-24 21:27 - 2016-04-03 12:19 - 0468557 _____ () C:\Users\Kent\AppData\Roaming\LW_kenedw@edu.gislaved.se.sd0
2014-08-24 21:27 - 2016-03-14 23:34 - 0467472 _____ () C:\Users\Kent\AppData\Roaming\LW_kenedw@edu.gislaved.se.sd1
2016-02-15 19:35 - 2016-02-15 19:49 - 0007635 _____ () C:\Users\Kent\AppData\Local\resmon.resmoncfg
2014-09-18 19:20 - 2014-09-18 19:20 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-12-27 19:28 - 2014-12-27 19:28 - 0000082 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
Some files in TEMP:
====================
C:\Users\Kent\AppData\Local\Temp\avguirn_081494427571.exe
C:\Users\Kent\AppData\Local\Temp\avguirn_081719093974.exe
C:\Users\Kent\AppData\Local\Temp\avguirn_082000144314.exe
C:\Users\Kent\AppData\Local\Temp\avguirn_08589801426.exe
C:\Users\Kent\AppData\Local\Temp\avguirn_08940571762.exe
C:\Users\Kent\AppData\Local\Temp\avguirn_08986643080.exe
C:\Users\Kent\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Lisbeth\AppData\Local\Temp\avguirn_08323688679.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-07-02 10:53
 
==================== End of FRST.txt ============================

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på knappen Log file.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s1].txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Sangris

Hoppas det är denna rapport som avses:

 

# AdwCleaner v5.201 - Logfile created 03/07/2016 at 13:57:15
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-01.1 [server]
# Operating system : Windows 10 Home  (X64)
# Username : Kent - KENT-HP
# Running from : C:\Users\Kent\Downloads\adwcleaner_5.201.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : ReimageRealTimeProtector
Service Found : WtuSystemSupport
Service Found : vToolbarUpdater40.3.1
 
***** [ Folders ] *****
 
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\ProgramData\Reimage Protector
Folder Found : C:\ProgramData\avg web tuneup
Folder Found : C:\ProgramData\Avg_Update_0116av
Folder Found : C:\ProgramData\Avg_Update_0716tb
Folder Found : C:\Program Files (x86)\avg web tuneup
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Users\Kent\AppData\Local\avg web tuneup
Folder Found : C:\Users\Lisbeth\AppData\Local\avg web tuneup
Folder Found : C:\Program Files\Reimage
Folder Found : C:\Program Files\avg web tuneup
Folder Found : C:\Program Files\Common Files\AVG Secure Search
 
***** [ Files ] *****
 
File Found : C:\WINDOWS\Reimage.ini
File Found : C:\Users\Kent\AppData\Roaming\Mozilla\Firefox\Profiles\6gdz15bv.default\extensions\Avg@toolbar.xpi
File Found : C:\Users\Kent\AppData\Roaming\Mozilla\Firefox\Profiles\6gdz15bv.default\searchplugins\avg-secure-search.xml
File Found : C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.izito.se_0.localstorage
File Found : C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.izito.se_0.localstorage-journal
 
***** [ DLL ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
Task Found : ReimageUpdater
Task Found : ReimageUpdater
Task Found : {EFF41288-4250-44EC-8C5E-91E9228F18CE}
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\Classes\s
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Key Found : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKCU\Software\AVG Nation toolbar
Key Found : HKCU\Software\Reimage
Key Found : HKCU\Software\reimagerepair
Key Found : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Key Found : HKLM\SOFTWARE\AVG Nation toolbar
Key Found : HKLM\SOFTWARE\AVG Secure Search
Key Found : HKLM\SOFTWARE\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\AVG Tuneup
Key Found : [x64] HKLM\SOFTWARE\AVG Secure Search
Key Found : [x64] HKLM\SOFTWARE\Reimage
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Protector
Key Found : HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Software\AVG Nation toolbar
Key Found : HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Software\Reimage
Key Found : HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Software\reimagerepair
Key Found : HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] - hxxps://mysearch.avg.com/?cid={995460F6-AD16-478D-9174-CF7DC8ACA950}&mid=1fcd3f7e447447cdb87e518828b7ba99-7add08b06f0ae5ed2aabc5e2ef83c0e44f10870a&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915av&pr=fr&d=2015-09-09 08:03:00&v=4.1.6.294&pid=wtu&sg=&sap=hp
Data Found : HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Software\Microsoft\Internet Explorer\Main [start Page] - hxxps://mysearch.avg.com/?cid={995460F6-AD16-478D-9174-CF7DC8ACA950}&mid=1fcd3f7e447447cdb87e518828b7ba99-7add08b06f0ae5ed2aabc5e2ef83c0e44f10870a&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915av&pr=fr&d=2015-09-09 08:03:00&v=4.1.6.294&pid=wtu&sg=&sap=hp
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-1046946943-3530856008-3823607057-1003\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/?qt=search&q=reimage&ft=&referrer=win10search
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]
 
***** [ Web browsers ] *****
 
[C:\Users\Kent\AppData\Roaming\Mozilla\Firefox\Profiles\6gdz15bv.default\prefs.js] Found : user_pref("browser.startup.homepage", "hxxps://mysearch.avg.com/?cid={995460F6-AD16-478D-9174-CF7DC8ACA950}&mid=1fcd3f7e447447cdb87e518828b7ba99-7add08b06f0ae5ed2aabc5e2ef83c0e44f10870a&lang=en&ds=AVG[...]
 
*************************
 
C:\AdwCleaner\AdwCleaner[s1].txt - [7808 bytes] - [03/07/2016 13:57:15]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [7881 bytes] ##########
 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Visst var det den rapporten :)

 

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.

Klicka på Clean-knappen.
Tryck på OK.
Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[C1].txt

 

 

2. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Välj alternativet Enable detection of potentially unwanted applications.

Klicka på Advanced Settings.
Ta bort bocken framför Remove found threats.
Bocka för:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

 

 

3. Starta FRST.

Bocka för Addition.txt och skanna med programmet.

Bifoga de två nya loggarna.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Sangris
# AdwCleaner v5.201 - Logfile created 03/07/2016 at 21:48:01

# Updated 30/06/2016 by ToolsLib

# Database : 2016-07-01.1 [server]

# Operating system : Windows 10 Home  (X64)

# Username : Kent - KENT-HP

# Running from : C:\Users\Kent\Downloads\adwcleaner_5.201 (1).exe

# Option : Clean


 

***** [ Services ] *****

 

[-] Service Deleted : ReimageRealTimeProtector

[-] Service Deleted : WtuSystemSupport

[-] Service Deleted : vToolbarUpdater40.3.1

 

***** [ Folders ] *****

 

[-] Folder Deleted : C:\ProgramData\AVG Secure Search

[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar

[-] Folder Deleted : C:\ProgramData\Reimage Protector

[-] Folder Deleted : C:\ProgramData\avg web tuneup

[-] Folder Deleted : C:\ProgramData\Avg_Update_0116av

[-] Folder Deleted : C:\ProgramData\Avg_Update_0716tb

[-] Folder Deleted : C:\Program Files (x86)\avg web tuneup

[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search

[-] Folder Deleted : C:\Users\Kent\AppData\Local\avg web tuneup

[-] Folder Deleted : C:\Users\Lisbeth\AppData\Local\avg web tuneup

[-] Folder Deleted : C:\Program Files\Reimage

[-] Folder Deleted : C:\Program Files\avg web tuneup

[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

 

***** [ Files ] *****

 

[-] File Deleted : C:\WINDOWS\Reimage.ini

[-] File Deleted : C:\Users\Kent\AppData\Roaming\Mozilla\Firefox\Profiles\6gdz15bv.default\extensions\Avg@toolbar.xpi

[-] File Deleted : C:\Users\Kent\AppData\Roaming\Mozilla\Firefox\Profiles\6gdz15bv.default\searchplugins\avg-secure-search.xml

[-] File Deleted : C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.izito.se_0.localstorage

[-] File Deleted : C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.izito.se_0.localstorage-journal

 

***** [ DLLs ] *****

 

 

***** [ WMI ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

[-] Task Deleted : ReimageUpdater

[-] Task Deleted : ReimageUpdater

[-] Task Deleted : {EFF41288-4250-44EC-8C5E-91E9228F18CE}

 

***** [ Registry ] *****

 

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL

[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh

[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

[-] Key Deleted : HKLM\SOFTWARE\Classes\s

[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine

[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1

[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd

[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1

[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi

[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1

[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

[-] Key Deleted : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj

[-] Key Deleted : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

[-] Key Deleted : HKCU\Software\AVG Nation toolbar

[-] Key Deleted : HKCU\Software\Reimage

[-] Key Deleted : HKCU\Software\reimagerepair

[-] Key Deleted : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.

[-] Key Deleted : HKLM\SOFTWARE\AVG Nation toolbar

[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search

[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar

[-] Key Deleted : HKLM\SOFTWARE\AVG Tuneup

[-] Key Deleted : [x64] HKLM\SOFTWARE\AVG Secure Search

[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage

[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Protector

[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]

[-] Data Restored : HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Software\Microsoft\Internet Explorer\Main [start Page]

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

[-] Key Deleted : HKU\S-1-5-21-1046946943-3530856008-3823607057-1003\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/?qt=search&q=reimage&ft=&referrer=win10search

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]

 

***** [ Web browsers ] *****

 

[-] [C:\Users\Kent\AppData\Roaming\Mozilla\Firefox\Profiles\6gdz15bv.default\prefs.js] Deleted : user_pref("browser.startup.homepage", "hxxps://mysearch.avg.com/?cid={995460F6-AD16-478D-9174-CF7DC8ACA950}&mid=1fcd3f7e447447cdb87e518828b7ba99-7add08b06f0ae5ed2aabc5e2ef83c0e44f10870a&lang=en&ds=AVG[...]

 

*************************

 

:: "Tracing" keys deleted

:: Winsock settings cleared

 

*************************

 

C:\AdwCleaner\AdwCleaner[C1].txt - [7159 bytes] - [03/07/2016 21:48:01]

C:\AdwCleaner\AdwCleaner[s1].txt - [7980 bytes] - [03/07/2016 13:57:15]

C:\AdwCleaner\AdwCleaner[s2].txt - [8057 bytes] - [03/07/2016 21:45:04]

 

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7378 bytes] ##########

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Sangris

Jag har försökt två ggr att scanna med onlinescanning på eset.com men båda gångerna så får jag felmeddelande och scanningen avslutas...

 

Ska jag göra STEG 3 i alla fall?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Sangris

Här är den första av mina två loggar:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Kent (administrator) on KENT-HP (04-07-2016 22:06:52)
Running from C:\Users\Kent\Downloads
Loaded Profiles: Kent (Available Profiles: Kent & Lisbeth & Gäst & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
() C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
() C:\ProgramData\DatacardService\DCSHOST.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DataCardMonitor.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Dropbox, Inc.) C:\Users\Kent\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Kent\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-25] (IDT, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-28] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2013-05-24] (Intel Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-15] (EasyBits Software AS)
HKLM-x32\...\Run: [e-kort] => C:\Program Files (x86)\ekort\ekort.exe [377856 2008-12-11] (Orbiscom Ltd. All rights reserved.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [uVS10 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6570256 2016-06-09] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\Run: [spotify Web Helper] => C:\Users\Kent\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2015-12-19] (Spotify Ltd)
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\Run: [Dropbox Update] => C:\Users\Kent\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\Run: [spotify] => C:\Users\Kent\AppData\Roaming\Spotify\Spotify.exe [8270448 2015-12-19] (Spotify Ltd)
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\MountPoints2: {2565de8a-309c-11e2-a50f-80c16e53536a} - "G:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1399208 2016-04-08] (Garmin Ltd. or its subsidiaries)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-03-30] (EasyBits Software Corp.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-06-13] (Dropbox, Inc.)
Startup: C:\Users\Kent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Kent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Övervaka bläckvarningar - HP Deskjet 2050 J510 series.lnk [2016-07-03]
ShortcutTarget: Övervaka bläckvarningar - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Lisbeth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d1193277-b23a-46e0-9e23-cbe3d3f25b41}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/11
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {5ED31B73-0CDA-4CE7-AE57-8419F02A83B4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {5ED31B73-0CDA-4CE7-AE57-8419F02A83B4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> {5ED31B73-0CDA-4CE7-AE57-8419F02A83B4} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://se.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://sv.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll => No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: DIALux 3.1 ULDBrowserHelper Class -> {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} -> C:\Program Files (x86)\DIALux\DLXShellExtension.dll [2013-06-11] (DIAL GmbH, Germany)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: e-kort Helper Class -> {9065E913-4F23-4B47-9B5D-B055D32DB1F3} -> C:\Program Files (x86)\ekort\EKortHelper.dll [2008-12-11] ()
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - e-kort Toolbar - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program Files (x86)\ekort\EKortToolbar.dll [2008-12-11] ()
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: dialux - {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - C:\Program Files (x86)\DIALux\DLXToolBox.dll [2013-06-11] (DIAL GmbH, Germany)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
 
FireFox:
========
FF ProfilePath: C:\Users\Kent\AppData\Roaming\Mozilla\Firefox\Profiles\6gdz15bv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2011-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.4.0.22 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [2015-03-17] (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-02] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll [2013-02-05] (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1046946943-3530856008-3823607057-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Kent\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-09-16] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-1046946943-3530856008-3823607057-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kent\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-08] (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Kent\AppData\Roaming\Mozilla\Firefox\Profiles\6gdz15bv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-29]
FF HKLM-x32\...\Firefox\Extensions: [ekort@orbiscom] - C:\Program Files (x86)\ekort
FF Extension: e-kort for Firefox - C:\Program Files (x86)\ekort [2015-09-30] [not signed]
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => No File
CHR Plugin: (Norton Confidential) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-08]
CHR Extension: (Google Dokument Offline) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR Extension: (Gmail) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [636312 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5165824 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [705528 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 DCSHost.exe; C:\ProgramData\DatacardService\DCSHost.exe [110592 2009-05-19] () [File not signed]
S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [1934608 2013-05-22] (DIAL GmbH)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [792592 2016-04-08] (Garmin Ltd. or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28552 2016-04-26] (Hewlett-Packard Company)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 FoxitReaderService; "G:\Foxit\Foxit Reader\FoxitConnectedPDFService.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [307456 2016-05-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-05-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [247040 2016-05-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [51968 2016-05-02] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71936 2016-05-05] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-03] ()
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-09] (Malwarebytes)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-12-14] (MediaTek Inc.)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-12-14] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [21264 2013-05-25] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-28] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2016-03-16] (HP)
U3 idsvc; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-04 22:04 - 2016-07-04 22:05 - 02390016 _____ (Farbar) C:\Users\Kent\Downloads\FRST64 (1).exe
2016-07-04 09:21 - 2016-07-04 09:21 - 06858912 _____ (ESET spol. s r.o.) C:\Users\Kent\Downloads\esetonlinescanner_enu (1).exe
2016-07-03 22:11 - 2016-07-03 22:11 - 06858912 _____ (ESET spol. s r.o.) C:\Users\Kent\Downloads\esetonlinescanner_enu.exe
2016-07-03 22:11 - 2016-07-03 22:11 - 00000000 ____D C:\Users\Kent\AppData\Local\ESET
2016-07-03 14:06 - 2016-07-03 21:42 - 03712064 _____ C:\Users\Kent\Downloads\adwcleaner_5.201 (1).exe
2016-07-03 13:56 - 2016-07-03 21:48 - 00000000 ____D C:\AdwCleaner
2016-07-03 13:56 - 2016-07-03 13:56 - 03712064 _____ C:\Users\Kent\Downloads\adwcleaner_5.201.exe
2016-07-02 12:54 - 2016-07-02 12:54 - 00000000 ____D C:\Users\Public\Foxit Software
2016-07-02 12:54 - 2016-07-02 12:54 - 00000000 ____D C:\Users\Kent\AppData\Roaming\Foxit Software
2016-07-02 12:54 - 2016-07-02 12:54 - 00000000 ____D C:\Users\Kent\AppData\Roaming\Foxit AgentInformation
2016-07-02 12:54 - 2016-07-02 12:54 - 00000000 ____D C:\ProgramData\Foxit Software
2016-07-02 12:54 - 2016-07-02 12:54 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2016-07-02 12:49 - 2016-07-02 12:49 - 00000214 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2016-07-02 12:48 - 2016-07-02 12:48 - 48088240 _____ (Foxit Software Inc. ) C:\Users\Kent\Downloads\FoxitReader80_enu_Setup_Prom.exe
2016-07-02 12:23 - 2016-07-02 12:25 - 00067534 _____ C:\Users\Kent\Downloads\Addition.txt
2016-07-02 12:20 - 2016-07-04 22:07 - 00028611 _____ C:\Users\Kent\Downloads\FRST.txt
2016-07-02 12:13 - 2016-07-04 22:06 - 00000000 ____D C:\FRST
2016-07-02 12:12 - 2016-07-02 12:12 - 02390016 _____ (Farbar) C:\Users\Kent\Downloads\FRST64.exe
2016-07-01 18:43 - 2016-07-03 21:50 - 00000344 _____ C:\WINDOWS\Tasks\HPCeeScheduleForKent.job
2016-07-01 18:43 - 2016-07-01 18:43 - 00003232 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForKent
2016-06-26 22:00 - 2016-06-26 22:00 - 00000000 ____D C:\Users\Kent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-21 17:12 - 2016-06-21 17:12 - 00693709 _____ C:\Users\Kent\Downloads\Naiad.pdf
2016-06-21 11:01 - 2016-06-21 11:01 - 02515691 _____ C:\Users\Kent\Downloads\-Rörkatalog_web.pdf
2016-06-20 09:02 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-20 09:02 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-20 09:02 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-20 09:02 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-20 09:02 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-20 09:02 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-20 09:02 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-20 09:02 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-20 09:02 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-20 09:02 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-20 09:02 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-20 09:02 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-20 09:02 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-20 09:02 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-20 09:02 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-20 09:02 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-20 09:02 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-20 09:02 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-20 09:02 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-20 09:02 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-20 09:02 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-20 09:02 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-20 09:02 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-20 09:02 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-20 09:02 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-20 09:02 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-20 09:02 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-20 09:02 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-20 09:02 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-20 09:02 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-20 09:02 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-20 09:02 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-20 09:02 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-20 09:02 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-20 09:02 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-20 09:02 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-20 09:02 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-20 09:02 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-20 09:02 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-20 09:02 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-20 09:02 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-20 09:02 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-20 09:02 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-20 09:02 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-20 09:02 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-20 09:02 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-20 09:02 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-20 09:02 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-20 09:02 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-20 09:02 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-20 09:02 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-20 09:02 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-20 09:02 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-20 09:02 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-20 09:02 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-20 09:02 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-20 09:02 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-20 09:01 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-20 09:01 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-20 09:01 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-20 09:01 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-20 09:01 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-20 09:01 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-20 09:01 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-20 09:01 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-20 09:01 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-20 09:01 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-20 09:01 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-20 09:01 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-20 09:01 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-20 09:01 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-20 09:01 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-20 09:01 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-20 09:01 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-20 09:01 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-20 09:01 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-20 09:01 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-20 09:01 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-20 09:01 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-20 09:01 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-20 09:01 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-20 09:01 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-20 09:01 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-20 09:01 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-20 09:01 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-20 09:01 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-20 09:01 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-20 09:01 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-20 09:01 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-20 09:01 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-20 09:01 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-20 09:01 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-20 09:01 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-20 09:01 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-20 09:01 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-20 09:01 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-20 09:01 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-20 09:01 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-20 09:01 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-20 09:01 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-20 09:01 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-20 09:01 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-20 09:01 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-20 09:01 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-20 09:01 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-20 09:01 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-20 09:01 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-20 09:01 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-20 09:01 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-20 09:01 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-20 09:01 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-20 09:01 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-20 09:01 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-20 09:01 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-20 09:01 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-20 09:01 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-20 09:01 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-20 09:01 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-20 09:01 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-20 09:01 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-20 09:01 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-20 09:01 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-20 09:01 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-20 09:01 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-20 09:01 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-20 09:01 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-20 09:01 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-20 09:01 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-20 09:01 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-20 09:01 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-20 09:01 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-20 09:01 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-20 09:01 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-20 09:01 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-20 09:01 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-20 09:01 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-20 09:01 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-20 09:01 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-20 09:01 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-20 09:01 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-20 09:01 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-20 09:01 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-20 09:01 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-20 09:01 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-20 09:01 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-20 09:01 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-20 09:01 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-20 09:01 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-20 09:01 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-20 09:01 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-20 09:01 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-20 09:01 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-20 09:01 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-20 09:01 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-20 09:01 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-20 09:01 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-20 09:01 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-20 09:01 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-20 09:01 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-20 09:01 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-20 09:01 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-20 09:01 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-20 09:01 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-20 09:01 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-20 09:01 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-20 09:01 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-20 09:01 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-20 09:01 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-20 09:01 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-20 09:01 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-20 09:01 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-20 09:01 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-20 09:01 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-20 09:01 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-20 09:01 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-20 09:01 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-20 09:01 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-20 09:01 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-20 09:01 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-20 09:01 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-20 09:01 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-20 09:01 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-20 09:01 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-20 09:01 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-20 09:01 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-20 09:01 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-20 09:01 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-20 09:01 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-20 09:01 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-20 09:01 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-20 09:01 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-20 09:00 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-20 09:00 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-20 09:00 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-20 09:00 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-20 09:00 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-20 09:00 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-20 09:00 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-20 09:00 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-20 09:00 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-20 09:00 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-20 09:00 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-20 09:00 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-20 09:00 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-20 09:00 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-20 09:00 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-20 09:00 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-20 09:00 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-20 09:00 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-16 09:36 - 2016-06-16 09:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-11 15:09 - 2016-06-11 15:10 - 37952656 _____ (Adobe Systems Incorporated) C:\Users\Kent\Downloads\AdbeRdr11000_sv_SE (1).exe
2016-06-11 15:06 - 2016-06-11 15:06 - 01199816 _____ (Adobe Systems Incorporated) C:\Users\Kent\Downloads\reader11_se_jd_install.exe
2016-06-11 14:39 - 2016-06-11 14:39 - 06728584 _____ (Free PDF Soulutions) C:\Users\Kent\Downloads\pdfreader_setup (1).exe
2016-06-11 14:37 - 2016-06-11 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF Reader
2016-06-11 14:37 - 2016-06-11 14:37 - 00000000 ____D C:\ProgramData\Caphyon
2016-06-11 14:32 - 2016-06-11 14:32 - 06728584 _____ (Free PDF Soulutions) C:\Users\Kent\Downloads\pdfreader_setup.exe
2016-06-11 14:32 - 2016-06-11 14:32 - 00000000 ____D C:\Users\Kent\AppData\Roaming\Free PDF Soulutions
2016-06-11 14:30 - 2016-06-11 14:30 - 152900364 _____ C:\Users\Kent\Downloads\AdbeRdrUpd11012.dmg
2016-06-11 14:18 - 2016-06-11 14:18 - 37952656 _____ (Adobe Systems Incorporated) C:\Users\Kent\Downloads\AdbeRdr11000_sv_SE.exe
2016-06-08 20:53 - 2016-06-08 20:53 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-08 20:53 - 2016-06-08 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-08 20:52 - 2016-06-08 20:53 - 00000000 ____D C:\Program Files\iTunes
2016-06-08 20:52 - 2016-06-08 20:52 - 00000000 ____D C:\Program Files\iPod
2016-06-08 20:52 - 2016-06-08 20:52 - 00000000 ____D C:\Program Files (x86)\iTunes
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-04 22:00 - 2015-10-30 16:22 - 00000412 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2016-07-04 21:57 - 2015-07-24 20:45 - 00001022 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1003UA.job
2016-07-04 21:55 - 2015-06-23 19:52 - 00001010 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1001UA.job
2016-07-04 21:52 - 2012-11-24 17:49 - 00001018 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-04 21:34 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-04 21:34 - 2013-01-15 11:01 - 00000000 ____D C:\ProgramData\MFAData
2016-07-04 21:34 - 2012-11-15 19:25 - 00004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3D7A581C-5BF6-4309-AE9D-75B77A19A5B0}
2016-07-04 13:29 - 2012-02-11 01:26 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-04 09:49 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-04 09:48 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-03 21:57 - 2015-12-14 22:34 - 02038604 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-03 21:57 - 2015-10-30 20:12 - 00843914 _____ C:\WINDOWS\system32\perfh01D.dat
2016-07-03 21:57 - 2015-10-30 20:12 - 00191612 _____ C:\WINDOWS\system32\perfc01D.dat
2016-07-03 21:57 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-03 21:54 - 2012-11-17 13:59 - 00000000 ___RD C:\Users\Kent\Dropbox
2016-07-03 21:52 - 2012-11-24 17:49 - 00001014 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-03 21:50 - 2015-12-14 23:01 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-03 21:50 - 2013-03-13 23:36 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-07-03 21:50 - 2013-03-13 23:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-07-03 21:49 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-02 12:43 - 2015-10-30 13:45 - 00000000 ____D C:\Users\Kent\AppData\Roaming\vlc
2016-07-01 20:57 - 2015-07-24 20:45 - 00000970 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1003Core.job
2016-07-01 20:55 - 2015-06-23 19:52 - 00000958 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1001Core.job
2016-06-27 15:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-27 14:53 - 2013-03-13 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-26 22:07 - 2015-12-14 22:35 - 00000000 ____D C:\Users\Kent
2016-06-26 22:00 - 2012-11-17 13:57 - 00000000 ____D C:\Users\Kent\AppData\Roaming\Dropbox
2016-06-22 13:03 - 2015-09-03 20:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-21 18:51 - 2015-12-14 22:26 - 00365584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-21 18:47 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-21 18:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-21 18:47 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-21 09:19 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-21 08:57 - 2013-07-14 17:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-21 08:46 - 2013-04-13 22:12 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-20 08:59 - 2012-11-24 17:50 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-19 22:02 - 2015-12-14 22:35 - 00000000 ____D C:\Users\Lisbeth
2016-06-16 15:38 - 2012-12-11 22:09 - 00000000 ____D C:\Users\Kent\AppData\Roaming\Skype
2016-06-16 09:36 - 2015-08-27 15:11 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-16 09:36 - 2014-03-11 18:14 - 00000000 ____D C:\Users\Kent\AppData\Local\Skype
2016-06-16 09:36 - 2012-02-11 01:41 - 00000000 ____D C:\ProgramData\Skype
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-14 19:50 - 2016-01-25 19:19 - 00001009 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-06-11 15:07 - 2012-11-18 12:34 - 00000000 ____D C:\Users\Kent\AppData\Local\Adobe
2016-06-08 20:52 - 2013-01-02 15:13 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-08 19:39 - 2016-04-28 18:56 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
 
==================== Files in the root of some directories =======
 
2015-10-30 12:34 - 2015-10-30 12:34 - 0000027 _____ () C:\Program Files\plugins.dat
2015-07-18 14:33 - 2015-07-18 14:33 - 6420480 _____ () C:\Program Files (x86)\GUT824.tmp
2014-08-24 21:27 - 2016-05-14 10:37 - 0476990 _____ () C:\Users\Kent\AppData\Roaming\LW_kenedw@edu.gislaved.se.sd
2014-08-24 21:27 - 2016-04-03 12:19 - 0468557 _____ () C:\Users\Kent\AppData\Roaming\LW_kenedw@edu.gislaved.se.sd0
2014-08-24 21:27 - 2016-03-14 23:34 - 0467472 _____ () C:\Users\Kent\AppData\Roaming\LW_kenedw@edu.gislaved.se.sd1
2016-02-15 19:35 - 2016-02-15 19:49 - 0007635 _____ () C:\Users\Kent\AppData\Local\resmon.resmoncfg
2014-09-18 19:20 - 2014-09-18 19:20 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-12-27 19:28 - 2014-12-27 19:28 - 0000082 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
 
Some files in TEMP:
====================
C:\Users\Kent\AppData\Local\Temp\avguirn_081494427571.exe
C:\Users\Kent\AppData\Local\Temp\avguirn_081719093974.exe
C:\Users\Kent\AppData\Local\Temp\avguirn_082000144314.exe
C:\Users\Kent\AppData\Local\Temp\avguirn_08589801426.exe
C:\Users\Kent\AppData\Local\Temp\avguirn_08940571762.exe
C:\Users\Kent\AppData\Local\Temp\avguirn_08986643080.exe
C:\Users\Kent\AppData\Local\Temp\libeay32.dll
C:\Users\Kent\AppData\Local\Temp\msvcr120.dll
C:\Users\Kent\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kent\AppData\Local\Temp\sqlite3.dll
C:\Users\Lisbeth\AppData\Local\Temp\avguirn_08323688679.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-07-02 10:53
 
==================== End of FRST.txt ============================
 
 
 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Sangris
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016

Ran by Kent (2016-07-04 22:09:17)

Running from C:\Users\Kent\Downloads

Windows 10 Home Version 1511 (X64) (2015-12-14 21:07:03)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administratör (S-1-5-21-1046946943-3530856008-3823607057-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1046946943-3530856008-3823607057-503 - Limited - Disabled)

Gäst (S-1-5-21-1046946943-3530856008-3823607057-501 - Limited - Disabled) => C:\Users\Gäst

HomeGroupUser$ (S-1-5-21-1046946943-3530856008-3823607057-1002 - Limited - Enabled)

Kent (S-1-5-21-1046946943-3530856008-3823607057-1001 - Administrator - Enabled) => C:\Users\Kent

Lisbeth (S-1-5-21-1046946943-3530856008-3823607057-1003 - Limited - Enabled) => C:\Users\Lisbeth

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)

Adobe Acrobat Reader DC - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)

Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)

ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden

Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)

Apple-programstöd (32-bitar) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)

Apple-programstöd (64-bitar) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)

AVG (Version: 16.81.7640 - AVG Technologies) Hidden

AVG 2016 (Version: 16.0.4613 - AVG Technologies) Hidden

AVG Protection (HKLM\...\AVG) (Version: 2016.81.7640 - AVG Technologies)

AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.1.831 - AVG Technologies)

BankID säkerhetsprogram (HKLM-x32\...\{4B2557F9-8C03-4BE7-9984-4DE525076580}) (Version: 6.4.0.22 - Finansiell ID-Teknik BID AB)

Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden

Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )

CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq4809) (Version:  - )

Center för Windows Mobile-enheter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Comviq Surf Connect (HKLM-x32\...\Comviq Surf Connect) (Version: 11.300.05.19.56 - Huawei Technologies Co.,Ltd)

Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.2.4725 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DIAL Communication Framework (HKLM-x32\...\{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}) (Version: 1.2.0.200 - DIAL GmbH)

DIALux 4.11 (HKLM-x32\...\DIALux) (Version: 4.11.0.3 - DIAL GmbH)

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dropbox (HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)

e-kort (HKLM-x32\...\{BA9632CB-2B93-4FD6-905C-BB325CE1C4DD}) (Version: 3.16.8.0 - FöreningsSparbanken)

e-kort (x32 Version: 1.1.0.0 - FöreningsSparbanken) Hidden

Elevated Installer (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden

Epson Easy Photo Print 2 (HKLM-x32\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)

EPSON P50 Series Printer Uninstall (HKLM\...\EPSON P50 Series) (Version:  - SEIKO EPSON Corporation)

Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)

Epson Stylus Photo P50_T50 Handbok (HKLM-x32\...\Epson Stylus Photo P50_T50 Användarhandbok) (Version:  - )

ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{768A6276-5822-489C-8A2B-67190F745655}) (Version: 4.1.2 - Hewlett-Packard)

Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)

Fagerhult catalogue 01 / 2012 (HKLM-x32\...\{CD3B8A65-DFFE-4BD5-8430-5E376F61136E}) (Version: 3.00.0000 - Fagerhult)

Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden

Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden

FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden

Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden

FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden

Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.0.0.624 - Foxit Software Inc.)

Free PDF Reader (HKLM-x32\...\Free PDF Reader 1.0.0) (Version: 1.0.0 - Free PDF Soulutions)

Free PDF Reader (x32 Version: 1.0.0 - Free PDF Soulutions) Hidden

Garmin Express (HKLM-x32\...\{2639b4f0-83b4-4f3d-942f-e4ba22a40b9b}) (Version: 4.1.19.0 - Garmin Ltd or its subsidiaries)

Garmin Express (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden

Garmin Express Tray (x32 Version: 4.1.19.0 - Garmin Ltd or its subsidiaries) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden

Grundläggande enhetsprogramvara för HP Deskjet 2050 J510 series (HKLM\...\{CEE93371-0274-4691-9152-CA2FB0544148}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)

Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden

HP 3D DriveGuard (HKLM\...\{DAAB29F9-07C3-4634-B9C6-413CF47B6E02}) (Version: 4.2.9.1 - Hewlett-Packard Company)

HP CoolSense (HKLM-x32\...\{0D3A6808-82B8-4BB1-BE5A-AED75B3F6C02}) (Version: 2.20.11 - Hewlett-Packard Company)

HP Deskjet 2050 J510 series Hjälp (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)

HP Documentation (HKLM-x32\...\{16652164-D80F-4EE6-90C6-2E8D5D06092A}) (Version: 1.1.0.0 - Hewlett-Packard)

HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)

HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)

HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)

HP Photo Creations (HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\HP Photo Creations) (Version: 1.0.0.19382 - HP)

HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)

HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)

HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15109.3899 - Hewlett-Packard Company)

HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)

HP Software Framework (HKLM-x32\...\{21E6AD46-62D8-45B7-ADB7-BC6A80D4B54F}) (Version: 4.6.10.1 - Hewlett-Packard Company)

HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)

HP Support Solutions Framework (HKLM-x32\...\{A0E89543-3D17-4218-A28A-06D037E0BF46}) (Version: 12.4.18.7 - Hewlett-Packard Company)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6392.0 - IDT)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)

Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)

Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)

iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)

Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)

Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden

Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden

John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

LearnWARE (HKLM-x32\...\LearnWARE) (Version: 11.15.2.0 - P&L Nordic AB)

Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden

Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden

Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)

Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden

McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Excel 2007 Help Uppdatering (KB963678) (HKLM-x32\...\{90120000-0016-041D-0000-0000000FF1CE}_PROPLUS_{6696EB50-EC8B-4D01-8061-04A6DE3D590C}) (Version:  - Microsoft)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Klicka-och-kör 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Outlook 2007 (HKLM-x32\...\OUTLOOKR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669) (HKLM-x32\...\{90120000-0018-041D-0000-0000000FF1CE}_PROPLUS_{18E9F644-2552-4544-AABB-C1838964DDEE}) (Version:  - Microsoft)

Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Starter 2010 - svenska (HKLM-x32\...\{90140011-0066-041D-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)

Microsoft Office Word 2007 Help Uppdatering (KB963665) (HKLM-x32\...\{90120000-001B-041D-0000-0000000FF1CE}_PROPLUS_{5DF6817C-E3C0-4226-9565-5C10A0AF4BF5}) (Version:  - Microsoft)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 40.0.3 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 sv-SE)) (Version: 40.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)

NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)

opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden

Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden

Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden

Produktförbättringsstudie för HP Deskjet 2050 J510 series (HKLM\...\{1C1D7366-58A3-489A-BD74-B7FB1B4BFF22}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Ralink RT5390R 802.11b/g/n Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.2.0 - Ralink)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29004 - Realtek Semiconductor Corp.)

RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden

Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)

Spotify (HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)

The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden

Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden

Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)

Unity Web Player (HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows-drivrutinspaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)

Windows-drivrutinspaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden

Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

VolvoOceanRace - Volvo Ocean Race Tracker - Tracker (HKLM-x32\...\VolvoOceanRace Volvo Ocean Race Tracker) (Version: "1.1.1" - "VolvoOceanRace")

Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Kent\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Kent\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {070F2527-4116-4AB0-9D92-1E1782648E9E} - System32\Tasks\HP Photo Creations Communicator => C:\Users\Kent\AppData\Roaming\HP Photo Creations\Communicator.exe [2015-10-30] ()

Task: {101DA682-7F50-4F1A-BA21-70F6153C933E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

Task: {107FAC4C-8B5D-40A0-87D3-959E48C25884} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe

Task: {15DB85DF-9163-41C8-B7B2-BD8AF9802CA7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1003Core => C:\Users\Lisbeth\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-24] (Dropbox, Inc.)

Task: {19DBDD16-2F89-4A16-96AF-1AA43419EFB5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-21] (Microsoft Corporation)

Task: {1F27001E-9B50-48C2-8E2F-69406F5013D2} - System32\Tasks\{6A41D6DB-AEDD-4DE6-B246-8CF710D3B14F} => pcalua.exe -a E:\MSETUP.EXE -d E:\

Task: {1FA9ADB1-17CA-41B0-9E0E-184A722B8B70} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe

Task: {1FD18B76-07CD-4AFC-949C-12C54116A4F4} - System32\Tasks\{8279DC60-AE32-42A2-9512-43359E64BD1B} => Firefox.exe hxxp://ui.skype.com/ui/0/6.9.0.106/sv/abandoninstall?page=tsProgressBar

Task: {26EF4ECB-81AA-4356-9E64-4F042615224B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {39B28C76-B155-4845-80BB-5FA6D746330E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1001UA => C:\Users\Kent\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)

Task: {3B1C0655-E012-410A-A557-264189192DE6} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()

Task: {3CC34137-3EB3-4A13-BB2E-A5F5D7637E09} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe

Task: {431EDE83-F894-48D8-983E-B655D3BBC3C8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {4CC3FE3F-6429-4B9C-80BD-A5E87781B5EE} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {551CAE88-57C2-4EC8-A540-C967D373836F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {5C04B8D7-427D-4100-BEAC-9E0042F18E08} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {5D7D321B-EBB6-4A0C-A939-8D79FB3D97C5} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-11-29] (CyberLink)

Task: {62417831-1927-4595-AA19-2E43F3CFDE53} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Task: {63511AE8-BB52-4589-B57D-AEA85102B298} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe

Task: {735E7182-13A6-4509-B1B2-5677A9128487} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-05-04] (Hewlett-Packard)

Task: {7508A651-43D2-468A-A524-FB5A5A340712} - System32\Tasks\{7BEBCC69-7379-4428-848D-7A58DE162794} => pcalua.exe -a C:\Users\Kent\Downloads\CanoScan_N650U_N656U_CSUv571a.exe -d C:\Users\Kent\Downloads

Task: {7538D294-94FD-4694-BAFF-26A9C1A10487} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)

Task: {7CECB291-C9F8-4D0C-9A66-B6E970D96A4E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe

Task: {81EDFAB9-8CC6-4D09-B1EB-B31EA5D09EBB} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-04-08] ()

Task: {87DFAFE4-456F-4E5A-9DB9-02D576EDD20B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe

Task: {8CB6D627-FCAD-4A62-BDD8-AF849EABA2D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {8F5AF116-79AB-4B5F-ACEB-9BF052311BAB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

Task: {90897CAC-8C06-4A16-B0BD-C0DEDFC5F010} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1001Core => C:\Users\Kent\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)

Task: {94E5FA2C-5D94-4E54-BCB6-A9DAB1A58CF6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe

Task: {9AD96132-EA4C-4606-8396-3AAD22B50A7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)

Task: {9D9B1F9E-00E8-4BF1-996E-6BFA75605011} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)

Task: {A10A50D2-D911-4542-A08E-A7DC65002149} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)

Task: {A4B75385-5913-461C-80FF-7EC0A4E5BF7C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {A5FBEDF1-8943-46A7-B83C-EA35560E9EC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)

Task: {A74E366D-AD33-4655-877E-9A81252161B5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {AD5C2A0C-AF8F-4BC5-9291-786A8B028BEE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

Task: {B139E0E4-24D9-4FB2-AB65-0514DC062688} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

Task: {B7379767-069B-44DE-B27B-9E0F5D967B25} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe

Task: {B798B99A-F843-4660-8034-91C94029D676} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe

Task: {B7A28C43-7D2D-4174-A98A-561327926BC2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {B88BC400-8973-4403-827E-2F8E08E1289A} - System32\Tasks\HPCustParticipation HP Deskjet 2050 J510 series => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)

Task: {BAE19852-C5C1-4095-A886-EA4CC3DEFF0B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe

Task: {C14EF530-635D-49B9-BA53-3BC82649FB81} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)

Task: {C2AE3CC6-7F27-41B6-8FF6-F444E1E4EB19} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {C2E5ECF5-D175-4141-A8AE-D9D4D193E400} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe

Task: {C5036B95-810B-4310-9F4E-E8C1487AFE5D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1003UA => C:\Users\Lisbeth\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-24] (Dropbox, Inc.)

Task: {CD8593EC-2A93-4CE3-8B5D-EA9A4D5D24B2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe

Task: {D2E8C793-84E0-4D43-BEF7-501888B36E19} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.)

Task: {DC9C2AFB-9877-4E49-8D19-BA039D2B3E4D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

Task: {DDAE5F7A-4C83-488C-BD27-5BA319B5A155} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {DFA7FE8B-A988-44FF-B59F-90164E5E7C04} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {E04037AF-C9E3-449E-B9B6-F4B0EDAD7538} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe

Task: {E5068966-F669-45A3-BBC6-C5B477353E75} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

Task: {E5C58204-778A-4B3A-9689-2CA7B116CDF8} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-08-19] (Hewlett-Packard Development Company, L.P.)

Task: {F154F509-891E-4F1B-BAA5-954C55BAF9BB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe

Task: {F21ECEFB-8C75-4307-A446-5559D0AE14C5} - System32\Tasks\0815scUpdateInfo => C:\ProgramData\Avg_Update_0815sc\0815sc_{1192B729-2E86-485F-919E-77BC29767525}.exe [2016-03-22] ()

Task: {F6B32B3F-95B3-4DBE-ABBB-07DF9B94C7C4} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe

Task: {FDD94712-A4FD-40CD-9929-3A986D8C60CD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.)

Task: {FDDD5FEB-E4A2-4C6E-A000-A530016D8AA9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe

Task: {FEE792C3-7AFC-4701-8EFD-AD05B2F5F8F0} - System32\Tasks\HPCeeScheduleForKent => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1001Core.job => C:\Users\Kent\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1001UA.job => C:\Users\Kent\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1003Core.job => C:\Users\Lisbeth\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1046946943-3530856008-3823607057-1003UA.job => C:\Users\Lisbeth\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Users\Kent\AppData\Roaming\HP Photo Creations\Communicator.exe

Task: C:\WINDOWS\Tasks\HPCeeScheduleForKent.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Task: C:\WINDOWS\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

 

==================== Shortcuts =============================

 

(The entries could be listed to be restored or removed.)

 

Shortcut: C:\Users\Public\Desktop\rara Music.lnk -> hxxp://redirect.hp.com/svs/rdr?locale=sv_se&bd=pavilion&tp=dticon&pf=cnnb&c=121&s=RaRa&TYPE=44C:\Program Files (x86)\Online Services\RaRa\RaRa.ico (No File)

 

==================== Loaded Modules (Whitelisted) ==============

 

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2012-03-30 11:41 - 2011-12-16 22:37 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2013-07-13 19:49 - 2009-05-19 19:27 - 00110592 _____ () C:\ProgramData\DatacardService\DCSHost.exe

2016-04-14 14:27 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2016-04-14 14:27 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

2015-12-18 15:45 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll

2016-05-11 20:48 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

2016-06-20 09:01 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2016-06-20 09:01 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2016-06-20 09:02 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2016-06-20 09:02 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2015-09-03 20:59 - 2015-09-03 20:59 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll

2016-06-08 19:36 - 2016-05-25 19:03 - 00034768 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd

2016-06-26 22:00 - 2016-05-25 19:03 - 00134088 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\pyexpat.pyd

2016-06-26 22:00 - 2016-05-25 19:04 - 00019408 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\faulthandler.pyd

2016-06-26 22:00 - 2016-05-25 19:03 - 00116688 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\pywintypes27.dll

2016-06-08 19:36 - 2016-05-25 19:03 - 00093640 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_ctypes.pyd

2016-06-08 19:36 - 2016-05-25 19:03 - 00018376 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\select.pyd

2016-06-08 19:36 - 2016-06-13 22:13 - 00019760 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00105928 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32api.pyd

2016-06-26 22:00 - 2016-05-25 19:03 - 00392144 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\pythoncom27.dll

2016-06-08 19:36 - 2016-06-13 22:13 - 00381752 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd

2016-06-08 19:36 - 2016-05-25 19:03 - 00692688 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\unicodedata.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00020816 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd

2016-06-08 19:36 - 2016-05-25 19:04 - 00123856 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 01682760 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00020808 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd

2016-06-08 19:36 - 2016-06-13 22:13 - 00021840 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00052024 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00038696 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\fastpath.pyd

2016-06-26 22:00 - 2016-05-25 19:05 - 00020936 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\mmapfile.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00024528 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32event.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00114640 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32security.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00124880 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32file.pyd

2016-06-08 19:36 - 2016-06-13 22:13 - 00021832 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00024016 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32clipboard.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00175560 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32gui.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00030160 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32pipe.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00043472 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32process.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00048592 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32service.pyd

2016-06-08 19:36 - 2016-06-13 22:13 - 00023872 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00026456 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00057808 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32evtlog.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00024016 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32profile.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00246592 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00028616 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32ts.pyd

2016-06-08 19:36 - 2016-06-13 22:13 - 00020800 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd

2016-06-08 19:36 - 2016-06-13 22:13 - 00019776 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd

2016-06-08 19:36 - 2016-06-13 22:13 - 00020800 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd

2016-06-08 19:36 - 2016-05-25 19:03 - 00134608 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_elementtree.pyd

2016-06-26 22:00 - 2016-05-25 19:04 - 00240584 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\jpegtran.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00020280 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd

2016-06-08 19:36 - 2016-06-13 22:13 - 00023376 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00350152 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winxpgui.pyd

2016-06-08 19:36 - 2016-06-13 22:13 - 00022352 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00024392 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd

2016-06-26 22:00 - 2016-05-25 19:05 - 00036296 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\librsync.dll

2016-06-26 22:00 - 2016-06-13 22:13 - 00031568 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd

2016-06-26 22:00 - 2016-03-12 02:46 - 00293392 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll

2016-06-26 22:00 - 2016-06-13 22:13 - 00084280 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL

2016-06-26 22:00 - 2016-06-13 22:13 - 01826096 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd

2016-06-08 19:36 - 2016-05-25 19:04 - 00083912 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\sip.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 03928880 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 01971504 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00531248 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00132912 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00223544 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00207672 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd

2016-06-08 19:36 - 2016-05-25 19:05 - 00060880 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\win32print.pyd

2016-06-08 19:36 - 2016-06-13 22:13 - 00025928 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd

2016-06-08 19:36 - 2016-06-13 22:13 - 00024904 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00546096 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd

2016-06-26 22:00 - 2016-06-13 22:13 - 00357680 _____ () C:\Users\Kent\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd

2015-10-24 10:07 - 2016-04-15 16:05 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll

2012-03-30 11:41 - 2011-11-30 05:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2012-03-30 11:41 - 2011-12-16 20:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2016-06-20 08:58 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll

2016-06-20 08:58 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll

2016-06-20 08:58 - 2016-06-15 11:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:\Users\Lisbeth\Desktop\Fil 2016-03-22 18 23 02.png:com.dropbox.attributes [211]

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg

DNS Servers: 192.168.0.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BankID säkerhetsprogram.lnk => C:\Windows\pss\BankID säkerhetsprogram.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: EPSON P50 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFFE.EXE /FU "C:\Windows\TEMP\E_SD608.tmp" /EF "HKCU"

MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: SetDefault => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe

HKLM\...\StartupApproved\Run: => "Windows Mobile Device Center"

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "APSDaemon"

HKLM\...\StartupApproved\Run32: => "e-kort"

HKLM\...\StartupApproved\Run32: => "Easybits Recovery"

HKLM\...\StartupApproved\Run32: => "HP Quick Launch"

HKLM\...\StartupApproved\Run32: => "HP Software Update"

HKLM\...\StartupApproved\Run32: => "QuickTime Task"

HKLM\...\StartupApproved\Run32: => "UVS10 Preload"

HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"

HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\...\StartupApproved\Run: => "Spotify Web Helper"

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808

FirewallRules: [{3B569B35-B35F-4971-B968-01D684B9C2B2}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe

FirewallRules: [{E49A7543-A461-4145-B068-8283EB25DEE8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe

FirewallRules: [{28957134-5048-4C11-A620-99F91788A962}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe

FirewallRules: [{78735E54-8766-4705-A586-22FBAC209CED}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{B9C72172-F69A-4F90-9EC8-E24806D0605E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{E228A79F-77D4-4F6B-85BF-08603041E60B}] => (Allow) LPort=2869

FirewallRules: [{759B3CD9-1972-484D-8A56-44DBA8AD3879}] => (Allow) LPort=1900

FirewallRules: [{5188406F-8BC6-4257-A6FC-F3067428D770}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{A8FEADE3-27D6-4EC0-A4F9-CA0D822A8BE8}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe

FirewallRules: [{73E9C6F4-694D-44B2-A3A2-82BCA3C1DB4D}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe

FirewallRules: [{C0576A5A-6757-46F3-8D5B-6C371FCED293}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe

FirewallRules: [TCP Query User{AFD967C7-6D55-4008-AD3C-CD9EC3775D4F}C:\users\kent\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\kent\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [uDP Query User{1A4E5B21-4DE5-464E-A860-BB882A1C7B8C}C:\users\kent\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\kent\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [{EE74F88F-4C98-499A-802A-750315F5DCAA}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe

FirewallRules: [{96D2FF4B-5A3A-42EF-9DAE-9B851C66818A}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe

FirewallRules: [TCP Query User{CAD12D8E-3163-4D57-8E77-2FEEF6A2E1DB}C:\program files (x86)\microsoft office\office12\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office12\outlook.exe

FirewallRules: [uDP Query User{FA38CF5C-B12B-4EF6-A406-F4281B18CCEF}C:\program files (x86)\microsoft office\office12\outlook.exe] => (Block) C:\program files (x86)\microsoft office\office12\outlook.exe

FirewallRules: [TCP Query User{4ECC1659-8DD6-4488-A02B-3DB9928AB654}C:\users\kent\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kent\appdata\roaming\spotify\spotify.exe

FirewallRules: [uDP Query User{0B9E2C8B-1C12-4125-9167-1D8D62155D23}C:\users\kent\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kent\appdata\roaming\spotify\spotify.exe

FirewallRules: [{CE2058A9-FA1F-45BF-8B88-6502D85F3E66}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe

FirewallRules: [{ED682D2B-5683-4A67-A9D3-7888A92536F2}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe

FirewallRules: [{4E62B900-2C76-414A-9360-707608034AB5}] => (Allow) C:\Users\Lisbeth\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{4398FB54-C0E8-4604-9111-4DE879637F1F}] => (Allow) C:\Users\Lisbeth\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{17B4862E-9EE7-4E81-A6A3-9791F15F3A97}] => (Allow) C:\Users\Kent\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{C46C3D1F-A8AB-4B6F-B21E-1F51560D85F8}] => (Allow) C:\Users\Kent\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{D2DF08AB-8B8C-4CB1-A9B9-512D88A77C72}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe

FirewallRules: [{00997D94-89C7-4780-9A27-F1BAD6796D80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{D0920852-50AB-4FA7-8181-5D760C81AAE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{37B44077-E8E4-46D2-BBD1-BE8659A99D05}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{D40CFEF4-3FC0-4193-890F-75449B3E3970}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{BF442266-1976-4B1C-BCF0-E80609B76394}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{9897D63F-5B5C-4CA0-8FD4-DAFA18166E98}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{1421C2C2-4DFE-4994-B188-7C53B0CCC62D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{4EA9E440-15D9-4337-8A4B-89EB1639C15E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{178B656F-7AFA-4E1F-A49E-687F92EB173F}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{5874B07D-2A2B-4125-A226-C8A48D498B83}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe

FirewallRules: [{51029FD3-0251-4F18-BEE8-C90CB563E69B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe

FirewallRules: [{35191044-7605-4CEE-B052-58F3C19BA944}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe

FirewallRules: [{20C3218A-BD95-4F81-B9DB-32EC0C883AAD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe

FirewallRules: [{23858C93-B49D-4EDE-AD4B-3452394DC03C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

FirewallRules: [{96AE43AE-2B28-4D8E-B6D1-BE718BC0F033}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

FirewallRules: [{0A6F7947-A3F3-4146-A5DE-C7BC041AC91B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

==================== Restore Points =========================

 

11-06-2016 14:36:04 Installed Free PDF Reader

21-06-2016 08:39:34 Windows Update

21-06-2016 08:42:15 Windows Update

26-06-2016 22:16:22 Windows Update

02-07-2016 12:17:04 Återställning

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (07/04/2016 10:06:53 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Felet uppstod i programmet med namn: taskhostw.exe, version 10.0.10586.0, tidsstämpel 0x5632d756

, felet uppstod i modulen med namn: ntdll.dll, version 10.0.10586.306, tidsstämpel 0x571af2eb

Undantagskod: 0xc0000005

Felförskjutning: 0x00000000000231f7

Process-ID: 0x187c

Programmets starttid: 0xtaskhostw.exe0

Sökväg till program: taskhostw.exe1

Sökväg till modul: taskhostw.exe2

Rapport-ID: taskhostw.exe3

Fullständigt namn på felaktigt paket: taskhostw.exe4

Program-ID relativt till felaktigt paket: taskhostw.exe5

 

Error: (07/04/2016 09:30:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 26156891

 

Error: (07/04/2016 09:30:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 26156891

 

Error: (07/04/2016 09:30:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/04/2016 01:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Felet uppstod i programmet med namn: esetonlinescanner_enu (1).exe, version 2.0.8.0, tidsstämpel 0x573dab40

, felet uppstod i modulen med namn: esetonlinescanner_enu (1).exe, version 2.0.8.0, tidsstämpel 0x573dab40

Undantagskod: 0xc0000005

Felförskjutning: 0x001b6453

Process-ID: 0x1dec

Programmets starttid: 0xesetonlinescanner_enu (1).exe0

Sökväg till program: esetonlinescanner_enu (1).exe1

Sökväg till modul: esetonlinescanner_enu (1).exe2

Rapport-ID: esetonlinescanner_enu (1).exe3

Fullständigt namn på felaktigt paket: esetonlinescanner_enu (1).exe4

Program-ID relativt till felaktigt paket: esetonlinescanner_enu (1).exe5

 

Error: (07/04/2016 01:57:22 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Felet uppstod i programmet med namn: esetonlinescanner_enu.exe, version 2.0.8.0, tidsstämpel 0x573dab40

, felet uppstod i modulen med namn: esetonlinescanner_enu.exe, version 2.0.8.0, tidsstämpel 0x573dab40

Undantagskod: 0xc0000005

Felförskjutning: 0x00036471

Process-ID: 0x22a0

Programmets starttid: 0xesetonlinescanner_enu.exe0

Sökväg till program: esetonlinescanner_enu.exe1

Sökväg till modul: esetonlinescanner_enu.exe2

Rapport-ID: esetonlinescanner_enu.exe3

Fullständigt namn på felaktigt paket: esetonlinescanner_enu.exe4

Program-ID relativt till felaktigt paket: esetonlinescanner_enu.exe5

 

Error: (07/03/2016 09:59:33 PM) (Source: Perflib) (EventID: 1008) (User: )

Description: BITSC:\Windows\System32\bitsperf.dll8

 

Error: (07/03/2016 09:41:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Kent-HP)

Description: Aktiveringen av appen Microsoft.WindowsStore_8wekyb3d8bbwe!App misslyckades med felet: -2147023170 Mer information finns i loggen Microsoft-Windows-TWinUI/Operational.

 

Error: (07/02/2016 12:17:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Anropet OnIdentity() i systemskrivarobjektet misslyckades för tjänsten Cryptographic Services.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Åtkomst nekad.

.

 

Error: (06/29/2016 06:10:00 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Felet uppstod i programmet med namn: AcroRd32.exe, version 15.16.20045.57024, tidsstämpel 0x57488f28

, felet uppstod i modulen med namn: SHELL32.dll, version 10.0.10586.306, tidsstämpel 0x571af6c4

Undantagskod: 0xc0000008

Felförskjutning: 0x010b8c7a

Process-ID: 0x245c

Programmets starttid: 0xAcroRd32.exe0

Sökväg till program: AcroRd32.exe1

Sökväg till modul: AcroRd32.exe2

Rapport-ID: AcroRd32.exe3

Fullständigt namn på felaktigt paket: AcroRd32.exe4

Program-ID relativt till felaktigt paket: AcroRd32.exe5

 

 

System errors:

=============

Error: (07/04/2016 10:06:54 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)

Description: programspecifikLokalAktivering{3185A766-B338-11E4-A71E-12E3F512A338}{7006698D-2974-4091-A424-85DD0B909E23}NT instansLokal tjänstS-1-5-19LocalHost (med LRPC)Inte tillgängligInte tillgänglig

 

Error: (07/04/2016 09:49:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT instans)

Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x87af0813: OneNote.

 

Error: (07/04/2016 09:23:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Tjänsten eapihdrv kunde inte startas på grund av följande fel: 

%%1275 = Den här drivrutinen har blockerats för inläsning

 

 

Error: (07/04/2016 09:23:57 AM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\Kent\AppData\Local\Temp\ehdrv.sys

 

Error: (07/04/2016 09:23:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Tjänsten eapihdrv kunde inte startas på grund av följande fel: 

%%1275 = Den här drivrutinen har blockerats för inläsning

 

 

Error: (07/04/2016 09:23:56 AM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\Kent\AppData\Local\Temp\ehdrv.sys

 

Error: (07/04/2016 09:23:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Tjänsten eapihdrv kunde inte startas på grund av följande fel: 

%%1275 = Den här drivrutinen har blockerats för inläsning

 

 

Error: (07/04/2016 09:23:56 AM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\Kent\AppData\Local\Temp\ehdrv.sys

 

Error: (07/04/2016 09:23:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Tjänsten eapihdrv kunde inte startas på grund av följande fel: 

%%1275 = Den här drivrutinen har blockerats för inläsning

 

 

Error: (07/04/2016 09:23:56 AM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\Kent\AppData\Local\Temp\ehdrv.sys

 

 

CodeIntegrity:

===================================

  Date: 2016-07-04 22:05:56.398

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-07-04 22:05:56.369

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-07-04 14:02:03.566

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-07-04 14:02:03.526

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-07-03 21:54:41.990

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-07-03 21:54:41.930

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-07-03 21:36:02.954

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-07-03 21:36:02.936

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-07-03 21:36:02.197

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2016-07-03 21:36:02.167

  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Pentium® CPU B960 @ 2.20GHz

Percentage of memory in use: 58%

Total physical RAM: 3992.36 MB

Available physical RAM: 1649.36 MB

Total Virtual: 8088.36 MB

Available Virtual: 5750.78 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:442.21 GB) (Free:259.22 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (Recovery) (Fixed) (Total:23.25 GB) (Free:2.42 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 81FB2120)

Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=442.2 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=23.3 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

 

==================== End of Addition.txt ============================

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

1. Avinstallera:
Java 8 Update 31
För det är en gammal Java-version med kända säkerhetshål som gör det lätt att infektera datorn från en webbsida. De flesta behöver inte ha Java installerat alls, men om du måste så är det viktigt att alltid ha den senaste versionen.


2. Flytta FRST-programmet från mappen Downloads/Hämtade filer till skrivbordet.
 
Starta programmet Anteckningar.
Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll => No File
Toolbar: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
CHR Plugin: (Norton Confidential) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => No File
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-03] ()
U3 idsvc; no ImagePath
Task: {101DA682-7F50-4F1A-BA21-70F6153C933E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {1F27001E-9B50-48C2-8E2F-69406F5013D2} - System32\Tasks\{6A41D6DB-AEDD-4DE6-B246-8CF710D3B14F} => pcalua.exe -a E:\MSETUP.EXE -d E:\
Task: {3B1C0655-E012-410A-A557-264189192DE6} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {551CAE88-57C2-4EC8-A540-C967D373836F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5C04B8D7-427D-4100-BEAC-9E0042F18E08} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {62417831-1927-4595-AA19-2E43F3CFDE53} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8CB6D627-FCAD-4A62-BDD8-AF849EABA2D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A4B75385-5913-461C-80FF-7EC0A4E5BF7C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B7A28C43-7D2D-4174-A98A-561327926BC2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {DC9C2AFB-9877-4E49-8D19-BA039D2B3E4D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {DDAE5F7A-4C83-488C-BD27-5BA319B5A155} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DFA7FE8B-A988-44FF-B59F-90164E5E7C04} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E5068966-F669-45A3-BBC6-C5B477353E75} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Reboot:

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.
Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.
Om datorn inte startas om automatiskt så gör det själv.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.

 

 

3. Har du några fler frågor eller är allt bra med datorn nu så det är dags för instruktionen för avinstallation av FRST?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Sangris
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016

Ran by Kent (2016-07-05 10:44:21) Run:1

Running from C:\Users\Kent\Desktop

Loaded Profiles: Kent (Available Profiles: Kent & Lisbeth & Gäst & DefaultAppPool)

Boot Mode: Normal

==============================================

 

fixlist content:

*****************

CreateRestorePoint:

CloseProcesses:

HKLM-x32\...\Run: [] => [X]

BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll => No File

Toolbar: HKU\S-1-5-21-1046946943-3530856008-3823607057-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

CHR Plugin: (Norton Confidential) - C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => No File

S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-12-03] ()

U3 idsvc; no ImagePath

Task: {101DA682-7F50-4F1A-BA21-70F6153C933E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

Task: {1F27001E-9B50-48C2-8E2F-69406F5013D2} - System32\Tasks\{6A41D6DB-AEDD-4DE6-B246-8CF710D3B14F} => pcalua.exe -a E:\MSETUP.EXE -d E:\

Task: {3B1C0655-E012-410A-A557-264189192DE6} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()

Task: {551CAE88-57C2-4EC8-A540-C967D373836F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION

Task: {5C04B8D7-427D-4100-BEAC-9E0042F18E08} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

Task: {62417831-1927-4595-AA19-2E43F3CFDE53} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

Task: {8CB6D627-FCAD-4A62-BDD8-AF849EABA2D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION

Task: {A4B75385-5913-461C-80FF-7EC0A4E5BF7C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

Task: {B7A28C43-7D2D-4174-A98A-561327926BC2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION

Task: {DC9C2AFB-9877-4E49-8D19-BA039D2B3E4D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION

Task: {DDAE5F7A-4C83-488C-BD27-5BA319B5A155} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

Task: {DFA7FE8B-A988-44FF-B59F-90164E5E7C04} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

Task: {E5068966-F669-45A3-BBC6-C5B477353E75} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION

Task: C:\WINDOWS\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

Reboot:

*****************

 

Restore point was successfully created.

Processes closed successfully.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully

"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully

HKU\S-1-5-21-1046946943-3530856008-3823607057-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully

HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found. 

C:\Users\Kent\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.1.0.30_0\npcoplgn.dll => not found.

EsgScanner => service removed successfully

idsvc => service removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{101DA682-7F50-4F1A-BA21-70F6153C933E}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{101DA682-7F50-4F1A-BA21-70F6153C933E}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F27001E-9B50-48C2-8E2F-69406F5013D2}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F27001E-9B50-48C2-8E2F-69406F5013D2}" => key removed successfully

C:\WINDOWS\System32\Tasks\{6A41D6DB-AEDD-4DE6-B246-8CF710D3B14F} => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6A41D6DB-AEDD-4DE6-B246-8CF710D3B14F}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B1C0655-E012-410A-A557-264189192DE6}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B1C0655-E012-410A-A557-264189192DE6}" => key removed successfully

C:\WINDOWS\System32\Tasks\ROC_REG_JAN_DELETE => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ROC_REG_JAN_DELETE" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{551CAE88-57C2-4EC8-A540-C967D373836F}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{551CAE88-57C2-4EC8-A540-C967D373836F}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C04B8D7-427D-4100-BEAC-9E0042F18E08}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C04B8D7-427D-4100-BEAC-9E0042F18E08}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62417831-1927-4595-AA19-2E43F3CFDE53}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62417831-1927-4595-AA19-2E43F3CFDE53}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8CB6D627-FCAD-4A62-BDD8-AF849EABA2D4}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8CB6D627-FCAD-4A62-BDD8-AF849EABA2D4}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A4B75385-5913-461C-80FF-7EC0A4E5BF7C}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4B75385-5913-461C-80FF-7EC0A4E5BF7C}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7A28C43-7D2D-4174-A98A-561327926BC2}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7A28C43-7D2D-4174-A98A-561327926BC2}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC9C2AFB-9877-4E49-8D19-BA039D2B3E4D}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC9C2AFB-9877-4E49-8D19-BA039D2B3E4D}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDAE5F7A-4C83-488C-BD27-5BA319B5A155}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDAE5F7A-4C83-488C-BD27-5BA319B5A155}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DFA7FE8B-A988-44FF-B59F-90164E5E7C04}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFA7FE8B-A988-44FF-B59F-90164E5E7C04}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5068966-F669-45A3-BBC6-C5B477353E75}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5068966-F669-45A3-BBC6-C5B477353E75}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully

C:\WINDOWS\Tasks\ROC_REG_JAN_DELETE.job => moved successfully

 

 

The system needed a reboot.

 

==== End of Fixlog 10:44:25 ====

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Har du några fler frågor eller är allt bra med datorn nu så det är dags för instruktionen för avinstallation av FRST?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Sangris

Har du några fler frågor eller är allt bra med datorn nu så det är dags för instruktionen för avinstallation av FRST?

Som det nu ser ut så har jag inga frågor. Återstår bara att se att Reimage är borta.

Hur avinstallerar jag FRST då?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Gör då inte följande innan du vet säkert att Reimage är borta.

 

För att avinstallera FRST och AdwCleaner behöver du göra följande:

Spara Delfix på Skrivbordet: http://www.bleepingcomputer.com/download/delfix/
Starta programmet.

Se till att det finns bockar framför dessa, men inga andra:
* Remove disinfection tools
* Create registry backup

Klicka på Run-knappen.
 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Sangris

Ok. Jag avvaktar några dagar för att se om Reimage återkommer.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



×
×
  • Skapa nytt...