Just nu i M3-nätverket
Gå till innehåll

Hjälp m log o ev rensning


millpark10

Rekommendera Poster

Hej Cecilia

God fortsättning på helgerna.

Long time no hear :)

Trodde jag skulle klara sista veckan på året utan att behöva störa dig,

men på julafton kom lillebror med sin laptop o sa att den var seg.

:/

Jo den var seg men inte katastrof, dock, en 120Gb hdd med endast knappt 4Gb ledigt

utrymme är ju förstås ingen höjdare.

Han har en förmåga att spela olika flashspel samt spel som kommer från

bigfishgames eller något liknande. Normalt när jag får hans datorer brukar jag blåsa

och installera om. Denna gång verkar det inte vara så illa.

Avinstallerade ca 20Gb program, filer, spel o tömde cache på browsers körde MS

Diskrensningsverktyg som lyckades plocka väck ca 25 Gb! Körde chkdsk, defrag och

winupdates. Maskinen går riktigt bra nu. (Drygt 40Gb ledigt på C:) Inga virus hittade av Avast. Tänkte att jag kör ADWClean o ser om det finns rester av spelen.

Insåg att det var mer än jag trodde som ser ut att finnas kvar och ber ödmjukast om tolkningshjälp.

Tack

//millpark10

(sparade inte adwclean-loggen utan började i "rätt ända" med FRST o

postning i forumet istället)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Daniel (administrator) on DANIEL-HP-DATOR (29-12-2016 02:35:47)
Running from C:\Users\Daniel\Downloads\AV_2016re
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
() C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\vsnpstd3.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Windows\FixCamera.exe
() C:\Windows\tsnpstd3.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [soundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [20480 2007-02-10] ()
HKLM-x32\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [270336 2007-03-10] ()
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\Run: [sTUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] ()
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {406b7ffb-ea8e-11e4-b8bb-705ab6a76618} - E:\startme.exe
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {85bb1a00-39ba-11e5-a74f-0026c606fa42} - E:\AutoRun.exe
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)

==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{09899BC7-D371-400D-A83B-434138817B2A}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{9B695061-0E4A-437C-AC02-6CB824B1575C}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{9E635E13-5235-446F-90EE-F1ABC5F48E07}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=2043&systemid=406&v=n15946-666&apn_uid=8848744470194470&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=2043&systemid=406&v=n15946-666&apn_uid=8848744470194470&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2331861272-3787314368-3103865204-1000 -> {2B200296-A4CF-4713-9F9B-9733A2AAA664} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2331861272-3787314368-3103865204-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-25] (AVAST Software)
BHO: No Name -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> No File
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software)
BHO-x32: No Name -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> No File
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\blnangbh.default-1477310370794 [2016-12-29]
FF Homepage: Mozilla\Firefox\Profiles\blnangbh.default-1477310370794 -> hxxps://www.google.com/
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml [2015-03-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2331861272-3787314368-3103865204-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-09-01] (Sony Network Entertainment International LLC)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default [2016-12-28]
CHR Extension: (Google Presentationer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15]
CHR Extension: (Google Dokument) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-23]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-23]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-18]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-23]
CHR Extension: (Google Kalkylark) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-15]
CHR Extension: (Google Dokument Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-21]
CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-08-24]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-27]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-18]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>

==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
R2 SamsungCloudPrintSvc; C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe [907568 2016-01-28] ()
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2016-04-28] ()
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2085760 2016-09-16] (Sony)
===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130688 2014-03-14] (Gemalto)
R3 HBtnKey; C:\Windows\System32\DRIVERS\cpqbttn.sys [19000 2010-02-24] (Hewlett-Packard Company)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2014-07-15] (Apple Inc.) [File not signed]
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1875624 2008-10-09] ()
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550656 2007-03-26] (Sonix Co. Ltd.)
S3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10252544 2007-03-26] (Sonix Co. Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-29 02:35 - 2016-12-29 02:35 - 00000000 ____D C:\FRST
2016-12-29 02:33 - 2016-12-29 02:35 - 00000000 ____D C:\Users\Daniel\Downloads\AV_2016re
2016-12-29 02:26 - 2016-12-29 02:28 - 00000000 ____D C:\AdwCleaner
2016-12-28 14:49 - 2016-12-28 14:50 - 00000000 ____D C:\Users\Daniel\Desktop\MSupdates
2016-12-28 14:46 - 2016-12-28 14:46 - 00000000 ____D C:\2cd80aef570097c8e78c11630f
2016-12-27 03:14 - 2016-06-11 07:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-27 03:14 - 2016-06-11 05:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-27 03:14 - 2016-06-10 22:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-27 03:14 - 2016-06-10 22:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-27 03:14 - 2016-06-10 22:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-27 03:14 - 2016-06-10 22:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-27 03:14 - 2016-06-10 22:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-27 03:14 - 2016-06-10 22:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-27 03:14 - 2016-06-10 22:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-27 03:14 - 2016-06-10 22:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-27 03:14 - 2016-06-10 22:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-27 03:14 - 2016-06-10 22:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-27 03:14 - 2016-06-10 22:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-27 03:14 - 2016-06-10 22:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-27 03:14 - 2016-06-10 21:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-27 03:14 - 2016-06-10 21:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-27 03:14 - 2016-06-10 21:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-27 03:14 - 2016-06-10 21:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-27 03:14 - 2016-06-10 21:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-27 03:14 - 2016-06-10 21:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-27 03:14 - 2016-06-10 21:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-27 03:14 - 2016-06-10 21:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-27 03:14 - 2016-06-10 21:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-27 03:14 - 2016-06-10 21:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-27 03:14 - 2016-06-10 21:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-27 03:14 - 2016-06-10 21:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-27 03:14 - 2016-06-10 21:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-27 03:14 - 2016-06-10 20:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-27 03:14 - 2016-06-10 20:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-27 03:14 - 2016-06-10 20:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-27 03:14 - 2016-06-10 20:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-27 03:14 - 2016-06-10 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-27 03:14 - 2016-06-10 19:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-27 03:14 - 2016-06-10 19:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-27 03:14 - 2016-06-10 19:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-27 03:14 - 2016-06-10 19:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-27 03:14 - 2016-06-10 19:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-27 03:14 - 2016-06-10 19:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-27 03:14 - 2016-06-10 19:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-27 03:14 - 2016-06-10 19:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-27 03:14 - 2016-06-10 19:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-27 03:14 - 2016-06-10 19:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-27 03:14 - 2016-06-10 19:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-27 03:14 - 2016-06-10 19:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-27 03:14 - 2016-06-10 19:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-27 03:14 - 2016-06-10 19:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-27 03:14 - 2016-06-10 19:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-27 03:14 - 2016-06-10 19:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-27 03:14 - 2016-06-10 19:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-27 03:14 - 2016-06-10 19:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-27 03:14 - 2016-06-10 19:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-27 03:14 - 2016-06-10 19:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-27 03:14 - 2016-06-10 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-27 03:14 - 2016-06-10 19:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-27 03:14 - 2016-06-10 19:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-27 03:14 - 2016-06-10 19:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-27 03:14 - 2016-06-10 18:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-27 03:14 - 2016-06-10 18:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-27 03:14 - 2016-06-10 18:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-27 03:14 - 2016-06-10 18:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-27 03:13 - 2016-06-10 22:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-27 03:13 - 2016-06-10 22:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-27 03:13 - 2016-06-10 22:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-27 03:13 - 2016-06-10 22:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-27 03:13 - 2016-06-10 21:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-27 03:13 - 2016-06-10 20:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-27 03:12 - 2016-06-26 01:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-12-27 03:12 - 2016-06-26 01:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-27 03:12 - 2016-06-26 01:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-12-27 03:12 - 2016-06-26 01:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-12-27 03:12 - 2016-06-26 01:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-12-27 03:12 - 2016-06-25 20:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-12-27 03:12 - 2016-06-25 20:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-12-27 03:12 - 2016-06-25 20:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-12-27 03:12 - 2016-06-25 20:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-12-27 03:12 - 2016-06-25 20:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-12-27 03:12 - 2016-06-14 16:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-26 00:19 - 2016-12-26 00:19 - 00003664 ____N C:\bootsqm.dat
2016-12-25 22:19 - 2016-12-25 22:19 - 00000000 ____D C:\Users\Public\Documents\sun
2016-12-25 22:08 - 2016-12-25 22:09 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2016-12-25 22:08 - 2016-12-25 22:08 - 00001106 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2016-12-25 22:04 - 2016-12-25 22:04 - 00001817 _____ C:\Users\Daniel\Desktop\Spotify.lnk
2016-12-25 22:01 - 2016-12-26 14:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TeamViewer
2016-12-25 22:01 - 2016-12-25 22:01 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2016-12-25 21:59 - 2016-12-25 21:59 - 00422480 _____ (Secure By Design Inc.) C:\Users\Daniel\Downloads\Ninite Avast Chrome CutePDF Firefox Java 8 Installer.exe
2016-12-25 16:21 - 2016-12-25 16:31 - 00000000 ____D C:\Users\Daniel\Desktop\Filer fr skrivbord
2016-12-25 16:06 - 2016-12-25 16:11 - 00000000 ____D C:\Users\Daniel\Downloads\HP installfiles
2016-12-18 11:56 - 2016-12-18 12:00 - 00015277 _____ C:\Users\Daniel\Documents\Utlägg kvitton DE 2016.ods
==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-29 02:33 - 2014-10-08 14:39 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-29 02:30 - 2016-11-18 12:45 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Mozilla
2016-12-29 01:54 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-29 01:54 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-29 00:54 - 2016-07-08 14:24 - 00000000 ____D C:\Users\Daniel\Downloads\HP Downloads
2016-12-28 15:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-28 14:46 - 2011-04-12 15:28 - 00663728 _____ C:\Windows\system32\perfh01D.dat
2016-12-28 14:46 - 2011-04-12 15:28 - 00142496 _____ C:\Windows\system32\perfc01D.dat
2016-12-28 14:46 - 2009-07-14 06:13 - 01579154 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-28 14:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-28 13:51 - 2016-07-08 18:11 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-28 13:49 - 2016-07-08 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-12-28 13:49 - 2014-10-04 12:22 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-12-28 13:42 - 2015-11-19 13:15 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-28 13:41 - 2016-07-08 18:11 - 00000000 ____D C:\ProgramData\HP
2016-12-27 17:46 - 2009-07-14 05:45 - 00300544 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-27 17:43 - 2011-04-12 15:39 - 00000000 ____D C:\Program Files\Windows Journal
2016-12-26 11:30 - 2014-11-05 21:43 - 00000000 ____D C:\Temp
2016-12-25 22:20 - 2014-10-05 15:52 - 00065152 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-25 22:09 - 2014-10-05 15:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-12-25 22:04 - 2015-04-01 08:30 - 00001803 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-12-25 22:04 - 2014-10-08 14:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify
2016-12-25 22:04 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-25 22:03 - 2014-10-05 15:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-25 21:30 - 2014-10-08 09:15 - 00000000 ____D C:\ProgramData\Apple
2016-12-25 21:00 - 2015-11-26 18:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Samsung
2016-12-25 21:00 - 2015-11-26 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-12-25 21:00 - 2015-11-26 18:24 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-12-25 20:47 - 2014-10-07 16:59 - 00000000 ____D C:\ProgramData\Big Fish
2016-12-25 20:16 - 2014-10-24 10:42 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apple Inc
2016-12-25 20:16 - 2014-10-08 09:18 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer
2016-12-25 20:16 - 2014-10-04 11:19 - 00000000 ____D C:\Users\Daniel
2016-12-25 17:41 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-25 16:50 - 2015-11-19 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-25 16:50 - 2014-10-05 15:42 - 00000000 ____D C:\Program Files\Java
2016-12-25 16:49 - 2014-10-17 20:40 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-25 16:33 - 2014-10-05 17:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2016-12-23 10:32 - 2014-10-07 16:59 - 00000000 ____D C:\ProgramData\TEMP
2016-12-21 18:28 - 2009-07-14 06:08 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-18 16:35 - 2016-08-19 16:51 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-12-18 14:03 - 2014-10-05 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-18 09:09 - 2016-11-18 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-17 11:27 - 2015-10-07 15:02 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DominiGames
2016-12-17 10:10 - 2015-10-15 10:32 - 00003426 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 10:10 - 2015-10-15 10:32 - 00003298 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 14:16 - 2015-06-16 18:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Elephant Games
2016-12-14 16:59 - 2014-10-08 14:39 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-14 16:59 - 2014-10-08 14:39 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-14 16:59 - 2014-10-08 14:39 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-14 15:36 - 2014-10-08 14:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-14 15:36 - 2014-10-08 14:39 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-14 14:16 - 2015-10-15 10:34 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 14:16 - 2015-10-15 10:34 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-09 10:08 - 2014-11-05 21:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\ElevatedDiagnostics
2016-12-09 08:11 - 2015-12-11 11:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\4 Friends Games
2016-12-06 17:21 - 2014-10-13 11:34 - 00000000 ____D C:\Users\Daniel\AppData\Local\Spotify
2016-12-06 10:03 - 2015-06-22 12:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ERS Game Studios
2016-12-04 18:29 - 2016-11-10 11:47 - 00000000 ____D C:\Users\Daniel\Documents\Glämsta 2017
2016-12-02 09:23 - 2016-10-06 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-11-29 15:29 - 2015-06-16 17:17 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Eipix
2016-11-29 13:44 - 2015-07-25 19:20 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mad Head Games
2016-11-29 08:49 - 2014-10-08 14:51 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update

==================== Files in the root of some directories =======
2014-10-05 15:45 - 2016-07-29 13:58 - 0000027 _____ () C:\Program Files\plugins.dat
2016-02-08 18:48 - 2016-02-08 18:48 - 0003072 _____ () C:\Users\Daniel\AppData\Roaming\.spark_db
2016-01-08 09:17 - 2016-03-10 14:37 - 0000000 _____ () C:\Users\Daniel\AppData\Roaming\log.txt
2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\AtStart.txt
2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\DSwitch.txt
2015-04-24 17:34 - 2016-05-12 11:01 - 42304896 _____ (Sony) C:\Users\Daniel\AppData\Local\pcc.exe
2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\QSwitch.txt
2016-07-08 18:10 - 2016-07-08 18:10 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\ACLMInstaller.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-07-17 13:13

==================== End of FRST.txt ============================

 

Addition.txt

Länk till kommentar
Dela på andra webbplatser

Hej och tack detsamma!

 

Det mesta som ska bort från loggarna är sånt som AdwCleaner borde kunna ta bort så börja med att rensa med AdwCleaner.

Länk till kommentar
Dela på andra webbplatser

Hej igen,

Då var jag iaf på rätt väg med min tanke om ADWClean,

och har lyckats avinstallera det mesta på hyggligt sätt.

;)

Körde ADWclean och en ny FRST,

loggar följer.

//millpark 10

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by Daniel (administrator) on DANIEL-HP-DATOR (29-12-2016 19:54:18)
Running from C:\Users\Daniel\Downloads\AV_2016re
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
() C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Windows\vsnpstd3.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Windows\FixCamera.exe
() C:\Windows\tsnpstd3.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2009-11-11] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [soundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [20480 2007-02-10] ()
HKLM-x32\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [270336 2007-03-10] ()
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\Run: [sTUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] ()
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {406b7ffb-ea8e-11e4-b8bb-705ab6a76618} - E:\startme.exe
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {85bb1a00-39ba-11e5-a74f-0026c606fa42} - E:\AutoRun.exe
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{09899BC7-D371-400D-A83B-434138817B2A}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{9B695061-0E4A-437C-AC02-6CB824B1575C}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{9E635E13-5235-446F-90EE-F1ABC5F48E07}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2331861272-3787314368-3103865204-1000 -> {2B200296-A4CF-4713-9F9B-9733A2AAA664} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2331861272-3787314368-3103865204-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-25] (AVAST Software)
BHO: No Name -> {c0caa5fe-7c9c-4dca-a265-63cf55379d1a} -> No File
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-25] (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-24] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\blnangbh.default-1477310370794 [2016-12-29]
FF Homepage: Mozilla\Firefox\Profiles\blnangbh.default-1477310370794 -> hxxps://www.google.com/
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2331861272-3787314368-3103865204-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2016-09-01] (Sony Network Entertainment International LLC)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default [2016-12-29]
CHR Extension: (Google Presentationer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15]
CHR Extension: (Google Dokument) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-23]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-23]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-18]
CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-23]
CHR Extension: (Google Kalkylark) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-15]
CHR Extension: (Google Dokument Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-21]
CHR Extension: (Avast Online Security) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-29]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-27]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-18]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
R2 SamsungCloudPrintSvc; C:\Program Files\Samsung\Samsung Cloud Print PC Agent\SCP_Svc.exe [907568 2016-01-28] ()
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2016-04-28] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2085760 2016-09-16] (Sony)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130688 2014-03-14] (Gemalto)
R3 HBtnKey; C:\Windows\System32\DRIVERS\cpqbttn.sys [19000 2010-02-24] (Hewlett-Packard Company)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2014-07-15] (Apple Inc.) [File not signed]
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1875624 2008-10-09] ()
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550656 2007-03-26] (Sonix Co. Ltd.)
S3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10252544 2007-03-26] (Sonix Co. Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-29 02:35 - 2016-12-29 19:54 - 00000000 ____D C:\FRST
2016-12-29 02:33 - 2016-12-29 19:54 - 00000000 ____D C:\Users\Daniel\Downloads\AV_2016re
2016-12-29 02:26 - 2016-12-29 18:58 - 00000000 ____D C:\AdwCleaner
2016-12-28 14:49 - 2016-12-28 14:50 - 00000000 ____D C:\Users\Daniel\Desktop\MSupdates
2016-12-28 14:46 - 2016-12-28 14:46 - 00000000 ____D C:\2cd80aef570097c8e78c11630f
2016-12-27 03:14 - 2016-06-11 07:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-27 03:14 - 2016-06-11 05:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-27 03:14 - 2016-06-10 22:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-27 03:14 - 2016-06-10 22:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-27 03:14 - 2016-06-10 22:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-27 03:14 - 2016-06-10 22:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-27 03:14 - 2016-06-10 22:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-27 03:14 - 2016-06-10 22:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-27 03:14 - 2016-06-10 22:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-27 03:14 - 2016-06-10 22:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-27 03:14 - 2016-06-10 22:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-27 03:14 - 2016-06-10 22:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-27 03:14 - 2016-06-10 22:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-27 03:14 - 2016-06-10 22:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-27 03:14 - 2016-06-10 21:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-27 03:14 - 2016-06-10 21:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-27 03:14 - 2016-06-10 21:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-27 03:14 - 2016-06-10 21:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-27 03:14 - 2016-06-10 21:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-27 03:14 - 2016-06-10 21:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-27 03:14 - 2016-06-10 21:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-27 03:14 - 2016-06-10 21:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-27 03:14 - 2016-06-10 21:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-27 03:14 - 2016-06-10 21:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-27 03:14 - 2016-06-10 21:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-27 03:14 - 2016-06-10 21:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-27 03:14 - 2016-06-10 21:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-27 03:14 - 2016-06-10 20:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-27 03:14 - 2016-06-10 20:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-27 03:14 - 2016-06-10 20:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-27 03:14 - 2016-06-10 20:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-27 03:14 - 2016-06-10 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-27 03:14 - 2016-06-10 19:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-27 03:14 - 2016-06-10 19:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-27 03:14 - 2016-06-10 19:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-27 03:14 - 2016-06-10 19:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-27 03:14 - 2016-06-10 19:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-27 03:14 - 2016-06-10 19:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-27 03:14 - 2016-06-10 19:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-27 03:14 - 2016-06-10 19:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-27 03:14 - 2016-06-10 19:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-27 03:14 - 2016-06-10 19:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-27 03:14 - 2016-06-10 19:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-27 03:14 - 2016-06-10 19:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-27 03:14 - 2016-06-10 19:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-27 03:14 - 2016-06-10 19:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-27 03:14 - 2016-06-10 19:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-27 03:14 - 2016-06-10 19:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-27 03:14 - 2016-06-10 19:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-27 03:14 - 2016-06-10 19:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-27 03:14 - 2016-06-10 19:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-27 03:14 - 2016-06-10 19:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-27 03:14 - 2016-06-10 19:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-27 03:14 - 2016-06-10 19:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-27 03:14 - 2016-06-10 19:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-27 03:14 - 2016-06-10 19:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-27 03:14 - 2016-06-10 18:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-27 03:14 - 2016-06-10 18:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-27 03:14 - 2016-06-10 18:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-27 03:14 - 2016-06-10 18:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-27 03:13 - 2016-06-10 22:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-27 03:13 - 2016-06-10 22:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-27 03:13 - 2016-06-10 22:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-27 03:13 - 2016-06-10 22:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-27 03:13 - 2016-06-10 21:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-27 03:13 - 2016-06-10 20:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-27 03:12 - 2016-06-26 01:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-12-27 03:12 - 2016-06-26 01:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-12-27 03:12 - 2016-06-26 01:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-12-27 03:12 - 2016-06-26 01:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-12-27 03:12 - 2016-06-26 01:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-12-27 03:12 - 2016-06-25 20:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-12-27 03:12 - 2016-06-25 20:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-12-27 03:12 - 2016-06-25 20:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-12-27 03:12 - 2016-06-25 20:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-12-27 03:12 - 2016-06-25 20:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-12-27 03:12 - 2016-06-14 16:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-26 00:19 - 2016-12-26 00:19 - 00003664 ____N C:\bootsqm.dat
2016-12-25 22:19 - 2016-12-25 22:19 - 00000000 ____D C:\Users\Public\Documents\sun
2016-12-25 22:08 - 2016-12-25 22:09 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2016-12-25 22:08 - 2016-12-25 22:08 - 00001106 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2016-12-25 22:04 - 2016-12-25 22:04 - 00001817 _____ C:\Users\Daniel\Desktop\Spotify.lnk
2016-12-25 22:01 - 2016-12-26 14:36 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TeamViewer
2016-12-25 22:01 - 2016-12-25 22:01 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-12-25 22:00 - 2016-12-25 22:00 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2016-12-25 21:59 - 2016-12-25 21:59 - 00422480 _____ (Secure By Design Inc.) C:\Users\Daniel\Downloads\Ninite Avast Chrome CutePDF Firefox Java 8 Installer.exe
2016-12-25 16:21 - 2016-12-25 16:31 - 00000000 ____D C:\Users\Daniel\Desktop\Filer fr skrivbord
2016-12-25 16:06 - 2016-12-25 16:11 - 00000000 ____D C:\Users\Daniel\Downloads\HP installfiles
2016-12-18 11:56 - 2016-12-18 12:00 - 00015277 _____ C:\Users\Daniel\Documents\Utlägg kvitton DE 2016.ods

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-29 19:53 - 2016-11-18 12:45 - 00000000 ____D C:\Users\Daniel\AppData\LocalLow\Mozilla
2016-12-29 19:33 - 2014-10-08 14:39 - 00000868 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-29 19:08 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-29 19:08 - 2009-07-14 05:45 - 00032096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-29 19:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-29 19:00 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-29 00:54 - 2016-07-08 14:24 - 00000000 ____D C:\Users\Daniel\Downloads\HP Downloads
2016-12-28 14:46 - 2011-04-12 15:28 - 00663728 _____ C:\Windows\system32\perfh01D.dat
2016-12-28 14:46 - 2011-04-12 15:28 - 00142496 _____ C:\Windows\system32\perfc01D.dat
2016-12-28 14:46 - 2009-07-14 06:13 - 01579154 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-28 13:51 - 2016-07-08 18:11 - 00000000 ____D C:\Program Files (x86)\HP
2016-12-28 13:49 - 2016-07-08 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-12-28 13:49 - 2014-10-04 12:22 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2016-12-28 13:42 - 2015-11-19 13:15 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-28 13:41 - 2016-07-08 18:11 - 00000000 ____D C:\ProgramData\HP
2016-12-27 17:46 - 2009-07-14 05:45 - 00300544 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-27 17:43 - 2011-04-12 15:39 - 00000000 ____D C:\Program Files\Windows Journal
2016-12-26 11:30 - 2014-11-05 21:43 - 00000000 ____D C:\Temp
2016-12-25 22:20 - 2014-10-05 15:52 - 00065152 _____ C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT
2016-12-25 22:09 - 2014-10-05 15:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-12-25 22:04 - 2015-04-01 08:30 - 00001803 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-12-25 22:04 - 2014-10-08 14:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Spotify
2016-12-25 22:04 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-12-25 22:03 - 2014-10-05 15:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-12-25 21:30 - 2014-10-08 09:15 - 00000000 ____D C:\ProgramData\Apple
2016-12-25 21:00 - 2015-11-26 18:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Samsung
2016-12-25 21:00 - 2015-11-26 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-12-25 21:00 - 2015-11-26 18:24 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-12-25 20:47 - 2014-10-07 16:59 - 00000000 ____D C:\ProgramData\Big Fish
2016-12-25 20:16 - 2014-10-24 10:42 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apple Inc
2016-12-25 20:16 - 2014-10-08 09:18 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer
2016-12-25 20:16 - 2014-10-04 11:19 - 00000000 ____D C:\Users\Daniel
2016-12-25 17:41 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-25 16:50 - 2015-11-19 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-25 16:50 - 2014-10-05 15:42 - 00000000 ____D C:\Program Files\Java
2016-12-25 16:49 - 2014-10-17 20:40 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-25 16:33 - 2014-10-05 17:25 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2016-12-23 10:32 - 2014-10-07 16:59 - 00000000 ____D C:\ProgramData\TEMP
2016-12-21 18:28 - 2009-07-14 06:08 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-18 16:35 - 2016-08-19 16:51 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-12-18 14:03 - 2014-10-05 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-18 09:09 - 2016-11-18 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-17 11:27 - 2015-10-07 15:02 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\DominiGames
2016-12-17 10:10 - 2015-10-15 10:32 - 00003426 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 10:10 - 2015-10-15 10:32 - 00003298 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 14:16 - 2015-06-16 18:05 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Elephant Games
2016-12-14 16:59 - 2014-10-08 14:39 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-14 16:59 - 2014-10-08 14:39 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-14 16:59 - 2014-10-08 14:39 - 00003806 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-14 15:36 - 2014-10-08 14:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-14 15:36 - 2014-10-08 14:39 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-14 14:16 - 2015-10-15 10:34 - 00002191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 14:16 - 2015-10-15 10:34 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-09 10:08 - 2014-11-05 21:27 - 00000000 ____D C:\Users\Daniel\AppData\Local\ElevatedDiagnostics
2016-12-09 08:11 - 2015-12-11 11:49 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\4 Friends Games
2016-12-06 17:21 - 2014-10-13 11:34 - 00000000 ____D C:\Users\Daniel\AppData\Local\Spotify
2016-12-06 10:03 - 2015-06-22 12:14 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\ERS Game Studios
2016-12-04 18:29 - 2016-11-10 11:47 - 00000000 ____D C:\Users\Daniel\Documents\Glämsta 2017
2016-12-02 09:23 - 2016-10-06 10:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-11-29 15:29 - 2015-06-16 17:17 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Eipix
2016-11-29 13:44 - 2015-07-25 19:20 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Mad Head Games
2016-11-29 08:49 - 2014-10-08 14:51 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update

==================== Files in the root of some directories =======

2014-10-05 15:45 - 2016-07-29 13:58 - 0000027 _____ () C:\Program Files\plugins.dat
2016-02-08 18:48 - 2016-02-08 18:48 - 0003072 _____ () C:\Users\Daniel\AppData\Roaming\.spark_db
2016-01-08 09:17 - 2016-03-10 14:37 - 0000000 _____ () C:\Users\Daniel\AppData\Roaming\log.txt
2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\AtStart.txt
2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\DSwitch.txt
2015-04-24 17:34 - 2016-05-12 11:01 - 42304896 _____ (Sony) C:\Users\Daniel\AppData\Local\pcc.exe
2014-10-04 16:39 - 2014-10-04 16:39 - 0000000 _____ () C:\Users\Daniel\AppData\Local\QSwitch.txt
2016-07-08 18:10 - 2016-07-08 18:10 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\ACLMInstaller.exe
C:\Users\Daniel\AppData\Local\Temp\libeay32.dll
C:\Users\Daniel\AppData\Local\Temp\msvcr120.dll
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-07-17 13:13

==================== End of FRST.txt ============================

 

 

Addition1.txt

AdwCleanerC0.txt

Länk till kommentar
Dela på andra webbplatser

Starta programmet Anteckningar.
Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
C:\ProgramData\TEMP
FirewallRules: [{A2AC0D24-9324-451C-993B-CD409ACF6403}] => C:\Users\Daniel\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{A47891CD-B11D-4C1C-9D4F-98A9E98D49C5}] => C:\Users\Daniel\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{DB945AA8-75C1-4B5B-96DE-59A3786C5EDC}] => C:\Users\Daniel\AppData\Local\Temp\nsfDE7F.tmp\Installer-185664.exe
FirewallRules: [{7B767052-3464-4521-8262-D8DC71568346}] => C:\Users\Daniel\AppData\Local\Temp\nsfDE7F.tmp\Installer-185664.exe
KU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {406b7ffb-ea8e-11e4-b8bb-705ab6a76618} - E:\startme.exe
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {85bb1a00-39ba-11e5-a74f-0026c606fa42} - E:\AutoRun.exe
Reboot:

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen i den mapp där FRST-programmet finns och med namnet fixlist.txt.

Stäng av alla program.
Starta FRST.
Klicka på knappen Fix.
Vänta tills programmet är klart.
Om datorn inte startas om automatiskt så gör det själv.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Hej Cecilia,

Här är fixlog.txt

Blev det klart där?

 

//millpark10

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Daniel (30-12-2016 01:50:37) Run:1
Running from C:\Users\Daniel\Downloads\AV_2016re
Loaded Profiles: Daniel (Available Profiles: Daniel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
C:\ProgramData\TEMP
FirewallRules: [{A2AC0D24-9324-451C-993B-CD409ACF6403}] => C:\Users\Daniel\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{A47891CD-B11D-4C1C-9D4F-98A9E98D49C5}] => C:\Users\Daniel\AppData\Local\iLivid\iLivid.exe
FirewallRules: [{DB945AA8-75C1-4B5B-96DE-59A3786C5EDC}] => C:\Users\Daniel\AppData\Local\Temp\nsfDE7F.tmp\Installer-185664.exe
FirewallRules: [{7B767052-3464-4521-8262-D8DC71568346}] => C:\Users\Daniel\AppData\Local\Temp\nsfDE7F.tmp\Installer-185664.exe
KU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {406b7ffb-ea8e-11e4-b8bb-705ab6a76618} - E:\startme.exe
HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: {85bb1a00-39ba-11e5-a74f-0026c606fa42} - E:\AutoRun.exe
Reboot:
*****************

Restore point was successfully created.
Processes closed successfully.
C:\ProgramData\TEMP => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2AC0D24-9324-451C-993B-CD409ACF6403} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A47891CD-B11D-4C1C-9D4F-98A9E98D49C5} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB945AA8-75C1-4B5B-96DE-59A3786C5EDC} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7B767052-3464-4521-8262-D8DC71568346} => value removed successfully
KU\S-1-5-21-2331861272-3787314368-3103865204-1000\...\MountPoints2: E - E:\startme.exe => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{406b7ffb-ea8e-11e4-b8bb-705ab6a76618}" => key removed successfully
HKCR\CLSID\{406b7ffb-ea8e-11e4-b8bb-705ab6a76618} => key not found.
"HKU\S-1-5-21-2331861272-3787314368-3103865204-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{85bb1a00-39ba-11e5-a74f-0026c606fa42}" => key removed successfully
HKCR\CLSID\{85bb1a00-39ba-11e5-a74f-0026c606fa42} => key not found.

The system needed a reboot.

==== End of Fixlog 01:50:53 ====

Länk till kommentar
Dela på andra webbplatser

Tack snälla Cecilia, igen!

 

Ta bort FRST gör jag väl med Delfix och

ADWCleaner hade en knapp/menyval förut iaf för uninstall.

Kollar o återkommer ifall jag misslyckas.

//millpark10

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...