Just nu i M3-nätverket
Gå till innehåll

Datorns WIFI slår ut routern


fronta

Rekommendera Poster

Hej.

Har problem med att routern startar om konstant så fort datorns wifi slås på. Funkar med andra datorer och mobiler så misstänker virus på burken.

 

Bifogar filerna för annars blev inlägget för långt..?

FRST.txt

Addition.txt

Länk till kommentar
Dela på andra webbplatser

Jari Karivainio

Hej!

Är det en bärbar eller stationär dator du har? Prova med ett annat nätverkskort (wifi) på datorn. Det som används nu kan vara trasigt eller skadat. Skadade eller trasiga nätverkskort kan sänka nätverket.

 

/ Jari

Länk till kommentar
Dela på andra webbplatser

Hej!

Det finns en del i loggen som inte ser riktigt bra ut men jag vet inte om det påverkar problemet med routern. Hur länge har det varit problem?

 

Avinstallera µTorrent för att säkerställa att det inte orsakar problemet.

 

Det är nog bra att börja med AdwCleaner för det borde kunna få bort Pokki och SweetLabs.
Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på knappen Log file.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s1].txt

Länk till kommentar
Dela på andra webbplatser

Hej!

Är det en bärbar eller stationär dator du har? Prova med ett annat nätverkskort (wifi) på datorn. Det som används nu kan vara trasigt eller skadat. Skadade eller trasiga nätverkskort kan sänka nätverket.

 

/ Jari

Hej, det är en bärbar, byta nätverkskort känns som lite över mitt huvud att bara göra, kan man se det på annat vis?

Länk till kommentar
Dela på andra webbplatser

Hej!

 

Det finns en del i loggen som inte ser riktigt bra ut men jag vet inte om det påverkar problemet med routern. Hur länge har det varit problem?

 

Avinstallera µTorrent för att säkerställa att det inte orsakar problemet.

 

Det är nog bra att börja med AdwCleaner för det borde kunna få bort Pokki och SweetLabs.

Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på knappen Log file.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s1].txt

# AdwCleaner v6.047 - Logfile created 05/06/2017 at 21:06:07

# Updated on 19/05/2017 by Malwarebytes

# Database : 2017-05-19.1 [Local]

# Operating System : Windows 10 Home  (X64)

# Username : Front - LENOVO-SKULE

# Running from : C:\Users\Andreas\Desktop\adwcleaner_6.047.exe

# Mode: Scan

# Support : https://www.malwarebytes.com/support

 

 

 

***** [ Services ] *****

 

Service Found:  vToolbarUpdater40.3.7

Service Found:  WtuSystemSupport

 

 

***** [ Folders ] *****

 

Folder Found:  C:\ProgramData\Avg_Update_1215avt

Folder Found:  C:\Users\Andreas\AppData\Local\SweetLabs App Platform

Folder Found:  C:\Users\Andreas\AppData\Local\YSearchUtil

Folder Found:  C:\Users\Andreas\AppData\Local\avg web tuneup

Folder Found:  C:\Program Files\avg web tuneup

Folder Found:  C:\Program Files\Common Files\AVG Secure Search

Folder Found:  C:\ProgramData\AVG Secure Search

Folder Found:  C:\ProgramData\AVG Security Toolbar

Folder Found:  C:\ProgramData\avg web tuneup

Folder Found:  C:\ProgramData\Pokki

Folder Found:  C:\Program Files (x86)\avg web tuneup

Folder Found:  C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Found:  C:\Users\Default User\AppData\Local\Pokki

Folder Found:  C:\Users\Default\AppData\Local\Pokki

Folder Found:  C:\Users\Public\Pokki

 

 

***** [ Files ] *****

 

File Found:  C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

File Found:  C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default\extensions\Avg@toolbar.xpi

File Found:  C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi

File Found:  C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default\searchplugins\avg-secure-search.xml

File Found:  C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

File Found:  C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

File Found:  C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

 

 

***** [ DLL ] *****

 

No malicious DLLs found.

 

 

***** [ WMI ] *****

 

No malicious keys found.

 

 

***** [ Shortcuts ] *****

 

No infected shortcut found.

 

 

***** [ Scheduled Tasks ] *****

 

Task Found:  SweetLabs App Platform

 

 

***** [ Registry ] *****

 

Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1

Key Found:  HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Classes\pokki

Key Found:  HKCU\Software\Classes\pokki

Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd

Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1

Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi

Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1

Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Found:  HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Found:  HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj

Key Found:  HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1

Key Found:  [x64] HKCU\Software\Classes\pokki

Key Found:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd

Key Found:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1

Key Found:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi

Key Found:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1

Key Found:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Found:  [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Found:  [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj

Key Found:  [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1

Key Found:  HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Found:  HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found:  HKLM\SOFTWARE\Classes\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA}

Key Found:  HKLM\SOFTWARE\Classes\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5}

Key Found:  HKLM\SOFTWARE\Classes\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E}

Key Found:  HKLM\SOFTWARE\Classes\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99}

Key Found:  HKLM\SOFTWARE\Classes\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68}

Key Found:  HKLM\SOFTWARE\Classes\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6}

Key Found:  HKLM\SOFTWARE\Classes\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60}

Key Found:  HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

Key Found:  HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}

Key Found:  HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}

Key Found:  HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}

Key Found:  HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}

Key Found:  HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Found:  HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}

Key Found:  HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}

Key Found:  HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}

Key Found:  HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}

Key Found:  HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}

Key Found:  HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}

Key Found:  HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}

Key Found:  HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}

Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}

Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}

Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

Key Found:  HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\SweetLabs App Platform

Key Found:  HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP

Key Found:  HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu

Key Found:  HKCU\Software\SweetLabs App Platform

Key Found:  HKLM\SOFTWARE\AVG Tuneup

Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP

Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu

Key Found:  [x64] HKCU\Software\SweetLabs App Platform

Key Found:  [x64] HKLM\SOFTWARE\AVG Secure Search

Key Found:  [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP

Key Found:  [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu

Key Found:  HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found:  HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found:  HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

Key Found:  HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

Key Found:  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cdn.printnicer.com

Key Found:  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\land.pckeeper.software

Key Found:  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com

Key Found:  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pckeeper.software

Key Found:  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\printnicer.com

Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cdn.printnicer.com

Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\land.pckeeper.software

Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com

Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pckeeper.software

Key Found:  [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\printnicer.com

Value Found:  HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]

Value Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Key Found:  HKCU\Software\Classes\AllFileSystemObjects\shell\pokki

Key Found:  HKCU\Software\Classes\Directory\shell\pokki

Key Found:  HKCU\Software\Classes\Drive\shell\pokki

Key Found:  HKCU\Software\Classes\lnkfile\shell\pokki

Key Found:  HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh

Key Found:  HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

 

 

***** [ Web browsers ] *****

 

Firefox pref Found:  [C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default\prefs.js] - "browser.search.defaultenginename" -  "AVG Secure Search"

No malicious Chromium based browser items found.

 

*************************

 

C:\AdwCleaner\AdwCleaner[s0].txt - [9858 Bytes] - [05/06/2017 21:06:07]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [9931 Bytes] ##########

 

Länk till kommentar
Dela på andra webbplatser

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.

Klicka på Clean-knappen.
Tryck på OK.
Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[C1].txt

 

 

2. Skanna datorn online genom att följa instruktionen på sidan http://support.eset.com/kb2921/ .
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Välj alternativet Enable detection of potentially unwanted applications.

Klicka på Advanced Settings.
Ta bort bocken framför Remove found threats (viktigt eftersom falsklarm förekommer).
Bocka för:
Scan Archives
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

 

 

3. Starta FRST.

Bocka för Addition.txt och skanna sen datorn. Bifoga de två nya loggfilerna så får vi se om något mer ska bort.

Länk till kommentar
Dela på andra webbplatser

1. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

 

Klicka på Clean-knappen.

Tryck på OK.

Tryck på OK fler gånger om det kommer upp meddelanden.

 

Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[C1].txt

 

 

2. Skanna datorn online genom att följa instruktionen på sidan http://support.eset.com/kb2921/ .

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Välj alternativet Enable detection of potentially unwanted applications.

 

Klicka på Advanced Settings.

Ta bort bocken framför Remove found threats (viktigt eftersom falsklarm förekommer).

Bocka för:

Scan Archives

Enable detection of potentially unsafe applications

Enable detection of suspicious applications

Enable Anti-Stealth Technology

 

Klicka på Start

 

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

 

 

3. Starta FRST.

Bocka för Addition.txt och skanna sen datorn. Bifoga de två nya loggfilerna så får vi se om något mer ska bort.

online kommer jag ej så kan ej göra det steget resten nedan

Glömde ju svara, problemet började för ngn månad sedan att man fick ladda alla sidor 2 ggr för första försöket gick till fel på nätverket, förra veckan slogs allt ut och kommer ej online med den burken. Ska absolut testa usb varianten av wifi..

 

# AdwCleaner v6.047 - Logfile created 05/06/2017 at 22:36:29

# Updated on 19/05/2017 by Malwarebytes

# Database : 2017-05-19.1 [Local]

# Operating System : Windows 10 Home  (X64)

# Username : Front - LENOVO-SKULE

# Running from : C:\Users\Andreas\Desktop\adwcleaner_6.047.exe

# Mode: Clean

# Support : https://www.malwarebytes.com/support

 

 

 

***** [ Services ] *****

 

[-] Service deleted: vToolbarUpdater40.3.7

[-] Service deleted: WtuSystemSupport

 

 

***** [ Folders ] *****

 

[-] Folder deleted: C:\ProgramData\Avg_Update_1215avt

[#] Folder deleted on reboot: C:\Users\Andreas\AppData\Local\SweetLabs App Platform

[-] Folder deleted: C:\Users\Andreas\AppData\Local\YSearchUtil

[-] Folder deleted: C:\Users\Andreas\AppData\Local\avg web tuneup

[-] Folder deleted: C:\Program Files\avg web tuneup

[-] Folder deleted: C:\Program Files\Common Files\AVG Secure Search

[-] Folder deleted: C:\ProgramData\AVG Secure Search

[-] Folder deleted: C:\ProgramData\AVG Security Toolbar

[-] Folder deleted: C:\ProgramData\avg web tuneup

[-] Folder deleted: C:\ProgramData\Pokki

[-] Folder deleted: C:\Program Files (x86)\avg web tuneup

[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search

[-] Folder deleted: C:\Users\Default User\AppData\Local\Pokki

[#] Folder deleted on reboot: C:\Users\Default\AppData\Local\Pokki

[-] Folder deleted: C:\Users\Public\Pokki

 

 

***** [ Files ] *****

 

[-] File deleted: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

[-] File deleted: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default\extensions\Avg@toolbar.xpi

[-] File deleted: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi

[-] File deleted: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default\searchplugins\avg-secure-search.xml

[-] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

[#] File deleted: C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

 

 

***** [ DLL ] *****

 

 

 

***** [ WMI ] *****

 

 

 

***** [ Shortcuts ] *****

 

 

 

***** [ Scheduled Tasks ] *****

 

[-] Task deleted: SweetLabs App Platform

 

 

***** [ Registry ] *****

 

[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1

[-] Key deleted: HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Classes\pokki

[#] Key deleted on reboot: HKCU\Software\Classes\pokki

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj

[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1

[#] Key deleted on reboot: [x64] HKCU\Software\Classes\pokki

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}

[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}

[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}

[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

[-] Key deleted: HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\SweetLabs App Platform

[-] Key deleted: HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP

[-] Key deleted: HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu

[#] Key deleted on reboot: HKCU\Software\SweetLabs App Platform

[-] Key deleted: HKLM\SOFTWARE\AVG Tuneup

[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP

[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu

[#] Key deleted on reboot: [x64] HKCU\Software\SweetLabs App Platform

[-] Key deleted: [x64] HKLM\SOFTWARE\AVG Secure Search

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu

[-] Key deleted: HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cdn.printnicer.com

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\land.pckeeper.software

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pckeeper.software

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\printnicer.com

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cdn.printnicer.com

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\land.pckeeper.software

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pckeeper.software

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\printnicer.com

[-] Value deleted: HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]

[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

[-] Key deleted: HKCU\Software\Classes\AllFileSystemObjects\shell\pokki

[-] Key deleted: HKCU\Software\Classes\Directory\shell\pokki

[-] Key deleted: HKCU\Software\Classes\Drive\shell\pokki

[-] Key deleted: HKCU\Software\Classes\lnkfile\shell\pokki

[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh

[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

 

 

***** [ Web browsers ] *****

 

[-] Firefox preferences cleaned: "browser.search.defaultenginename" -  "AVG Secure Search"

 

 

*************************

 

:: "Tracing" keys deleted

:: Winsock settings cleared

 

*************************

 

C:\AdwCleaner\AdwCleaner[C0].txt - [10571 Bytes] - [05/06/2017 22:36:29]

C:\AdwCleaner\AdwCleaner[s0].txt - [10094 Bytes] - [05/06/2017 21:06:07]

 

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10719 Bytes] ##########

 

Länk till kommentar
Dela på andra webbplatser

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2017
Ran by Front (05-06-2017 22:48:06)
Running from E:\__virus
Windows 10 Home Version 1607 (X64) (2016-09-02 14:01:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administratör (S-1-5-21-178917026-2695247430-393146251-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-178917026-2695247430-393146251-503 - Limited - Disabled)
Front (S-1-5-21-178917026-2695247430-393146251-1001 - Administrator - Enabled) => C:\Users\Andreas
Gäst (S-1-5-21-178917026-2695247430-393146251-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-178917026-2695247430-393146251-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Svenska (HKLM-x32\...\{AC76BA86-7AD7-1053-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Apple-programstöd (32-bitar) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple-programstöd (64-bitar) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
AVG (Version: 1.191.1 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.4.3014 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
BankID säkerhetsprogram (HKLM-x32\...\{81F0D54A-F439-424E-9872-FB9B56C24AEB}) (Version: 7.0.0.41 - Finansiell ID-Teknik BID AB)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bullzip PDF Printer 10.11.0.2338 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.11.0.2338 - Bullzip)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.2.0.7 - Lenovo)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.0.10 - Citrix Systems, Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Dropbox) (Version: 27.4.22 - Dropbox, Inc.)
FMW 1 (Version: 1.203.1 - AVG Technologies) Hidden
FolderSize.Win32 1.0.7.0 (HKLM-x32\...\{0F26618D-6F7B-4216-A7C8-3AF00EBB3AD9}_is1) (Version:  - Mårten Rånge)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.22 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{06A5031E-3B1E-4FB9-AC4C-BA0FE2706152}) (Version: 17.1.1433.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e63d3cb3-0b4d-44ca-aba0-ba433f2f37fd}) (Version: 17.13.0 - Intel Corporation)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10269 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo Patch Utility (x32 Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 2.0.0.19 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 2.0.0.19 - Lenovo) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1826.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1826.01 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6806.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.6806.52 - CyberLink Corp.) Hidden
Lenovo Settings - Camera Audio (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 4.3.24.256 - Lenovo Corporation)
Lenovo Settings (HKLM\...\{D14CCBF5-1A3A-4C08-955B-BE6D519835C4}_is1) (Version: 2.0.0.5 - Lenovo)
Lenovo Settings Dependency Package (HKLM\...\{3694BA2E-BE31-4B7E-886B-A0B559E69D4D}_is1) (Version: 2.3.3.33 - Lenovo Group Limited)
Lenovo Settings Service (HKLM\...\{8C6F1EBA-17F1-4481-B688-9777E63E985F}_is1) (Version: 2.3.0.21 - Lenovo Group Limited)
Lenovo Settings UMDF driver (HKLM\...\{2BDC7413-65EA-4B99-8C4B-02F11075BE6D}_is1) (Version: 1.2.0.7 - Lenovo Group Limited)
Lenovo Settings WiFi (HKLM\...\{86045A6C-C156-4349-A3E2-47A88A42F5C2}_is1) (Version: 2.0.0.4 - Lenovo)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 1.5.0.26 - Lenovo)
LenovoUtility (x32 Version: 1.5.0.26 - Lenovo) Hidden
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.2.33.20130406 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - sv-se (HKLM\...\O365HomePremRetail - sv-se) (Version: 15.0.4927.1002 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools för Office Runtime (x64) Language Pack - SVE (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - SVE) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 sv-SE) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 sv-SE)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafikdrivrutin 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4927.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4927.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4927.1002 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1041 - Microsoft Corporation) Hidden
OneKey Optimizer (HKLM-x32\...\InstallShield_{D5D573DC-D989-4769-9B56-D6A7EA503D7F}) (Version: 1.3.0.10 - Lenovo)
OneKey Optimizer (x32 Version: 1.3.0.10 - Lenovo) Hidden
Online Plug-in (x32 Version: 14.2.0.10 - Citrix Systems, Inc.) Hidden
PGE Desktop ny (HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\storeservi-ee876895@@PGERDG01.PGE Desktop ny $S1-1) (Version: 1.0 - Delivered by Citrix)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10614 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Self-service Plug-in (x32 Version: 4.2.0.2495 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SketchUp 2017 (HKLM\...\{BCA90A4C-9C6A-49D1-91F9-594A0BE02432}) (Version: 17.1.174 - Trimble, Inc.)
Spotify (HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB)
TPTEST 5.0.2 (HKLM-x32\...\TPTEST5_is1) (Version:  - )
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Driver Package - Lenovo (ACPIVPC) System  (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-178917026-2695247430-393146251-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.16.0.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01316A61-8939-49D8-BF63-A54C457C139B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {0182519E-B977-4FFB-8B50-2865B8AC153F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {13207420-53D1-45D3-BC3C-90D422366090} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {208728C8-4469-4CD4-BB37-EE23D8EA293C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {256EC225-14B2-4AAA-9C35-CB73C900E4A8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {386F0466-52C3-4515-9AA6-46EF523D4018} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {41459378-EFC5-42D9-9286-DCE5C64EB996} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {53B087C9-4449-4FFF-8F5D-9E84EEEC2122} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {5AE1FD13-CD66-444E-A491-91E9127218F6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {64765D7C-F3C7-4E00-8A94-B8954A439FC4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178917026-2695247430-393146251-1001UA => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {67B9A264-219A-4A6C-998F-2172FEF4EB66} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {68CA1822-8CC2-4157-A389-6DB6C5AD9966} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated)
Task: {7474604B-CF66-4ED9-B976-E231863517D4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-178917026-2695247430-393146251-1001Core1d2370479a0bb88 => C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {793CE79D-F623-41A8-8D8C-7CC898F736FF} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {7F8E5B96-F634-4150-B104-F4950B8D5041} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-178917026-2695247430-393146251-1001UA1d2370479b73e28 => C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {84408ED8-2BF6-4F08-B47E-021F6CB0A5B8} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-06-02] (AVG Technologies CZ, s.r.o.)
Task: {87933052-4487-47B2-A2DF-4AF0F760DE14} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8E864637-A573-478D-9406-942EDE0F349B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {90BAC613-08B8-4A6E-A4E6-96E816665219} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {997CD233-57B7-4198-92A3-6D26737A8A28} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9A1BAF24-6FDE-4C81-AF7A-C513F07C3666} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9B2896A1-2228-4843-9F9F-C88496484A33} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {A131BCAB-CD8A-4853-AD45-39A134DDB677} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-09-02] (Lenovo)
Task: {B0FBD6BA-8DC1-4CB2-A21C-96109B19A08D} - System32\Tasks\1215avtUpdateInfo => C:\ProgramData\Avg_Update_1215avt\1215avt_AVG-Secure-Search-Update.exe
Task: {B115794B-3AAC-4884-98FF-CB6ED4F8A195} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\System32\MRT.exe [2017-05-23] (Microsoft Corporation)
Task: {B17D14AF-AC09-47B9-857C-9EAF14400473} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178917026-2695247430-393146251-1001UA1d257e4ff81589e => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B3DAE9B8-8F10-43FF-AAAA-78C737F64010} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B796A5DB-EF28-4572-A24C-9A3821054110} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-23] (Microsoft Corporation)
Task: {B7C0E92F-43BB-4E41-AEB8-7D655F6CF46A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C5F01A32-4717-4CD8-A1F9-DD5928CA63A1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178917026-2695247430-393146251-1001Core1d257e4ff6be69f => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {CFEFE454-196B-4FAD-AC26-1216752CFC1F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D68C7D53-C920-4842-B61E-0DA52F989A9E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2017-03-14] (Microsoft Corporation)
Task: {E39FD38E-8E1B-44AC-BACA-B9633341EF60} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178917026-2695247430-393146251-1001Core => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {ECB5BF7A-719D-4DAF-9D39-5A20453018B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {F47118D3-63C6-41A4-A5BA-2C9E9866C0F9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {FB0774FE-2487-45C3-A3B8-DB5E15369757} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FD01AFA9-C1E0-4F5C-91F6-56E7E22C15B5} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpicoActivaterMsOffice\AutoPico.exe
Task: {FF03478C-CE2C-48D7-9682-656B8F8C952A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-178917026-2695247430-393146251-1001Core1d2370479a0bb88.job => C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-178917026-2695247430-393146251-1001UA1d2370479b73e28.job => C:\Users\Andreas\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-178917026-2695247430-393146251-1001Core.job => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-178917026-2695247430-393146251-1001UA.job => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-11 17:46 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-15 12:46 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-12-18 06:11 - 2015-10-22 17:07 - 00019560 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\FbServicePS.dll
2014-12-18 06:09 - 2014-12-18 06:09 - 00133440 _____ () C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
2014-12-18 06:05 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-09-02 15:24 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-11 19:51 - 2015-05-26 10:54 - 00037672 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Metric.dll
2015-04-11 19:51 - 2015-05-26 10:54 - 00166696 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\Lenovo.MetricCollectionMFCx64.dll
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-09-14 08:01 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 20:24 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-14 20:23 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 20:23 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 20:23 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 17:46 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 17:46 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-12-18 05:23 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-12-18 06:01 - 2014-12-18 06:01 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2014-12-18 06:11 - 2015-05-26 10:55 - 00044328 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\res_SV_Swedish_SWE.dll
2014-12-18 06:01 - 2015-06-01 13:57 - 00654776 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-07-16 10:46 - 2015-06-01 13:58 - 01122744 _____ () C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
2014-12-18 06:09 - 2014-12-18 06:09 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2017-05-26 15:33 - 2017-05-26 15:34 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-26 15:33 - 2017-05-26 15:34 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-26 15:33 - 2017-05-26 15:34 - 43202048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-26 15:33 - 2017-05-26 15:34 - 02442752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\skypert.dll
2014-12-18 06:01 - 2015-06-01 13:59 - 00420280 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2014-12-18 06:11 - 2015-10-22 17:07 - 00161896 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\FbApi.dll
2014-12-18 06:11 - 2015-05-26 10:55 - 00036136 _____ () C:\Program Files\Lenovo\OneKey Optimizer\bin\zd.dll
2016-11-28 23:54 - 2016-11-28 23:54 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-06-02 12:04 - 2017-06-02 12:04 - 00171344 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-06-02 12:04 - 2017-06-02 12:04 - 00999024 _____ () C:\Program Files (x86)\AVG\Antivirus\AvChrome.dll
2017-06-02 12:04 - 2017-06-02 12:04 - 67717632 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-06-02 12:04 - 2017-06-02 12:04 - 00178120 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-06-02 12:04 - 2017-06-02 12:04 - 00224352 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2017-05-16 21:35 - 2017-05-16 21:35 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-07-16 10:46 - 2015-02-12 16:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll
2014-09-03 21:03 - 2014-09-03 21:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-11-26 11:59 - 2014-11-26 11:59 - 00100688 _____ () C:\Program Files (x86)\Citrix\AuthManager\AppReceiverSDKWrapper.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-178917026-2695247430-393146251-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\StartupApproved\StartupFolder: => "Citrix Receiver.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B51BD159-0CB9-474B-9209-BF67D71FFBD5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0573C180-BCF6-4618-8F35-61087E00B6E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CE8D7E85-82F2-44BD-97C1-74F9392739E0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{2DA91E9C-C4FE-4196-88EC-2084E29662E6}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{78EE65FB-5321-4DF3-B323-E2110105A051}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{A779770D-228E-479D-861E-128A3723EEFA}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{5D1923F0-CBD6-425C-96FF-9ED1A85B9324}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{77580DD3-2EDC-4EDE-9763-4CEF79C44A29}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E3A4743A-287B-492F-9D87-E54445500131}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
FirewallRules: [{A4C25A36-42DC-428E-83B1-3CC109948149}] => (Allow) C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
FirewallRules: [{1EC41E92-B61A-45ED-AC7A-3DF62C49F863}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{B2E9FB2C-BC00-4A89-B0DA-7CF8F3E70BC8}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{B721E43A-663F-4B35-BCD1-F9F858DDA10B}] => (Allow) LPort=55100
FirewallRules: [{78C3DA05-2C9A-4F39-8C2F-654354594B5A}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{8B3B342D-377F-40CF-AFB3-373A2497FD82}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{504FCD31-8A3E-42C3-8761-41E486A3BDF4}] => (Allow) C:\Users\Andreas\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{B438DB4F-B28B-449C-AE06-B8161CBE4C7E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4AFBC93-9F90-4D66-A43B-3C36A217B325}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39D82152-7A63-42C2-BFB5-50104C73179A}] => (Allow) C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F808D546-7936-488F-B719-D879F448926C}] => (Allow) C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{F3F372E5-4055-4A04-B9B1-C0C786D632A1}C:\users\andreas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andreas\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{1734B343-84AB-45FD-9CA6-7DB3ABB8A93A}C:\users\andreas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andreas\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{069E55C3-31F5-4AFD-AE9C-09CB08D89A54}C:\users\andreas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\andreas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [uDP Query User{B543D49A-BE2C-419B-B881-B1F5089B32E7}C:\users\andreas\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\andreas\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{4DD8BD87-4BE4-4259-B2DE-5D9A9FDF7C05}C:\users\andreas\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\andreas\appdata\roaming\spotify\spotify.exe
FirewallRules: [uDP Query User{CD47B42D-FE2D-4E6C-9622-CBC7FF9DA403}C:\users\andreas\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\andreas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{4051DC6F-AE80-4941-B1BB-68B9C873DB07}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{6E2CE042-C251-430F-A90D-4F0B190E8DBE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{E9D26891-5750-4883-85C6-2D1D8A444262}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{4537B24A-7A95-480D-9A03-46D4BADC2281}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{A8B87055-0072-4E04-B005-A1AFF1C6148A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{0ED601E5-817B-4295-BF39-47DBA6B6297A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{7BEC7C27-B72C-4192-9256-642F24F16150}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{44B014D0-603A-4C1B-8101-DE687F1D2DCE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{978F49EA-8251-429B-B202-1ACC7F1FA786}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{49E8334A-8BCC-425C-806C-627CB4971466}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C0CCBC9E-7A12-4594-98CC-B556F1DF5587}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8FE6B50E-3EFE-4FAA-BA37-613574A7EA7C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{68608F7B-9F6B-4B56-BB6F-F74B81D07661}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{4CCBC9DF-C84B-4A7C-9D72-1E4F40AB26B6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6D9D636D-EA43-484C-B064-2FE4D7D386EA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E8FF055F-3A9E-4754-A726-96208CF9177E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{53200B67-F3E4-4603-A0B9-054DB2FA4030}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5D244F5B-EB18-4D04-A0EA-7CEBA0F841D5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{02471CF9-D75A-4F53-A092-3C7FABF2576A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{B09C024F-A480-4028-AC54-ADD145AE0554}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{B305AD08-82F2-4D40-BF1B-5EC164A6B7A8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{3B7C9781-32E8-4C36-BA5A-DCD4FA044A24}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{085CF25F-B1C1-4986-99E4-1FF9C87395FF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{F7B333FF-1243-435B-83DA-433267F26850}] => (Allow) LPort=1688
FirewallRules: [{86736DBD-04EB-4D77-881F-183986955F74}] => (Allow) C:\Program Files\KMSpicoActivaterMsOffice\Service_KMS.exe
FirewallRules: [{373A7846-6069-4C3C-B467-D28EB4C15BE1}] => (Allow) C:\Program Files\KMSpicoActivaterMsOffice\Service_KMS.exe
FirewallRules: [{FBF2530C-AD63-473F-AD2C-C4110E9EF5DF}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Restore Points =========================

16-05-2017 21:36:54 Windows Update
23-05-2017 19:39:10 Windows Update
31-05-2017 18:06:27 Schemalagd kontrollpunkt
02-06-2017 12:09:12 Removed AVG

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2017 10:47:20 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/05/2017 10:32:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40665594

Error: (06/05/2017 10:32:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40665594

Error: (06/05/2017 10:32:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/05/2017 10:32:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40650188

Error: (06/05/2017 10:32:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40650188

Error: (06/05/2017 10:32:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/05/2017 10:32:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40634563

Error: (06/05/2017 10:32:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40634563

Error: (06/05/2017 10:32:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/05/2017 10:37:39 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 och APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 till användaren NT instans\Lokal tjänst SID (S-1-5-19) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.

Error: (06/05/2017 10:37:39 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 och APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 till användaren NT instans\Lokal tjänst SID (S-1-5-19) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.

Error: (06/05/2017 10:37:38 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 och APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 till användaren NT instans\SYSTEM SID (S-1-5-18) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.

Error: (06/05/2017 10:36:38 PM) (Source: DCOM) (EventID: 10016) (User: NT instans)
Description: Behörighetsinställningarna programspecifik ger inte Lokal behörigheten Aktivering för COM-serverprogrammet med CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 och APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 till användaren NT instans\SYSTEM SID (S-1-5-18) från adress LocalHost (med LRPC) som körs i programbehållaren Inte tillgänglig SID (Inte tillgänglig). Det går att ändra säkerhetsbehörigheten med hjälp av administrationsverktyget Komponenttjänster.

Error: (06/05/2017 10:33:35 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Tjänsthanteraren försökte utföra en korrigeringsåtgärd (Starta om tjänsten) efter att tjänsten Windows Search avslutats oväntat, men denna åtgärd misslyckades med följande fel:
Det finns redan en aktiv session av tjänsten.

Error: (06/05/2017 10:33:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Tjänsten Windows Modules Installer avslutades oväntat. Den har gjort detta 1 gång(er). Följande åtgärd kommer att utföras om 120000 millisekunder: Starta om tjänsten.

Error: (06/05/2017 10:33:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjänsten Lenovo AVFramework Microphone Volume Controller and Dolby Interface avslutades oväntat. Detta har skett 1 gånger.

Error: (06/05/2017 10:33:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjänsten Lenovo AVFramework Camera Privacy Controller avslutades oväntat. Detta har skett 1 gånger.

Error: (06/05/2017 10:33:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjänsten Lenovo AVFramework Virtual Camera Controller Service avslutades oväntat. Detta har skett 1 gånger.

Error: (06/05/2017 10:33:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Tjänsten Intel® Dynamic Application Loader Host Interface Service avslutades oväntat. Detta har skett 1 gånger.


CodeIntegrity:
===================================
  Date: 2017-06-02 12:12:51.756
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-02 12:02:01.710
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-02 12:02:01.593
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-02 12:02:01.514
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-02 12:01:59.383
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-02 12:01:59.350
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-02 12:01:59.169
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-02 12:01:57.298
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-02 12:01:53.515
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-02 12:01:53.360
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 28%
Total physical RAM: 8107.08 MB
Available physical RAM: 5826.71 MB
Total Virtual: 9387.08 MB
Available Virtual: 7225.07 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:890.01 GB) (Free:473.22 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.58 GB) NTFS
Drive e: (WDO_MEDIA32) (Removable) (Total:1.97 GB) (Free:0.86 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 56840792)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2 GB) (Disk ID: 02AB16AA)
Partition 1: (Active) - (Size=2 GB) - (Type=0B)

==================== End of Addition.txt ============================

Länk till kommentar
Dela på andra webbplatser

cybertears

online kommer jag ej så kan ej göra det steget resten nedan

Glömde ju svara, problemet började för ngn månad sedan att man fick ladda alla sidor 2 ggr för första försöket gick till fel på nätverket, förra veckan slogs allt ut och kommer ej online med den burken. Ska absolut testa usb varianten av wifi..

Ibland kan de va lite jobbigt att få ner eset online. Men om du använder denna länken: http://download.eset.com/special/eos/esetonlinescanner_enu.exe , får du ner Eset Online då?

Länk till kommentar
Dela på andra webbplatser

Tyvärr. På den felande datorn kommer jag ej online och med denna extra så funkar länken inte heller.

Länk till kommentar
Dela på andra webbplatser

1. Vad finns i denna mapp?
2017-05-31 21:08 - 2017-05-31 21:09 - 00000000 ____D C:\Program Files\UNP


2. Du borde avinstallera en gammal Java-version med kända säkerhetshål.


3. Starta programmet Anteckningar.
Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\RunOnce: [Uninstall C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\RunOnce: [Uninstall C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\RunOnce: [Application Restart #5] => C:\Users\Andreas\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
Tcpip\..\Interfaces\{c20ab424-ff47-4d84-bd3c-116958899ce7}: [DhcpNameServer] 150.212.1.3
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-178917026-2695247430-393146251-1001 -> {1FE39CBE-C7D1-42FB-9107-AED7D58345FE} URL = hxxps://se.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-178917026-2695247430-393146251-1001 -> {4161474C-4DD4-4654-B674-0192DE9EF714} URL = 
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll => No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
Reboot:

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.
Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.
Om datorn inte startas om automatiskt så gör det själv.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.

 

 

4. Testa hur anslutningen till internet fungerar nu, gärna med nätverkskabel direkt till routern.

Länk till kommentar
Dela på andra webbplatser

i UNP mappen.

CampaignManager mapp och logg mapp med undersaker.. Ska jag radera?

 

Java avinstallerat.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-06-2017
Ran by Front (06-06-2017 21:30:28) Run:1
Running from E:\__virus
Loaded Profiles: Front (Available Profiles: Front)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\RunOnce: [uninstall C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\RunOnce: [uninstall C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\RunOnce: [Application Restart #5] => C:\Users\Andreas\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-reso (the data entry has 587 more characters).
Tcpip\..\Interfaces\{c20ab424-ff47-4d84-bd3c-116958899ce7}: [DhcpNameServer] 150.212.1.3
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-178917026-2695247430-393146251-1001 -> {1FE39CBE-C7D1-42FB-9107-AED7D58345FE} URL = hxxps://se.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-178917026-2695247430-393146251-1001 -> {4161474C-4DD4-4654-B674-0192DE9EF714} URL =
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.7.452\AVG Web TuneUp.dll => No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
Reboot:
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64 => value removed successfully
HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Andreas\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64 => value removed successfully
HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #5 => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c20ab424-ff47-4d84-bd3c-116958899ce7}\\DhcpNameServer => value removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully
HKU\S-1-5-21-178917026-2695247430-393146251-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1FE39CBE-C7D1-42FB-9107-AED7D58345FE} => key removed successfully
HKCR\CLSID\{1FE39CBE-C7D1-42FB-9107-AED7D58345FE} => key not found.
HKU\S-1-5-21-178917026-2695247430-393146251-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4161474C-4DD4-4654-B674-0192DE9EF714} => key removed successfully
HKCR\CLSID\{4161474C-4DD4-4654-B674-0192DE9EF714} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


========= netsh int ip reset c:\resetlog.txt =========

Resetting Global, OK!
Resetting Interface, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting , failed.
tkomst nekad.

Resetting , OK!
Restart the computer to complete this action.


========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog 21:30:43 ====

 

 

 

Tyvärr slår WIFIn ännu ut routern, har heller ingen ethernetport på datorn.

Länk till kommentar
Dela på andra webbplatser

Hittade ett nätverksuttag, väl gömt för det har jag sökt innan :). Och med kabel fungerar det dock ej över WIFI..

Länk till kommentar
Dela på andra webbplatser

Långsökt och inte ett egentligt svar... men jag drar mig till minnes när man från en Mac (ja eller om det t.o.m var två olika) startade en filöverföring i Skype (till en annan dator på det lokala nätverket) så dog hela nätverket.

 

Funderar på om det kan vara någon mjukvara igång som är ivrig så fort WiFi finns?

Funderar vidare kring det, om man startar datorn i felsäkert läge med nätverk? Borde inte drivers för kortet laddas så att det kan fungera men inga andra program autostartas?

Länk till kommentar
Dela på andra webbplatser

1. Ja, ta bort den där CampaignManager-mappen.

 

2. Skanna med FRST och sen öppnar du FRST.txt i Anteckningar och letar reda på den rubrik som ser ut så här:

 

==================== Internet (Whitelisted) ====================

 

Kopiera de 3-4 rader som är mellan den rubriken och nästa rubrik som är "Internet Explorer:" och klistra in i ditt svar.

 

 

3. Gör som Mikael63 föreslår och testa felsäkert läge med nätverk.

Om det blir problem med routern även där ta fram Aktivitetshanteraren, fliken Prestanda, klicka på texten "Ethernet" i vänsterkolumnen och skriv ner värdena för Skicka och Ta emot samt hur de varierar.

 

Annars kan du göra ovanstående i normalt läge med trådlöst nätverk.

Länk till kommentar
Dela på andra webbplatser

Ursäkta sent svar, har varit iväg på semester.

Här kommer  det efterfrågade, punkt 3 får jag testa när alla gått och lagt sig .

 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29b75427-5ca5-4c9b-849e-89952826e372}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c20ab424-ff47-4d84-bd3c-116958899ce7}: [DhcpNameServer] 192.168.1.1

Länk till kommentar
Dela på andra webbplatser

Hoppas att du hade en bra och trevlig semester :)

och definitivt inget att be om ursäkt för.

 

De raderna ser numera ut precis som de ska.

Länk till kommentar
Dela på andra webbplatser

Ser inget ovanligt gällande punkt 3, surfar jag ej ligger de på 0. 

så nu återstår att kolla nätverkskortet?

Länk till kommentar
Dela på andra webbplatser

Ser inget ovanligt gällande punkt 3, surfar jag ej ligger de på 0. 

så nu återstår att kolla nätverkskortet?

Även i normalt läge och när routern lägger av?

Länk till kommentar
Dela på andra webbplatser

  • 3 veckor senare...

Nu har jag testat och grejat på egen hand för stt få fram mer info åt er som kan :)

 

Tar jag min dator till vänner så är det inga problem att koppla upp mot deras routrar.

Tar de sina datorer hit så har de inga problem att koppla upp sig mot min router.

 

Men så fort jag försöker med min dator mot min router så slås den ut. Det vill bara inte.

Vad kan jag göra?

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...