Infekterad dator

18 mars, 2018

Hej. Nu har datorn börjat bete sig konstigt rent ut sagt, behöver hjälp för att se varför.

18 mars, 2018

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Front (administrator) on LENOVO-SKULE (18-03-2018 10:27:53)
Running from C:\Users\Andreas\Downloads
Loaded Profiles: Front (Available Profiles: Front)
Platform: Windows 10 Home Version 1709 16299.309 (X64) Language: Svenska (Sverige)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo) C:\Windows\System32\LenovoUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe
(Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FBService.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1809.217.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Spotify Ltd) C:\Users\Andreas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\CDViewer.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfica32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\AuthManager\AuthManSvr.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-03] (Conexant Systems, Inc.)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [10828056 2014-12-18] (Lenovo(beijing) Limited)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2014-12-18] (Lenovo)
HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [604968 2015-06-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [LMCSSTART1] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART2] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
HKLM\...\Run: [LMCSSTART3] => C:\Program Files\Lenovo\Communications Utility\lmcsctrl.exe [30152 2015-03-23] (Lenovo Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [294928 2018-03-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-03-15] (Dropbox, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [582032 2018-02-22] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [401296 2018-02-22] (Citrix Systems, Inc.)
HKLM\...\Policies\Explorer: [Max Cached Icons] 2000
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Run: [Google Update] => C:\Users\Andreas\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-14] (Google Inc.)
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Run: [uTorrent] => C:\Users\Andreas\AppData\Roaming\uTorrent\uTorrent.exe [1981624 2017-12-27] (BitTorrent Inc.)
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7706728 2018-02-04] (Lavasoft)
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Run: [Spotify] => C:\Users\Andreas\AppData\Roaming\Spotify\Spotify.exe [21076080 2017-12-04] (Spotify Ltd)
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Run: [Spotify Web Helper] => C:\Users\Andreas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-12-04] (Spotify Ltd)
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-178917026-2695247430-393146251-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-178917026-2695247430-393146251-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2017-09-29] (Microsoft Corporation)
Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2015-03-09]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe (No File)
Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skicka till OneNote.lnk [2016-11-09]
ShortcutTarget: Skicka till OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c20ab424-ff47-4d84-bd3c-116958899ce7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dff333ca-103c-4cfd-bfca-0eaebd5dd7ec}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-178917026-2695247430-393146251-1001 -> {4161474C-4DD4-4654-B674-0192DE9EF714} URL =
SearchScopes: HKU\S-1-5-21-178917026-2695247430-393146251-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://se.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__171028__yaie&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-09-05] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-09-05] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-02-22] (Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: d0klv9zg.Fronta
FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default [2018-01-15]
FF Homepage: Mozilla\Firefox\Profiles\63ts7szx.default -> hxxps://se.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__171028__yaff
FF NewTab: Mozilla\Firefox\Profiles\63ts7szx.default -> hxxps://se.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__171028__yaff
FF Extension: (Flash Video Downloader) - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-01-07]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default\searchplugins\yahoo-lavasoft.xml [2017-12-21]
FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\d0klv9zg.Fronta [2018-03-18]
FF Homepage: Mozilla\Firefox\Profiles\d0klv9zg.Fronta -> www.google.se/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-13] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-02-22] (Citrix Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-03-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-178917026-2695247430-393146251-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-178917026-2695247430-393146251-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-178917026-2695247430-393146251-1001: google.com/WidevineMediaOptimizer -> C:\Users\Andreas\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Google Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\dsengine.js [2017-12-21] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\dsengine.cfg [2017-12-21] <==== ATTENTION

Chrome:
=======
CHR Profile: C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default [2018-01-18]
CHR Extension: (Presentationer) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-16]
CHR Extension: (Dokument) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-16]
CHR Extension: (Google Drive) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-06]
CHR Extension: (YouTube) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-06]
CHR Extension: (Kalkylark) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-16]
CHR Extension: (Google Dokument Offline) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-16]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-16]
CHR Extension: (Gmail) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-06]
CHR Extension: (Chrome Media Router) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-03-23] (Lenovo Corporation)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [304776 2018-03-17] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7607288 2018-03-17] (AVG Technologies CZ, s.r.o.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [654776 2015-06-01] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058416 2017-09-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-25] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-25] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-03-15] (Dropbox, Inc.)
R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [193640 2015-10-22] (Lenovo)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1122744 2015-06-01] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2017-01-13] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373680 2017-05-26] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2730280 2016-01-07] (Lenovo(beijing) Limited)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016040 2015-04-10] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [625608 2015-03-23] (Lenovo Corporation)
R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2014-12-18] ()
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited)
R3 LenovoUpdate; C:\WINDOWS\System32\LenovoUpdate.exe [26608 2018-03-18] (Lenovo)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-26] (Lenovo(beijing) Limited)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.266\McCHSvc.exe [235696 2015-12-02] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-09] (NVIDIA Corporation)
R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [369960 2016-01-07] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2014-12-18] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2014-12-18] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-06-01] (Synaptics Incorporated)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25704 2018-02-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [189032 2018-03-17] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\WINDOWS\System32\drivers\avgbdiska.sys [166552 2018-03-17] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [221096 2018-03-17] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [193024 2018-03-17] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [337344 2018-03-17] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [51272 2018-03-17] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39352 2018-03-17] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [139040 2018-03-17] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [102720 2018-03-17] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [76760 2018-03-17] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1019088 2018-03-17] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [452904 2018-03-17] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [198368 2018-03-17] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [372920 2018-03-17] (AVG Technologies CZ, s.r.o.)
S3 Ctxusbr; C:\WINDOWS\System32\drivers\ctxusbr.sys [67720 2018-01-01] (Citrix Systems, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 Fastboot; C:\Windows\System32\Drivers\Fastboot.sys [72808 2015-10-22] (Windows (R) Win 7 DDK provider)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 KMDFVirtualKbd; C:\WINDOWS\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-05] ()
R3 KMDFVirtualMouse; C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-05] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-09-29] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-18 10:27 - 2018-03-18 10:28 - 000033342 _____ C:\Users\Andreas\Downloads\FRST.txt
2018-03-18 10:27 - 2018-03-18 10:27 - 002403328 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe
2018-03-18 10:07 - 2018-03-18 10:10 - 000000004 ____H C:\ProgramData\cm-lock
2018-03-17 20:39 - 2018-03-17 20:39 - 000000000 ____D C:\Users\Andreas\AppData\Local\WonderShare
2018-03-17 20:34 - 2018-03-17 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2018-03-17 20:34 - 2018-03-17 20:39 - 000000000 ____D C:\Users\Andreas\AppData\Roaming\Wondershare
2018-03-17 20:34 - 2017-09-27 17:29 - 000000232 _____ C:\WINDOWS\SysWOW64\dllhost.exe.config
2018-03-17 20:33 - 2018-03-17 20:57 - 000000000 ____D C:\ProgramData\Wondershare
2018-03-17 20:33 - 2018-03-17 20:57 - 000000000 ____D C:\Program Files (x86)\Wondershare
2018-03-17 20:32 - 2018-03-17 20:33 - 063969232 _____ (Wondershare ) C:\Users\Andreas\Downloads\win-drfone_full3360.exe
2018-03-17 20:18 - 2018-03-18 10:09 - 000000000 ___RD C:\Users\Andreas\iCloudDrive
2018-03-17 20:18 - 2018-03-17 20:18 - 000000000 ____D C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2018-03-17 20:18 - 2018-03-17 20:18 - 000000000 ____D C:\Users\Andreas\AppData\Local\Apple Inc
2018-03-17 20:13 - 2018-03-17 20:13 - 000381816 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2018-03-17 19:12 - 2018-03-17 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-03-17 18:55 - 2018-03-17 18:58 - 155166520 _____ (Apple Inc.) C:\Users\Andreas\Downloads\iCloudSetup.exe
2018-03-16 19:55 - 2018-03-16 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-03-15 12:50 - 2018-03-15 12:50 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-03-15 12:50 - 2018-03-15 12:50 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-03-15 12:50 - 2018-03-15 12:50 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-03-15 12:50 - 2018-03-15 12:50 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-03-13 23:16 - 2018-03-02 22:09 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-03-13 23:16 - 2018-03-02 22:09 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-13 21:04 - 2018-03-13 21:04 - 000004610 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-13 19:22 - 2018-03-01 08:46 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-13 19:22 - 2018-03-01 08:40 - 002514936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-03-13 19:22 - 2018-03-01 08:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-03-13 19:22 - 2018-03-01 08:31 - 008602520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-03-13 19:22 - 2018-03-01 08:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-03-13 19:22 - 2018-03-01 08:27 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-03-13 19:22 - 2018-03-01 08:23 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-03-13 19:22 - 2018-03-01 08:17 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-03-13 19:22 - 2018-03-01 08:17 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-03-13 19:22 - 2018-03-01 08:15 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-03-13 19:22 - 2018-03-01 08:14 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-03-13 19:22 - 2018-03-01 08:14 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-03-13 19:22 - 2018-03-01 08:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-03-13 19:22 - 2018-03-01 08:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-03-13 19:22 - 2018-03-01 08:14 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-03-13 19:22 - 2018-03-01 08:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-03-13 19:22 - 2018-03-01 08:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-03-13 19:22 - 2018-03-01 08:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-13 19:22 - 2018-03-01 08:09 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-03-13 19:22 - 2018-03-01 07:51 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-03-13 19:22 - 2018-03-01 07:48 - 001930736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-03-13 19:22 - 2018-03-01 07:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-03-13 19:22 - 2018-03-01 07:29 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-03-13 19:22 - 2018-03-01 07:28 - 006480616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-13 19:22 - 2018-03-01 07:28 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-03-13 19:22 - 2018-03-01 07:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-03-13 19:22 - 2018-03-01 07:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-03-13 19:22 - 2018-03-01 07:26 - 001057816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-03-13 19:22 - 2018-03-01 07:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-03-13 19:22 - 2018-03-01 07:09 - 025251840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-03-13 19:22 - 2018-03-01 07:03 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-03-13 19:22 - 2018-03-01 07:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-03-13 19:22 - 2018-03-01 07:03 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-03-13 19:22 - 2018-03-01 07:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-03-13 19:22 - 2018-03-01 07:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-03-13 19:22 - 2018-03-01 07:01 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-03-13 19:22 - 2018-03-01 07:01 - 006575616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-03-13 19:22 - 2018-03-01 07:01 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-03-13 19:22 - 2018-03-01 06:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-03-13 19:22 - 2018-03-01 06:58 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-03-13 19:22 - 2018-03-01 06:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-03-13 19:22 - 2018-03-01 06:57 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-03-13 19:22 - 2018-03-01 06:56 - 018922496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-03-13 19:22 - 2018-03-01 06:56 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-03-13 19:22 - 2018-03-01 06:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-03-13 19:22 - 2018-03-01 06:54 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-03-13 19:22 - 2018-03-01 06:54 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-03-13 19:22 - 2018-03-01 06:54 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-03-13 19:22 - 2018-03-01 06:53 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-03-13 19:22 - 2018-03-01 06:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-03-13 19:22 - 2018-03-01 06:52 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-03-13 19:22 - 2018-03-01 06:52 - 006030336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-03-13 19:22 - 2018-03-01 06:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-03-13 19:22 - 2018-03-01 06:50 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-03-13 19:22 - 2018-03-01 06:50 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-03-13 19:22 - 2018-03-01 06:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-03-13 19:22 - 2018-03-01 06:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-03-13 19:22 - 2018-03-01 06:48 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-03-13 19:22 - 2018-03-01 06:47 - 023674368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-03-13 19:22 - 2018-03-01 06:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-03-13 19:22 - 2018-03-01 06:45 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-03-13 19:22 - 2018-03-01 06:45 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-03-13 19:22 - 2018-03-01 06:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-03-13 19:22 - 2018-03-01 06:44 - 008030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-03-13 19:22 - 2018-03-01 06:43 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-03-13 19:22 - 2018-03-01 06:42 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-03-13 19:22 - 2018-03-01 06:41 - 008103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-03-13 19:22 - 2018-03-01 06:41 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-03-13 19:22 - 2018-03-01 06:41 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-03-13 19:22 - 2018-03-01 06:41 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-03-13 19:22 - 2018-03-01 06:41 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-03-13 19:22 - 2018-03-01 06:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-03-13 19:22 - 2018-03-01 06:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-03-13 19:22 - 2018-03-01 06:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-03-13 19:22 - 2018-03-01 06:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-03-13 19:22 - 2018-03-01 06:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-03-13 19:22 - 2018-03-01 06:38 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-03-13 19:22 - 2018-03-01 06:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-13 19:22 - 2018-02-22 03:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-03-13 19:22 - 2018-02-22 03:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-03-13 19:22 - 2018-02-22 03:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-03-13 19:22 - 2018-02-22 03:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-03-13 19:22 - 2018-02-22 03:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-03-13 19:22 - 2018-02-22 03:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-03-13 19:22 - 2018-02-22 03:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-03-13 19:22 - 2018-02-22 03:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-03-13 19:22 - 2018-02-22 03:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-03-13 19:22 - 2018-02-22 03:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-03-13 19:22 - 2018-02-22 03:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-03-13 19:22 - 2018-02-22 02:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-03-13 19:22 - 2018-02-22 02:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-03-13 19:22 - 2018-02-22 02:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-03-13 19:22 - 2018-02-22 02:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-03-13 19:22 - 2018-02-22 02:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-03-13 19:22 - 2018-02-22 01:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-03-13 19:22 - 2018-02-22 01:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-03-13 19:22 - 2018-02-22 01:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-03-13 19:22 - 2018-02-22 01:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-03-13 19:22 - 2018-02-22 01:26 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-03-13 19:21 - 2018-03-02 04:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-03-13 19:21 - 2018-03-02 04:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-13 19:21 - 2018-03-02 04:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-13 19:21 - 2018-03-02 04:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-13 19:21 - 2018-03-02 04:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2018-03-13 19:21 - 2018-03-02 04:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-13 19:21 - 2018-03-02 03:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-03-13 19:21 - 2018-03-01 21:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-03-13 19:21 - 2018-03-01 08:50 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-13 19:21 - 2018-03-01 08:49 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-13 19:21 - 2018-03-01 08:48 - 000664472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-13 19:21 - 2018-03-01 08:47 - 000749464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-13 19:21 - 2018-03-01 08:47 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-13 19:21 - 2018-03-01 08:46 - 001568664 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-13 19:21 - 2018-03-01 08:46 - 000609176 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-13 19:21 - 2018-03-01 08:46 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-13 19:21 - 2018-03-01 08:45 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-13 19:21 - 2018-03-01 08:40 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-13 19:21 - 2018-03-01 08:40 - 000273304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-13 19:21 - 2018-03-01 08:30 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-13 19:21 - 2018-03-01 08:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-13 19:21 - 2018-03-01 08:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-03-13 19:21 - 2018-03-01 08:25 - 000377752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-03-13 19:21 - 2018-03-01 08:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-13 19:21 - 2018-03-01 08:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-13 19:21 - 2018-03-01 08:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-13 19:21 - 2018-03-01 08:14 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-03-13 19:21 - 2018-03-01 08:12 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-03-13 19:21 - 2018-03-01 08:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2018-03-13 19:21 - 2018-03-01 08:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-13 19:21 - 2018-03-01 08:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-03-13 19:21 - 2018-03-01 07:39 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-13 19:21 - 2018-03-01 07:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-03-13 19:21 - 2018-03-01 07:28 - 000115096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-03-13 19:21 - 2018-03-01 07:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2018-03-13 19:21 - 2018-03-01 07:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2018-03-13 19:21 - 2018-03-01 07:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-03-13 19:21 - 2018-03-01 07:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-03-13 19:21 - 2018-03-01 06:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-13 19:21 - 2018-03-01 06:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-03-13 19:21 - 2018-03-01 06:54 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-03-13 19:21 - 2018-03-01 06:54 - 001296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-03-13 19:21 - 2018-03-01 06:54 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-03-13 19:21 - 2018-03-01 06:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-13 19:21 - 2018-03-01 06:53 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-03-13 19:21 - 2018-03-01 06:53 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-13 19:21 - 2018-03-01 06:53 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-03-13 19:21 - 2018-03-01 06:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-13 19:21 - 2018-03-01 06:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-03-13 19:21 - 2018-03-01 06:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-03-13 19:21 - 2018-03-01 06:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-03-13 19:21 - 2018-03-01 06:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-03-13 19:21 - 2018-03-01 06:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-03-13 19:21 - 2018-03-01 06:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-03-13 19:21 - 2018-03-01 06:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-03-13 19:21 - 2018-03-01 06:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-03-13 19:21 - 2018-03-01 06:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-03-13 19:21 - 2018-03-01 06:49 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-13 19:21 - 2018-03-01 06:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-13 19:21 - 2018-03-01 06:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-13 19:21 - 2018-03-01 06:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-03-13 19:21 - 2018-03-01 06:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-03-13 19:21 - 2018-03-01 06:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-03-13 19:21 - 2018-03-01 06:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-03-13 19:21 - 2018-03-01 06:44 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-03-13 19:21 - 2018-03-01 06:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-03-13 19:21 - 2018-03-01 06:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-03-13 19:21 - 2018-03-01 06:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-03-13 19:21 - 2018-03-01 06:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-03-13 19:21 - 2018-03-01 06:35 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-03-13 19:21 - 2018-03-01 06:35 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-03-13 19:21 - 2018-02-22 03:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-03-13 19:21 - 2018-02-22 03:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-03-13 19:21 - 2018-02-22 03:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-03-13 19:21 - 2018-02-22 03:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-03-13 19:21 - 2018-02-22 03:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-03-13 19:21 - 2018-02-22 02:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-03-13 19:21 - 2018-02-22 02:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-03-13 19:21 - 2018-02-22 02:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-03-13 19:21 - 2018-02-22 01:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-03-13 19:21 - 2018-02-22 01:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-03-13 19:21 - 2018-02-22 01:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-03-13 19:21 - 2018-02-22 01:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-03-13 19:21 - 2018-02-22 01:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-03-11 12:35 - 2018-03-11 12:35 - 000117733 _____ C:\Users\Andreas\Downloads\ref 1052.pdf
2018-03-09 19:27 - 2018-03-09 19:27 - 000044418 _____ C:\Users\Andreas\Downloads\Inkomstdeklaration.pdf
2018-02-25 14:57 - 2018-02-25 14:57 - 000001310 _____ C:\Users\Andreas\Desktop\Dropbox.lnk
2018-02-25 14:53 - 2018-03-16 19:55 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-02-25 14:53 - 2018-03-13 23:15 - 000001028 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2018-02-25 14:53 - 2018-03-13 23:15 - 000001024 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-02-25 14:53 - 2018-02-25 14:53 - 000004088 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-02-25 14:53 - 2018-02-25 14:53 - 000003856 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-02-25 14:52 - 2018-02-25 14:52 - 000690080 _____ (Dropbox, Inc.) C:\Users\Andreas\Downloads\DropboxInstaller.exe
2018-02-22 09:42 - 2018-02-22 09:42 - 000139888 _____ (Citrix Systems, Inc.) C:\WINDOWS\system32\Drivers\ctxusbm.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-18 10:28 - 2015-03-09 12:15 - 000000000 ____D C:\Users\Andreas\AppData\Local\Citrix
2018-03-18 10:27 - 2017-06-05 09:00 - 000000000 ____D C:\FRST
2018-03-18 10:11 - 2017-12-09 13:40 - 002238102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-18 10:11 - 2017-09-30 15:10 - 000989020 _____ C:\WINDOWS\system32\perfh01D.dat
2018-03-18 10:11 - 2017-09-30 15:10 - 000222724 _____ C:\WINDOWS\system32\perfc01D.dat
2018-03-18 10:11 - 2015-03-22 09:56 - 000000000 ____D C:\Users\Andreas\AppData\Roaming\Spotify
2018-03-18 10:10 - 2014-12-18 04:44 - 000000000 ____D C:\ProgramData\Lenovo
2018-03-18 10:09 - 2017-10-28 18:56 - 000000000 ____D C:\Users\Andreas\AppData\Roaming\uTorrent
2018-03-18 10:09 - 2016-11-28 15:00 - 000000000 ___HD C:\Users\Andreas\AppData\LocalLow\Mozilla
2018-03-18 10:08 - 2017-06-18 14:01 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-03-18 10:07 - 2017-12-09 13:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-18 10:07 - 2017-12-09 13:13 - 000407552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-18 10:07 - 2017-06-18 13:57 - 000153336 _____ C:\WINDOWS\system32\wpbbin.exe
2018-03-18 10:07 - 2017-06-18 13:57 - 000111088 _____ (Lenovo (Beijing) Limited) C:\WINDOWS\system32\LenovoCheck.exe
2018-03-18 10:07 - 2017-06-18 13:57 - 000026608 _____ (Lenovo) C:\WINDOWS\system32\LenovoUpdate.exe
2018-03-18 10:07 - 2016-11-16 02:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-18 10:07 - 2016-09-02 14:24 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-18 10:07 - 2015-04-05 14:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-18 10:06 - 2017-09-29 09:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-03-18 10:05 - 2017-12-09 13:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-18 09:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-17 23:37 - 2015-04-07 20:45 - 000000000 ___RD C:\Users\Andreas\Dropbox
2018-03-17 23:33 - 2017-12-09 13:18 - 000000000 ____D C:\Users\Andreas
2018-03-17 20:34 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-17 20:24 - 2015-06-09 22:29 - 000000000 ___HD C:\Users\Andreas\AppData\Roaming\Apple Computer
2018-03-17 20:19 - 2015-04-05 14:21 - 000001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-03-17 20:14 - 2017-12-09 13:49 - 000004004 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-03-17 20:13 - 2017-11-28 16:05 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2018-03-17 20:13 - 2017-06-02 11:04 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2018-03-17 20:13 - 2017-06-02 11:04 - 000372920 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2018-03-17 20:13 - 2017-06-02 11:04 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2018-03-17 20:13 - 2017-06-02 11:04 - 000139040 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2018-03-17 20:13 - 2017-06-02 11:04 - 000102720 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2018-03-17 20:13 - 2017-06-02 11:04 - 000076760 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2018-03-17 20:13 - 2017-06-02 11:04 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2018-03-17 20:12 - 2017-06-02 11:04 - 001019088 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2018-03-17 20:12 - 2017-06-02 11:04 - 000337344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2018-03-17 20:12 - 2017-06-02 11:04 - 000221096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2018-03-17 20:12 - 2017-06-02 11:04 - 000193024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2018-03-17 20:12 - 2017-06-02 11:04 - 000166552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys
2018-03-17 20:12 - 2017-06-02 11:04 - 000051272 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2018-03-17 20:11 - 2015-03-22 09:57 - 000000000 ____D C:\Users\Andreas\AppData\Local\Spotify
2018-03-17 19:12 - 2015-06-09 22:29 - 000000000 ___HD C:\Users\Andreas\AppData\Local\Apple Computer
2018-03-17 19:11 - 2015-06-09 22:28 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-03-17 19:06 - 2015-03-08 21:52 - 000000000 ____D C:\Bilder
2018-03-17 08:30 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-17 08:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-16 23:16 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-03-13 23:17 - 2017-12-09 13:52 - 000000000 ___RD C:\Users\Andreas\3D Objects
2018-03-13 23:17 - 2015-03-04 14:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-03-13 23:15 - 2015-07-12 13:20 - 000000000 ____D C:\Users\Andreas\AppData\Local\Dropbox
2018-03-13 23:15 - 2015-04-07 20:42 - 000000000 ____D C:\Users\Andreas\AppData\Roaming\Dropbox
2018-03-13 23:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-03-13 23:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-13 23:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-03-13 21:19 - 2015-03-08 07:50 - 000000000 ____D C:\FAIK
2018-03-13 21:04 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-03-13 21:04 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-03-13 19:49 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-13 19:49 - 2015-03-15 12:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-13 19:44 - 2017-10-11 09:13 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-13 19:44 - 2015-03-15 12:09 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-13 19:29 - 2017-09-29 14:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-03-13 19:29 - 2017-09-29 14:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-03-10 18:17 - 2015-03-12 11:31 - 000000000 ____D C:\Users\Andreas\AppData\Roaming\vlc
2018-03-04 13:54 - 2015-03-09 12:16 - 000001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2018-03-04 13:54 - 2015-03-09 12:15 - 000000000 ____D C:\ProgramData\Citrix
2018-03-04 12:44 - 2015-03-08 22:17 - 000000000 ____D C:\Dokument
2018-03-01 20:27 - 2017-07-06 16:53 - 000002558 _____ C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-01 20:27 - 2017-07-06 16:53 - 000002521 _____ C:\Users\Andreas\Desktop\Google Chrome.lnk
2018-02-28 18:39 - 2017-12-09 13:49 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-02-25 11:19 - 2016-01-28 22:20 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-12 12:08

==================== End of FRST.txt ============================

Addition.txt

18 mars, 2018

Jag hittar inte så mycket information om detta Firefox-tillägg:

FF Extension: (Flash Video Downloader) - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default\Extensions\artur.dubovoy@gmail.com.xpi [2018-01-07]

Har du en länk till varifrån du laddade ner det tillägget?

Annars kan jag inte direkt se något som skulle orsaka problem. Kan du beskriva dina problem med datorn och när de började?

18 mars, 2018

Ok. Nej jag vet ej om jag laddat ned ngt tillägg.

Datorn gör lite vad den vill. Vi stänger av skärmsläckare och att den skall gå in i det läget men det återkommer. Lösenord m.m som försvinner i webbläsarna. Allmänt stökigt på ngt vis.

Fick hem ett program som ställde till det, kommer ej ihåg vad det hetta men fick återställa datorn till en tidigare punkt.

18 mars, 2018

När ungefär var det som du fick hem programmet som ställde till det?

19 mars, 2018

Tiden går fort men skulle vilja säga ca 2 månader sedan.

19 mars, 2018

Det var framförallt mina användar/user profiler som gick förlorat, det är nog vad som strulat mest med alla inställningar.

19 mars, 2018

5 timmar sedan, fronta säger:

Det var framförallt mina användar/user profiler som gick förlorat, det är nog vad som strulat mest med alla inställningar.

Fast det betyder ju inte att det är kvar något skadligt eller olämpligt i datorn.

Men eftersom det är så länge sen får du köra FRST en gång till, men denna gång väljer du inställningen 90 Days Files (ändra inga andra inställningar) innan du startar skanningen.

Eftersom filen FRST.txt blir så stor behöver du bifoga den i stället för att klistra in den i inlägget.

20 mars, 2018

Ok.

Addition.txt

FRST.txt

21 mars, 2018

Verkar inte ha hänt mycket i datorn förutom Windows-uppdateringar och så vitt jag kan bedöma normala ofarliga program under de senaste 90 dagarna. Du kan kolla själv under rubriken "Three Months Created files and folders" i FRST.txt om det är något där som du tycker inte borde finnas i datorn eller som du känner igen som det som orsakade problem.

Men du kan köra några kontroller med några program som letar efter specifika saker.

1.Spara AdwCleaner på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Läs igenom licensavtalet och klicka på "I agree" (om du gör det).

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på knappen Logfile.
Ta fram fliken Scan och dubbelklicka på den översta och senaste loggfilen.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[S1].txt

2. Följ anvisningarna under rubriken How do I run the Online Scanner? på sidan https://support.eset.com/kb2921/ för att köra Esets online-skanner.

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

I steg 4 väljer du Enable detection of potentially unwanted applications och klickar sen på Advanced settings:
Ta bort bocken framför Clean threats automatically (viktigt eftersom falsklarm förekommer vid den noggranna skanning).
Bocka för:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications

Scan Archives

Enable Anti-Stealth Technology

Klicka på Scan-knappen.

Det kommer att ta lång tid att skanna igenom datorn.

När skanningen är klar och listan över vad som har hittats visas, klicka på Save to text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Alternativt om inget hittats så skriver du det.

21 mars, 2018

# AdwCleaner 7.0.8.0 - Logfile created on Wed Mar 21 19:19:15 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 2018-03-20.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

PUP.Optional.Legacy, WCAssistantService

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Users\Andreas\AppData\Local\SweetLabs App Platform
PUP.Optional.Legacy, C:\ProgramData\lavasoft\web companion
PUP.Optional.Legacy, C:\ProgramData\Application Data\lavasoft\web companion
PUP.Optional.Legacy, C:\Program Files (x86)\lavasoft\web companion
PUP.Optional.Legacy, C:\Users\All Users\lavasoft\web companion
PUP.Optional.Legacy, C:\Users\Andreas\AppData\Roaming\lavasoft\web companion
PUP.Optional.WebCompanion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

PUP.Optional.Legacy, C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default\searchplugins\yahoo-lavasoft.xml

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d16fk4ms6rqz1v.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d22j4fzzszoii2.cloudfront.net
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\solidtango.com
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Lavasoft\Web Companion
PUP.Optional.Legacy, [Key] - HKCU\Software\Lavasoft\Web Companion
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Microsoft\Windows\CurrentVersion\Run | Web Companion
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run | Web Companion
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [10883 B] - [2017/6/5 20:36:29]
C:/AdwCleaner/AdwCleaner[S0].txt - [10094 B] - [2017/6/5 19:6:7]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########

21 mars, 2018

Det var Delphi som ställde till det så jag var tvungen att återställa datorn.

22 mars, 2018

Är Web Companion något du har installerat själv och har nytta av eller är det något som kommit med något annat program utan att du har velat det?

Delphi (programmering) är ju inget skadligt program. Hämtade du det från någon olämplig webbplats eftersom du tror att datorn blev infekterad av Delphi?

Finns det kvar något i mapparna?

2018-01-14 13:56 - 2018-01-14 13:56 - 000000000 ____D C:\ProgramData\Common Diagnostics
2018-01-14 13:55 - 2018-01-16 22:57 - 000000000 ___HD C:\Users\Andreas\AppData\Roaming\Delphi

22 mars, 2018

C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll   a variant of MSIL/WebCompanion.D potentially unwanted application
C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe   a variant of MSIL/WebCompanion.D potentially unwanted application
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe   a variant of MSIL/WebCompanion.D potentially unwanted application
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe   a variant of MSIL/WebCompanion.C potentially unwanted application
C:\Users\Andreas\Desktop\DELPHI 2014.2Logo.rar   MSIL/Keygen.AB potentially unsafe application
C:\Users\Andreas\Downloads\uTorrent.exe   a variant of MSIL/WebCompanion.A potentially unwanted application,a variant of Win32/WebCompanion.B potentially unwanted application
C:\Windows\Installer\581ddd01.msi   a variant of Win32/Systweak.L potentially unwanted application,a variant of Win32/Systweak.N potentially unwanted application
C:\Windows\Temp\WebCompanion.zip   a variant of MSIL/WebCompanion.D potentially unwanted application,a variant of MSIL/WebCompanion.C potentially unwanted application
C:\Windows\Temp\wctmp_1301140021\WcInstaller.exe   a variant of MSIL/WebCompanion.C potentially unwanted application
Operating memory   a variant of MSIL/WebCompanion.D potentially unwanted application
Autostart locations   a variant of MSIL/WebCompanion.D potentially unwanted application,a variant of MSIL/WebCompanion.C potentially unwanted application   archive damaged

22 mars, 2018

7 timmar sedan, Cecilia säger:

Är Web Companion något du har installerat själv och har nytta av eller är det något som kommit med något annat program utan att du har velat det?

Nej det vet jag ej vad det är.

Delphi (programmering) är ju inget skadligt program. Hämtade du det från någon olämplig webbplats eftersom du tror att datorn blev infekterad av Delphi? Blev säkert från olämplig plats då det skulle uppdateras.

Finns det kvar något i mapparna?

2018-01-14 13:56 - 2018-01-14 13:56 - 000000000 ____D C:\ProgramData\Common Diagnostics Nej
2018-01-14 13:55 - 2018-01-16 22:57 - 000000000 ___HD C:\Users\Andreas\AppData\Roaming\Delphi Ja, det finns en hel del undermappar, men inget jag behöver, radera?

22 mars, 2018

Okej, ett hack till Delphi och då kan det ju hända en del. Men inget skadligt som hittades.

22 mars, 2018

Avinstallera då Web Companion.

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.
Klicka på I agree.

Klicka på Clean-knappen.
Tryck på OK fler gånger om det kommer upp meddelanden (läs dem först och fråga om det är något som är tveksamt).

Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, starta AdwCleaner, klicka på Logfile, välj Clean-fliken och dubbelklicka på den översta rapporten.

23 mars, 2018

# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\Andreas\AppData\Local\SweetLabs App Platform
Deleted: C:\ProgramData\lavasoft\web companion
Deleted: C:\ProgramData\Application Data\lavasoft\web companion
Deleted: C:\Program Files (x86)\lavasoft\web companion
Deleted: C:\Users\All Users\lavasoft\web companion
Deleted: C:\Users\Andreas\AppData\Roaming\lavasoft\web companion
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

Deleted: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\63ts7szx.default\searchplugins\yahoo-lavasoft.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d16fk4ms6rqz1v.cloudfront.net
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d22j4fzzszoii2.cloudfront.net
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\solidtango.com
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-178917026-2695247430-393146251-1001\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [10883 B] - [2017/6/5 20:36:29]
C:/AdwCleaner/AdwCleaner[S0].txt - [10094 B] - [2017/6/5 19:6:7]
C:/AdwCleaner/AdwCleaner[S1].txt - [2635 B] - [2018/3/21 19:19:15]
C:/AdwCleaner/AdwCleaner[S2].txt - [2448 B] - [2018/3/23 19:59:10]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

23 mars, 2018

Enligt Esets skanner kan du ta bort denna mapp (om den finns kvar): C:\Program (x86)\Lavasoft\

Men det verkar inte finnas några skadliga filer i datorn.

24 mars, 2018

Tack.

fungerar skärmsläckare m.m

Det som fortfarande inte fungerar är wifi mot router. Men det har varit med längre än så.

Måste ha nätverkskable i. Tar jag datorn mot en annan router så fungerar wifi, och tar jag en annan dator mot min router fungerar det men alltså ej mellan min dator och min router.

24 mars, 2018

Föreslår att du ställer en fråga om det i nätverksforumet: https://eforum.idg.se/forum/36-nätverket-programvara/

1. Dubbelklicka på AdwCleaner för att starta programmet.
Klicka på File -> Uninstall.

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://www.geekstogo.com/forum/files/file/403-otc-oldtimers-clean-it/
Dubbelklicka på filen för att starta programmet.
Tryck på knappen CleanUp! och FRST kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.

24 mars, 2018

Tackar.

Infekterad dator

Rekommendera Poster

fronta

Länk till kommentar

Dela på andra webbplatser

fronta

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

fronta

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

fronta

Länk till kommentar

Dela på andra webbplatser

fronta

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

fronta

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

fronta

Länk till kommentar

Dela på andra webbplatser

fronta

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

fronta

Länk till kommentar

Dela på andra webbplatser

fronta

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

fronta

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

fronta

Länk till kommentar

Dela på andra webbplatser

Cecilia

Länk till kommentar

Dela på andra webbplatser

fronta

Länk till kommentar

Dela på andra webbplatser

Arkiverat

Vem är online 0 Medlemmar, 0 anonym, 28 gäster (Visa hela listan)

Populära medlemmar

Publika meddelanden

Senaste som Tittar

Senaste inlägg

Forum

Aktivitet

pcforalla.se