Type-R

Medlemmer
  • Innholdsteller

    159
  • Ble med

  • Besøkte siden sist


Nettsamfunnsomdømme

0 ProPoeng

Om Type-R

  • Rang
    Junior

Type-R sin aktivitet

  1. Type-R la til et innlegg i et emne [LØST] Alvorlig feil på PC etter oppstart - Windows 10   

    Hjertelig takk for hjelp. Avinstallerte Avast (og installerte AVG) og vips: problemet var løst. :-)
    • 0
  2. Type-R la til et emne i PC-hjelp   

    [LØST] Alvorlig feil på PC etter oppstart - Windows 10
    Jeg har en PC med Windows 10 som plutselig ikke virker. Hver gang jeg slår den på så får jeg beskjed om at det er en alvorlig feil, og at startmeny og cortana ikke virker (se vedlagt bilde). Jeg får ikke startet noen programmer, og det eneste alternativet som kommer opp er å logge av for å se om maskinen greier å reparere feilen selv (noe den ikke klarer).
    Noen som vet hva som evt kan gjøres?

    • 3 svar
    • visninger
  3. Type-R la til et innlegg i et emne Infisert pc - logg til analyse   

    Takk for svar. Jeg har funnet ut at Opera fungerer såpass bra slik jeg ser det at jeg bare dropper Firefox på denne maskinen.
    Nå har jeg resettet innstillingene på IE. Burde jeg også gjøre det på Microsoft Edge, som også er installert på maskinen?
    Her er ny Malwarebytes-logg:
    Malwarebytes Anti-Malware
    www.malwarebytes.org
    Skannedato: 10.10.2015
    Skannetid: 10.16
    Loggfil: 
    Administrator: Ja
    Versjon: 2.1.8.1057
    Malwaredatabase: v2015.10.10.01
    Rootkitdatabase: v2015.10.06.01
    Lisens: Gratis
    Malwarebeskyttelse: Deaktivert
    Ondsinnet Nettsidebeskyttelse: Deaktivert
    Selvbeskyttelse: Deaktivert
    OS: Windows 10
    CPU: x64
    Filsystem: NTFS
    Bruker: Bjornar
    Skannetype: Trusselskann
    Resultat: Fullført
    Objekter skannet: 376126
    Tid brukt: 10 min, 6 sek
    Minne: Aktivert
    Oppstart: Aktivert
    Filsystem: Aktivert
    Arkiv: Aktivert
    Rootkits: Deaktivert
    Heuristikk: Aktivert
    PUP: Aktivert
    PUM: Aktivert
    Prosesser: 0
    (Ingen ondsinnede elementer funnet)
    Moduler: 0
    (Ingen ondsinnede elementer funnet)
    Registernøkler: 0
    (Ingen ondsinnede elementer funnet)
    Registerverdier: 0
    (Ingen ondsinnede elementer funnet)
    Registerdata: 0
    (Ingen ondsinnede elementer funnet)
    Mapper: 0
    (Ingen ondsinnede elementer funnet)
    Filer: 0
    (Ingen ondsinnede elementer funnet)
    Fysiske sektorer: 0
    (Ingen ondsinnede elementer funnet)

    (end)
     
    Her er AdwCleaner-loggen:
     
    # AdwCleaner v5.013 - Logfile created 10/10/2015 at 10:47:55
    # Updated 09/10/2015 by Xplode
    # Database : 2015-10-09.3 [Server]
    # Operating system : Windows 10 Home  (x64)
    # Username : Bjornar - BJØRNAR
    # Running from : C:\Users\Bjornar\Downloads\adwcleaner_5.013.exe
    # Option : Cleaning
    # Support : http://toolslib.net/forum
    ***** [ Services ] *****

    ***** [ Folders ] *****

    ***** [ Files ] *****

    ***** [ DLLs ] *****

    ***** [ Shortcuts ] *****

    ***** [ Scheduled tasks ] *****

    ***** [ Registry ] *****

    ***** [ Web browsers ] *****

    *************************
    :: Winsock settings cleared
    ########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [637 bytes] ##########
    • 0
  4. Type-R la til et emne i Logger til analyse   

    Infisert pc - logg til analyse
    Jeg har en HP Envy Touch som har vært infisert tidligere. Jeg fikk renset den, men Mozilla Firefox var spesielt infisert. Da jeg nå forsøkte å reinstallere Firefox kom alt tilbake. Nå har jeg fjernet Firefox igjen, men ønsker å sjekke om alt er borte. Her er logg fra Malwarebytes:
    Malwarebytes Anti-Malware
    www.malwarebytes.org
    Skannedato: 02.10.2015
    Skannetid: 22.12
    Loggfil: 
    Administrator: Ja
    Versjon: 2.1.8.1057
    Malwaredatabase: v2015.10.02.07
    Rootkitdatabase: v2015.10.02.01
    Lisens: Gratis
    Malwarebeskyttelse: Deaktivert
    Ondsinnet Nettsidebeskyttelse: Deaktivert
    Selvbeskyttelse: Deaktivert
    OS: Windows 10
    CPU: x64
    Filsystem: NTFS
    Bruker: Bjornar
    Skannetype: Trusselskann
    Resultat: Fullført
    Objekter skannet: 374514
    Tid brukt: 10 min, 0 sek
    Minne: Aktivert
    Oppstart: Aktivert
    Filsystem: Aktivert
    Arkiv: Aktivert
    Rootkits: Deaktivert
    Heuristikk: Aktivert
    PUP: Aktivert
    PUM: Aktivert
    Prosesser: 0
    (Ingen ondsinnede elementer funnet)
    Moduler: 0
    (Ingen ondsinnede elementer funnet)
    Registernøkler: 0
    (Ingen ondsinnede elementer funnet)
    Registerverdier: 0
    (Ingen ondsinnede elementer funnet)
    Registerdata: 0
    (Ingen ondsinnede elementer funnet)
    Mapper: 0
    (Ingen ondsinnede elementer funnet)
    Filer: 2
    PUP.Optional.Yontoo, C:\Users\Bjornar\AppData\Roaming\Mozilla\Firefox\Profiles\fl40ajxs.default\prefs.js, God: (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Dårlig: (browser.startup.homepage", "http://searchinterneat-a.akamaihd.net), Erstattet,[9a957dd5305b91a5025012b131d4af51]
    PUP.Optional.BDYahoo, C:\Users\Bjornar\AppData\Roaming\Mozilla\Firefox\Profiles\fl40ajxs.default\searchplugins\default.xml, Karantene, [4be43a1815767eb8a0bddde41de8e917], 
    Fysiske sektorer: 0
    (Ingen ondsinnede elementer funnet)

    (end)
     
    Her er logg fra Adwcleaner:
     
    # AdwCleaner v5.009 - Logfile created 02/10/2015 at 22:32:14
    # Updated 27/09/2015 by Xplode
    # Database : 2015-09-30.1 [Server]
    # Operating system : Windows 10 Home  (x64)
    # Username : Bjornar - BJØRNAR
    # Running from : C:\Users\Bjornar\Downloads\adwcleaner_5.009.exe
    # Option : Cleaning
    # Support : http://toolslib.net/forum
    ***** [ Services ] *****

    ***** [ Folders ] *****

    ***** [ Files ] *****

    ***** [ Shortcuts ] *****

    ***** [ Scheduled tasks ] *****
    [-] Task Deleted : Adobe Flash Player Updater
    [-] Task Deleted : YCMServiceAgent
    ***** [ Registry ] *****

    ***** [ Web browsers ] *****

    *************************
    :: Winsock settings cleared
    ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [694 bytes] ##########
    • 4 svar
    • visninger
  5. Type-R la til et innlegg i et emne HP Pavillion - logg til analyse [LØST]   

    Så flott. Hjertelig takk for hjelpen. :-)
    • 0
  6. Type-R la til et innlegg i et emne HP Pavillion - logg til analyse [LØST]   

    Hei. Sånn ser det ut når jeg går inn på den fila du benevner. Ser det ok ut?
     
     

    • 0
  7. Type-R la til et innlegg i et emne HP Pavillion - logg til analyse [LØST]   

    Her er Hijackthis-loggen:
    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 01.33.15, on 20.09.2015
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.10240.16412)
    FIREFOX: 40.0.3 (x86 nb-NO)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
    C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
    C:\Users\Cesilie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
    C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
    C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Users\Cesilie\Downloads\HijackThis(1).exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.uk.msn.com/HPCON14/9
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
    O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
    O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
    O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
    O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    O4 - HKCU\..\Run: [OneDrive] "C:\Users\Cesilie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    O4 - HKCU\..\Run: [Power2GoExpress8] "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
    O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Cesilie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Cesilie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
    O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
    O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Dropbox-oppdatering-tjeneste (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: Dropbox-oppdatering-tjeneste (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
    O23 - Service: Google-oppdatering-tjenesten (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google-oppdatering-tjenesten (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    O23 - Service: @oem63.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
    O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
    O23 - Service: Intel(R) Technology Access Software Asset Manager (Intel(R) TA SAM) - Unknown owner - C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
    O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service:  HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\WINDOWS\SysWOW64\tbaseprovisioning.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    --
    End of file - 10970 bytes
     
    Nå har jeg forresten installert Windows 10 på pc'en siden jeg la ut de første loggene.
    • 0
  8. Type-R la til et emne i Logger til analyse   

    HP Pavillion - logg til analyse [LØST]
    En kamerat av meg har en HP Pavillion med en hel haug med malware på. Jeg har nå kjørt Ccleaner og Malwarebytes på den. Her er sistnevntes logg:
    Malwarebytes Anti-Malware
    www.malwarebytes.org
    Skannedato: 19.09.2015
    Skannetid: 16:30
    Loggfil:
    Administrator: Ja
    Versjon: 2.1.8.1057
    Malwaredatabase: v2015.09.19.03
    Rootkitdatabase: v2015.09.18.01
    Lisens: Gratis
    Malwarebeskyttelse: Deaktivert
    Ondsinnet Nettsidebeskyttelse: Deaktivert
    Selvbeskyttelse: Deaktivert
    OS: Windows 8.1
    CPU: x64
    Filsystem: NTFS
    Bruker: Cesilie
    Skannetype: Trusselskann
    Resultat: Fullført
    Objekter skannet: 349594
    Tid brukt: 25 min, 40 sek
    Minne: Aktivert
    Oppstart: Aktivert
    Filsystem: Aktivert
    Arkiv: Aktivert
    Rootkits: Deaktivert
    Heuristikk: Aktivert
    PUP: Aktivert
    PUM: Aktivert
    Prosesser: 2
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProSmartScan.exe, 4912, Slett ved restart, [8738949d1774171f19f9506e10f16997]
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProReminder.exe, 4848, Slett ved restart, [9a25ac85bad1b185ed252f8f27da1ce4]
    Moduler: 0
    (Ingen ondsinnede elementer funnet)
    Registernøkler: 31
    PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}, Karantene, [a51afb36eaa13cfa0e161d8b21e1c43c],
    PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}, Karantene, [a51afb36eaa13cfa0e161d8b21e1c43c],
    PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}, Karantene, [a51afb36eaa13cfa0e161d8b21e1c43c],
    PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, Karantene, [902f979a048790a6c360ccdceb17728e],
    PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, Karantene, [902f979a048790a6c360ccdceb17728e],
    PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Karantene, [f4cb8fa2d4b771c5ff285a4eda28eb15],
    PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Karantene, [f4cb8fa2d4b771c5ff285a4eda28eb15],
    PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Karantene, [ebd4b37e2269270ff99a79fccd374bb5],
    PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}, Karantene, [b906b67b424952e4c227289def151be5],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DNSMOHAWK, Slett ved restart, [744b8da48506270fc6baaad600040af6],
    PUP.Optional.OptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Optimizer Pro Schedule, Slett ved restart, [efd0949d6526072f38d51598e1235fa1],
    PUP.Optional.OptScan, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Optscan, Slett ved restart, [3c832f0213781c1a58cc2e7fd62ecf31],
    PUP.Optional.YahooSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Search, Slett ved restart, [bd02949dd7b46fc7e19ed5f1ac589c64],
    PUP.Optional.YahooSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Search Updater, Slett ved restart, [6659d0616c1f7db99ce3f0d62dd7e818],
    PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Karantene, [5867bc75cdbe6fc71ee035430df7f808],
    PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, Karantene, [d1ee40f1becdfe380a410d23cb38e917],
    PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{1146AC44-2F03-4431-B4FD-889BC837521F}, Karantene, [4f70dd5453383204852f3983719328d8],
    PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, Karantene, [655acd648902a88ec5f0704cb1534cb4],
    PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Karantene, [952a51e0652694a2256ecca9c93b08f8],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{cae99edb}, Karantene, [d3ec51e079123402fe03288205ffa65a],
    PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{c55a37db}, Karantene, [fec14fe2eba0de58b54cf7b3cd3742be],
    PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Karantene, [358a87aa305b6acc11ed354361a3ba46],
    PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Karantene, [c3fca88927649c9af2bec5f731d3bf41],
    PUP.Optional.SuperOptimizer, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Karantene, [e6d93cf5f29967cf6c44e2da21e3936d],
    PUP.Optional.WinYahoo, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Karantene, [f8c754dd7219e94dc52119ac05ff51af],
    PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Karantene, [358a131e0e7d4de940529bda2ed641bf],
    PUP.Optional.WinYahoo, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}, Karantene, [ad120c25ef9cfc3adb0bbf06ba4a629e],
    PUP.Optional.OptimizerPro, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\OPTIMIZER PRO, Karantene, [fac5c66bff8c5adc9874951804004fb1],
    PUP.Optional.ProductSetup, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\PRODUCTSETUP, Karantene, [d2edf839aedd30067c9902af966e5fa1],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E1527582-8509-4011-B922-29E3FB548882}_is1, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.OptimizerPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Optimizer Pro_is1, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    Registerverdier: 14
    PUP.Optional.OptimizerPro, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Optimizer Pro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe, Karantene, [338c72bf513a4de940d2338b2ed32fd1]
    PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, istartsurf, Karantene, [ebd4b37e2269270ff99a79fccd374bb5]
    PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|URL, http://no.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fKaranteneD4%26bKaranteneDIE%26ccKaranteneDno%26paKaranteneDWinYahoo%26cdKaranteneD2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtDzy0C0F0EtCzytG0A0D0C0CtGtDyCzy0EtG0ByDzzzztGtCzy0CyD0Azy0CyB0FyDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyByBzzzzyBzztGzy0AtA0EtGyEyDzyyCtGzz0A0CzytG0BtBtDyD0FyCtDyDtAtA0A0C2QtN0A0LzuyE%26crKaranteneD1346410106%26aKaranteneDwny_secureddownload_15_15%26osKaranteneDWindows 8.1&p={searchTerms}, [b906b67b424952e4c227289def151be5], %5
    PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|TopResultURLFallback, http://no.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fKaranteneD4%26bKaranteneDIE%26ccKaranteneDno%26paKaranteneDWinYahoo%26cdKaranteneD2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtDzy0C0F0EtCzytG0A0D0C0CtGtDyCzy0EtG0ByDzzzztGtCzy0CyD0Azy0CyB0FyDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyByBzzzzyBzztGzy0AtA0EtGyEyDzyyCtGzz0A0CzytG0BtBtDyD0FyCtDyDtAtA0A0C2QtN0A0LzuyE%26crKaranteneD1346410106%26aKaranteneDwny_secureddownload_15_15%26osKaranteneDWindows 8.1&p={searchTerms}, [d2ed88a9474455e1bf2a388d81838a76], %5
    PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Karantene, [5867bc75cdbe6fc71ee035430df7f808]
    PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, istartsurf, Karantene, [952a51e0652694a2256ecca9c93b08f8]
    PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Karantene, [358a87aa305b6acc11ed354361a3ba46]
    PUP.Optional.WinYahoo, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://no.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fKaranteneD4%26bKaranteneDIE%26ccKaranteneDno%26paKaranteneDWinYahoo%26cdKaranteneD2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyBtAtB0FyD0F0EtGtC0DzytAtG0F0B0A0CtG0CtDyByDtGyBtDtAyCtDyC0AtA0C0BtA0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0E0FtC0FtCzzzztGtB0DyDtDtGyE0CtCtCtG0B0DtDzztGyEzztB0D0C0DyCyCtB0AtBzz2QtN0A0LzuyE%26crKaranteneD1332559434%26aKaranteneDwny_secureddownload_15_15%26osKaranteneDWindows 8.1&p={searchTerms}, [f8c754dd7219e94dc52119ac05ff51af], %5
    PUP.Optional.WinYahoo, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, http://no.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fKaranteneD4%26bKaranteneDIE%26ccKaranteneDno%26paKaranteneDWinYahoo%26cdKaranteneD2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyBtAtB0FyD0F0EtGtC0DzytAtG0F0B0A0CtG0CtDyByDtGyBtDtAyCtDyC0AtA0C0BtA0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0E0FtC0FtCzzzztGtB0DyDtDtGyE0CtCtCtG0B0DtDzztGyEzztB0D0C0DyCyCtB0AtBzz2QtN0A0LzuyE%26crKaranteneD1332559434%26aKaranteneDwny_secureddownload_15_15%26osKaranteneDWindows 8.1&p={searchTerms}, [c1fe072acbc060d6a442daeb1be9857b], %5
    PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, istartsurf, Karantene, [358a131e0e7d4de940529bda2ed641bf]
    PUP.Optional.WinYahoo, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|URL, http://no.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fKaranteneD4%26bKaranteneDIE%26ccKaranteneDno%26paKaranteneDWinYahoo%26cdKaranteneD2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtDzy0C0F0EtCzytG0A0D0C0CtGtDyCzy0EtG0ByDzzzztGtCzy0CyD0Azy0CyB0FyDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyByBzzzzyBzztGzy0AtA0EtGyEyDzyyCtGzz0A0CzytG0BtBtDyD0FyCtDyDtAtA0A0C2QtN0A0LzuyE%26crKaranteneD1346410106%26aKaranteneDwny_secureddownload_15_15%26osKaranteneDWindows 8.1&p={searchTerms}, [ad120c25ef9cfc3adb0bbf06ba4a629e], %5
    PUP.Optional.WinYahoo, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|TopResultURLFallback, http://no.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fKaranteneD4%26bKaranteneDIE%26ccKaranteneDno%26paKaranteneDWinYahoo%26cdKaranteneD2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtDzy0C0F0EtCzytG0A0D0C0CtGtDyCzy0EtG0ByDzzzztGtCzy0CyD0Azy0CyB0FyDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyByBzzzzyBzztGzy0AtA0EtGyEyDzyyCtGzz0A0CzytG0BtBtDyD0FyCtDyDtAtA0A0C2QtN0A0LzuyE%26crKaranteneD1346410106%26aKaranteneDwny_secureddownload_15_15%26osKaranteneDWindows 8.1&p={searchTerms}, [4e71062bd7b40630a442a421c1435ea2], %5
    PUP.Optional.OptimizerPro, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\OPTIMIZER PRO|AdsBuyNowURL, http://www.safeshopgate.com/r?s=121002330&g=69AB089B-43EA-4E80-925C-E5E8694E40B9, Karantene, [fac5c66bff8c5adc9874951804004fb1]
    PUP.Optional.ProductSetup, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\PRODUCTSETUP|tb, 0P1S1S1F1D1B2W2O0M2W1D1F1F1G2O, Karantene, [d2edf839aedd30067c9902af966e5fa1]
    Registerdata: 3
    Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{21AC33AB-1630-4693-A8EF-8368E3045ACB}|NameServer, 199.203.131.150,82.163.143.168, God: (), Dårlig: (199.203.131.150,82.163.143.168),Erstattet,[edd20a275536f73f07d3e98bed182cd4]
    Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{C617D115-6518-4A0F-AF60-D335F092A201}|NameServer, 199.203.131.150,82.163.143.168, God: (), Dårlig: (199.203.131.150,82.163.143.168),Erstattet,[b00f0e23b3d896a0d00acda75da8837d]
    Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{E0429477-6149-442A-BFFD-11762A37AECA}|NameServer, 199.203.131.150,82.163.143.168, God: (), Dårlig: (199.203.131.150,82.163.143.168),Erstattet,[1ca379b83e4de452ce0ce3917a8bd12f]
    Mapper: 12
    PUP.Optional.MultiPlug.Gen, C:\ProgramData\582297959871069672, Karantene, [cff078b993f8191dce814a2e4db7db25],
    PUP.Optional.OptimizerPro, C:\Users\Cesilie\Documents\Optimizer Pro, Karantene, [2e9162cf2467b680da2c7736d1339b65],
    PUP.Optional.PCSpeedMaximizer, C:\Users\Cesilie\Documents\PC Speed Maximizer, Karantene, [efd0e24fcac13afc0611b3fb0bf920e0],
    PUP.Optional.SuperOptimizer, C:\ProgramData\{c4cc0ff0-8afe-8d70-c4cc-c0ff08af3fc2}, Karantene, [0fb061d0dbb0b482a2079824eb196898],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.OptimizerPro, C:\Users\Cesilie\AppData\Roaming\Optimizer Pro, Karantene, [b30c19181477979f58b01609a95a8080],
    PUP.Optional.OptimizerPro, C:\Users\Cesilie\AppData\Roaming\Optimizer Pro\Backup, Karantene, [b30c19181477979f58b01609a95a8080],
    PUP.Optional.OptimizerPro, C:\Users\Cesilie\AppData\Roaming\Optimizer Pro\Log, Karantene, [b30c19181477979f58b01609a95a8080],
    PUP.Optional.OptimizerPro, C:\Users\Cesilie\AppData\Roaming\Optimizer Pro\Undo, Karantene, [b30c19181477979f58b01609a95a8080],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99, Slett ved restart, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2, Karantene, [09b6d85994f758deed1e48d7cb384cb4],
    PUP.Optional.WinZipRegOp, C:\Program Files (x86)\WinZip Registry Optimizer, Karantene, [447b3100197256e08e84e7449c670000],
    Filer: 59
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProSmartScan.exe, Karantene, [8738949d1774171f19f9506e10f16997],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProReminder.exe, Slett ved restart, [9a25ac85bad1b185ed252f8f27da1ce4],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe, Karantene, [338c72bf513a4de940d2338b2ed32fd1],
    PUP.Optional.PullUpdate, C:\ProgramData\Browser\prompt.exe, Karantene, [6d52f9382368b87e860bf4ca9c65e719],
    PUP.Optional.PCOptimizerPro, C:\ProgramData\{c4cc0ff0-8afe-8d70-c4cc-c0ff08af3fc2}\hqghumeaylnlf.exe, Karantene, [79467cb54249d462139adcab9071c33d],
    PUP.Optional.DNSUnlocker, C:\Program Files (x86)\DNS Unlocker\ZonaTools.XPlorerBar.dll, Karantene, [9c2338f9d4b790a6b22efeb9b94845bb],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptimizerPro.exe, Karantene, [8e31b67b0586c076c052784680817f81],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProGuard.exe, Karantene, [942b062beba058de030f5d61827fa55b],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProSchedule.exe, Karantene, [c5fad85939527abc8c864a741ce55ba5],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProStart.exe, Karantene, [dee12809e6a577bfa76b12acb948c739],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProUninstaller.exe, Karantene, [11aedd546c1f67cfae64b00e2cd5e020],
    PUP.Optional.PCMechanic, C:\Users\Cesilie\Downloads\pcmechanicpm_6739804_.exe, Karantene, [269965cc5437f1454aaf980f46bb2ed2],
    PUP.Optional.MultiPlug.Gen, C:\ProgramData\582297959871069672\48f58318965d9ae3b37417a9f2c2e177.ini, Karantene, [cff078b993f8191dce814a2e4db7db25],
    PUP.Optional.MultiPlug.Gen, C:\ProgramData\582297959871069672\c3fe0a5e6ab33039b37417a9f2c2e177.ini, Karantene, [cff078b993f8191dce814a2e4db7db25],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Windows\System32\Tasks\DNSMOHAWK, Karantene, [2a9578b9c9c206302b51067a4bb9758b],
    PUP.Optional.OptimizerPro, C:\Users\Cesilie\Desktop\Optimizer Pro.lnk, Karantene, [407fc9681b7092a46b9af7b60afaa25e],
    PUP.Optional.OptimizerPro, C:\Users\Cesilie\Documents\Optimizer Pro\CookiesException.txt, Karantene, [2e9162cf2467b680da2c7736d1339b65],
    PUP.Optional.OptimizerPro, C:\Windows\System32\Tasks\Optimizer Pro Schedule, Karantene, [18a7181992f925115aadcde07a8a50b0],
    PUP.Optional.OptScan, C:\Windows\System32\Tasks\Optscan, Karantene, [c5fa062ba6e586b05ac8f6b7e1230cf4],
    PUP.Optional.OptScan, C:\Windows\Tasks\Optscan.job, Karantene, [932c69c8b2d9ec4a22011a93d3310ff1],
    PUP.Optional.PCSpeedMaximizer, C:\Users\Cesilie\Documents\PC Speed Maximizer\CookieExclusions.txt, Karantene, [efd0e24fcac13afc0611b3fb0bf920e0],
    PUP.Optional.SuperOptimizer, C:\ProgramData\{c4cc0ff0-8afe-8d70-c4cc-c0ff08af3fc2}\hqghumeaylnlf.dat, Karantene, [0fb061d0dbb0b482a2079824eb196898],
    PUP.Optional.SuperOptimizer, C:\ProgramData\{c4cc0ff0-8afe-8d70-c4cc-c0ff08af3fc2}\d6c3ac0808e4f349, Karantene, [0fb061d0dbb0b482a2079824eb196898],
    PUP.Optional.SuperOptimizer, C:\ProgramData\{c4cc0ff0-8afe-8d70-c4cc-c0ff08af3fc2}\e1637af1f194f819, Karantene, [0fb061d0dbb0b482a2079824eb196898],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\config.ini, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\ConsoleApplication1.dll, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\DNSMOHAWK.cer, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\Info.rtf, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\License.rtf, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\LogoBlack.ico, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\LogoGreen.ico, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\LogoYellow.ico, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\Microsoft.Win32.TaskScheduler.dll, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\settings.ini, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\unins000.dat, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\unins000.exe, Karantene, [a01f4ee390fbb3838dee966cd132867a],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\bg_new3.bmp, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\bg_new4.bmp, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\cancel.bmp, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\CookiesException.txt, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\file_id.diz, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\HomePage.url, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\itdownload.dll, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\Norwegian.ini, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptimizerPro.chm, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProHelper.dll, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\SafeCheckout.exe, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\scan.gif, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\sqlite3.dll, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\StartupList.txt, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\unins000.dat, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\unins000.exe, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\unins000.msg, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
    PUP.Optional.OptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Avinstaller Optimizer Pro.lnk, Karantene, [09b6d85994f758deed1e48d7cb384cb4],
    PUP.Optional.OptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Hjelp.lnk, Karantene, [09b6d85994f758deed1e48d7cb384cb4],
    PUP.Optional.OptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Kontroler oppdateringene.lnk, Karantene, [09b6d85994f758deed1e48d7cb384cb4],
    PUP.Optional.OptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Optimizer Pro på nettet.lnk, Karantene, [09b6d85994f758deed1e48d7cb384cb4],
    PUP.Optional.OptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Optimizer Pro.lnk, Karantene, [09b6d85994f758deed1e48d7cb384cb4],
    PUP.Optional.WinYahoo, C:\Users\Cesilie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, God: ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Dårlig: ("session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"startup_urls":["http://no.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fErstattet,[823d59d84843290dac86d9d67d888e72]D7%26bErstattet,[823d59d84843290dac86d9d67d888e72]DChrome%26ccErstattet,[823d59d84843290dac86d9d67d888e72]Dno%26paErstattet,[823d59d84843290dac86d9d67d888e72]DWinYahoo%26cdErstattet,[823d59d84843290dac86d9d67d888e72]D2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyBtAtB0FyD0F0EtGtC0DzytAtG0F0B0A0CtG0CtDyByDtGyBtDtAyCtDyC0AtA0C0BtA0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0E0FtC0FtCzzzztGtB0DyDtDtGyE0CtCtCtG0B0DtDzztGyEzztB0D0C0DyCyCtB0AtBzz2QtN0A0LzuyE%26crErstattet,[823d59d84843290dac86d9d67d888e72]D1332559434%26aErstattet,[823d59d84843290dac86d9d67d888e72]Dwny_secureddownload_15_15%26osErstattet,[823d59d84843290dac86d9d67d888e72]DWindows 8.1","http://no.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fErstattet,[823d59d84843290dac86d9d67d888e72]D7%26bErstattet,[823d59d84843290dac86d9d67d888e72]DChrome%26ccErstattet,[823d59d84843290dac86d9d67d888e72]Dno%26paErstattet,[823d59d84843290dac86d9d67d888e72]DWinYahoo%26cdErstattet,[823d59d84843290dac86d9d67d888e72]D2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtCtD0AtAtA0AyBtGyE0AtB0AtGyC0E0B0AtGtB0AtB0DtGyBtCyByC0CzyyByD0EyD0CyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0E0EzyyC0B0F0FtG0Fzz0E0FtGyEyBtByDtGzy0EyDyBtG0F0FtByEzzyD0A0AyByC0D0F2QtN0A0LzuyE%26crErstattet,[823d59d84843290dac86d9d67d888e72]D1537161284%26aErstattet,[823d59d84843290dac86d9d67d888e72]Dwny_secureddownload_15_15%26osErstattet,[823d59d84843290dac86d9d67d888e72]DWindows 8.1","http://no.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fErstattet,[823d59d84843290dac86d9d67d888e72]D7%26bErstattet,[823d59d84843290dac86d9d67d888e72]DChrome%26ccErstattet,[823d59d84843290dac86d9d67d888e72]Dno%26paErstattet,[823d59d84843290dac86d9d67d888e72]DWinYahoo%26cdErstattet,[823d59d84843290dac86d9d67d888e72]D2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtDzy0C0F0EtCzytG0A0D0C0CtGtDyCzy0EtG0ByDzzzztGtCzy0CyD0Azy0CyB0FyDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyByBzzzzyBzztGzy0AtA0EtGyEyDzyyCtGzz0A0CzytG0BtBtDyD0FyCtDyDtAtA0A0C2QtN0A0LzuyE%26crErstattet,[823d59d84843290dac86d9d67d888e72]D1346410106%26aErstattet,[823d59d84843290dac86d9d67d888e72]Dwny_secureddownload_15_15%26osErstattet,[823d59d84843290dac86d9d67d888e72]DWindows 8.1","http://no.search.yahoo.com/?fr=hp-ddc-bd&type=578_pr__alt__ddc_dsssyc_bd_com"],"urls_to_restore_on_startup":["http://no.search.yahoo.com/?fr=hp-ddc-bd&type=578_pr__alt__ddc_dsssyc_bd_com"]},"sync":{"remaining_rollback_tries":0}}), %5
    Fysiske sektorer: 0
    (Ingen ondsinnede elementer funnet)

    (end)
     
    I tillegg er det en protection log:
     
    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Error, 19.09.2015 16:09, SYSTEM, PC, Protection, IsLicensed, 13,
    Protection, 19.09.2015 16:09, SYSTEM, PC, Protection, Malware Protection, Stopping,
    Protection, 19.09.2015 16:09, SYSTEM, PC, Protection, Malware Protection, Stopped,
    Update, 19.09.2015 16:28, SYSTEM, PC, Manual, Remediation Database, 2015.5.13.1, 2015.9.16.1,
    Update, 19.09.2015 16:28, SYSTEM, PC, Manual, IP Database, 0.0.0.0, 2015.9.18.2,
    Update, 19.09.2015 16:28, SYSTEM, PC, Manual, Rootkit Database, 2015.5.16.1, 2015.9.18.1,
    Update, 19.09.2015 16:28, SYSTEM, PC, Manual, Domain Database, 0.0.0.0, 2015.9.19.1,
    Update, 19.09.2015 16:28, SYSTEM, PC, Manual, Malware Database, 2015.5.18.5, 2015.9.19.3,
    Update, 19.09.2015 16:28, SYSTEM, PC, Manual, program, 2.1.6.1022, 2.1.8.0,
    Error, 19.09.2015 16:30, SYSTEM, PC, Update, Bad md5 or size: akadomains, 11,
    Error, 19.09.2015 16:30, SYSTEM, PC, Update, Bad md5 or size: akaips, 11,
    Update, 19.09.2015 16:30, SYSTEM, PC, Manual, Remediation Database, 2015.5.13.1, 2015.9.16.1,
    Update, 19.09.2015 16:30, SYSTEM, PC, Manual, AKA IP Database, 0.0.0.0, 2015.9.11.2,
    Update, 19.09.2015 16:30, SYSTEM, PC, Manual, AKA Domain Database, 0.0.0.0, 2015.9.11.2,
    Update, 19.09.2015 16:30, SYSTEM, PC, Manual, IP Database, 0.0.0.0, 2015.9.18.2,
    Update, 19.09.2015 16:30, SYSTEM, PC, Manual, Domain Database, 0.0.0.0, 2015.9.19.1,
    Update, 19.09.2015 16:30, SYSTEM, PC, Manual, Rootkit Database, 2015.6.2.1, 2015.9.18.1,
    Update, 19.09.2015 16:30, SYSTEM, PC, Manual, Malware Database, 2015.6.3.3, 2015.9.19.3,
    Error, 19.09.2015 16:30, SYSTEM, PC, Update, Bad md5 or size: domains, 11,
    Error, 19.09.2015 16:30, SYSTEM, PC, Update, Bad md5 or size: ips, 11,
    Error, 19.09.2015 16:30, SYSTEM, PC, Update, Bad md5 or size: akadomains, 11,
    Update, 19.09.2015 16:30, SYSTEM, PC, Manual, AKA Domain Database, 0.0.0.0, 2015.9.11.2,
    Update, 19.09.2015 16:30, SYSTEM, PC, Manual, IP Database, 0.0.0.0, 2015.9.18.2,
    Update, 19.09.2015 16:30, SYSTEM, PC, Manual, Domain Database, 0.0.0.0, 2015.9.19.1,
    Scan, 19.09.2015 16:58, SYSTEM, PC, Manual, Start: 19.09.2015 16:30, Varighet: 25 min 40 sek, Trusselskann, Fullført, 3 Malwareidentifiseringer, 118 PUP/PUM-identifiseringer,
    Error, 19.09.2015 16:59, SYSTEM, PC, Protection, IsLicensed, 13,
    Protection, 19.09.2015 16:59, SYSTEM, PC, Protection, Malware Protection, Stopping,
    Protection, 19.09.2015 16:59, SYSTEM, PC, Protection, Malware Protection, Stopped,
    (end)
     
    Her er logg fra AdwCleaner:
    # AdwCleaner v5.008 - Logfile created 19/09/2015 at 17:14:41
    # Updated 18/09/2015 by Xplode
    # Database : 2015-09-17.3 [Server]
    # Operating system : Windows 8.1  (x64)
    # Username : Cesilie - PC
    # Running from : C:\Users\Cesilie\Downloads\adwcleaner_5.008.exe
    # Option : Cleaning
    # Support : http://toolslib.net/forum
    ***** [ Services ] *****

    ***** [ Folders ] *****
    [-] Folder Deleted : C:\TVWizard
    [-] Folder Deleted : C:\Program Files (x86)\speed browser
    [-] Folder Deleted : C:\ProgramData\Browser
    [-] Folder Deleted : C:\ProgramData\db671674000056aa
    [-] Folder Deleted : C:\ProgramData\{C19CA186-4F06-4E22-A1E6-6BAB4723A0DE}
    [-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
    [-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser
    [-] Folder Deleted : C:\Users\Cesilie\AppData\Local\speed browser
    [-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\speed browser
    ***** [ Files ] *****
    [-] File Deleted : C:\Users\Cesilie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speed browser.lnk
    [-] File Deleted : C:\Windows\Sysnative\roboot64.exe
    ***** [ Shortcuts ] *****

    ***** [ Scheduled tasks ] *****
    [-] Task Deleted : LaunchApp
    ***** [ Registry ] *****
    [-] Key Deleted : HKCU\Software\Classes\pokki
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.Adler
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibCodec
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibException
    [-] Key Deleted : HKLM\SOFTWARE\Classes\MPCBContextMenu.ContextMenu
    [-] Key Deleted : HKLM\SOFTWARE\Classes\MPCBContextMenu.IconGenerator
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Logger
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{3B96B73A-292C-31BF-A2D3-34DF54CBDB55}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{07430FF5-B7A6-3D5A-9F9B-2D7C57183B3B}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{0B764022-3741-345E-AB39-0A2A8577C5E0}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{A865D884-9B93-377B-A24D-12BF02DFF6D3}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{B0EBAFE9-ED42-34D1-B7D7-CBBE39A467CF}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{DE64992E-A184-3DA6-927A-DA3906A77D7B}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{F489A9AA-4924-32DF-AB6C-6EEE3A3C0A99}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{F5C7BCD8-0F63-34D0-BA9C-906545CD4020}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Crc.CRC32
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadCrcException
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadPasswordException
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadReadException
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadStateException
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ComHelper
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ReadOptions
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.SelfExtractorSaveOptions
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.SfxGenerationException
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipEntry
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipException
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipFile
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\MPCBContextMenu
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.Cookie
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.CookieCollection
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.CookieException
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.hxxpListener
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.hxxpListenerException
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.hxxpVersion
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.WebHeaderCollection
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Server.hxxpServer
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Server.WebSocketServer
    [-] Key Deleted : HKCU\Software\Classes\PepperZip
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\browser.exe
    [-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\speed browser
    [-] Key Deleted : HKLM\SOFTWARE\Classes\BrowserHTM
    [-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [BrowserHTM]
    [-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [BrowserHTM]
    [-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [BrowserHTM]
    [-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgIDs [BrowserHTM]
    [-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgIDs [BrowserHTM]
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}
    [-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
    [-] Key Deleted : HKLM\SOFTWARE\81612aa5-2db3-7fca-af82-821669248f50
    [-] Key Deleted : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{270BE80F-7D12-3199-A5A6-C26956DC9B85}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{284BB344-E9D0-39E1-B44B-6D98A16E9B71}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{36906F02-A2B9-3047-9D5C-E05AF3E469E5}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{420E2C2E-80D9-3012-A43C-42241FB36D42}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{93ABB6F7-F27A-3431-88ED-6939B451FF0D}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AFF295ED-76F5-3BAC-81AE-74CD223F2F5C}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{B59B2B9A-B0FD-32F2-AA3A-927ADA01CD81}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E89856E4-1085-3BDF-87AA-8A81E422767E}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00004}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00005}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00006}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00007}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00008}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00009}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000A}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000B}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000C}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000D}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000E}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000F}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F03955F1-309E-34E9-A021-1399C3532273}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F8739A44-6C91-39E8-AA09-45DEF03E6C4C}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{18A88C48-BC7B-35B3-BD38-74DED875FB28}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
    [-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
    [-] Key Deleted : HKU\.DEFAULT\Software\Browser
    [-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    [-] Key Deleted : HKCU\Software\APN PIP
    [-] Key Deleted : HKCU\Software\SecuredDownload
    [-] Key Deleted : HKCU\Software\simplytech
    [-] Key Deleted : HKCU\Software\Linkey
    [-] Key Deleted : HKCU\Software\Corez
    [-] Key Deleted : HKCU\Software\Kromtech
    [-] Key Deleted : HKCU\Software\Browser
    [-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    [-] Key Deleted : HKCU\Software\AppDataLow\Software\SpeedChecker
    [-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    [-] Key Deleted : HKLM\SOFTWARE\Conduit
    [-] Key Deleted : HKLM\SOFTWARE\SearchProtect
    [-] Key Deleted : HKLM\SOFTWARE\SupDp
    [-] Key Deleted : HKLM\SOFTWARE\SpeedBrowser
    [-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
    [-] Key Deleted : HKLM\SOFTWARE\SpeedBit
    [-] Key Deleted : HKLM\SOFTWARE\AIM Toolbar
    [-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
    [!] Key Not Deleted : [x64] HKCU\Software\APN PIP
    [!] Key Not Deleted : [x64] HKCU\Software\SecuredDownload
    [!] Key Not Deleted : [x64] HKCU\Software\simplytech
    [!] Key Not Deleted : [x64] HKCU\Software\Linkey
    [!] Key Not Deleted : [x64] HKCU\Software\Corez
    [!] Key Not Deleted : [x64] HKCU\Software\Kromtech
    [!] Key Not Deleted : [x64] HKCU\Software\Browser
    [!] Key Not Deleted : HKU\S-1-5-21-4276930362-3749895216-682160067-1002\Software\AppDataLow\Software\SpeedChecker
    ***** [ Web browsers ] *****
    [-] [C:\Users\Cesilie\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : istartsurf.com
    [-] [C:\Users\Cesilie\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search provided by yahoo.com
    [-] [C:\Users\Cesilie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://no.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=f%3D1%26b%3DChrome%26cc%3Dno%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyBtAtB0FyD0F0EtGtC0DzytAtG0F0B0A0CtG0CtDyByDtGyBtDtAyCtDyC0AtA0C0BtA0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0E0FtC0FtCzzzztGtB0DyDtDtGyE0CtCtCtG0B0DtDzztGyEzztB0D0C0DyCyCtB0AtBzz2QtN0A0LzuyE%26cr%3D1332559434%26a%3Dwny_secureddownload_15_15%26os%3DWindows 8.1
    *************************
    :: Winsock settings cleared
    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [11969 bytes] ##########
     
    Hvordan ser det ut?
    • 6 svar
    • visninger
  9. Type-R la til et innlegg i et emne Infisert pc   

    "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
    På egenskaper får jeg følgende opp. Men når jeg åpner filplasseringen så heter det som ser ut som Google Chrome, Warthunder.
    Nå prøver jeg å avinstallere programmet, og så installere det på nytt.
     
     
    Og nå som jeg avinstallerte og installerte på nytt, så het programmet fremdeles Warthunder.
    Nå har jeg åpnet filplasseringen og endret navnet til Google Chrome manuelt. Men det var litt rart dette...?
    • 0
  10. Type-R la til et innlegg i et emne Infisert pc   

    Nei, det har jeg aldri gjort. Visste ikke hva det var engang. Ut fra loggene fra Adware ovenfor kan det jo også se ut som om en del av malwarene som jeg fikk var knyttet til Warthunder (eller det som ga seg ut for å være warthunder), gjorde det ikke?
    • 0
  11. Type-R la til et innlegg i et emne Infisert pc   

    Flott. Hjertelig takk for svar. Det var bra å høre at det ser bra ut. :-)
    Chromecast ser riktig ut, men er det ikke litt rart at i ikonet for Google Chrome (som naturlig nok også kommer opp mens jeg driver og skriver inn Chromecast i søkefeltet) så står det "Warthunder" i stedet for Google Chrome (se bildet ovenfor)? På skrivebordet står det Google Chrome, men altså ikke der.
    • 0
  12. Type-R la til et innlegg i et emne Infisert pc   

    Er det ikke lenger noen på forumet som leser logger og eventuelt sier i fra om hvordan det ser ut? Det hadde vært veldig kjekt å få vite om det ser ok ut nå, spesielt ettersom jeg får opp dette merkelige Google chrome-lignende Warthunder-ikonet når jeg internt på datamaskinen søker etter Chromecast. Skal det være slik?
    • 0
  13. Type-R la til et innlegg i et emne Lite aktivitet?   

    He he. Ja, det med den gule flekken på himmelen som plutselig åpenbarte seg gjør selvsagt slik at det er mange andre ting enn å sitte foran datamaskinen som blir forlokkende.
    • 0
  14. Type-R la til et innlegg i et emne Infisert pc   

    Her er loggen fra AdwCleaner (den fant visst en del fra både firefox og de derre warthunder-greiene):
    # AdwCleaner v5.003 - Logfile created 20/08/2015 at 22:24:33
    # Updated 20/08/2015 by Xplode
    # Database : 2015-08-20.1 [Server]
    # Operating system : Windows 10 Home  (x64)
    # Username : Bjornar - BJØRNAR
    # Running from : C:\Users\Bjornar\Downloads\adwcleaner_5.003.exe
    # Option : Cleaning ***** [ Services ] ***** 
    ***** [ Folders ] ***** [-] Folder Deleted : C:\ProgramData\apn ***** [ Files ] ***** [-] File Deleted : C:\Users\Bjornar\AppData\Roaming\Mozilla\Firefox\Profiles\fl40ajxs.default\user.js ***** [ Shortcuts ] ***** [-] Shortcut Disinfected : C:\Users\Bjornar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
    [-] Shortcut Disinfected : C:\Users\Bjornar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk ***** [ Scheduled tasks ] ***** 
    ***** [ Registry ] ***** [-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
    [-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF ***** [ Web browsers ] ***** [-] [C:\Users\Bjornar\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : ************************* :: Proxy settings cleared
    :: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1713 bytes] ##########
    • 0
  15. Type-R la til et innlegg i et emne Lite aktivitet?   

    Supert. Jeg må få understreke at jeg synes det er helt fantastisk at dere her på forumet gir så mye bistand til oss mindre databegavede. Så jeg håper forumet vil bestå i lang tid framover. :-)
    • 0