HP Pavillion - logg til analyse [LØST]


7 innlegg i emnet

Skrevet (endret)

En kamerat av meg har en HP Pavillion med en hel haug med malware på. Jeg har nå kjørt Ccleaner og Malwarebytes på den. Her er sistnevntes logg:

Malwarebytes Anti-Malware
www.malwarebytes.org

Skannedato: 19.09.2015
Skannetid: 16:30
Loggfil:
Administrator: Ja

Versjon: 2.1.8.1057
Malwaredatabase: v2015.09.19.03
Rootkitdatabase: v2015.09.18.01
Lisens: Gratis
Malwarebeskyttelse: Deaktivert
Ondsinnet Nettsidebeskyttelse: Deaktivert
Selvbeskyttelse: Deaktivert

OS: Windows 8.1
CPU: x64
Filsystem: NTFS
Bruker: Cesilie

Skannetype: Trusselskann
Resultat: Fullført
Objekter skannet: 349594
Tid brukt: 25 min, 40 sek

Minne: Aktivert
Oppstart: Aktivert
Filsystem: Aktivert
Arkiv: Aktivert
Rootkits: Deaktivert
Heuristikk: Aktivert
PUP: Aktivert
PUM: Aktivert

Prosesser: 2
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProSmartScan.exe, 4912, Slett ved restart, [8738949d1774171f19f9506e10f16997]
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProReminder.exe, 4848, Slett ved restart, [9a25ac85bad1b185ed252f8f27da1ce4]

Moduler: 0
(Ingen ondsinnede elementer funnet)

Registernøkler: 31
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}, Karantene, [a51afb36eaa13cfa0e161d8b21e1c43c],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}, Karantene, [a51afb36eaa13cfa0e161d8b21e1c43c],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}, Karantene, [a51afb36eaa13cfa0e161d8b21e1c43c],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, Karantene, [902f979a048790a6c360ccdceb17728e],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, Karantene, [902f979a048790a6c360ccdceb17728e],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Karantene, [f4cb8fa2d4b771c5ff285a4eda28eb15],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Karantene, [f4cb8fa2d4b771c5ff285a4eda28eb15],
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Karantene, [ebd4b37e2269270ff99a79fccd374bb5],
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}, Karantene, [b906b67b424952e4c227289def151be5],
PUP.Optional.DNSUnlocker.BrwsrFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DNSMOHAWK, Slett ved restart, [744b8da48506270fc6baaad600040af6],
PUP.Optional.OptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Optimizer Pro Schedule, Slett ved restart, [efd0949d6526072f38d51598e1235fa1],
PUP.Optional.OptScan, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Optscan, Slett ved restart, [3c832f0213781c1a58cc2e7fd62ecf31],
PUP.Optional.YahooSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Search, Slett ved restart, [bd02949dd7b46fc7e19ed5f1ac589c64],
PUP.Optional.YahooSearch, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Search Updater, Slett ved restart, [6659d0616c1f7db99ce3f0d62dd7e818],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, Karantene, [5867bc75cdbe6fc71ee035430df7f808],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, Karantene, [d1ee40f1becdfe380a410d23cb38e917],
PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{1146AC44-2F03-4431-B4FD-889BC837521F}, Karantene, [4f70dd5453383204852f3983719328d8],
PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, Karantene, [655acd648902a88ec5f0704cb1534cb4],
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Karantene, [952a51e0652694a2256ecca9c93b08f8],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{cae99edb}, Karantene, [d3ec51e079123402fe03288205ffa65a],
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{c55a37db}, Karantene, [fec14fe2eba0de58b54cf7b3cd3742be],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, Karantene, [358a87aa305b6acc11ed354361a3ba46],
PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Karantene, [c3fca88927649c9af2bec5f731d3bf41],
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Karantene, [e6d93cf5f29967cf6c44e2da21e3936d],
PUP.Optional.WinYahoo, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Karantene, [f8c754dd7219e94dc52119ac05ff51af],
PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Karantene, [358a131e0e7d4de940529bda2ed641bf],
PUP.Optional.WinYahoo, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}, Karantene, [ad120c25ef9cfc3adb0bbf06ba4a629e],
PUP.Optional.OptimizerPro, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\OPTIMIZER PRO, Karantene, [fac5c66bff8c5adc9874951804004fb1],
PUP.Optional.ProductSetup, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\PRODUCTSETUP, Karantene, [d2edf839aedd30067c9902af966e5fa1],
PUP.Optional.DNSUnlocker.BrwsrFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E1527582-8509-4011-B922-29E3FB548882}_is1, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.OptimizerPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Optimizer Pro_is1, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],

Registerverdier: 14
PUP.Optional.OptimizerPro, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Optimizer Pro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe, Karantene, [338c72bf513a4de940d2338b2ed32fd1]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, istartsurf, Karantene, [ebd4b37e2269270ff99a79fccd374bb5]
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|URL, http://no.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fKaranteneD4%26bKaranteneDIE%26ccKaranteneDno%26paKaranteneDWinYahoo%26cdKaranteneD2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtDzy0C0F0EtCzytG0A0D0C0CtGtDyCzy0EtG0ByDzzzztGtCzy0CyD0Azy0CyB0FyDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyByBzzzzyBzztGzy0AtA0EtGyEyDzyyCtGzz0A0CzytG0BtBtDyD0FyCtDyDtAtA0A0C2QtN0A0LzuyE%26crKaranteneD1346410106%26aKaranteneDwny_secureddownload_15_15%26osKaranteneDWindows 8.1&p={searchTerms}, [b906b67b424952e4c227289def151be5], %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|TopResultURLFallback, http://no.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fKaranteneD4%26bKaranteneDIE%26ccKaranteneDno%26paKaranteneDWinYahoo%26cdKaranteneD2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtDzy0C0F0EtCzytG0A0D0C0CtGtDyCzy0EtG0ByDzzzztGtCzy0CyD0Azy0CyB0FyDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyByBzzzzyBzztGzy0AtA0EtGyEyDzyyCtGzz0A0CzytG0BtBtDyD0FyCtDyDtAtA0A0C2QtN0A0LzuyE%26crKaranteneD1346410106%26aKaranteneDwny_secureddownload_15_15%26osKaranteneDWindows 8.1&p={searchTerms}, [d2ed88a9474455e1bf2a388d81838a76], %5
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Karantene, [5867bc75cdbe6fc71ee035430df7f808]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, istartsurf, Karantene, [952a51e0652694a2256ecca9c93b08f8]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, Karantene, [358a87aa305b6acc11ed354361a3ba46]
PUP.Optional.WinYahoo, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://no.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fKaranteneD4%26bKaranteneDIE%26ccKaranteneDno%26paKaranteneDWinYahoo%26cdKaranteneD2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyBtAtB0FyD0F0EtGtC0DzytAtG0F0B0A0CtG0CtDyByDtGyBtDtAyCtDyC0AtA0C0BtA0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0E0FtC0FtCzzzztGtB0DyDtDtGyE0CtCtCtG0B0DtDzztGyEzztB0D0C0DyCyCtB0AtBzz2QtN0A0LzuyE%26crKaranteneD1332559434%26aKaranteneDwny_secureddownload_15_15%26osKaranteneDWindows 8.1&p={searchTerms}, [f8c754dd7219e94dc52119ac05ff51af], %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, http://no.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fKaranteneD4%26bKaranteneDIE%26ccKaranteneDno%26paKaranteneDWinYahoo%26cdKaranteneD2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyBtAtB0FyD0F0EtGtC0DzytAtG0F0B0A0CtG0CtDyByDtGyBtDtAyCtDyC0AtA0C0BtA0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0E0FtC0FtCzzzztGtB0DyDtDtGyE0CtCtCtG0B0DtDzztGyEzztB0D0C0DyCyCtB0AtBzz2QtN0A0LzuyE%26crKaranteneD1332559434%26aKaranteneDwny_secureddownload_15_15%26osKaranteneDWindows 8.1&p={searchTerms}, [c1fe072acbc060d6a442daeb1be9857b], %5
PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, istartsurf, Karantene, [358a131e0e7d4de940529bda2ed641bf]
PUP.Optional.WinYahoo, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|URL, http://no.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fKaranteneD4%26bKaranteneDIE%26ccKaranteneDno%26paKaranteneDWinYahoo%26cdKaranteneD2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtDzy0C0F0EtCzytG0A0D0C0CtGtDyCzy0EtG0ByDzzzztGtCzy0CyD0Azy0CyB0FyDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyByBzzzzyBzztGzy0AtA0EtGyEyDzyyCtGzz0A0CzytG0BtBtDyD0FyCtDyDtAtA0A0C2QtN0A0LzuyE%26crKaranteneD1346410106%26aKaranteneDwny_secureddownload_15_15%26osKaranteneDWindows 8.1&p={searchTerms}, [ad120c25ef9cfc3adb0bbf06ba4a629e], %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|TopResultURLFallback, http://no.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fKaranteneD4%26bKaranteneDIE%26ccKaranteneDno%26paKaranteneDWinYahoo%26cdKaranteneD2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtDzy0C0F0EtCzytG0A0D0C0CtGtDyCzy0EtG0ByDzzzztGtCzy0CyD0Azy0CyB0FyDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyByBzzzzyBzztGzy0AtA0EtGyEyDzyyCtGzz0A0CzytG0BtBtDyD0FyCtDyDtAtA0A0C2QtN0A0LzuyE%26crKaranteneD1346410106%26aKaranteneDwny_secureddownload_15_15%26osKaranteneDWindows 8.1&p={searchTerms}, [4e71062bd7b40630a442a421c1435ea2], %5
PUP.Optional.OptimizerPro, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\OPTIMIZER PRO|AdsBuyNowURL, http://www.safeshopgate.com/r?s=121002330&g=69AB089B-43EA-4E80-925C-E5E8694E40B9, Karantene, [fac5c66bff8c5adc9874951804004fb1]
PUP.Optional.ProductSetup, HKU\S-1-5-21-4276930362-3749895216-682160067-1002\SOFTWARE\PRODUCTSETUP|tb, 0P1S1S1F1D1B2W2O0M2W1D1F1F1G2O, Karantene, [d2edf839aedd30067c9902af966e5fa1]

Registerdata: 3
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{21AC33AB-1630-4693-A8EF-8368E3045ACB}|NameServer, 199.203.131.150,82.163.143.168, God: (), Dårlig: (199.203.131.150,82.163.143.168),Erstattet,[edd20a275536f73f07d3e98bed182cd4]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{C617D115-6518-4A0F-AF60-D335F092A201}|NameServer, 199.203.131.150,82.163.143.168, God: (), Dårlig: (199.203.131.150,82.163.143.168),Erstattet,[b00f0e23b3d896a0d00acda75da8837d]
Trojan.DNSChanger, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{E0429477-6149-442A-BFFD-11762A37AECA}|NameServer, 199.203.131.150,82.163.143.168, God: (), Dårlig: (199.203.131.150,82.163.143.168),Erstattet,[1ca379b83e4de452ce0ce3917a8bd12f]

Mapper: 12
PUP.Optional.MultiPlug.Gen, C:\ProgramData\582297959871069672, Karantene, [cff078b993f8191dce814a2e4db7db25],
PUP.Optional.OptimizerPro, C:\Users\Cesilie\Documents\Optimizer Pro, Karantene, [2e9162cf2467b680da2c7736d1339b65],
PUP.Optional.PCSpeedMaximizer, C:\Users\Cesilie\Documents\PC Speed Maximizer, Karantene, [efd0e24fcac13afc0611b3fb0bf920e0],
PUP.Optional.SuperOptimizer, C:\ProgramData\{c4cc0ff0-8afe-8d70-c4cc-c0ff08af3fc2}, Karantene, [0fb061d0dbb0b482a2079824eb196898],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.OptimizerPro, C:\Users\Cesilie\AppData\Roaming\Optimizer Pro, Karantene, [b30c19181477979f58b01609a95a8080],
PUP.Optional.OptimizerPro, C:\Users\Cesilie\AppData\Roaming\Optimizer Pro\Backup, Karantene, [b30c19181477979f58b01609a95a8080],
PUP.Optional.OptimizerPro, C:\Users\Cesilie\AppData\Roaming\Optimizer Pro\Log, Karantene, [b30c19181477979f58b01609a95a8080],
PUP.Optional.OptimizerPro, C:\Users\Cesilie\AppData\Roaming\Optimizer Pro\Undo, Karantene, [b30c19181477979f58b01609a95a8080],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99, Slett ved restart, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2, Karantene, [09b6d85994f758deed1e48d7cb384cb4],
PUP.Optional.WinZipRegOp, C:\Program Files (x86)\WinZip Registry Optimizer, Karantene, [447b3100197256e08e84e7449c670000],

Filer: 59
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProSmartScan.exe, Karantene, [8738949d1774171f19f9506e10f16997],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProReminder.exe, Slett ved restart, [9a25ac85bad1b185ed252f8f27da1ce4],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe, Karantene, [338c72bf513a4de940d2338b2ed32fd1],
PUP.Optional.PullUpdate, C:\ProgramData\Browser\prompt.exe, Karantene, [6d52f9382368b87e860bf4ca9c65e719],
PUP.Optional.PCOptimizerPro, C:\ProgramData\{c4cc0ff0-8afe-8d70-c4cc-c0ff08af3fc2}\hqghumeaylnlf.exe, Karantene, [79467cb54249d462139adcab9071c33d],
PUP.Optional.DNSUnlocker, C:\Program Files (x86)\DNS Unlocker\ZonaTools.XPlorerBar.dll, Karantene, [9c2338f9d4b790a6b22efeb9b94845bb],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptimizerPro.exe, Karantene, [8e31b67b0586c076c052784680817f81],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProGuard.exe, Karantene, [942b062beba058de030f5d61827fa55b],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProSchedule.exe, Karantene, [c5fad85939527abc8c864a741ce55ba5],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProStart.exe, Karantene, [dee12809e6a577bfa76b12acb948c739],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProUninstaller.exe, Karantene, [11aedd546c1f67cfae64b00e2cd5e020],
PUP.Optional.PCMechanic, C:\Users\Cesilie\Downloads\pcmechanicpm_6739804_.exe, Karantene, [269965cc5437f1454aaf980f46bb2ed2],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\582297959871069672\48f58318965d9ae3b37417a9f2c2e177.ini, Karantene, [cff078b993f8191dce814a2e4db7db25],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\582297959871069672\c3fe0a5e6ab33039b37417a9f2c2e177.ini, Karantene, [cff078b993f8191dce814a2e4db7db25],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Windows\System32\Tasks\DNSMOHAWK, Karantene, [2a9578b9c9c206302b51067a4bb9758b],
PUP.Optional.OptimizerPro, C:\Users\Cesilie\Desktop\Optimizer Pro.lnk, Karantene, [407fc9681b7092a46b9af7b60afaa25e],
PUP.Optional.OptimizerPro, C:\Users\Cesilie\Documents\Optimizer Pro\CookiesException.txt, Karantene, [2e9162cf2467b680da2c7736d1339b65],
PUP.Optional.OptimizerPro, C:\Windows\System32\Tasks\Optimizer Pro Schedule, Karantene, [18a7181992f925115aadcde07a8a50b0],
PUP.Optional.OptScan, C:\Windows\System32\Tasks\Optscan, Karantene, [c5fa062ba6e586b05ac8f6b7e1230cf4],
PUP.Optional.OptScan, C:\Windows\Tasks\Optscan.job, Karantene, [932c69c8b2d9ec4a22011a93d3310ff1],
PUP.Optional.PCSpeedMaximizer, C:\Users\Cesilie\Documents\PC Speed Maximizer\CookieExclusions.txt, Karantene, [efd0e24fcac13afc0611b3fb0bf920e0],
PUP.Optional.SuperOptimizer, C:\ProgramData\{c4cc0ff0-8afe-8d70-c4cc-c0ff08af3fc2}\hqghumeaylnlf.dat, Karantene, [0fb061d0dbb0b482a2079824eb196898],
PUP.Optional.SuperOptimizer, C:\ProgramData\{c4cc0ff0-8afe-8d70-c4cc-c0ff08af3fc2}\d6c3ac0808e4f349, Karantene, [0fb061d0dbb0b482a2079824eb196898],
PUP.Optional.SuperOptimizer, C:\ProgramData\{c4cc0ff0-8afe-8d70-c4cc-c0ff08af3fc2}\e1637af1f194f819, Karantene, [0fb061d0dbb0b482a2079824eb196898],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\config.ini, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\ConsoleApplication1.dll, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\DNSMOHAWK.cer, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\Info.rtf, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\License.rtf, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\LogoBlack.ico, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\LogoGreen.ico, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\LogoYellow.ico, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\Microsoft.Win32.TaskScheduler.dll, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\settings.ini, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\unins000.dat, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.DNSUnlocker.BrwsrFlsh, C:\Program Files (x86)\DNS Unlocker\unins000.exe, Karantene, [a01f4ee390fbb3838dee966cd132867a],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\bg_new3.bmp, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\bg_new4.bmp, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\cancel.bmp, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\CookiesException.txt, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\file_id.diz, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\HomePage.url, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\itdownload.dll, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\Norwegian.ini, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptimizerPro.chm, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\OptProHelper.dll, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\SafeCheckout.exe, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\scan.gif, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\sqlite3.dll, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\StartupList.txt, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\unins000.dat, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\unins000.exe, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro 3.99\unins000.msg, Karantene, [4b74250cf794a096ee1cd54ab44f1fe1],
PUP.Optional.OptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Avinstaller Optimizer Pro.lnk, Karantene, [09b6d85994f758deed1e48d7cb384cb4],
PUP.Optional.OptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Hjelp.lnk, Karantene, [09b6d85994f758deed1e48d7cb384cb4],
PUP.Optional.OptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Kontroler oppdateringene.lnk, Karantene, [09b6d85994f758deed1e48d7cb384cb4],
PUP.Optional.OptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Optimizer Pro på nettet.lnk, Karantene, [09b6d85994f758deed1e48d7cb384cb4],
PUP.Optional.OptimizerPro, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Optimizer Pro.lnk, Karantene, [09b6d85994f758deed1e48d7cb384cb4],
PUP.Optional.WinYahoo, C:\Users\Cesilie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, God: ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Dårlig: ("session":{"restore_on_startup":4,"restore_on_startup_migrated":true,"startup_urls":["http://no.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fErstattet,[823d59d84843290dac86d9d67d888e72]D7%26bErstattet,[823d59d84843290dac86d9d67d888e72]DChrome%26ccErstattet,[823d59d84843290dac86d9d67d888e72]Dno%26paErstattet,[823d59d84843290dac86d9d67d888e72]DWinYahoo%26cdErstattet,[823d59d84843290dac86d9d67d888e72]D2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyBtAtB0FyD0F0EtGtC0DzytAtG0F0B0A0CtG0CtDyByDtGyBtDtAyCtDyC0AtA0C0BtA0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0E0FtC0FtCzzzztGtB0DyDtDtGyE0CtCtCtG0B0DtDzztGyEzztB0D0C0DyCyCtB0AtBzz2QtN0A0LzuyE%26crErstattet,[823d59d84843290dac86d9d67d888e72]D1332559434%26aErstattet,[823d59d84843290dac86d9d67d888e72]Dwny_secureddownload_15_15%26osErstattet,[823d59d84843290dac86d9d67d888e72]DWindows 8.1","http://no.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fErstattet,[823d59d84843290dac86d9d67d888e72]D7%26bErstattet,[823d59d84843290dac86d9d67d888e72]DChrome%26ccErstattet,[823d59d84843290dac86d9d67d888e72]Dno%26paErstattet,[823d59d84843290dac86d9d67d888e72]DWinYahoo%26cdErstattet,[823d59d84843290dac86d9d67d888e72]D2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtCtD0AtAtA0AyBtGyE0AtB0AtGyC0E0B0AtGtB0AtB0DtGyBtCyByC0CzyyByD0EyD0CyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0E0EzyyC0B0F0FtG0Fzz0E0FtGyEyBtByDtGzy0EyDyBtG0F0FtByEzzyD0A0AyByC0D0F2QtN0A0LzuyE%26crErstattet,[823d59d84843290dac86d9d67d888e72]D1537161284%26aErstattet,[823d59d84843290dac86d9d67d888e72]Dwny_secureddownload_15_15%26osErstattet,[823d59d84843290dac86d9d67d888e72]DWindows 8.1","http://no.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=fErstattet,[823d59d84843290dac86d9d67d888e72]D7%26bErstattet,[823d59d84843290dac86d9d67d888e72]DChrome%26ccErstattet,[823d59d84843290dac86d9d67d888e72]Dno%26paErstattet,[823d59d84843290dac86d9d67d888e72]DWinYahoo%26cdErstattet,[823d59d84843290dac86d9d67d888e72]D2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyCtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StBtDzy0C0F0EtCzytG0A0D0C0CtGtDyCzy0EtG0ByDzzzztGtCzy0CyD0Azy0CyB0FyDyE0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtAyByBzzzzyBzztGzy0AtA0EtGyEyDzyyCtGzz0A0CzytG0BtBtDyD0FyCtDyDtAtA0A0C2QtN0A0LzuyE%26crErstattet,[823d59d84843290dac86d9d67d888e72]D1346410106%26aErstattet,[823d59d84843290dac86d9d67d888e72]Dwny_secureddownload_15_15%26osErstattet,[823d59d84843290dac86d9d67d888e72]DWindows 8.1","http://no.search.yahoo.com/?fr=hp-ddc-bd&type=578_pr__alt__ddc_dsssyc_bd_com"],"urls_to_restore_on_startup":["http://no.search.yahoo.com/?fr=hp-ddc-bd&type=578_pr__alt__ddc_dsssyc_bd_com"]},"sync":{"remaining_rollback_tries":0}}), %5

Fysiske sektorer: 0
(Ingen ondsinnede elementer funnet)


(end)

 

I tillegg er det en protection log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org


Error, 19.09.2015 16:09, SYSTEM, PC, Protection, IsLicensed, 13,
Protection, 19.09.2015 16:09, SYSTEM, PC, Protection, Malware Protection, Stopping,
Protection, 19.09.2015 16:09, SYSTEM, PC, Protection, Malware Protection, Stopped,
Update, 19.09.2015 16:28, SYSTEM, PC, Manual, Remediation Database, 2015.5.13.1, 2015.9.16.1,
Update, 19.09.2015 16:28, SYSTEM, PC, Manual, IP Database, 0.0.0.0, 2015.9.18.2,
Update, 19.09.2015 16:28, SYSTEM, PC, Manual, Rootkit Database, 2015.5.16.1, 2015.9.18.1,
Update, 19.09.2015 16:28, SYSTEM, PC, Manual, Domain Database, 0.0.0.0, 2015.9.19.1,
Update, 19.09.2015 16:28, SYSTEM, PC, Manual, Malware Database, 2015.5.18.5, 2015.9.19.3,
Update, 19.09.2015 16:28, SYSTEM, PC, Manual, program, 2.1.6.1022, 2.1.8.0,
Error, 19.09.2015 16:30, SYSTEM, PC, Update, Bad md5 or size: akadomains, 11,
Error, 19.09.2015 16:30, SYSTEM, PC, Update, Bad md5 or size: akaips, 11,
Update, 19.09.2015 16:30, SYSTEM, PC, Manual, Remediation Database, 2015.5.13.1, 2015.9.16.1,
Update, 19.09.2015 16:30, SYSTEM, PC, Manual, AKA IP Database, 0.0.0.0, 2015.9.11.2,
Update, 19.09.2015 16:30, SYSTEM, PC, Manual, AKA Domain Database, 0.0.0.0, 2015.9.11.2,
Update, 19.09.2015 16:30, SYSTEM, PC, Manual, IP Database, 0.0.0.0, 2015.9.18.2,
Update, 19.09.2015 16:30, SYSTEM, PC, Manual, Domain Database, 0.0.0.0, 2015.9.19.1,
Update, 19.09.2015 16:30, SYSTEM, PC, Manual, Rootkit Database, 2015.6.2.1, 2015.9.18.1,
Update, 19.09.2015 16:30, SYSTEM, PC, Manual, Malware Database, 2015.6.3.3, 2015.9.19.3,
Error, 19.09.2015 16:30, SYSTEM, PC, Update, Bad md5 or size: domains, 11,
Error, 19.09.2015 16:30, SYSTEM, PC, Update, Bad md5 or size: ips, 11,
Error, 19.09.2015 16:30, SYSTEM, PC, Update, Bad md5 or size: akadomains, 11,
Update, 19.09.2015 16:30, SYSTEM, PC, Manual, AKA Domain Database, 0.0.0.0, 2015.9.11.2,
Update, 19.09.2015 16:30, SYSTEM, PC, Manual, IP Database, 0.0.0.0, 2015.9.18.2,
Update, 19.09.2015 16:30, SYSTEM, PC, Manual, Domain Database, 0.0.0.0, 2015.9.19.1,
Scan, 19.09.2015 16:58, SYSTEM, PC, Manual, Start: 19.09.2015 16:30, Varighet: 25 min 40 sek, Trusselskann, Fullført, 3 Malwareidentifiseringer, 118 PUP/PUM-identifiseringer,
Error, 19.09.2015 16:59, SYSTEM, PC, Protection, IsLicensed, 13,
Protection, 19.09.2015 16:59, SYSTEM, PC, Protection, Malware Protection, Stopping,
Protection, 19.09.2015 16:59, SYSTEM, PC, Protection, Malware Protection, Stopped,

(end)

 

Her er logg fra AdwCleaner:

# AdwCleaner v5.008 - Logfile created 19/09/2015 at 17:14:41
# Updated 18/09/2015 by Xplode
# Database : 2015-09-17.3 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Cesilie - PC
# Running from : C:\Users\Cesilie\Downloads\adwcleaner_5.008.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\TVWizard
[-] Folder Deleted : C:\Program Files (x86)\speed browser
[-] Folder Deleted : C:\ProgramData\Browser
[-] Folder Deleted : C:\ProgramData\db671674000056aa
[-] Folder Deleted : C:\ProgramData\{C19CA186-4F06-4E22-A1E6-6BAB4723A0DE}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser
[-] Folder Deleted : C:\Users\Cesilie\AppData\Local\speed browser
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\speed browser

***** [ Files ] *****

[-] File Deleted : C:\Users\Cesilie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speed browser.lnk
[-] File Deleted : C:\Windows\Sysnative\roboot64.exe

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : LaunchApp

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.Adler
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibCodec
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zlib.ZlibException
[-] Key Deleted : HKLM\SOFTWARE\Classes\MPCBContextMenu.ContextMenu
[-] Key Deleted : HKLM\SOFTWARE\Classes\MPCBContextMenu.IconGenerator
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Logger
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{3B96B73A-292C-31BF-A2D3-34DF54CBDB55}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{07430FF5-B7A6-3D5A-9F9B-2D7C57183B3B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{0B764022-3741-345E-AB39-0A2A8577C5E0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{A865D884-9B93-377B-A24D-12BF02DFF6D3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{B0EBAFE9-ED42-34D1-B7D7-CBBE39A467CF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{DE64992E-A184-3DA6-927A-DA3906A77D7B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{F489A9AA-4924-32DF-AB6C-6EEE3A3C0A99}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{F5C7BCD8-0F63-34D0-BA9C-906545CD4020}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Crc.CRC32
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadCrcException
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadPasswordException
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadReadException
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.BadStateException
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ComHelper
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ReadOptions
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.SelfExtractorSaveOptions
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.SfxGenerationException
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipEntry
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipException
[-] Key Deleted : HKLM\SOFTWARE\Classes\Ionic.Zip.ZipFile
[-] Key Deleted : HKLM\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\MPCBContextMenu
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.Cookie
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.CookieCollection
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.CookieException
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.hxxpListener
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.hxxpListenerException
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.hxxpVersion
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Net.WebHeaderCollection
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Server.hxxpServer
[-] Key Deleted : HKLM\SOFTWARE\Classes\WebSocketSharp.Server.WebSocketServer
[-] Key Deleted : HKCU\Software\Classes\PepperZip
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\browser.exe
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\speed browser
[-] Key Deleted : HKLM\SOFTWARE\Classes\BrowserHTM
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [BrowserHTM]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [BrowserHTM]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [BrowserHTM]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgIDs [BrowserHTM]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgIDs [BrowserHTM]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}
[-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : HKLM\SOFTWARE\81612aa5-2db3-7fca-af82-821669248f50
[-] Key Deleted : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{270BE80F-7D12-3199-A5A6-C26956DC9B85}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{284BB344-E9D0-39E1-B44B-6D98A16E9B71}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3070CF0C-F396-3DCA-87D6-9DBF3D77B610}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{36906F02-A2B9-3047-9D5C-E05AF3E469E5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{420E2C2E-80D9-3012-A43C-42241FB36D42}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4529EB14-6B38-3CC4-9504-6EAB6C9E1255}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{93ABB6F7-F27A-3431-88ED-6939B451FF0D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AFF295ED-76F5-3BAC-81AE-74CD223F2F5C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{B59B2B9A-B0FD-32F2-AA3A-927ADA01CD81}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{BEEA930F-CD8A-341E-B6B5-5BAF659685D5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E89856E4-1085-3BDF-87AA-8A81E422767E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00004}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00005}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00006}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00007}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00008}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D00009}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBC25CF6-9120-4283-B972-0E5520D0000F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F03955F1-309E-34E9-A021-1399C3532273}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F8739A44-6C91-39E8-AA09-45DEF03E6C4C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{18A88C48-BC7B-35B3-BD38-74DED875FB28}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2097A1B6-E86A-4072-A32D-2249A3ECBC5A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
[-] Key Deleted : HKU\.DEFAULT\Software\Browser
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\SecuredDownload
[-] Key Deleted : HKCU\Software\simplytech
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKCU\Software\Corez
[-] Key Deleted : HKCU\Software\Kromtech
[-] Key Deleted : HKCU\Software\Browser
[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\AppDataLow\Software\SpeedChecker
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\SupDp
[-] Key Deleted : HKLM\SOFTWARE\SpeedBrowser
[-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Key Deleted : HKLM\SOFTWARE\SpeedBit
[-] Key Deleted : HKLM\SOFTWARE\AIM Toolbar
[-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
[!] Key Not Deleted : [x64] HKCU\Software\APN PIP
[!] Key Not Deleted : [x64] HKCU\Software\SecuredDownload
[!] Key Not Deleted : [x64] HKCU\Software\simplytech
[!] Key Not Deleted : [x64] HKCU\Software\Linkey
[!] Key Not Deleted : [x64] HKCU\Software\Corez
[!] Key Not Deleted : [x64] HKCU\Software\Kromtech
[!] Key Not Deleted : [x64] HKCU\Software\Browser
[!] Key Not Deleted : HKU\S-1-5-21-4276930362-3749895216-682160067-1002\Software\AppDataLow\Software\SpeedChecker

***** [ Web browsers ] *****

[-] [C:\Users\Cesilie\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : istartsurf.com
[-] [C:\Users\Cesilie\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search provided by yahoo.com
[-] [C:\Users\Cesilie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://no.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_secureddownload_15_15&param1=1&param2=f%3D1%26b%3DChrome%26cc%3Dno%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEyBzzyDyD0DtAzyyC0AyBtN0D0Tzu0StCtCzyyDtN1L2XzutAtFzytFzztFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDyBtAtB0FyD0F0EtGtC0DzytAtG0F0B0A0CtG0CtDyByDtGyBtDtAyCtDyC0AtA0C0BtA0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0E0FtC0FtCzzzztGtB0DyDtDtGyE0CtCtCtG0B0DtDzztGyEzztB0D0C0DyCyCtB0AtBzz2QtN0A0LzuyE%26cr%3D1332559434%26a%3Dwny_secureddownload_15_15%26os%3DWindows 8.1

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [11969 bytes] ##########

 

Hvordan ser det ut?

Endret av Type-R
0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Jo, de har jo fjerna en del grums, ser jeg.

Prøv også å kjøre en nettleser rens: http://malwarefixes.com/avast-browser-cleanup-free-scanner-download/

Restart PC og last ned og kjør: HijackThis: http://filehippo.com/download_hijackthis/tech/

Høyreklikk på kjørefila, og velg å kjøre som admin. Velg Do a systemscan and save a log file

Legg ut loggen her.

1

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet (endret)

Her er Hijackthis-loggen:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 01.33.15, on 20.09.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)

FIREFOX: 40.0.3 (x86 nb-NO)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Users\Cesilie\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Cesilie\Downloads\HijackThis(1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.uk.msn.com/HPCON14/9
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Cesilie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Power2GoExpress8] "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Cesilie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Cesilie\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dropbox-oppdatering-tjeneste (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox-oppdatering-tjeneste (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google-oppdatering-tjenesten (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google-oppdatering-tjenesten (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @oem63.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Technology Access Software Asset Manager (Intel(R) TA SAM) - Unknown owner - C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service:  HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: tbaseprovisioning - Advanced Micro Devices, Inc. - C:\WINDOWS\SysWOW64\tbaseprovisioning.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10970 bytes

 

Nå har jeg forresten installert Windows 10 på pc'en siden jeg la ut de første loggene.

Endret av Type-R
0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Det ser greit ut nå. 

Bare en liten sak jeg stusser på, som kan være greit å sjekke opp.

Hvis du går inn i registeret (Windows+R, skriv inn: regedit og klikk Enter) Åpne følgende sti:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

I Winlogon-mappa, se at userinit ser slik ut: C:\Windows\System32\Userinit.exe, og at det ikke ligger noe annet der.

Er du usikker, kan du ta en print screen og legge ut her.

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Hei. Sånn ser det ut når jeg går inn på den fila du benevner. Ser det ok ut?

 

 

system 32.jpg

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Det ser normalt ut ja.  

Surf trygt videre... :)

1

Del dette innlegget


Lenke til innlegg
Del på andre sider

Skrevet

Så flott. Hjertelig takk for hjelpen. :-)

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!


Start en konto

Logg inn

Har du allerede en konto? Logg inn her.


Logg inn nå

  • Hvem er aktive   0 medlemmer

    Ingen innloggede medlemmer aktive