Just nu i M3-nätverket
Gå till innehåll

DNSunlocker och adWare


mickeH

Rekommendera Poster

har fått problem i ena datorn med annonsprogram i webbläsare

DNSunlocker visas inte i "lägg till ta bort program" som det beskrivs i andra lösningar på nätet

har jagat den med ett knippe olika program nu utan framgång....

så... nu.....

 

har kört farbar recovery scan tool och fått ut  FRST & addition.txt

följer nedan....

tacksam för hjälp.... 

 

 
Länk till kommentar
Dela på andra webbplatser

Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.
Klicka på knappen Log file.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[R0].txt

Länk till kommentar
Dela på andra webbplatser

så.... då var det gjort...

# AdwCleaner v5.007 - Logfile created 09/09/2015 at 18:56:04
# Updated 08/09/2015 by Xplode
# Database : 2015-09-08.2 [server]
# Operating system : Windows 8.1  (x64)
# Username : Agneta - AGNETAS
# Running from : C:\Users\Agneta\Desktop\adwcleaner_5.007.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
Folder Found : C:\Program Files (x86)\FilmFanatic
Folder Found : C:\Program Files (x86)\topdeal
Folder Found : C:\Program Files (x86)\deal4real
Folder Found : C:\Program Files (x86)\SegmentAugmenter
Folder Found : C:\Program Files (x86)\SystemHero
Folder Found : C:\Program Files (x86)\CClickFOrSSale
Folder Found : C:\Program Files (x86)\ClicikForSalee
Folder Found : C:\Program Files (x86)\CoolSaleeCoupon
Folder Found : C:\Program Files (x86)\DDiiscounntExtensii
Folder Found : C:\Program Files (x86)\deal4Real
Folder Found : C:\Program Files (x86)\DiscOuntExtEnsi
Folder Found : C:\Program Files (x86)\DiscountLoCaToor
Folder Found : C:\Program Files (x86)\DuiggiSaver
Folder Found : C:\Program Files (x86)\EoxtraaShopper
Folder Found : C:\Program Files (x86)\EXtraShhoPppeur
Folder Found : C:\Program Files (x86)\ExtraSHopepeeR
Folder Found : C:\Program Files (x86)\ExtraShopPeR
Folder Found : C:\Program Files (x86)\FFinEDeoaloSoft
Folder Found : C:\Program Files (x86)\FIaneDealSofto
Folder Found : C:\Program Files (x86)\FIneDeaalSoft
Folder Found : C:\Program Files (x86)\FlexibleeSShopper
Folder Found : C:\Program Files (x86)\KiingCouponn
Folder Found : C:\Program Files (x86)\LuckyCoouappon
Folder Found : C:\Program Files (x86)\MinImumoPrice
Folder Found : C:\Program Files (x86)\MinimumPRice
Folder Found : C:\Program Files (x86)\MuinimumParice
Folder Found : C:\Program Files (x86)\ROyaLCoupon
Folder Found : C:\Program Files (x86)\RoyaLShoppErrAApp
Folder Found : C:\Program Files (x86)\RRoyalShopperApp
Folder Found : C:\Program Files (x86)\SalesMagnEt
Folder Found : C:\Program Files (x86)\SalesoMagnieto
Folder Found : C:\Program Files (x86)\SallesMaGnet
Folder Found : C:\Program Files (x86)\SaolEsMagnet
Folder Found : C:\Program Files (x86)\SavverAoddoon
Folder Found : C:\Program Files (x86)\ssavuer  boxx
Folder Found : C:\Program Files (x86)\Topdeal
Folder Found : C:\Program Files (x86)\topdoeal
Folder Found : C:\Program Files (x86)\ttopedEEaaL
Folder Found : C:\Program Files (x86)\FilmFanatic
Folder Found : C:\Program Files (x86)\Optimizer Pro 3.20
Folder Found : C:\ProgramData\ChampionDeals
Folder Found : C:\ProgramData\15642996262281940694
Folder Found : C:\ProgramData\d91716386c140ed6
Folder Found : C:\ProgramData\{37f98f14-07aa-fc49-37f9-98f1407a3c50}
Folder Found : C:\ProgramData\{3dd99231-6ad8-d7df-3dd9-992316ad48c5}
Folder Found : C:\ProgramData\{BE4DD016-EE56-4AC8-9832-69281423A3D4}
Folder Found : C:\ProgramData\{c233214f-c459-ba97-c233-3214fc45853f}
Folder Found : C:\ProgramData\{E9540197-B9D6-D011-0850-A093D8D2731D}
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector
Folder Found : C:\Users\Agneta\AppData\Local\StormFall
Folder Found : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\niojcggonafbneajjmkpkcigabaobmge
Folder Found : C:\Users\Agneta\AppData\Local\Temp\EnterDigital
Folder Found : C:\Users\Agneta\AppData\Roaming\StormFall
 
***** [ Files ] *****
 
File Found : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niojcggonafbneajjmkpkcigabaobmge_0.localstorage
File Found : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niojcggonafbneajjmkpkcigabaobmge_0.localstorage-journal
File Found : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage
File Found : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal
File Found : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
File Found : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
File Found : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
File Found : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
File Found : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_websearch.freesearches.info_0.localstorage
File Found : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_websearch.freesearches.info_0.localstorage-journal
File Found : C:\WINDOWS\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
File Found : C:\WINDOWS\Reimage.ini
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
Task Found : LaunchSignup
Task Found : Superclean
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Found : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Found : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Found : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
Key Found : HKLM\SOFTWARE\Classes\P097F10A3_0C64_466D_BB1A_D3F86ECCEA5E_.P097F10A3_0C64_466D_BB1A_D3F86ECCEA5E_
Key Found : HKLM\SOFTWARE\Classes\P097F10A3_0C64_466D_BB1A_D3F86ECCEA5E_.P097F10A3_0C64_466D_BB1A_D3F86ECCEA5E_.9
Key Found : HKLM\SOFTWARE\Classes\P0AD01DCE_DBE9_4002_A13C_0D4F3B51D0F6_.P0AD01DCE_DBE9_4002_A13C_0D4F3B51D0F6_
Key Found : HKLM\SOFTWARE\Classes\P0AD01DCE_DBE9_4002_A13C_0D4F3B51D0F6_.P0AD01DCE_DBE9_4002_A13C_0D4F3B51D0F6_.9
Key Found : HKLM\SOFTWARE\Classes\P5BB1060F_719D_4835_8C77_038D400EADBB_.P5BB1060F_719D_4835_8C77_038D400EADBB_
Key Found : HKLM\SOFTWARE\Classes\P5BB1060F_719D_4835_8C77_038D400EADBB_.P5BB1060F_719D_4835_8C77_038D400EADBB_.9
Key Found : HKLM\SOFTWARE\Classes\PC51984BC_6B0C_40E2_B8C9_1D91F2142695_.PC51984BC_6B0C_40E2_B8C9_1D91F2142695_
Key Found : HKLM\SOFTWARE\Classes\PC51984BC_6B0C_40E2_B8C9_1D91F2142695_.PC51984BC_6B0C_40E2_B8C9_1D91F2142695_.9
Key Found : HKLM\SOFTWARE\35175113-a48c-1297-7922-8fa3b7dada4c
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{1e10da1e}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{7baa6e25}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{9c370036}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{c5ea6084}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{d3a378f6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc4691d6}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Key Found : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Found : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{097F10A3-0C64-466D-BB1A-D3F86ECCEA5E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0AD01DCE-DBE9-4002-A13C-0D4F3B51D0F6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5BB1060F-719D-4835-8C77-038D400EADBB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C51984BC-6B0C-40E2-B8C9-1D91F2142695}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F97FDF1-DA2B-4579-AD3E-E46641F9DBAB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A220BAB5-C335-48BA-8A01-309FDA37446F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0416BDB0-AFB0-4464-952D-1EAB5047B8E6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{318C7F13-3498-459E-BF35-12865E6D005C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{588BD59D-3E28-483B-8484-164D57F40D62}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5ADB067E-40D9-49AD-BDFC-2DBD725D3842}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{96BB8E60-6EF9-47E0-9ED8-4AD477ECF427}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{999A70CB-7657-4A48-A92A-BE29FF9D5443}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C7405EEB-2E16-40FE-9E27-1F48CAAB15E1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DD1CFE82-CC89-497D-9573-B8B1867DDA09}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EB559340-3A8F-4456-B24D-160098054EF0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FCE74B5F-13A9-47C3-B69E-5210C1EECBEF}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{0B6C9E5C-4E2D-4874-BC84-4A6178E8E179}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{40414AD3-56EF-442F-9765-B136B309FFB8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{097F10A3-0C64-466D-BB1A-D3F86ECCEA5E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0AD01DCE-DBE9-4002-A13C-0D4F3B51D0F6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5BB1060F-719D-4835-8C77-038D400EADBB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C51984BC-6B0C-40E2-B8C9-1D91F2142695}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{097F10A3-0C64-466D-BB1A-D3F86ECCEA5E}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{0AD01DCE-DBE9-4002-A13C-0D4F3B51D0F6}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{5BB1060F-719D-4835-8C77-038D400EADBB}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{C51984BC-6B0C-40E2-B8C9-1D91F2142695}]
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{097F10A3-0C64-466D-BB1A-D3F86ECCEA5E}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{0AD01DCE-DBE9-4002-A13C-0D4F3B51D0F6}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5BB1060F-719D-4835-8C77-038D400EADBB}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{C51984BC-6B0C-40E2-B8C9-1D91F2142695}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F97FDF1-DA2B-4579-AD3E-E46641F9DBAB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A220BAB5-C335-48BA-8A01-309FDA37446F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0416BDB0-AFB0-4464-952D-1EAB5047B8E6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A25AC313-DD19-4238-ACA2-401D6BEE4321}
Key Found : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\Reimage
Key Found : HKCU\Software\EnterDigital
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\adawarebp
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\InstallCore
Key Found : HKLM\SOFTWARE\TermTutor
Key Found : HKLM\SOFTWARE\EnterDigital
Key Found : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Found : HKLM\SOFTWARE\SPPDCOM
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B114619-78B7-1CFF-55EF-74266954F883}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6423EE4-93D8-FA04-D09D-A8598F6EFDFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AE9B04F2-E9E8-162C-829B-52C116B3EFCC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA8C94BE-9F47-1B2E-90F8-D8C07119BD96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3119AFD3-545C-0955-573A-494F62E61990}
Key Found : [x64] HKCU\Software\Reimage
Key Found : [x64] HKCU\Software\EnterDigital
Key Found : [x64] HKLM\SOFTWARE\Reimage
Key Found : HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\Software\AppDataLow\Software\adawarebp
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] - hxxp://www.bing.com/?pc=COSP&ptag=D083115-A60FA26CFB78147A880F&form=CONMHP&conlogo=CT3332038
Data Found : HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\Software\Microsoft\Internet Explorer\Main [start Page] - hxxp://www.bing.com/?pc=COSP&ptag=D083115-A60FA26CFB78147A880F&form=CONMHP&conlogo=CT3332038
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Data Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Data Found : HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
***** [ Web browsers ] *****
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [15754 bytes] ##########
Länk till kommentar
Dela på andra webbplatser

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.

Klicka på Clean-knappen.
Tryck på OK.
Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om, om den inte gör det automatiskt får du göra det själv.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner\AdwCleaner[s0].txt

 

 

2. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Välj alternativet Enable detection of potentially unwanted applications.

Klicka på Advanced Settings.
Ta bort bocken framför Remove found threats.
Bocka för:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

 

 

3. Starta FRST.

Bocka för Addition.txt.

Skanna med programmet och bifoga de två nya loggfilerna.

Länk till kommentar
Dela på andra webbplatser

# AdwCleaner v5.007 - Logfile created 09/09/2015 at 19:24:53

# Updated 08/09/2015 by Xplode

# Database : 2015-09-08.2 [server]

# Operating system : Windows 8.1  (x64)

# Username : Agneta - AGNETAS

# Running from : C:\Users\Agneta\Desktop\adwcleaner_5.007.exe

# Option : Cleaning


 

***** [ Services ] *****

 

 

***** [ Folders ] *****

 

[-] Folder Deleted : C:\Program Files (x86)\FilmFanatic

[-] Folder Deleted : C:\Program Files (x86)\topdeal

[-] Folder Deleted : C:\Program Files (x86)\deal4real

[-] Folder Deleted : C:\Program Files (x86)\SegmentAugmenter

[-] Folder Deleted : C:\Program Files (x86)\SystemHero

[-] Folder Deleted : C:\Program Files (x86)\CClickFOrSSale

[-] Folder Deleted : C:\Program Files (x86)\ClicikForSalee

[-] Folder Deleted : C:\Program Files (x86)\CoolSaleeCoupon

[-] Folder Deleted : C:\Program Files (x86)\DDiiscounntExtensii

[!] Folder Not Deleted : C:\Program Files (x86)\deal4Real

[-] Folder Deleted : C:\Program Files (x86)\DiscOuntExtEnsi

[-] Folder Deleted : C:\Program Files (x86)\DiscountLoCaToor

[-] Folder Deleted : C:\Program Files (x86)\DuiggiSaver

[-] Folder Deleted : C:\Program Files (x86)\EoxtraaShopper

[-] Folder Deleted : C:\Program Files (x86)\EXtraShhoPppeur

[-] Folder Deleted : C:\Program Files (x86)\ExtraSHopepeeR

[-] Folder Deleted : C:\Program Files (x86)\ExtraShopPeR

[-] Folder Deleted : C:\Program Files (x86)\FFinEDeoaloSoft

[-] Folder Deleted : C:\Program Files (x86)\FIaneDealSofto

[-] Folder Deleted : C:\Program Files (x86)\FIneDeaalSoft

[-] Folder Deleted : C:\Program Files (x86)\FlexibleeSShopper

[-] Folder Deleted : C:\Program Files (x86)\KiingCouponn

[-] Folder Deleted : C:\Program Files (x86)\LuckyCoouappon

[-] Folder Deleted : C:\Program Files (x86)\MinImumoPrice

[-] Folder Deleted : C:\Program Files (x86)\MinimumPRice

[-] Folder Deleted : C:\Program Files (x86)\MuinimumParice

[-] Folder Deleted : C:\Program Files (x86)\ROyaLCoupon

[-] Folder Deleted : C:\Program Files (x86)\RoyaLShoppErrAApp

[-] Folder Deleted : C:\Program Files (x86)\RRoyalShopperApp

[-] Folder Deleted : C:\Program Files (x86)\SalesMagnEt

[-] Folder Deleted : C:\Program Files (x86)\SalesoMagnieto

[-] Folder Deleted : C:\Program Files (x86)\SallesMaGnet

[-] Folder Deleted : C:\Program Files (x86)\SaolEsMagnet

[-] Folder Deleted : C:\Program Files (x86)\SavverAoddoon

[-] Folder Deleted : C:\Program Files (x86)\ssavuer  boxx

[!] Folder Not Deleted : C:\Program Files (x86)\Topdeal

[-] Folder Deleted : C:\Program Files (x86)\topdoeal

[-] Folder Deleted : C:\Program Files (x86)\ttopedEEaaL

[!] Folder Not Deleted : C:\Program Files (x86)\FilmFanatic

[-] Folder Deleted : C:\Program Files (x86)\Optimizer Pro 3.20

[-] Folder Deleted : C:\ProgramData\ChampionDeals

[-] Folder Deleted : C:\ProgramData\15642996262281940694

[-] Folder Deleted : C:\ProgramData\d91716386c140ed6

[-] Folder Deleted : C:\ProgramData\{37f98f14-07aa-fc49-37f9-98f1407a3c50}

[-] Folder Deleted : C:\ProgramData\{3dd99231-6ad8-d7df-3dd9-992316ad48c5}

[-] Folder Deleted : C:\ProgramData\{BE4DD016-EE56-4AC8-9832-69281423A3D4}

[-] Folder Deleted : C:\ProgramData\{c233214f-c459-ba97-c233-3214fc45853f}

[-] Folder Deleted : C:\ProgramData\{E9540197-B9D6-D011-0850-A093D8D2731D}

[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector

[-] Folder Deleted : C:\Users\Agneta\AppData\Local\StormFall

[-] Folder Deleted : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\niojcggonafbneajjmkpkcigabaobmge

[-] Folder Deleted : C:\Users\Agneta\AppData\Local\Temp\EnterDigital

[-] Folder Deleted : C:\Users\Agneta\AppData\Roaming\StormFall

 

***** [ Files ] *****

 

[-] File Deleted : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niojcggonafbneajjmkpkcigabaobmge_0.localstorage

[-] File Deleted : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_niojcggonafbneajjmkpkcigabaobmge_0.localstorage-journal

[-] File Deleted : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage

[-] File Deleted : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.pricepeep00.pricepeep.net_0.localstorage-journal

[-] File Deleted : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage

[-] File Deleted : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal

[-] File Deleted : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage

[-] File Deleted : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal

[-] File Deleted : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_websearch.freesearches.info_0.localstorage

[-] File Deleted : C:\Users\Agneta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_websearch.freesearches.info_0.localstorage-journal

[-] File Deleted : C:\WINDOWS\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb

[-] File Deleted : C:\WINDOWS\Reimage.ini

 

***** [ Shortcuts ] *****

 

 

***** [ Scheduled tasks ] *****

 

[-] Task Deleted : LaunchSignup

[-] Task Deleted : Superclean

 

***** [ Registry ] *****

 

[-] Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL

[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1

[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine

[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch

[-] Key Deleted : HKLM\SOFTWARE\Classes\P097F10A3_0C64_466D_BB1A_D3F86ECCEA5E_.P097F10A3_0C64_466D_BB1A_D3F86ECCEA5E_

[-] Key Deleted : HKLM\SOFTWARE\Classes\P097F10A3_0C64_466D_BB1A_D3F86ECCEA5E_.P097F10A3_0C64_466D_BB1A_D3F86ECCEA5E_.9

[-] Key Deleted : HKLM\SOFTWARE\Classes\P0AD01DCE_DBE9_4002_A13C_0D4F3B51D0F6_.P0AD01DCE_DBE9_4002_A13C_0D4F3B51D0F6_

[-] Key Deleted : HKLM\SOFTWARE\Classes\P0AD01DCE_DBE9_4002_A13C_0D4F3B51D0F6_.P0AD01DCE_DBE9_4002_A13C_0D4F3B51D0F6_.9

[-] Key Deleted : HKLM\SOFTWARE\Classes\P5BB1060F_719D_4835_8C77_038D400EADBB_.P5BB1060F_719D_4835_8C77_038D400EADBB_

[-] Key Deleted : HKLM\SOFTWARE\Classes\P5BB1060F_719D_4835_8C77_038D400EADBB_.P5BB1060F_719D_4835_8C77_038D400EADBB_.9

[-] Key Deleted : HKLM\SOFTWARE\Classes\PC51984BC_6B0C_40E2_B8C9_1D91F2142695_.PC51984BC_6B0C_40E2_B8C9_1D91F2142695_

[-] Key Deleted : HKLM\SOFTWARE\Classes\PC51984BC_6B0C_40E2_B8C9_1D91F2142695_.PC51984BC_6B0C_40E2_B8C9_1D91F2142695_.9

[-] Key Deleted : HKLM\SOFTWARE\35175113-a48c-1297-7922-8fa3b7dada4c

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{1e10da1e}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{7baa6e25}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{9c370036}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{c5ea6084}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{d3a378f6}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc4691d6}

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}

[-] Key Deleted : HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{097F10A3-0C64-466D-BB1A-D3F86ECCEA5E}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0AD01DCE-DBE9-4002-A13C-0D4F3B51D0F6}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BB1060F-719D-4835-8C77-038D400EADBB}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C51984BC-6B0C-40E2-B8C9-1D91F2142695}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F97FDF1-DA2B-4579-AD3E-E46641F9DBAB}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A220BAB5-C335-48BA-8A01-309FDA37446F}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0416BDB0-AFB0-4464-952D-1EAB5047B8E6}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{318C7F13-3498-459E-BF35-12865E6D005C}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{588BD59D-3E28-483B-8484-164D57F40D62}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5ADB067E-40D9-49AD-BDFC-2DBD725D3842}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96BB8E60-6EF9-47E0-9ED8-4AD477ECF427}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{999A70CB-7657-4A48-A92A-BE29FF9D5443}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C7405EEB-2E16-40FE-9E27-1F48CAAB15E1}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DD1CFE82-CC89-497D-9573-B8B1867DDA09}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EB559340-3A8F-4456-B24D-160098054EF0}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FCE74B5F-13A9-47C3-B69E-5210C1EECBEF}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0B6C9E5C-4E2D-4874-BC84-4A6178E8E179}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{40414AD3-56EF-442F-9765-B136B309FFB8}

[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{097F10A3-0C64-466D-BB1A-D3F86ECCEA5E}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0AD01DCE-DBE9-4002-A13C-0D4F3B51D0F6}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5BB1060F-719D-4835-8C77-038D400EADBB}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C51984BC-6B0C-40E2-B8C9-1D91F2142695}

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{097F10A3-0C64-466D-BB1A-D3F86ECCEA5E}]

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{0AD01DCE-DBE9-4002-A13C-0D4F3B51D0F6}]

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{5BB1060F-719D-4835-8C77-038D400EADBB}]

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{C51984BC-6B0C-40E2-B8C9-1D91F2142695}]

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{097F10A3-0C64-466D-BB1A-D3F86ECCEA5E}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0AD01DCE-DBE9-4002-A13C-0D4F3B51D0F6}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5BB1060F-719D-4835-8C77-038D400EADBB}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{C51984BC-6B0C-40E2-B8C9-1D91F2142695}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F97FDF1-DA2B-4579-AD3E-E46641F9DBAB}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A220BAB5-C335-48BA-8A01-309FDA37446F}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0416BDB0-AFB0-4464-952D-1EAB5047B8E6}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A25AC313-DD19-4238-ACA2-401D6BEE4321}

[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

[-] Key Deleted : HKCU\Software\Reimage

[-] Key Deleted : HKCU\Software\EnterDigital

[-] Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

[-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp

[-] Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}

[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

[-] Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}

[-] Key Deleted : HKLM\SOFTWARE\InstallCore

[-] Key Deleted : HKLM\SOFTWARE\TermTutor

[-] Key Deleted : HKLM\SOFTWARE\EnterDigital

[-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}

[-] Key Deleted : HKLM\SOFTWARE\SPPDCOM

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B114619-78B7-1CFF-55EF-74266954F883}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6423EE4-93D8-FA04-D09D-A8598F6EFDFD}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AE9B04F2-E9E8-162C-829B-52C116B3EFCC}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA8C94BE-9F47-1B2E-90F8-D8C07119BD96}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3119AFD3-545C-0955-573A-494F62E61990}

[!] Key Not Deleted : [x64] HKCU\Software\Reimage

[!] Key Not Deleted : [x64] HKCU\Software\EnterDigital

[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage

[!] Key Not Deleted : HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\Software\AppDataLow\Software\adawarebp

[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]

[-] Data Restored : HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\Software\Microsoft\Internet Explorer\Main [start Page]

[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

[!] Key Not Deleted : HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[-] Data Restored : HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

 

***** [ Web browsers ] *****

 

 

*************************

 

:: Winsock settings cleared

 

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [16646 bytes] ##########

 

Addition.txt

ESET.txt

FRST.txt

Länk till kommentar
Dela på andra webbplatser

1. Har du eller reklamprogrammen konfigurerat restriktioner för Chrome?

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION


2. Chrome är även konfigurerad för att använda testversioner avsedda för utvecklare och dessa är mindre säkra. Enda sättet att återgå till vanliga färdiga versioner är att avinstallera Chrome, starta om datorn och ta bort mappen C:\Användare\Agneta\AppData\Local\Google\Chrome innan man installerar Chrome på nytt.
 
3. Följande script kommer att ta bort alla filer i papperskorgarna och i mappar för tillfälliga filer. Kolla att du inte har några filer du vill ha kvar där.

Starta programmet Anteckningar.
Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
Tcpip\..\Interfaces\{A78C6BB0-3585-45B6-8985-09E73903E4A8}: [NameServer] 82.163.143.172,82.163.142.174
Tcpip\..\Interfaces\{F274A920-E23C-473F-AA25-B7A0FC9A7530}: [NameServer] 82.163.143.172,82.163.142.174
SearchScopes: HKU\S-1-5-21-1883112917-3408142225-1920773450-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S1 xhmrspbt; \??\C:\WINDOWS\system32\drivers\xhmrspbt.sys [X]
2015-08-27 12:40 - 2015-08-27 12:41 - 00000000 ____D C:\ProgramData\1887373585
2015-08-27 12:40 - 2015-08-27 12:41 - 00000000 ____D C:\Program Files (x86)\SnapShopper
2015-08-12 12:18 - 2015-08-27 12:08 - 00000000 ____D C:\Program Files (x86)\RelaySubs
2015-08-12 12:17 - 2015-08-27 12:08 - 00000000 ____D C:\Program Files (x86)\LighterModule
2015-08-12 12:16 - 2015-08-14 09:31 - 00000000 ____D C:\Program Files (x86)\AppendGeneration
2015-09-09 19:44 - 2014-11-04 20:44 - 00001704 _____ C:\WINDOWS\Tasks\YYQXZWR.job
2015-09-09 19:44 - 2014-11-04 20:44 - 00001354 _____ C:\WINDOWS\Tasks\VORM.job
2015-08-31 20:33 - 2014-09-01 10:18 - 00000365 _____ C:\Users\Agneta\AppData\Roaming\YYQXZWR
2015-08-31 20:33 - 2014-09-01 10:18 - 00000365 _____ C:\Users\Agneta\AppData\Roaming\VORM
2015-08-31 20:07 - 2015-07-26 17:23 - 00000000 ____D C:\ProgramData\ejlgmkkckcchbhlimjlmnmpmolmmfkdl
2015-08-31 20:05 - 2015-04-13 11:50 - 00000000 ____D C:\Program Files (x86)\the Paper Link for PubMed
2014-09-01 10:18 - 2015-08-31 20:33 - 0000365 _____ () C:\Users\Agneta\AppData\Roaming\VORM
2014-09-01 10:18 - 2015-08-31 20:33 - 0000365 _____ () C:\Users\Agneta\AppData\Roaming\YYQXZWR
Task: {117D059A-15E2-40D4-BE1E-3CBAD44F2576} - \SPBIW_UpdateTask_Time_313935393537303233312d574a324178345a2a376c455a -> No File <==== ATTENTION
Task: {5FAD6725-52C4-42AC-8361-27A5C7F10C3C} - System32\Tasks\YYQXZWR => C:\Users\Agneta\AppData\Roaming\YYQXZWR.exe <==== ATTENTION
Task: {AC4687E8-CF2B-48CD-AECB-0A73F3B4241A} - System32\Tasks\VORM => C:\Users\Agneta\AppData\Roaming\VORM.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\VORM.job => C:\Users\Agneta\AppData\Roaming\VORM.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\YYQXZWR.job => C:\Users\Agneta\AppData\Roaming\YYQXZWR.exe <==== ATTENTION
IE trusted site: HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\...\starstable.com -> starstable.com
IE trusted site: HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\...\webcompanion.com -> hxxp://webcompanion.com
FirewallRules: [{DEEEAB7B-5F89-47D7-9AFA-62488631957E}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe
FirewallRules: [{3715FAB3-B1F1-44B4-B157-7B8466F5E2FF}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe

CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
EmptyTemp:

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.
Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.
Om datorn inte startas om automatiskt så gör det själv.

Programmet skapar en logg Fixlog.txt på skrivbordet.
Klistra in innehållet i den i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Fix result of Farbar Recovery Scan Tool (x64) Version:10-09-2015

Ran by Agneta (2015-09-10 17:46:04) Run:1

Running from C:\Users\Agneta\Desktop

Loaded Profiles: Agneta (Available Profiles: Agneta)

Boot Mode: Normal

==============================================

 

fixlist content:

*****************

 

*****************

 

 

==== End of Fixlog 17:46:04 ====

Länk till kommentar
Dela på andra webbplatser

då kör vi igen...... har inte daglig kontakt med datorn.... men nu så... 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015

Ran by Agneta (2015-09-15 19:10:33) Run:2

Running from C:\Users\Agneta\Desktop

Loaded Profiles: Agneta (Available Profiles: Agneta)

Boot Mode: Normal

==============================================

 

fixlist content:

*****************

CreateRestorePoint:

CloseProcesses:

Tcpip\..\Interfaces\{A78C6BB0-3585-45B6-8985-09E73903E4A8}: [NameServer] 82.163.143.172,82.163.142.174

Tcpip\..\Interfaces\{F274A920-E23C-473F-AA25-B7A0FC9A7530}: [NameServer] 82.163.143.172,82.163.142.174

SearchScopes: HKU\S-1-5-21-1883112917-3408142225-1920773450-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]

S1 xhmrspbt; \??\C:\WINDOWS\system32\drivers\xhmrspbt.sys [X]

2015-08-27 12:40 - 2015-08-27 12:41 - 00000000 ____D C:\ProgramData\1887373585

2015-08-27 12:40 - 2015-08-27 12:41 - 00000000 ____D C:\Program Files (x86)\SnapShopper

2015-08-12 12:18 - 2015-08-27 12:08 - 00000000 ____D C:\Program Files (x86)\RelaySubs

2015-08-12 12:17 - 2015-08-27 12:08 - 00000000 ____D C:\Program Files (x86)\LighterModule

2015-08-12 12:16 - 2015-08-14 09:31 - 00000000 ____D C:\Program Files (x86)\AppendGeneration

2015-09-09 19:44 - 2014-11-04 20:44 - 00001704 _____ C:\WINDOWS\Tasks\YYQXZWR.job

2015-09-09 19:44 - 2014-11-04 20:44 - 00001354 _____ C:\WINDOWS\Tasks\VORM.job

2015-08-31 20:33 - 2014-09-01 10:18 - 00000365 _____ C:\Users\Agneta\AppData\Roaming\YYQXZWR

2015-08-31 20:33 - 2014-09-01 10:18 - 00000365 _____ C:\Users\Agneta\AppData\Roaming\VORM

2015-08-31 20:07 - 2015-07-26 17:23 - 00000000 ____D C:\ProgramData\ejlgmkkckcchbhlimjlmnmpmolmmfkdl

2015-08-31 20:05 - 2015-04-13 11:50 - 00000000 ____D C:\Program Files (x86)\the Paper Link for PubMed

2014-09-01 10:18 - 2015-08-31 20:33 - 0000365 _____ () C:\Users\Agneta\AppData\Roaming\VORM

2014-09-01 10:18 - 2015-08-31 20:33 - 0000365 _____ () C:\Users\Agneta\AppData\Roaming\YYQXZWR

Task: {117D059A-15E2-40D4-BE1E-3CBAD44F2576} - \SPBIW_UpdateTask_Time_313935393537303233312d574a324178345a2a376c455a -> No File <==== ATTENTION

Task: {5FAD6725-52C4-42AC-8361-27A5C7F10C3C} - System32\Tasks\YYQXZWR => C:\Users\Agneta\AppData\Roaming\YYQXZWR.exe <==== ATTENTION

Task: {AC4687E8-CF2B-48CD-AECB-0A73F3B4241A} - System32\Tasks\VORM => C:\Users\Agneta\AppData\Roaming\VORM.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\VORM.job => C:\Users\Agneta\AppData\Roaming\VORM.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\YYQXZWR.job => C:\Users\Agneta\AppData\Roaming\YYQXZWR.exe <==== ATTENTION

IE trusted site: HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\...\localhost -> localhost

IE trusted site: HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\...\starstable.com -> starstable.com

IE trusted site: HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\...\webcompanion.com -> hxxp://webcompanion.com

FirewallRules: [{DEEEAB7B-5F89-47D7-9AFA-62488631957E}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe

FirewallRules: [{3715FAB3-B1F1-44B4-B157-7B8466F5E2FF}] => (Allow) C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe

 

CMD: ipconfig /flushdns

CMD: netsh winsock reset catalog

CMD: netsh int ip reset c:\resetlog.txt

EmptyTemp:

*****************

 

Restore point was successfully created.

Processes closed successfully.

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A78C6BB0-3585-45B6-8985-09E73903E4A8}\\NameServer => value removed successfully

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F274A920-E23C-473F-AA25-B7A0FC9A7530}\\NameServer => value removed successfully

HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully

MBAMSwissArmy => service removed successfully

xhmrspbt => service removed successfully

C:\ProgramData\1887373585 => moved successfully

C:\Program Files (x86)\SnapShopper => moved successfully

C:\Program Files (x86)\RelaySubs => moved successfully

C:\Program Files (x86)\LighterModule => moved successfully

C:\Program Files (x86)\AppendGeneration => moved successfully

C:\WINDOWS\Tasks\YYQXZWR.job => moved successfully

C:\WINDOWS\Tasks\VORM.job => moved successfully

C:\Users\Agneta\AppData\Roaming\YYQXZWR => moved successfully

C:\Users\Agneta\AppData\Roaming\VORM => moved successfully

C:\ProgramData\ejlgmkkckcchbhlimjlmnmpmolmmfkdl => moved successfully

C:\Program Files (x86)\the Paper Link for PubMed => moved successfully

"C:\Users\Agneta\AppData\Roaming\VORM" => File/Folder not found.

"C:\Users\Agneta\AppData\Roaming\YYQXZWR" => File/Folder not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{117D059A-15E2-40D4-BE1E-3CBAD44F2576}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{117D059A-15E2-40D4-BE1E-3CBAD44F2576}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_313935393537303233312d574a324178345a2a376c455a" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5FAD6725-52C4-42AC-8361-27A5C7F10C3C}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FAD6725-52C4-42AC-8361-27A5C7F10C3C}" => key removed successfully

C:\WINDOWS\System32\Tasks\YYQXZWR => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YYQXZWR" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AC4687E8-CF2B-48CD-AECB-0A73F3B4241A}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4687E8-CF2B-48CD-AECB-0A73F3B4241A}" => key removed successfully

C:\WINDOWS\System32\Tasks\VORM => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VORM" => key removed successfully

C:\WINDOWS\Tasks\VORM.job => not found.

C:\WINDOWS\Tasks\YYQXZWR.job => not found.

"HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost" => key removed successfully

"HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\starstable.com" => key removed successfully

"HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => key removed successfully

HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DEEEAB7B-5F89-47D7-9AFA-62488631957E} => value removed successfully

HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3715FAB3-B1F1-44B4-B157-7B8466F5E2FF} => value removed successfully

 

=========  ipconfig /flushdns =========

 

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========= End of CMD: =========

 

 

=========  netsh winsock reset catalog =========

 

 

Sucessfully reset the Winsock Catalog.

You must restart the computer in order to complete the reset.

 

 

========= End of CMD: =========

 

 

=========  netsh int ip reset c:\resetlog.txt =========

 

Resetting Global, OK!

Resetting Interface, OK!

Resetting Neighbor, OK!

Resetting Path, OK!

Resetting , failed.

tkomst nekad.

 

Resetting , OK!

Restart the computer to complete this action.

 

 

========= End of CMD: =========

 

EmptyTemp: => 2.3 GB temporary data Removed.

 

 

The system needed a reboot.. 

 

==== End of Fixlog 19:14:48 ====

Länk till kommentar
Dela på andra webbplatser

Har du något svar på frågan i punkt 1 om Chrome-restriktionerna?

 

Skanna med FRST och bifoga de två nya loggfilerna.

Länk till kommentar
Dela på andra webbplatser

Utmärkt!
 
1. Bara några småsaker kvar att fixa.
Starta programmet Anteckningar.
Kopiera alla rader i rutan:

CreateRestorePoint:
CloseProcesses:
IE trusted site: HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\...\webcompanion.com -> hxxp://webcompanion.com
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-1883112917-3408142225-1920773450-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
2015-08-31 13:06 - 2015-08-31 13:07 - 00772016 _____ (Reimage®) C:\Users\Agneta\Downloads\ReimageRepair.exe
Reboot:

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.
Spara filen på skrivbordet med namnet fixlist.txt.

Stäng av alla program.
Starta FRST som finns på skrivbordet.
Klicka på knappen Fix.
Vänta tills programmet är klart.
Om datorn inte startas om automatiskt så gör det själv.
 

2. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.
Klicka på Uninstall-knappen.

3. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe
Dubbelklicka på filen för att starta programmet.
Tryck på knappen CleanUp! och FRST m.fl. rensningsprogram kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.

4. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/
Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...