Just nu i M3-nätverket
Jump to content

v9 portal


rammega

Recommended Posts

Tror att jag fick in något i min webbläsare när jag skulle ladda ner något.

Här loggen efter det som du pekade ut:

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16490 BrowserJavaVersion: 10.25.2

Run by Thomas at 15:53:56 on 2013-06-28

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.2047.1200 [GMT 2:00]

.

AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

============== Running Processes ================

.

C:\PROGRA~1\AVG\AVG2013\avgrsx.exe

C:\Program Files\AVG\AVG2013\avgcsrvx.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\AVG\AVG2013\avgidsagent.exe

C:\Program Files\AVG\AVG2013\avgwdsvc.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe

C:\Windows\system32\conhost.exe

C:\Program Files\AVG\AVG2013\avgnsx.exe

C:\Program Files\AVG\AVG2013\avgemcx.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\AVG\AVG2013\avgui.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\AVG\AVG2013\avgcsrvx.exe

C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\svchost.exe -k SDRSVC

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.se/

uSearch Bar = hxxp://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

uSearch Page = hxxp://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

uDefault_Page_URL = hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861

uDefault_Search_URL = hxxp://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

mStart Page = hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861

mSearch Bar = hxxp://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

mSearch Page = hxxp://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

mDefault_Page_URL = hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861

mDefault_Search_URL = hxxp://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll

uURLSearchHooks: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - <orphaned>

uURLSearchHooks: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - <orphaned>

uURLSearchHooks: <No Name>: {93a3111f-4f74-4ed8-895e-d9708497629e} - c:\program files\videodownloadconverter_4z\bar\1.bin\4zSrcAs.dll

uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>

dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>

BHO: Toolbar BHO: {312f84fb-8970-4fd3-bddb-7012eac4afc9} - c:\program files\videodownloadconverter_4z\bar\1.bin\4zbar.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -

BHO: AppGraffiti: {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - c:\program files\appgraffiti\AppGraffiti.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - c:\users\thomas\appdata\roaming\defaulttab\defaulttab\DefaultTabBHO.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.3.0.11\AVG Secure Search_toolbar.dll

BHO: Search Assistant BHO: {c547c6c2-561b-4169-a2a5-20ba771ca93b} - c:\program files\videodownloadconverter_4z\bar\1.bin\4zSrcAs.dll

BHO: Help the General-Search Project: {CA4520F3-AE13-4FB1-A513-58E23991C86D} - c:\users\thomas\appdata\roaming\media finder\extensions\gencrawler_gc.dll

BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.3.0.11\AVG Secure Search_toolbar.dll

TB: VideoDownloadConverter: {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - c:\program files\videodownloadconverter_4z\bar\1.bin\4zbar.dll

TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>

TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll

uRun: [AGupdate] c:\program files\appgraffiti\AGupdate.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [vProt] "c:\program files\avg secure search\vprot.exe"

mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYASwBQAEMAQgAtADYAQgBXAEYATQAtAFQAUgBMAFEAUgAtAEIAUgBVAEgAUAAtAEMAUAA4ADYARwA"&"inst=NwA3AC0AMQAyADQAOAA1ADcAMQA2ADIANgAtAFMAVAAxADIATwBJACsAMQAtAEQARABUACsAMAAtAFgATwA5ACsAMQAtAEYATAArADkALQBTAFQAOQAwAEYAQQBQAFAAKwAxAA"&"prod=90"&"ver=9.0.914

StartupFolder: c:\users\thomas\appdata\roaming\micros~1\windows\startm~1\programs\startup\skrmur~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: Download with &Media Finder - c:\program files\media finder\hook.html

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: NameServer = 83.255.245.11 193.150.193.150

TCP: Interfaces\{A1F5EA41-C570-4349-84A5-E7689B9B08D9} : DHCPNameServer = 83.255.245.11 193.150.193.150

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.3.0\ViProtocol.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]

R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-3-29 208184]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-3 37664]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]

R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.3.0\ToolbarUpdater.exe [2013-6-27 1598128]

R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x86.sys [2009-6-25 47104]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-4-5 52224]

S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\wat\WatAdminSvc.exe [2012-3-31 1343400]

S4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-8-18 176128]

S4 DefaultTabSearch;DefaultTabSearch;c:\program files\defaulttab\DefaultTabSearch.exe [2013-2-11 572928]

S4 DefaultTabUpdate;DefaultTabUpdate;c:\users\thomas\appdata\roaming\defaulttab\defaulttab\DTUpdate.exe [2013-3-13 107520]

S4 VideoDownloadConverter_4zService;VideoDownloadConverterService;c:\progra~1\videod~2\bar\1.bin\4zbarsvc.exe [2012-12-29 42504]

.

=============== Created Last 30 ================

.

2013-06-28 10:04:18 -------- d-----w- c:\users\thomas\appdata\roaming\eIntaller

2013-06-25 15:21:44 -------- d-----w- c:\users\thomas\appdata\local\APN

2013-06-25 15:21:44 -------- d-----w- c:\program files\Ask.com

2013-06-22 18:02:42 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-06-22 11:11:27 -------- d-----w- c:\program files\AVG Secure Search

2013-06-16 15:06:18 -------- d-----w- c:\programdata\Uniblue

2013-06-16 15:05:52 -------- d-----w- c:\program files\AppGraffiti

2013-06-16 15:05:43 -------- d-----w- c:\users\thomas\appdata\roaming\OpenCandy

2013-06-12 05:26:14 1505280 ----a-w- c:\windows\system32\d3d11.dll

2013-06-12 05:26:06 24576 ----a-w- c:\windows\system32\cryptdlg.dll

2013-06-12 05:26:03 492544 ----a-w- c:\windows\system32\win32spl.dll

2013-06-12 05:26:00 903168 ----a-w- c:\windows\system32\certutil.exe

2013-06-12 05:26:00 43008 ----a-w- c:\windows\system32\certenc.dll

2013-06-12 05:26:00 140288 ----a-w- c:\windows\system32\cryptsvc.dll

2013-06-12 05:26:00 1160192 ----a-w- c:\windows\system32\crypt32.dll

2013-06-12 05:26:00 103936 ----a-w- c:\windows\system32\cryptnet.dll

2013-06-12 05:25:57 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll

2013-06-12 05:25:55 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-06-12 05:25:55 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-06-12 05:25:54 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-06-09 12:57:12 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll

2013-06-09 12:57:12 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll

2013-06-09 12:57:12 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll

2013-06-09 12:57:11 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll

2013-06-09 12:57:11 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll

.

==================== Find3M ====================

.

2013-06-27 08:31:42 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2013-06-22 18:02:36 867240 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-06-22 18:02:36 789416 ----a-w- c:\windows\system32\deployJava1.dll

2013-06-19 06:46:44 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-06-19 06:46:44 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-05-16 22:39:39 1800704 ----a-w- c:\windows\system32\jscript9.dll

2013-05-16 22:28:26 1129472 ----a-w- c:\windows\system32\wininet.dll

2013-05-16 22:27:30 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-05-16 22:21:37 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2013-05-16 22:20:30 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-05-16 22:16:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2013-05-01 01:59:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2013-05-01 01:59:12 69632 ----a-w- c:\windows\system32\QuickTime.qts

2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll

2013-04-12 13:45:29 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-04-10 05:18:40 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2013-04-10 05:18:40 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2013-04-10 03:14:06 2347520 ----a-w- c:\windows\system32\win32k.sys

.

============= FINISH: 15:54:52,23 ===============

Link to comment
Share on other sites

  • Replies 56
  • Created
  • Last Reply

1. Avinstallera det som finns av följande:

AppGraffiti pga http://www.systemlookup.com/CLSID/72887-AppGraffiti_dll_APPGRA_1_DLL.html

Ask Toolbar se http://www.systemlookup.com/CLSID/56968-GenericAskToolbar_dll_GENERI_1_DLL.html

AVG Security Toolbar http://www.systemlookup.com/CLSID/73582-AVG_Secure_Search_toolbar_dll_AVG_SafeGuard_toolbar_toolbar_dll.html

DefaultTab http://www.systemlookup.com/CLSID/75777-DefaultTabBHO_dll.html

Search Assistant http://www.systemlookup.com/CLSID/76045-4zSrcAs_dll.html

VideoDownloadConverter Toolbar http://www.systemlookup.com/CLSID/76047-4zbar_dll.html

 

Om det trots allt är något du vill ha, kan du installera när vi är klara med din dator.

 

Starta om datorn.

 

2. Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Search-knappen.

Vänta tills sökningen är klar.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R1].txt

Link to comment
Share on other sites

Vet inte om jag fick med mig allt. Kändes inte som jag hängede med här riktigt.

# AdwCleaner v2.303 - Logfile created 06/28/2013 at 19:44:27

# Updated 08/06/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)

# User : Thomas - THOMAS-DATOR

# Boot Mode : Normal

# Running from : C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6P1DG91\adwcleaner.exe

# Option [search]

 

 

***** [services] *****

 

Found : DefaultTabSearch

Found : DefaultTabUpdate

Found : VideoDownloadConverter_4zService

 

***** [Files / Folders] *****

 

File Found : C:\END

File Found : C:\user.js

File Found : C:\Users\Thomas\AppData\Local\funmoods.crx

File Found : C:\Users\Thomas\AppData\Local\funmoods-speeddial_sf.crx

File Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage

File Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage

File Found : C:\Users\Thomas\AppData\Local\Temp\Searchqu.ini

File Found : C:\Users\Thomas\AppData\Local\Temp\searchqutoolbar-manifest.xml

File Found : C:\Users\Thomas\AppData\Local\Temp\SetupDataMngr_Searchqu.exe

File Found : C:\Users\Thomas\AppData\Local\Temp\Uninstall.exe

File Found : C:\Windows\system32\roboot.exe

File Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( arg. : hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861)

File Infected : C:\Users\Public\Desktop\Google Chrome.lnk ( arg. : hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861)

File Infected : C:\Users\Thomas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( arg. : hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861)

File Infected : C:\Users\Thomas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( arg. : hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861)

File Infected : C:\Users\Thomas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( arg. : hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861)

File Infected : C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( arg. : hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861)

File Infected : C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( arg. : hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861)

File Infected : C:\Users\Thomas\Desktop\Internet Explorer.lnk ( arg. : hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861)

Folder Found : C:\Program Files\Ask.com

Folder Found : C:\Program Files\AVG Secure Search

Folder Found : C:\Program Files\Common Files\AVG Secure Search

Folder Found : C:\Program Files\Conduit

Folder Found : C:\Program Files\DefaultTab

Folder Found : C:\Program Files\Protected Search

Folder Found : C:\Program Files\VideoDownloadConverter_4z

Folder Found : C:\ProgramData\Ask

Folder Found : C:\ProgramData\AVG Secure Search

Folder Found : C:\ProgramData\Babylon

Folder Found : C:\ProgramData\boost_interprocess

Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder

Folder Found : C:\ProgramData\Tarma Installer

Folder Found : C:\Users\Thomas\AppData\Local\APN

Folder Found : C:\Users\Thomas\AppData\Local\AVG Secure Search

Folder Found : C:\Users\Thomas\AppData\Local\Conduit

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfgjgjocindbigfeflefmjheagmnjob

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfgjgjocindbigfeflefmjheagmnjob

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Folder Found : C:\Users\Thomas\AppData\Local\SwvUpdater

Folder Found : C:\Users\Thomas\AppData\Local\Temp\avg@toolbar

Folder Found : C:\Users\Thomas\AppData\LocalLow\AVG Secure Search

Folder Found : C:\Users\Thomas\AppData\LocalLow\AVG Security Toolbar

Folder Found : C:\Users\Thomas\AppData\LocalLow\BabylonToolbar

Folder Found : C:\Users\Thomas\AppData\LocalLow\Claro LTD

Folder Found : C:\Users\Thomas\AppData\LocalLow\Conduit

Folder Found : C:\Users\Thomas\AppData\LocalLow\Industriya

Folder Found : C:\Users\Thomas\AppData\LocalLow\PriceGong

Folder Found : C:\Users\Thomas\AppData\LocalLow\SimplyTech

Folder Found : C:\Users\Thomas\AppData\LocalLow\VideoDownloadConverter_4z

Folder Found : C:\Users\Thomas\AppData\Roaming\Babylon

Folder Found : C:\Users\Thomas\AppData\Roaming\DealPly

Folder Found : C:\Users\Thomas\AppData\Roaming\DefaultTab

Folder Found : C:\Users\Thomas\AppData\Roaming\eIntaller

Folder Found : C:\Users\Thomas\AppData\Roaming\ExpressFiles

Folder Found : C:\Users\Thomas\AppData\Roaming\Media Finder

Folder Found : C:\Users\Thomas\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com

Folder Found : C:\Users\Thomas\AppData\Roaming\OpenCandy

Folder Found : C:\Users\Thomas\AppData\Roaming\PerformerSoft

Folder Found : C:\Users\Thomas\AppData\Roaming\StatusWinks

Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

 

***** [Registry] *****

 

Data Found : HKLM\...\StartMenuInternet\Google Chrome [(Default)] = "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861

Data Found : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Program Files\Internet Explorer\iexplore.exe hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861

Key Found : HKCU\Software\5ce8ddfb33ced40

Key Found : HKCU\Software\APN

Key Found : HKCU\Software\APN PIP

Key Found : HKCU\Software\AppDataLow\Software\AskToolbar

Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Found : HKCU\Software\AppDataLow\Software\DefaultTab

Key Found : HKCU\Software\AppDataLow\Software\PriceGong

Key Found : HKCU\Software\AppDataLow\Software\SmartBar

Key Found : HKCU\Software\Ask.com

Key Found : HKCU\Software\AVG Secure Search

Key Found : HKCU\Software\BabylonToolbar

Key Found : HKCU\Software\BI

Key Found : HKCU\Software\Blabbers

Key Found : HKCU\Software\BrowserCompanion

Key Found : HKCU\Software\Conduit

Key Found : HKCU\Software\CToolbar

Key Found : HKCU\Software\DataMngr

Key Found : HKCU\Software\DataMngr_Toolbar

Key Found : HKCU\Software\Default Tab

Key Found : HKCU\Software\DefaultTab

Key Found : HKCU\Software\ExpressFiles

Key Found : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Key Found : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Key Found : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Key Found : HKCU\Software\Google\Chrome\Extensions\hlfgjgjocindbigfeflefmjheagmnjob

Key Found : HKCU\Software\Google\Chrome\Extensions\hlfgjgjocindbigfeflefmjheagmnjob

Key Found : HKCU\Software\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh

Key Found : HKCU\Software\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh

Key Found : HKCU\Software\IGearSettings

Key Found : HKCU\Software\InstallCore

Key Found : HKCU\Software\MediaFinder

Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}

Key Found : HKCU\Software\PIP

Key Found : HKCU\Software\SmartBar

Key Found : HKCU\Software\StartSearch

Key Found : HKLM\SOFTWARE\5ce8ddfb33ced40

Key Found : HKLM\Software\APN

Key Found : HKLM\Software\AskToolbar

Key Found : HKLM\Software\AVG Secure Search

Key Found : HKLM\Software\AVG Security Toolbar

Key Found : HKLM\Software\Babylon

Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Found : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}

Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Found : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser

Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1

Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX

Key Found : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1

Key Found : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc

Key Found : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1

Key Found : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler

Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd

Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1

Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}

Key Found : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}

Key Found : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}

Key Found : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}

Key Found : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Found : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}

Key Found : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}

Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Found : HKLM\SOFTWARE\Classes\MF

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol

Key Found : HKLM\SOFTWARE\Classes\S

Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1700389

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3106575

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3176921

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3209604

Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3220468

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin

Key Found : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1

Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Found : HKLM\Software\Conduit

Key Found : HKLM\Software\CToolbar

Key Found : HKLM\Software\DataMngr

Key Found : HKLM\Software\Default Tab

Key Found : HKLM\Software\DefaultTab

Key Found : HKLM\Software\ExpressFiles

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hlfgjgjocindbigfeflefmjheagmnjob

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hlfgjgjocindbigfeflefmjheagmnjob

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cfd485f0-96bd-47cd-bb6d-cd7dda95f102}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater

Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Media Finder

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall

Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Found : HKLM\Software\PIP

Key Found : HKLM\Software\Tarma Installer

Key Found : HKLM\Software\V9Software

Key Found : HKU\S-1-5-21-1954160073-2374627216-4273398579-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKU\S-1-5-21-1954160073-2374627216-4273398579-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : HKU\S-1-5-21-1954160073-2374627216-4273398579-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKU\S-1-5-21-1954160073-2374627216-4273398579-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}]

Value Found : HKCU\Software\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16490

 

[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861

 

-\\ Google Chrome v27.0.1453.116

 

File : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt - [35882 octets] - [28/06/2013 19:44:27]

 

########## EOF - C:\AdwCleaner[R1].txt - [35943 octets] ##########

Link to comment
Share on other sites

Varit en hel del toolbars och liknande i den dator tror jag visst ;)

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Delete-knappen.

Tryck på OK.

 

Datorn kommer att startas om.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[s1].txt

 

 

Hur fungerar webbläsarna nu?

Link to comment
Share on other sites

Ser bra ut.

Här kommer loggen.

Vad orsakade detta tror du?

 

# AdwCleaner v2.303 - Logfile created 06/29/2013 at 09:21:24

# Updated 08/06/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)

# User : Thomas - THOMAS-DATOR

# Boot Mode : Normal

# Running from : C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7H7V6FY\adwcleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

Stopped & Deleted : DefaultTabSearch

Stopped & Deleted : DefaultTabUpdate

Stopped & Deleted : VideoDownloadConverter_4zService

 

***** [Files / Folders] *****

 

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search

Deleted on reboot : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Deleted on reboot : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfgjgjocindbigfeflefmjheagmnjob

Deleted on reboot : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh

File Deleted : C:\END

File Deleted : C:\user.js

File Deleted : C:\Users\Thomas\AppData\Local\funmoods.crx

File Deleted : C:\Users\Thomas\AppData\Local\funmoods-speeddial_sf.crx

File Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage

File Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage

File Deleted : C:\Users\Thomas\AppData\Local\Temp\Searchqu.ini

File Deleted : C:\Users\Thomas\AppData\Local\Temp\searchqutoolbar-manifest.xml

File Deleted : C:\Users\Thomas\AppData\Local\Temp\SetupDataMngr_Searchqu.exe

File Deleted : C:\Users\Thomas\AppData\Local\Temp\Uninstall.exe

File Deleted : C:\Windows\system32\roboot.exe

File Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk

File Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk

File Disinfected : C:\Users\Thomas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

File Disinfected : C:\Users\Thomas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

File Disinfected : C:\Users\Thomas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

File Disinfected : C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

File Disinfected : C:\Users\Thomas\Desktop\Internet Explorer.lnk

Folder Deleted : C:\Program Files\Ask.com

Folder Deleted : C:\Program Files\AVG Secure Search

Folder Deleted : C:\Program Files\Conduit

Folder Deleted : C:\Program Files\DefaultTab

Folder Deleted : C:\Program Files\Protected Search

Folder Deleted : C:\Program Files\VideoDownloadConverter_4z

Folder Deleted : C:\ProgramData\Ask

Folder Deleted : C:\ProgramData\AVG Secure Search

Folder Deleted : C:\ProgramData\Babylon

Folder Deleted : C:\ProgramData\boost_interprocess

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\Users\Thomas\AppData\Local\APN

Folder Deleted : C:\Users\Thomas\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\Thomas\AppData\Local\Conduit

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlfgjgjocindbigfeflefmjheagmnjob

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Folder Deleted : C:\Users\Thomas\AppData\Local\SwvUpdater

Folder Deleted : C:\Users\Thomas\AppData\Local\Temp\avg@toolbar

Folder Deleted : C:\Users\Thomas\AppData\LocalLow\AVG Secure Search

Folder Deleted : C:\Users\Thomas\AppData\LocalLow\AVG Security Toolbar

Folder Deleted : C:\Users\Thomas\AppData\LocalLow\BabylonToolbar

Folder Deleted : C:\Users\Thomas\AppData\LocalLow\Claro LTD

Folder Deleted : C:\Users\Thomas\AppData\LocalLow\Conduit

Folder Deleted : C:\Users\Thomas\AppData\LocalLow\Industriya

Folder Deleted : C:\Users\Thomas\AppData\LocalLow\PriceGong

Folder Deleted : C:\Users\Thomas\AppData\LocalLow\SimplyTech

Folder Deleted : C:\Users\Thomas\AppData\LocalLow\VideoDownloadConverter_4z

Folder Deleted : C:\Users\Thomas\AppData\Roaming\Babylon

Folder Deleted : C:\Users\Thomas\AppData\Roaming\DealPly

Folder Deleted : C:\Users\Thomas\AppData\Roaming\DefaultTab

Folder Deleted : C:\Users\Thomas\AppData\Roaming\eIntaller

Folder Deleted : C:\Users\Thomas\AppData\Roaming\ExpressFiles

Folder Deleted : C:\Users\Thomas\AppData\Roaming\Media Finder

Folder Deleted : C:\Users\Thomas\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com

Folder Deleted : C:\Users\Thomas\AppData\Roaming\OpenCandy

Folder Deleted : C:\Users\Thomas\AppData\Roaming\PerformerSoft

Folder Deleted : C:\Users\Thomas\AppData\Roaming\StatusWinks

Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

 

***** [Registry] *****

 

Data Deleted : HKLM\...\StartMenuInternet\Google Chrome [(Default)] = "C:\Program Files\Google\Chrome\Application\chrome.exe" hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861

Data Deleted : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Program Files\Internet Explorer\iexplore.exe hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861

Key Deleted : HKCU\Software\5ce8ddfb33ced40

Key Deleted : HKCU\Software\APN

Key Deleted : HKCU\Software\APN PIP

Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKCU\Software\Ask.com

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\BabylonToolbar

Key Deleted : HKCU\Software\BI

Key Deleted : HKCU\Software\Blabbers

Key Deleted : HKCU\Software\BrowserCompanion

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\CToolbar

Key Deleted : HKCU\Software\DataMngr

Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\Default Tab

Key Deleted : HKCU\Software\DefaultTab

Key Deleted : HKCU\Software\ExpressFiles

Key Deleted : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Key Deleted : HKCU\Software\Google\Chrome\Extensions\hlfgjgjocindbigfeflefmjheagmnjob

Key Deleted : HKCU\Software\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh

Key Deleted : HKCU\Software\IGearSettings

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\MediaFinder

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}

Key Deleted : HKCU\Software\PIP

Key Deleted : HKCU\Software\SmartBar

Key Deleted : HKCU\Software\StartSearch

Key Deleted : HKLM\SOFTWARE\5ce8ddfb33ced40

Key Deleted : HKLM\Software\APN

Key Deleted : HKLM\Software\AskToolbar

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX

Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1

Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc

Key Deleted : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1

Key Deleted : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler

Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd

Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1

Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\MF

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\S

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1700389

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3106575

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3176921

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3209604

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin

Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\CToolbar

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\Default Tab

Key Deleted : HKLM\Software\DefaultTab

Key Deleted : HKLM\Software\ExpressFiles

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hlfgjgjocindbigfeflefmjheagmnjob

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\iibmmjhgclhlahmjniokmhleigemjpbh

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cfd485f0-96bd-47cd-bb6d-cd7dda95f102}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater

Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Media Finder

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\Software\PIP

Key Deleted : HKLM\Software\Tarma Installer

Key Deleted : HKLM\Software\V9Software

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}]

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [statuswinks@StatusWinks]

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16490

 

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861 --> hxxp://www.google.com

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861 --> hxxp://www.google.com

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861 --> hxxp://www.google.com

 

-\\ Google Chrome v27.0.1453.116

 

File : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt - [36013 octets] - [28/06/2013 19:44:27]

AdwCleaner[R2].txt - [36074 octets] - [29/06/2013 09:21:12]

AdwCleaner[s1].txt - [34661 octets] - [29/06/2013 09:21:24]

 

########## EOF - C:\AdwCleaner[s1].txt - [34722 octets] ##########

Link to comment
Share on other sites

Toolbars och ändrade söksidor brukar dyka upp när man installerar gratisprogram utan att avbocka onödiga saker under installationen.

 

Klistra in en ny DDS-logg så får vi se om där syns något mer.

Link to comment
Share on other sites

Toolbars och ändrade söksidor brukar dyka upp när man installerar gratisprogram utan att avbocka onödiga saker under installationen.

 

Klistra in en ny DDS-logg så får vi se om där syns något mer.

Tack för att du rädda mig igen.

Andra gången.

Ser bar ut i loggen.

# AdwCleaner v2.303 - Logfile created 06/29/2013 at 14:30:34

# Updated 08/06/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)

# User : Thomas - THOMAS-DATOR

# Boot Mode : Normal

# Running from : C:\Users\Thomas\Desktop\adwcleaner.exe

# Option [search]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Folder Found : C:\Program Files\Common Files\AVG Secure Search

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Folder Found : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

 

***** [Registry] *****

 

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16490

 

[OK] Registry is clean.

 

-\\ Google Chrome v27.0.1453.116

 

File : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt - [36013 octets] - [28/06/2013 19:44:27]

AdwCleaner[R2].txt - [36074 octets] - [29/06/2013 09:21:12]

AdwCleaner[R3].txt - [1460 octets] - [29/06/2013 14:30:34]

AdwCleaner[s1].txt - [34792 octets] - [29/06/2013 09:21:24]

 

########## EOF - C:\AdwCleaner[R3].txt - [1581 octets] ##########

Link to comment
Share on other sites

Kom tillbaka en del Chrome-grejer. Bäst att kolla med ett annat program som visar mer om Chrome än DDS.

 

Spara OTL på Skrivbordet.

http://oldtimer.geekstogo.com/OTL.exe

Stäng alla program.

Kör OTL.

 

Tryck på Quick Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTL.txt och Extras.txt. I ditt svar klistrar du in loggen OTL.txt.

Link to comment
Share on other sites

Kom tillbaka en del Chrome-grejer. Bäst att kolla med ett annat program som visar mer om Chrome än DDS.

 

Spara OTL på Skrivbordet.

http://oldtimer.geekstogo.com/OTL.exe

Stäng alla program.

Kör OTL.

 

Tryck på Quick Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTL.txt och Extras.txt. I ditt svar klistrar du in loggen OTL.txt.

Hej:

OTL logfile created on: 2013-06-29 20:45:14 - Run 2

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thomas\Downloads

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,43% Memory free

4,00 Gb Paging File | 3,10 Gb Available in Paging File | 77,57% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 48,83 Gb Total Space | 2,96 Gb Free Space | 6,05% Space Free | Partition Type: NTFS

Drive G: | 149,04 Gb Total Space | 35,13 Gb Free Space | 23,57% Space Free | Partition Type: NTFS

Drive H: | 14,61 Gb Total Space | 14,56 Gb Free Space | 99,67% Space Free | Partition Type: FAT32

 

Computer Name: THOMAS-DATOR | User Name: Thomas | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Thomas\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe (AVG Secure Search)

PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe (Adobe Systems Incorporated)

PRC - C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\PROGRA~1\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2013\avgemcx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2013\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Program Files\WinRAR\rarext.dll ()

 

 

========== Services (SafeList) ==========

 

SRV - (vToolbarUpdater15.3.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe (AVG Secure Search)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (avgwd) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)

SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (synasusb) -- System32\Drivers\synasusb.sys File not found

DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)

DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)

DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)

DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (AtcL001) -- C:\Windows\System32\drivers\l160x86.sys (Atheros Communications, Inc.)

DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com'>http://www.google.com'>http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026'>http://search.protectedsearch.com?si=41570&home=true&tid=3026'>http://search.protectedsearch.com?si=41570&home=true&tid=3026'>http://search.protectedsearch.com?si=41570&home=true&tid=3026'>http://search.protectedsearch.com?si=41570&home=true&tid=3026'>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protectedsearch.com?si=41570&home=true&tid=3026

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{1E8C10F6-2267-3F96-5E45-6AA347545140}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=421&sr=0&q={searchTerms}'>http://dts.search-results.com/sr?src=ieb&appid=101&systemid=421&sr=0&q={searchTerms}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B2 A0 07 1D 28 0F CD 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protectedsearch.com?si=41570&home=true&tid=3026

IE - HKCU\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - No CLSID value found

IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found

IE - HKCU\..\URLSearchHook: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - No CLSID value found

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{1E8C10F6-2267-3F96-5E45-6AA347545140}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=421&sr=0&q={searchTerms}

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{6C0C94DF-0F0F-434E-AB80-54BAF67C5B2F}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}

IE - HKCU\..\SearchScopes\{76B059C9-1110-4D84-A183-C24EBB52EF07}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3176921&CUI=UN16722039481921587

IE - HKCU\..\SearchScopes\{B7F617FC-B306-4F9E-912C-36460BCAF600}: "URL" = http://searchou.com/?q={searchTerms}&id=78c67011000000000000001fc6b7feab&affilt=5&r=114

IE - HKCU\..\SearchScopes\{FC19BAB3-A5DC-4587-83A4-E0156304F9B8}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYSE&apn_uid=ABF0FEF4-CA04-4F1C-893C-E0F871A9016E&apn_sauid=1AFAA042-4601-4CB7-939A-E2322A1904F3

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

========== FireFox ==========

 

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program Files\Personal\bin\np_prsnl.dll (Technology Nexus AB)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll File not found

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin

 

[2013-02-14 22:49:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions

[2013-02-14 22:49:00 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions\statuswinks@StatusWinks

[2013-01-01 16:07:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\extensions

[2013-01-01 16:07:46 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}

[2012-09-01 11:13:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

 

========== Chrome ==========

 

CHR - default_search_provider: ()

CHR - default_search_provider: search_url =

CHR - default_search_provider: suggest_url =

CHR - homepage: http://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.9_0\

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

 

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll File not found

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5C4CAE29-C754-4CA3-89E1-90B82459159A} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1} - No CLSID value found.

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: ordspel.se ([www] https in Betrodda platser)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.255.245.11 193.150.193.150

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1F5EA41-C570-4349-84A5-E7689B9B08D9}: DhcpNameServer = 83.255.245.11 193.150.193.150

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2013-06-22 20:02:49 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2013-06-22 20:02:42 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2013-06-22 20:02:31 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2013-06-18 11:39:18 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\Time to say gbye bilder

[2013-06-16 17:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue

[2013-06-12 10:41:46 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2013-06-12 10:41:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2013-06-12 10:41:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2013-06-12 10:41:43 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2013-06-12 10:41:43 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2013-06-12 10:41:43 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2013-06-12 10:41:42 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2013-06-12 10:41:42 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2013-06-12 07:26:14 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll

[2013-06-12 07:26:06 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll

[2013-06-12 07:26:00 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe

[2013-06-12 07:26:00 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll

[2013-06-12 07:25:55 | 003,968,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2013-06-12 07:25:55 | 003,913,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2013-06-09 14:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2013-06-09 14:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2013-06-09 14:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2013-06-04 13:25:33 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\Balen

 

========== Files - Modified Within 30 Days ==========

 

[2013-06-29 20:40:59 | 000,307,664 | ---- | M] () -- C:\Users\Thomas\Desktop\verkslask_02.wav.gpk

[2013-06-29 20:40:52 | 003,120,611 | ---- | M] () -- C:\Users\Thomas\Desktop\verkslask_02.mp3

[2013-06-29 20:33:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013-06-29 20:30:08 | 051,591,388 | ---- | M] () -- C:\Users\Thomas\Desktop\verkslask_02.wav

[2013-06-29 20:07:01 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013-06-29 20:07:01 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013-06-29 19:59:51 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013-06-29 19:59:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013-06-29 19:59:45 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys

[2013-06-29 13:54:00 | 000,000,982 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013-06-29 09:22:08 | 000,000,478 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat

[2013-06-29 09:21:56 | 000,001,248 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2013-06-29 09:21:56 | 000,001,120 | ---- | M] () -- C:\Users\Thomas\Desktop\Internet Explorer.lnk

[2013-06-28 19:42:14 | 000,648,201 | ---- | M] () -- C:\Users\Thomas\Desktop\adwcleaner.exe

[2013-06-27 10:31:42 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys

[2013-06-22 20:02:37 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll

[2013-06-22 20:02:36 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll

[2013-06-22 20:02:36 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll

[2013-06-22 20:02:36 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe

[2013-06-22 20:02:36 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe

[2013-06-22 13:11:47 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk

[2013-06-19 08:48:20 | 000,000,022 | ---- | M] () -- C:\Users\Thomas\Desktop\fp2006-final-3.00-setup.zip

[2013-06-19 08:46:44 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe

[2013-06-19 08:46:44 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2013-06-09 14:57:01 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2013-06-09 10:33:45 | 000,068,762 | ---- | M] () -- C:\Users\Thomas\Desktop\aktivitetsstöd.pdf

 

========== Files Created - No Company Name ==========

 

[2013-06-29 20:40:46 | 003,120,611 | ---- | C] () -- C:\Users\Thomas\Desktop\verkslask_02.mp3

[2013-06-29 20:38:09 | 000,307,664 | ---- | C] () -- C:\Users\Thomas\Desktop\verkslask_02.wav.gpk

[2013-06-29 20:36:17 | 051,591,388 | ---- | C] () -- C:\Users\Thomas\Desktop\verkslask_02.wav

[2013-06-29 09:21:33 | 000,000,478 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat

[2013-06-28 19:42:14 | 000,648,201 | ---- | C] () -- C:\Users\Thomas\Desktop\adwcleaner.exe

[2013-06-25 11:04:53 | 000,001,270 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skärmurklipp och start för OneNote 2007.lnk

[2013-06-18 16:48:45 | 004,964,195 | ---- | C] () -- C:\Users\Thomas\Desktop\Rain.wmv

[2013-06-09 14:57:01 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2013-06-09 10:33:45 | 000,068,762 | ---- | C] () -- C:\Users\Thomas\Desktop\aktivitetsstöd.pdf

[2013-03-13 22:05:50 | 000,000,254 | RHS- | C] () -- C:\Users\Thomas\ntuser.pol

[2013-02-11 23:02:16 | 003,211,264 | ---- | C] () -- C:\Users\Thomas\DevelopmentStorageDb201210.mdf

[2013-02-11 23:02:16 | 000,851,968 | ---- | C] () -- C:\Users\Thomas\DevelopmentStorageDb201210_log.ldf

[2013-01-01 16:08:48 | 000,011,264 | ---- | C] () -- C:\Windows\Launcher.exe

[2012-11-26 11:31:52 | 000,000,045 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe.cfg

[2012-11-26 11:31:49 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe

[2012-11-18 14:05:47 | 000,000,027 | ---- | C] () -- C:\Program Files\plugins.dat

[2012-10-01 16:40:10 | 000,044,680 | ---- | C] () -- C:\Windows\System32\drivers\EUBKMON.sys

[2012-09-11 16:20:21 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll

[2012-04-05 17:41:10 | 000,139,152 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\PnkBstrK.sys

[2012-04-05 17:40:38 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe

[2012-04-04 14:13:36 | 000,064,000 | ---- | C] () -- C:\Windows\System32\esfw41.bin

[2012-04-03 19:04:24 | 000,009,322 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\Kommaavgränsade värden (Windows).EML

[2012-04-03 18:45:17 | 000,000,235 | ---- | C] () -- C:\Windows\TEXTWARE.INI

[2012-04-03 18:45:09 | 000,099,714 | ---- | C] () -- C:\Windows\SETUP1.EXE

[2012-04-03 18:05:14 | 000,038,432 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\Kommaavgränsade värden (Windows).ADR

[2012-03-31 17:04:39 | 000,000,031 | ---- | C] () -- C:\Program Files\plugins-04041e-7e8.dat

[2012-03-30 23:41:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

 

========== ZeroAccess Check ==========

 

[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 143 bytes -> C:\Users\Thomas\AppData\Roaming\Kommaavgränsade värden (Windows).EML:OECustomProperty

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:AD022376

 

< End of report >

Link to comment
Share on other sites

Verkar ha återkommit en del. Avinstallera program från Uniblue för det verkar ha kommit in i datorn vid samma tillfälle som mycket annat olämpligt/skadligt.

 

Avinstallera igen följande:

AVG Security Toolbar http://www.systemloo...oolbar_dll.html

 

Firefox - Verktyg - Hantera tillägg

Kolla på de olika flikarna till vänster om du kan hitta "Smiley Bar for Facebook" och "uTorrentControl". Avinstallera eller inaktivera om det inte går att avinstallera.

 

Är det så att du synkroniserar tillägg i Chrome mellan flera datorer så att om de tas bort i en dator så återkommer de sen vid en synkning?

 

Vad finns det för tillägg enligt Chrome?

Se https://support.google.com/chrome/answer/187443?hl=sv

Går det att få fram vilket tillägg som motsvarar vilken av dessa rader, t ex genom att titta på versionsnummer?

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.9_0\

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

Link to comment
Share on other sites

Verkar ha återkommit en del. Avinstallera program från Uniblue för det verkar ha kommit in i datorn vid samma tillfälle som mycket annat olämpligt/skadligt.

 

Avinstallera igen följande:

AVG Security Toolbar http://www.systemloo...oolbar_dll.html

 

Firefox - Verktyg - Hantera tillägg

Kolla på de olika flikarna till vänster om du kan hitta "Smiley Bar for Facebook" och "uTorrentControl". Avinstallera eller inaktivera om det inte går att avinstallera.

 

Är det så att du synkroniserar tillägg i Chrome mellan flera datorer så att om de tas bort i en dator så återkommer de sen vid en synkning?

 

Vad finns det för tillägg enligt Chrome?

Se https://support.google.com/chrome/answer/187443?hl=sv

Går det att få fram vilket tillägg som motsvarar vilken av dessa rader, t ex genom att titta på versionsnummer?

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.9_0\

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

Dt där var nog överkurs för mig. När jag klickar på länken systemloo.......... så kan den inte visas.

Menar du att andra datorer i nätvrket snappar upp det?

Fattar nada.

Link to comment
Share on other sites

Förlåt, länken om AVG Secure Search blev fel. Här är den rätta: http://www.systemlookup.com/CLSID/62226-IEToolbar_dll_IEToolbar_3_dll.html

 

Man kan synkronisera information i t ex Google-konton så att när man ändrar i en dator så ändras samma sak i ens andra dator/mobil/platta. Men det är något man konfigurerar och inte något som blir automatiskt och med tanke på ditt svar har du nog inte gjort det.

 

1. Stäng av alla program du ser inklusive antivirusprogram och antispionprogram så att de inte krockar med OTL.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

 

Starta programmet OTL (i Vista/Windows7 högerklicka och välj Kör som administratör).

Kopiera alla raderna i rutan:

:OTL
SRV - (vToolbarUpdater15.3.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe (AVG Secure Search)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protec...e=true&tid=3026
IE - HKLM\..\SearchScopes\{1E8C10F6-2267-3F96-5E45-6AA347545140}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protec...e=true&tid=3026
IE - HKCU\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - No CLSID value found
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found
IE - HKCU\..\URLSearchHook: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - No CLSID value found
IE - HKCU\..\SearchScopes\{1E8C10F6-2267-3F96-5E45-6AA347545140}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{6C0C94DF-0F0F-434E-AB80-54BAF67C5B2F}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\..\SearchScopes\{76B059C9-1110-4D84-A183-C24EBB52EF07}: "URL" = http://search.condui...722039481921587
IE - HKCU\..\SearchScopes\{B7F617FC-B306-4F9E-912C-36460BCAF600}: "URL" = http://searchou.com/...&affilt=5&r=114
IE - HKCU\..\SearchScopes\{FC19BAB3-A5DC-4587-83A4-E0156304F9B8}: "URL" = http://websearch.ask...9A-E2322A1904F3
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin
[2013-02-14 22:49:00 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions\statuswinks@StatusWinks
[2013-01-01 16:07:46 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.9_0\
O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5C4CAE29-C754-4CA3-89E1-90B82459159A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

[2013-06-16 17:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:AD022376
:Files
C:\Program Files\Common Files\AVG Secure Search
ipconfig /flushdns /c
:Commands
[CREATERESTOREPOINT]
[REBOOT]

Klistra in dem i rutan Custom Scans/Fixes. Kontrollera att ingen fil har delats upp på två rader.

Tryck på Run Fix.

Om du blir tillfrågad om att starta om datorn så gör det.

Det kommer upp en logg i Anteckningar. Kopiera den och klistra in i ditt svar.

 

Om den inte kommer automatiskt så hittar du den i mappen c:\_OTL\Moved Files med ett namn som innehåller dagens datum och klockslaget för körningen.

 

Se till att aktivera antivirusprogram mm innan du ansluter datorn till internet.

 

2. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Delete-knappen.

Tryck på OK.

 

Datorn kommer att startas om.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[s1].txt

Link to comment
Share on other sites

Förlåt, länken om AVG Secure Search blev fel. Här är den rätta: http://www.systemlookup.com/CLSID/62226-IEToolbar_dll_IEToolbar_3_dll.html

 

Man kan synkronisera information i t ex Google-konton så att när man ändrar i en dator så ändras samma sak i ens andra dator/mobil/platta. Men det är något man konfigurerar och inte något som blir automatiskt och med tanke på ditt svar har du nog inte gjort det.

 

1. Stäng av alla program du ser inklusive antivirusprogram och antispionprogram så att de inte krockar med OTL.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

 

Starta programmet OTL (i Vista/Windows7 högerklicka och välj Kör som administratör).

Kopiera alla raderna i rutan:

:OTL
SRV - (vToolbarUpdater15.3.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe (AVG Secure Search)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protec...e=true&tid=3026
IE - HKLM\..\SearchScopes\{1E8C10F6-2267-3F96-5E45-6AA347545140}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protec...rue&tid=3026&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protec...e=true&tid=3026
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protec...e=true&tid=3026
IE - HKCU\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - No CLSID value found
IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found
IE - HKCU\..\URLSearchHook: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - No CLSID value found
IE - HKCU\..\SearchScopes\{1E8C10F6-2267-3F96-5E45-6AA347545140}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{6C0C94DF-0F0F-434E-AB80-54BAF67C5B2F}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKCU\..\SearchScopes\{76B059C9-1110-4D84-A183-C24EBB52EF07}: "URL" = http://search.condui...722039481921587
IE - HKCU\..\SearchScopes\{B7F617FC-B306-4F9E-912C-36460BCAF600}: "URL" = http://searchou.com/...&affilt=5&r=114
IE - HKCU\..\SearchScopes\{FC19BAB3-A5DC-4587-83A4-E0156304F9B8}: "URL" = http://websearch.ask...9A-E2322A1904F3
FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin
[2013-02-14 22:49:00 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions\statuswinks@StatusWinks
[2013-01-01 16:07:46 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.9_0\
O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5C4CAE29-C754-4CA3-89E1-90B82459159A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

[2013-06-16 17:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:AD022376
:Files
C:\Program Files\Common Files\AVG Secure Search
ipconfig /flushdns /c
:Commands
[CREATERESTOREPOINT]
[REBOOT]

Klistra in dem i rutan Custom Scans/Fixes. Kontrollera att ingen fil har delats upp på två rader.

Tryck på Run Fix.

Om du blir tillfrågad om att starta om datorn så gör det.

Det kommer upp en logg i Anteckningar. Kopiera den och klistra in i ditt svar.

 

Om den inte kommer automatiskt så hittar du den i mappen c:\_OTL\Moved Files med ett namn som innehåller dagens datum och klockslaget för körningen.

 

Se till att aktivera antivirusprogram mm innan du ansluter datorn till internet.

 

2. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Delete-knappen.

Tryck på OK.

 

Datorn kommer att startas om.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[s1].txt

...............................................................................

# AdwCleaner v2.303 - Logfile created 06/30/2013 at 18:47:39

# Updated 08/06/2013 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)

# User : Thomas - THOMAS-DATOR

# Boot Mode : Normal

# Running from : C:\Users\Thomas\Desktop\adwcleaner.exe

# Option [Delete]

 

 

***** [services] *****

 

 

***** [Files / Folders] *****

 

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search

Folder Deleted : C:\ProgramData\boost_interprocess

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Folder Deleted : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

 

***** [Registry] *****

 

 

***** [internet Browsers] *****

 

-\\ Internet Explorer v9.0.8112.16490

 

[OK] Registry is clean.

 

-\\ Google Chrome v27.0.1453.116

 

File : C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] File is clean.

 

*************************

 

AdwCleaner[R1].txt - [36013 octets] - [28/06/2013 19:44:27]

AdwCleaner[R2].txt - [36074 octets] - [29/06/2013 09:21:12]

AdwCleaner[R3].txt - [1650 octets] - [29/06/2013 14:30:34]

AdwCleaner[s1].txt - [34792 octets] - [29/06/2013 09:21:24]

AdwCleaner[s2].txt - [324 octets] - [30/06/2013 18:44:34]

AdwCleaner[s3].txt - [1707 octets] - [30/06/2013 18:47:39]

 

########## EOF - C:\AdwCleaner[s3].txt - [1767 octets] ##########

Link to comment
Share on other sites

IE funkar men outlook har börjat krångla. Stannr länge vid hämtning m.m.

Verkar ha fått sig en smäll.

Falskt alarm. Nu rullar det på.

tack ännu en gång. Om du nu inte hittat något annat?

Link to comment
Share on other sites

Kör OTL som du gjorde första gången och klistra in den nya OTL.txt så får vi se om allt ser bra ut där.

.......................................................................................................................

OTL logfile created on: 2013-07-01 09:10:16 - Run 5

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thomas\Downloads

Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

2,00 Gb Total Physical Memory | 1,14 Gb Available Physical Memory | 56,96% Memory free

4,00 Gb Paging File | 3,04 Gb Available in Paging File | 76,04% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 48,83 Gb Total Space | 2,88 Gb Free Space | 5,91% Space Free | Partition Type: NTFS

Drive G: | 149,04 Gb Total Space | 33,04 Gb Free Space | 22,17% Space Free | Partition Type: NTFS

 

Computer Name: THOMAS-DATOR | User Name: Thomas | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Thomas\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe (AVG Secure Search)

PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe (Adobe Systems Incorporated)

PRC - C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2013\avgnsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\PROGRA~1\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2013\avgemcx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Program Files\AVG\AVG2013\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)

PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL ()

MOD - C:\PROGRA~1\MICROS~2\Office12\ADDINS\UMOUTL~1.DLL ()

MOD - C:\PROGRA~1\MICROS~2\Office12\ADDINS\COLLEA~1.DLL ()

 

 

========== Services (SafeList) ==========

 

SRV - (vToolbarUpdater15.3.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe (AVG Secure Search)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (avgwd) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)

SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)

SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)

SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)

SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (synasusb) -- System32\Drivers\synasusb.sys File not found

DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)

DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)

DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avglogx) -- C:\Windows\System32\drivers\avglogx.sys (AVG Technologies CZ, s.r.o.)

DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)

DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)

DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV - (AtcL001) -- C:\Windows\System32\drivers\l160x86.sys (Atheros Communications, Inc.)

DRV - (MTsensor) -- C:\Windows\System32\drivers\ASACPI.sys ()

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com'>http://www.google.com'>http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026'>http://search.protectedsearch.com?si=41570&home=true&tid=3026'>http://search.protectedsearch.com?si=41570&home=true&tid=3026'>http://search.protectedsearch.com?si=41570&home=true&tid=3026'>http://search.protectedsearch.com?si=41570&home=true&tid=3026'>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q='>http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protectedsearch.com?si=41570&home=true&tid=3026

IE - HKLM\..\SearchScopes,DefaultScope =

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC'>http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{1E8C10F6-2267-3F96-5E45-6AA347545140}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=421&sr=0&q={searchTerms}'>http://dts.search-results.com/sr?src=ieb&appid=101&systemid=421&sr=0&q={searchTerms}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B2 A0 07 1D 28 0F CD 01 [binary data]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protectedsearch.com?si=41570&home=true&tid=3026

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protectedsearch.com?si=41570&home=true&tid=3026

IE - HKCU\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - No CLSID value found

IE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found

IE - HKCU\..\URLSearchHook: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - No CLSID value found

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{1E8C10F6-2267-3F96-5E45-6AA347545140}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=421&sr=0&q={searchTerms}

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{6C0C94DF-0F0F-434E-AB80-54BAF67C5B2F}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}

IE - HKCU\..\SearchScopes\{76B059C9-1110-4D84-A183-C24EBB52EF07}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3176921&CUI=UN16722039481921587

IE - HKCU\..\SearchScopes\{B7F617FC-B306-4F9E-912C-36460BCAF600}: "URL" = http://searchou.com/?q={searchTerms}&id=78c67011000000000000001fc6b7feab&affilt=5&r=114

IE - HKCU\..\SearchScopes\{FC19BAB3-A5DC-4587-83A4-E0156304F9B8}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYSE&apn_uid=ABF0FEF4-CA04-4F1C-893C-E0F871A9016E&apn_sauid=1AFAA042-4601-4CB7-939A-E2322A1904F3

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

========== FireFox ==========

 

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program Files\Personal\bin\np_prsnl.dll (Technology Nexus AB)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll File not found

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin

 

[2013-02-14 22:49:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions

[2013-02-14 22:49:00 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions\statuswinks@StatusWinks

[2013-01-01 16:07:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\extensions

[2013-01-01 16:07:46 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}

[2012-09-01 11:13:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

 

========== Chrome ==========

 

CHR - default_search_provider: ()

CHR - default_search_provider: search_url =

CHR - default_search_provider: suggest_url =

CHR - homepage: http://en.v9.com/?utm_source=b&utm_medium=bnd&from=bnd&uid=WDCXWD1600AAJS-08WAA0_WD-WCAS2348264282642&ts=1372413861

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.9_0\

CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

 

O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll File not found

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5C4CAE29-C754-4CA3-89E1-90B82459159A} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1} - No CLSID value found.

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O9 - Extra Button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: ordspel.se ([www] https in Betrodda platser)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.255.245.11 193.150.193.150

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A1F5EA41-C570-4349-84A5-E7689B9B08D9}: DhcpNameServer = 83.255.245.11 193.150.193.150

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2013-06-18 11:39:18 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\Time to say gbye bilder

[2013-06-16 17:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue

[2013-06-09 14:57:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2013-06-09 14:56:54 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2013-06-09 14:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer

[2013-06-04 13:25:33 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Desktop\Balen

 

========== Files - Modified Within 30 Days ==========

 

[2013-07-01 08:54:00 | 000,000,982 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013-07-01 08:48:15 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013-07-01 08:48:15 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013-07-01 08:41:06 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013-07-01 08:41:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013-07-01 08:41:00 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys

[2013-06-30 19:33:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013-06-30 18:47:59 | 000,000,593 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat

[2013-06-29 09:21:56 | 000,001,248 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2013-06-29 09:21:56 | 000,001,120 | ---- | M] () -- C:\Users\Thomas\Desktop\Internet Explorer.lnk

[2013-06-28 19:42:14 | 000,648,201 | ---- | M] () -- C:\Users\Thomas\Desktop\adwcleaner.exe

[2013-06-27 10:31:42 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys

[2013-06-22 13:11:47 | 000,000,935 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk

[2013-06-19 08:48:20 | 000,000,022 | ---- | M] () -- C:\Users\Thomas\Desktop\fp2006-final-3.00-setup.zip

[2013-06-09 14:57:01 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2013-06-09 10:33:45 | 000,068,762 | ---- | M] () -- C:\Users\Thomas\Desktop\aktivitetsstöd.pdf

 

========== Files Created - No Company Name ==========

 

[2013-06-29 09:21:33 | 000,000,593 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat

[2013-06-28 19:42:14 | 000,648,201 | ---- | C] () -- C:\Users\Thomas\Desktop\adwcleaner.exe

[2013-06-25 11:04:53 | 000,001,270 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skärmurklipp och start för OneNote 2007.lnk

[2013-06-18 16:48:45 | 004,964,195 | ---- | C] () -- C:\Users\Thomas\Desktop\Rain.wmv

[2013-06-09 14:57:01 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2013-06-09 10:33:45 | 000,068,762 | ---- | C] () -- C:\Users\Thomas\Desktop\aktivitetsstöd.pdf

[2013-03-13 22:05:50 | 000,000,254 | RHS- | C] () -- C:\Users\Thomas\ntuser.pol

[2013-02-11 23:02:16 | 003,211,264 | ---- | C] () -- C:\Users\Thomas\DevelopmentStorageDb201210.mdf

[2013-02-11 23:02:16 | 000,851,968 | ---- | C] () -- C:\Users\Thomas\DevelopmentStorageDb201210_log.ldf

[2013-01-01 16:08:48 | 000,011,264 | ---- | C] () -- C:\Windows\Launcher.exe

[2012-11-26 11:31:52 | 000,000,045 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe.cfg

[2012-11-26 11:31:49 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe

[2012-11-18 14:05:47 | 000,000,027 | ---- | C] () -- C:\Program Files\plugins.dat

[2012-10-01 16:40:10 | 000,044,680 | ---- | C] () -- C:\Windows\System32\drivers\EUBKMON.sys

[2012-09-11 16:20:21 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll

[2012-04-05 17:41:10 | 000,139,152 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\PnkBstrK.sys

[2012-04-05 17:40:38 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe

[2012-04-04 14:13:36 | 000,064,000 | ---- | C] () -- C:\Windows\System32\esfw41.bin

[2012-04-03 19:04:24 | 000,009,322 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\Kommaavgränsade värden (Windows).EML

[2012-04-03 18:45:17 | 000,000,235 | ---- | C] () -- C:\Windows\TEXTWARE.INI

[2012-04-03 18:45:09 | 000,099,714 | ---- | C] () -- C:\Windows\SETUP1.EXE

[2012-04-03 18:05:14 | 000,038,432 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\Kommaavgränsade värden (Windows).ADR

[2012-03-31 17:04:39 | 000,000,031 | ---- | C] () -- C:\Program Files\plugins-04041e-7e8.dat

[2012-03-30 23:41:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

 

========== ZeroAccess Check ==========

 

[2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

========== LOP Check ==========

 

[2013-04-10 21:50:39 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Audacity

[2012-10-06 18:36:39 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\AVG2013

[2013-02-20 22:29:34 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\DAEMON Tools Lite

[2013-03-18 18:44:36 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Disruptive Innovations SARL

[2012-05-15 17:43:56 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\EPSON

[2013-06-27 11:09:37 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\FreeBurner

[2013-06-16 17:18:50 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\iid

[2013-02-17 13:07:07 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Personal

[2013-01-02 20:22:28 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Publish Providers

[2013-02-01 11:40:49 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Sony

[2012-10-06 18:25:58 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\TuneUp Software

[2013-06-28 14:07:53 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\uTorrent

[2013-02-06 18:51:39 | 000,000,000 | ---D | M] -- C:\Users\Thomas\AppData\Roaming\Waves Audio

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 143 bytes -> C:\Users\Thomas\AppData\Roaming\Kommaavgränsade värden (Windows).EML:OECustomProperty

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:AD022376

 

< End of report >

Link to comment
Share on other sites

Får du upp någon fråga/meddelande om att ändringar har gjorts och om du vill godkänna det, efter att du har kört AdwCleaner och/eller OTL med Fix?

För det är något som återställer en massa av det som ska bort.

 

Jag ser nu att jag inte har fått se loggen från körningen av OTL med Fix:

Om den inte kommer automatiskt så hittar du den i mappen c:\_OTL\Moved Files med ett namn som innehåller dagens datum och klockslaget för körningen.
Link to comment
Share on other sites

Får du upp någon fråga/meddelande om att ändringar har gjorts och om du vill godkänna det, efter att du har kört AdwCleaner och/eller OTL med Fix?

För det är något som återställer en massa av det som ska bort.

 

Jag ser nu att jag inte har fått se loggen från körningen av OTL med Fix:

Är det detta du vill ha?

.......................................................................................................................Error: Unable to interpret <:OTLSRV - (vToolbarUpdater15.3.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe (AVG Secure Search)IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protec...rue&tid=3026&q=IE'>http://search.protec...rue&tid=3026&q=IE'>http://search.protec...rue&tid=3026&q=IE'>http://search.protec...rue&tid=3026&q=IE'>http://search.protec...rue&tid=3026&q=IE'>http://search.protec...rue&tid=3026&q=IE'>http://search.protec...rue&tid=3026&q=IE'>http://search.protec...rue&tid=3026&q=IE'>http://search.protec...rue&tid=3026&q=IE'>http://search.protec...rue&tid=3026&q=IE'>http://search.protec...rue&tid=3026&q=IE'>http://search.protec...rue&tid=3026&q=IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protec...rue&tid=3026&q=IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protec...rue&tid=3026&q=IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protec...e=true&tid=3026IE'>http://search.protec...e=true&tid=3026IE'>http://search.protec...e=true&tid=3026IE'>http://search.protec...e=true&tid=3026IE'>http://search.protec...e=true&tid=3026IE'>http://search.protec...e=true&tid=3026IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protec...rue&tid=3026&q=IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protec...rue&tid=3026&q=IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protec...rue&tid=3026&q=IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://search.protec...e=true&tid=3026IE - > in the current context!

Error: Unable to interpret <HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protec...e=true&tid=3026IE - HKLM\..\SearchScopes\{1E8C10F6-2267-3F96-5E45-6AA347545140}: "URL" = http://dts.search-re...q={searchTerms}IE'>http://dts.search-re...q={searchTerms}IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.protec...rue&tid=3026&q=IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.protec...rue&tid=3026&q=IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.protec...rue&tid=3026&q=IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://search.protec...e=true&tid=3026IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.protec...rue&tid=3026&q=IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://search.protec...rue&tid=3026&q=IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://search.protec...rue&tid=3026&q=IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,S> in the current context!

Error: Unable to interpret <tart Default_Page_URL = http://search.protec...e=true&tid=3026IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://search.protec...e=true&tid=3026IE - HKCU\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - No CLSID value foundIE - HKCU\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value foundIE - HKCU\..\URLSearchHook: {b2bf7b3f-bf0b-4c48-aec6-f92c51be63e1} - No CLSID value foundIE - HKCU\..\SearchScopes\{1E8C10F6-2267-3F96-5E45-6AA347545140}: "URL" = http://dts.search-re...q={searchTerms}IE - HKCU\..\SearchScopes\{6C0C94DF-0F0F-434E-AB80-54BAF67C5B2F}: "URL" = http://us.yhs.search...p={searchTerms}IE - HKCU\..\SearchScopes\{76B059C9-1110-4D84-A183-C24EBB52EF07}: "URL" = http://search.condui...722039481921587IE - HKCU\..\SearchScopes\{B7F617FC-B306-4F9E-912C-36460BCAF600}: "URL" = http://searchou.com/...&affilt=5&r=114IE - HKCU\..\SearchScopes\{FC19BAB3-A5DC-4587-83A4-E0156304F9B8}: "URL" = http://websearch.ask...9A-E2322A1904F3FF - HKLM\Software\MozillaPlug> in the current context!

Error: Unable to interpret <ins\@VideoDownloadConverter_4z.com/Plugin: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll File not foundFF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4zffxtbr@VideoDownloadConverter_4z.com: C:\Program Files\VideoDownloadConverter_4z\bar\1.bin[2013-02-14 22:49:00 | 000,000,000 | ---D | M] (Smiley Bar for Facebook) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions\statuswinks@StatusWinks[2013-01-01 16:07:46 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}CHR - Extension: No name found = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih\1.0.0.9_0\O3 - HKLM\..\Toolbar: (VideoDownloadConverter) - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll File not foundO3 - HKCU\..\Toolbar\WebBrowser: (no name) - {266FCDCA-7BB3-4DA7-B3BF-F845DEA2EBD6} - No CLSID value found.O3 - HK> in the current context!

Error: Unable to interpret <CU\..\Toolbar\WebBrowser: (no name) - {5C4CAE29-C754-4CA3-89E1-90B82459159A} - No CLSID value found.O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B2BF7B3F-BF0B-4C48-AEC6-F92C51BE63E1} - No CLSID value found.O4 - HKLM..\Run: [] File not foundO21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.[2013-06-16 17:06:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:AD022376:FilesC:\Program Files\Common Files\AVG Secure Searchipconfig /flushdns /c:Commands[CREATERESTOREPOINT][REBOOT]> in the current context!

 

OTL by OldTimer - Version 3.2.69.0 log created on 07012013_145530

Link to comment
Share on other sites

Okej, inte undra på att inget förändras när inte fixen går igenom.

 

Följ punkt 1 i inlägg 12 igen.

Var noga med att det som syns i rutan är det som står i inlägget. Vid ditt förra försök fick du inte med några radbrytningar enligt loggen.

Link to comment
Share on other sites

Okej, inte undra på att inget förändras när inte fixen går igenom.

 

Följ punkt 1 i inlägg 12 igen.

Var noga med att det som syns i rutan är det som står i inlägget. Vid ditt förra försök fick du inte med några radbrytningar enligt loggen.

Hjälp! Hur får man till det här. tar ju flera timmar?

Link to comment
Share on other sites

Du kan förstås välja att installera om Windows i stället och vara mer försiktig med vad du installerar i fortsättningen. Valet är ditt.

Link to comment
Share on other sites

Du kan förstås välja att installera om Windows i stället och vara mer försiktig med vad du installerar i fortsättningen. Valet är ditt.

Valet är mitt finns det ingen editor som behåller ordningen på raderna?

Link to comment
Share on other sites

Det brukar inte vara något problem med att kopiera rader i webbläsaren och klistra in dem i OTL utan att radbrytningarna försvinner. Borde inte behövas någon editor. Men du kan pröva med en annan webbläsare.

 

Är det OTL som står och tuggar?

Efter att du fick in kopieringen med radbrytningar?

Hur länge har den stått och tuggat?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.




×
×
  • Create New...