Just nu i M3-nätverket
Gå till innehåll
putifar

infekterad laptop

Rekommendera Poster

putifar

Hej!
Jag sitter med en väldigt infekterad dator framför mig, och jag vet inte hur jag skall få bort allt, därför vänder jag mig till er proffs om hjälp!

Skärmen stänger även av allt ljus helt plötsligt, jag har sökt igenom med Microsoft Security Essentials och tagit bort ett fåtal virus, men jag finner ej loggarna för MSE :-S , jag har även gjort en sökning med Malwarebytes som hittade ca 2000 skadliga filer. 
Men nu när jag försöker öppna malwarebytes så hänger det sig så kan inte hitta loggarna där heller.
Om ni vet var loggarna för de programmen finns kan jag nog skicka med dem : ) 

 

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-10-2014 01
Ran by katerine (administrator) on KATERINE-DATOR on 02-10-2014 21:10:55
Running from C:\Users\katerine\Desktop
Loaded Profile: katerine (Available profiles: katerine)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Svenska (Sverige)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/


==================== Processes (Whitelisted) =================


(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Program Files (x86)\PC Speed Up\PCSUService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Sleep Memory Optimizer\FFSService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\pcaui.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
() C:\Program Files (x86)\BrowseFox\bin\utilBrowseFox.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Koyote-Lab Inc.) C:\Users\katerine\AppData\Local\fTalk\fTalk.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Pay By Ads LTD) C:\Users\katerine\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Spotify Ltd) C:\Users\katerine\AppData\Roaming\Spotify\spotify.exe
() C:\Users\katerine\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\katerine\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\katerine\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\katerine\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\katerine\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Acer Incoporated) C:\Program Files (x86)\Acer\Acer VCM\VC.exe
() C:\Program Files (x86)\BrowseFox\bin\BrowseFox.BrowserAdapter.exe
() C:\Program Files (x86)\BrowseFox\bin\BrowseFox.BrowserAdapter64.exe
() C:\Program Files (x86)\BrowseFox\bin\BrowseFox.PurBrowse64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe




==================== Registry (Whitelisted) ==================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2275944 2011-08-10] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2642728 2011-07-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [981664 2011-10-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-10-01] (Atheros Commnucations)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegrator64.exe [548936 2013-09-24] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-22] (Egis Technology Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-15] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-10] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Utility Chest Search Scope Monitor] => "C:\PROGRA~2\UTILIT~2\bar\1.bin\49srchmn.exe" /m=2 /w /h
HKLM-x32\...\Run: [UtilityChest_49 Browser Plugin Loader] => C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe [30096 2013-09-24] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [Tv-Plug-In] => "C:\Program Files (x86)\Tv-Plug-In\Tv-Plug-In.exe" nogui
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\Run: [Spotify Web Helper] => C:\Users\katerine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-02] (Spotify Ltd)
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\Run: [PCSpeedUp] => C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe [300840 2014-06-24] ()
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\Run: [PC Performer44286.exe] => "C:\Users\katerine\AppData\Local\Temp\PC Performer44286.exe" /XML="" /ROS /STP=1:2 <===== ATTENTION
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\Run: [iLivid] => "C:\Users\katerine\AppData\Local\iLivid\iLivid.exe" -autorun
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\Run: [fTalk] => C:\Users\katerine\AppData\Local\fTalk\fTalk.exe [9428016 2013-08-05] (Koyote-Lab Inc.)
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\Run: [Spotify] => C:\Users\katerine\AppData\Roaming\Spotify\Spotify.exe [6553144 2014-10-02] (Spotify Ltd)
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\Run: [Yahoo! Search] => C:\Users\katerine\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe [535472 2014-06-20] (Pay By Ads LTD)
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: D - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {5555bc15-37e4-11e3-a10f-74de2b86f812} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {6b07e6e4-4b12-11e1-940b-74de2b86f812} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {7f58ba54-4d5f-11e3-8307-806e6f6e6963} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {a29f467d-4aa5-11e1-943a-001e101fabdd} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {c0e36e23-5813-11e3-8bd5-582c80139263} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {c0e36e31-5813-11e3-8bd5-582c80139263} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {c7e09f78-5858-11e3-b559-74de2b86f812} - D:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\PROGRA~3\Wincert\WIN64C~1.DLL File Not Found
AppInit_DLLs:  C:\PROGRA~2\MUSICT~1\Datamngr\x64\mgrldr.dll => C:\PROGRA~2\MUSICT~1\Datamngr\x64\mgrldr.dll File Not Found
AppInit_DLLs-x32: c:\progra~2\musict~1\datamngr\mgrldr.dll => "c:\progra~2\musict~1\datamngr\mgrldr.dll" File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\Users\katerine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\katerine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skicka till OneNote.lnk
ShortcutTarget: Skicka till OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION


==================== Internet (Whitelisted) ====================


(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)


HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=SE&userid=f632e2fa-164e-e7a4-8e63-8d4e3d822608&searchtype=ds&q={searchTerms}&installDate=21/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=SE&userid=f632e2fa-164e-e7a4-8e63-8d4e3d822608&searchtype=ds&q={searchTerms}&installDate=21/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=6282001E101FE5E1&affID=119557&tsp=5015
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://home.tb.ask.com/index.jhtml?n=77FD35DB&p2=^AYY^xdm065^YYA^se&ptb=AFEEE41E-E0A0-4A5E-8AE5-4D84BED11DA2&si=flvrunner
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}
URLSearchHook: HKCU - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
URLSearchHook: HKCU - (No Name) - {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.dosearches.com/?utm_source=b&utm_medium=slbnew&utm_campaign=eXQ&utm_content=sc&from=slbnew&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1379770315
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=343&systemid=406&v=n9396-117&apn_uid=2131321252024608&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=135&systemid=431&v=u9397-126&apn_uid=2131321252024608&apn_dtid=BND431&o=APN10656&apn_ptnrs=AGH&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=SE&userid=f632e2fa-164e-e7a4-8e63-8d4e3d822608&searchtype=ds&q={searchTerms}&installDate=21/09/2013
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^ZO^xdm015^YYA^se&si=translateye&ptb=359C1E58-C375-4608-B185-5F3AE2E6860E&ind=2013092411&n=77fd5a3b&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=343&systemid=406&v=n9396-117&apn_uid=2131321252024608&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=135&systemid=431&v=u9397-126&apn_uid=2131321252024608&apn_dtid=BND431&o=APN10656&apn_ptnrs=AGH&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=SE&userid=f632e2fa-164e-e7a4-8e63-8d4e3d822608&searchtype=ds&q={searchTerms}&installDate=21/09/2013
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6282001E101FE5E1&affID=119557&tsp=5015
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}
SearchScopes: HKCU - {558D709E-C8B9-4650-9EBD-C4B3EF208A0C} URL = http://rts.dsrlte.com/?q={searchTerms}&r=144
SearchScopes: HKCU - {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^ZO^xdm015^YYA^se&si=translateye&ptb=359C1E58-C375-4608-B185-5F3AE2E6860E&ind=2013092411&n=77fd5a3b&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=343&systemid=406&v=n9396-117&apn_uid=2131321252024608&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=135&systemid=431&v=u9397-126&apn_uid=2131321252024608&apn_dtid=BND431&o=APN10656&apn_ptnrs=AGH&q={searchTerms}
SearchScopes: HKCU - {B0CC940C-FF58-41E7-B5DF-CC5C9654DAA7} URL = http://www.search.ask.com/web?p2=%5EATG%5EDDC010%5EYY%5ESE&gct=&itbv=12.3.0.985&o=APN10733&tpid=DIC3V7&apn_uid=10C96662-D22E-49F5-AD2A-58443CC058F9&apn_ptnrs=%5EATG&apn_dtid=%5EDDC010%5EYY%5ESE&apn_dbr=torch.exe_0_25.0.0.4508&doi=2013-10-05&trgb=IE&q={searchTerms}&psv=
BHO: Speed Test 127 -> {11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} -> C:\Program Files (x86)\Speed Test 127\ScriptHost64.dll No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: SpecialSavings -> {938958E8-355C-49FF-92B0-53C1B87ACEA9} -> C:\Program Files (x86)\SpecialSavings\ScriptHost64.dll No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Search Assistant BHO -> {06e05b40-77fa-40b6-9077-ed1a7577b1ef} -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll No File
BHO-x32: Speed Test 127 -> {11C8C9C0-D918-44C0-8B5E-D297DA42F2C7} -> C:\Program Files (x86)\Speed Test 127\ScriptHost.dll No File
BHO-x32: Toolbar BHO -> {58f7b5ca-1162-42e8-8bbc-d543b4edd780} -> C:\PROGRA~2\UTILIT~2\bar\1.bin\49bar.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: SpecialSavings -> {938958E8-355C-49FF-92B0-53C1B87ACEA9} -> C:\Program Files (x86)\SpecialSavings\ScriptHost.dll No File
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Utility Chest - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll No File
Toolbar: HKCU - No Name - {44494333-5637-006A-76A7-7A786E7484D7} -  No File
Toolbar: HKCU - No Name - {CF67755F-9265-449C-87CF-B945519E073B} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 83.255.245.11 193.150.193.150


FireFox:
========
FF ProfilePath: C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default
FF NewTab: chrome://quick_start/content/index.html
FF SearchEngineOrder.3: Bing 
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=5.1.3.2 -> C:\Program Files (x86)\BankID\npBispBrowser.dll (Finansiell ID-Teknik BID AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_35 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF user.js: detected! => C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\user.js
FF SearchPlugin: C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\ask-web-search.xml
FF SearchPlugin: C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\allaannonser-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\prisjakt-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\tyda-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-sv-SE.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-sv-SE.xml
FF Extension: Fast Start - C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\faststartff@gmail.com [2014-07-16]
FF Extension: BrowseFox - C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\firefox@browsefox.com [2013-09-24]
FF Extension: Speed Test 127 - C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\speedtest4354@BestOffers [2014-03-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-08-25]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\extensions\quick_start@gmail.com


Chrome: 
=======
CHR NewTab: Default -> "chrome-extension://ifohbjbgfchkkfhphahclmkpgejiplfo/index.html", "chrome-extension://gchljcfaonjffjifnjlcalnhgdmjckhg/spent.html", "chrome-extension://amfclgbdpgndipgoegfpkkgobahigbcl/redirect.html"
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Norton Confidential) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.2.6_0\npcoplgn.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Nexus Personal) - C:\Program Files (x86)\Personal\bin\np_prsnl.dll No File
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Profile: C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Snap.Do ) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2013-09-21]
CHR Extension: (SpecialSavings) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje [2013-10-06]
CHR Extension: (YouTube) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-22]
CHR Extension: (Google Search) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-22]
CHR Extension: (CursorMania) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchljcfaonjffjifnjlcalnhgdmjckhg [2014-04-13]
CHR Extension: (Lightning Newtab) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2014-01-08]
CHR Extension: (Google Wallet) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (Extended Protection) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-26]
CHR Extension: (Gmail) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-22]
CHR HKLM-x32\...\Chrome\Extension: [bfcpnihmbfoaeoakalclfalkdepgiaje] - C:\Users\katerine\AppData\Roaming\SpecialSavings\SpecialSavings.crx [2013-10-03]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2014-01-08]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-26]
CHR HKLM-x32\...\Chrome\Extension: [ppdjnkblmcjfnlogjjhpigpdgpcgdpll] - C:\Program Files (x86)\BrowseFox\ppdjnkblmcjfnlogjjhpigpdgpcgdpll.crx [2014-02-26]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION


==================== Services (Whitelisted) =================


(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)


R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [105120 2011-10-01] (Atheros Commnucations) [File not signed]
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-22] (Just Develop It) <==== ATTENTION
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 FFSOpzSvc; C:\Program Files\Sleep Memory Optimizer\FFSService.exe [141192 2011-09-18] (Acer Incorporated)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [184320 2011-07-07] (Intel Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [233864 2012-09-04] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PCSUService; C:\Program Files (x86)\PC Speed Up\PCSUService.exe [430888 2014-06-24] ()
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7101288 2014-07-28] (Reimage®)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 Util BrowseFox; C:\Program Files (x86)\BrowseFox\bin\utilBrowseFox.exe [522480 2014-10-01] ()
R2 UtilityChest_49Service; C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49barsvc.exe [42504 2013-09-24] (COMPANYVERS_NAME)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe [57344 2011-08-11] (Atheros) [File not signed]
S2 DatamngrCoordinator; C:\Program Files (x86)\Music Toolbar\Datamngr\DatamngrCoordinator.exe [X]
S2 Update BrowseFox; "C:\Program Files (x86)\BrowseFox\updateBrowseFox.exe" [X]


==================== Drivers (Whitelisted) ====================


(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)


R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-16] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 Tdsshbecr; C:\Windows\System32\DRIVERS\shbecr.sys [50176 2008-09-23] (Todos Data System AB)
R1 {c83c7c03-36f9-4f8f-aa6d-c837575d4eca}w64; C:\Windows\System32\drivers\{c83c7c03-36f9-4f8f-aa6d-c837575d4eca}w64.sys [48784 2014-10-02] (StdLib)
S3 cpuz134; \??\C:\Users\katerine\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]


==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)




==================== One Month Created Files and Folders ========


(If an entry is included in the fixlist, the file\folder will be moved.)


2014-10-02 21:05 - 2014-10-02 21:10 - 00039835 _____ () C:\Users\katerine\Desktop\FRST.txt
2014-10-02 20:51 - 2014-10-02 20:52 - 00000000 ____D () C:\Users\katerine\Desktop\info
2014-10-02 19:56 - 2014-10-02 05:37 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{c83c7c03-36f9-4f8f-aa6d-c837575d4eca}w64.sys
2014-10-02 16:10 - 2014-10-02 16:11 - 00000000 ____D () C:\Users\katerine\AppData\Local\{58A656DD-D651-4BFD-BFDB-2FE2EEE6CD59}
2014-10-02 16:07 - 2014-10-02 16:07 - 00000000 ____D () C:\Users\katerine\Desktop\first64
2014-10-02 16:02 - 2014-10-02 21:10 - 00000000 ____D () C:\FRST
2014-10-02 15:55 - 2014-10-02 15:55 - 02108928 _____ (Farbar) C:\Users\katerine\Desktop\FRST64.exe
2014-10-02 15:24 - 2014-10-02 15:24 - 00000000 ____D () C:\Users\katerine\AppData\Local\{F3EA102A-243E-4385-AB11-049604F571B8}
2014-10-01 22:00 - 2014-10-01 22:00 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-10-01 21:59 - 2014-10-01 21:59 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-10-01 21:59 - 2014-10-01 21:59 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-10-01 21:59 - 2014-10-01 21:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-10-01 21:57 - 2014-10-01 21:58 - 14104224 _____ (Microsoft Corporation) C:\Users\katerine\Downloads\mseinstall.exe
2014-10-01 21:37 - 2014-10-01 21:39 - 00000000 ____D () C:\Users\katerine\AppData\Local\{32E1B44C-B2A7-40C8-B592-95FA4CA07A8D}
2014-10-01 21:36 - 2014-10-02 20:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-01 21:00 - 2014-10-01 21:00 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-01 21:00 - 2014-10-01 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-01 21:00 - 2014-10-01 21:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-01 21:00 - 2014-10-01 21:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-01 21:00 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-01 21:00 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-01 21:00 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-01 20:59 - 2014-10-01 21:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\katerine\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-10-01 20:58 - 2014-10-01 21:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\katerine\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-10-01 20:48 - 2014-10-01 20:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\katerine\Downloads\mbam-setup-2.0.2.1012(2).exe
2014-10-01 20:47 - 2014-10-01 20:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\katerine\Downloads\mbam-setup-2.0.2.1012.exe
2014-10-01 20:47 - 2014-10-01 20:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\katerine\Downloads\mbam-setup-2.0.2.1012(1).exe
2014-10-01 20:42 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 20:42 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-01 20:41 - 2014-10-01 20:42 - 09461920 _____ (Malwarebytes Corporation ) C:\Users\katerine\Downloads\Obekräftade 430403.crdownload
2014-10-01 20:40 - 2014-10-01 20:41 - 08785940 _____ (Malwarebytes Corporation ) C:\Users\katerine\Downloads\Obekräftade 844540.crdownload
2014-10-01 20:32 - 2014-10-01 20:32 - 00000000 ____D () C:\Users\katerine\AppData\Local\{C073CB7E-2CA0-4DAD-9A68-6D120939E9C1}
2014-10-01 20:11 - 2014-10-01 20:11 - 00000000 ____D () C:\Users\katerine\AppData\Local\{87D68E94-A7B6-4EED-B652-11B262EAE5C9}
2014-09-27 17:42 - 2014-09-27 17:42 - 00000000 ____D () C:\Users\katerine\AppData\Local\{59263B48-EFE0-4628-B86A-D4F345F9F6E0}
2014-09-26 12:48 - 2014-09-26 12:48 - 00000000 ____D () C:\Users\katerine\AppData\Local\{550DE7D9-86DC-4B77-96A5-72E894BF5968}
2014-09-26 10:29 - 2014-09-26 10:29 - 00000000 ____D () C:\Users\katerine\AppData\Local\{98D9E99A-8CD0-4D68-BED1-915F7DE1FDFC}
2014-09-26 10:27 - 2014-09-26 10:27 - 00000000 ____H () C:\Users\katerine\AppData\Local\BIT8D12.tmp
2014-09-26 10:26 - 2014-09-26 10:27 - 00000000 _____ () C:\Users\katerine\AppData\Local\{0C074A09-D489-41C8-BDD1-2991B36C4C94}
2014-09-26 10:26 - 2014-09-26 10:26 - 00000000 ____D () C:\Users\katerine\AppData\Local\{130B9615-9DC5-48EE-A761-181427B96424}
2014-09-25 13:24 - 2014-09-25 13:25 - 00913720 _____ () C:\Windows\Minidump\092514-48391-01.dmp
2014-09-25 09:47 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-25 09:47 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-25 09:29 - 2014-09-25 09:30 - 00000000 ____D () C:\Users\katerine\AppData\Local\{ED48A1D5-F627-4FD6-A881-87AAFA931F47}
2014-09-22 16:55 - 2014-09-22 16:55 - 00000000 ____D () C:\Users\katerine\AppData\Local\{AAB8C3CA-98EA-4E73-B227-2992C20A67A6}
2014-09-22 16:52 - 2014-09-22 16:52 - 00000000 ____H () C:\Users\katerine\AppData\Local\BIT425C.tmp
2014-09-22 16:52 - 2014-09-22 16:52 - 00000000 _____ () C:\Users\katerine\AppData\Local\{5ECF337E-7113-490A-B914-D0D6B7239A33}
2014-09-17 11:57 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-17 11:57 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-17 11:57 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-17 11:57 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-17 11:57 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-17 11:57 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-17 11:57 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-17 11:57 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-17 11:57 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-17 11:57 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-17 11:57 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-17 11:57 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-17 11:57 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-17 11:57 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-17 11:57 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-17 11:57 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-17 11:57 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-17 11:57 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-17 11:57 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-17 11:57 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-17 11:57 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-17 11:57 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-17 11:57 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-17 11:57 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-17 11:57 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-17 11:57 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-17 11:57 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-17 11:57 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-17 11:57 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-17 11:57 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-17 11:57 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-17 11:57 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-17 11:57 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-17 11:57 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-17 11:57 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-17 11:57 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-17 11:57 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-17 11:57 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-17 11:57 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-17 11:57 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-17 11:57 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-17 11:57 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-17 11:57 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-17 11:57 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-17 11:57 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-17 11:57 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-17 11:57 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-17 11:57 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-17 11:57 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-17 11:57 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-17 11:57 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-17 11:57 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-17 11:57 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-17 11:57 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-17 11:57 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-17 11:57 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-17 11:44 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-17 11:44 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-17 11:43 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-17 11:43 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-17 11:40 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-17 11:40 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-17 11:39 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-17 11:39 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-17 11:39 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-17 11:39 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-17 11:39 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-17 11:31 - 2014-10-01 21:35 - 00000254 __RSH () C:\ProgramData\ntuser.pol
2014-09-17 11:30 - 2014-09-25 13:24 - 4137946532 _____ () C:\Windows\MEMORY.DMP
2014-09-17 11:30 - 2014-09-17 11:30 - 00826968 _____ () C:\Windows\Minidump\091714-41480-01.dmp
2014-09-17 11:03 - 2014-09-17 11:03 - 00000000 ____D () C:\Users\katerine\AppData\OICE_15_974FA576_32C1D314_22EC
2014-09-17 10:53 - 2014-09-17 10:53 - 00000000 ____D () C:\Users\katerine\AppData\Local\{1FC90DCB-6287-4B0B-BA8A-0579EB3A951B}
2014-09-16 10:40 - 2014-09-16 10:40 - 00000000 ____D () C:\Users\katerine\AppData\Local\{8E338559-217D-46B2-B229-D52CC6BD00D9}
2014-09-08 09:29 - 2014-09-08 09:59 - 00000000 ____D () C:\Users\katerine\AppData\OICE_15_974FA576_32C1D314_B67
2014-09-08 09:02 - 2014-09-08 09:02 - 00000000 ____D () C:\Users\katerine\AppData\Local\{C057F5AC-40A3-4C86-A05F-419D169AE9D4}
2014-09-04 12:50 - 2014-09-04 12:50 - 00000000 ____D () C:\Users\katerine\AppData\Local\{39A5261C-A949-43BC-BDFD-D9F14A920C0F}
2014-09-04 12:49 - 2014-09-26 10:25 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2014-09-04 12:48 - 2014-10-02 20:40 - 00001490 _____ () C:\Windows\setupact.log
2014-09-04 12:48 - 2014-09-04 12:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-04 12:45 - 2014-10-02 16:08 - 00407906 _____ () C:\Windows\PFRO.log
2014-09-04 12:06 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-04 12:06 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-04 12:06 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-04 12:06 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-04 12:06 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-04 12:06 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-04 12:06 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-04 12:06 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-04 11:55 - 2014-09-04 11:55 - 00000000 ____D () C:\Users\katerine\AppData\Local\{8C6D9464-88E2-4378-B16E-3F1F12AA59AC}
2014-09-04 10:59 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-04 10:59 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-04 10:59 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-04 10:59 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-04 10:59 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-04 10:59 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-04 10:59 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-04 10:58 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-04 10:58 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-04 10:58 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-04 10:56 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-04 10:56 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-04 10:56 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-04 10:56 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-04 10:56 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-04 10:45 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-04 10:45 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-04 10:45 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-04 10:45 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-04 10:45 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-04 10:45 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-04 10:45 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-04 10:45 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-04 10:45 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-04 10:45 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-04 10:45 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-04 10:45 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-04 10:45 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-04 10:45 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-04 10:36 - 2014-09-04 10:36 - 00000000 ____D () C:\Users\katerine\AppData\Local\{21395AE9-7805-4402-A24E-7BFA5911ABA2}


==================== One Month Modified Files and Folders =======


(If an entry is included in the fixlist, the file\folder will be moved.)


2014-10-02 21:09 - 2012-01-31 22:18 - 00000000 ____D () C:\Users\katerine\AppData\Roaming\Skype
2014-10-02 20:59 - 2012-03-18 18:16 - 00000000 ____D () C:\Users\katerine\AppData\Local\CrashDumps
2014-10-02 20:43 - 2009-07-14 04:34 - 00000537 _____ () C:\Windows\win.ini
2014-10-02 20:42 - 2012-02-04 16:27 - 00000000 ____D () C:\Users\katerine\AppData\Roaming\Spotify
2014-10-02 20:38 - 2014-08-25 18:52 - 02057005 _____ () C:\Windows\WindowsUpdate.log
2014-10-02 20:38 - 2013-10-06 10:55 - 00000868 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-02 20:38 - 2012-04-19 18:14 - 00000998 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-02 20:38 - 2012-02-04 16:27 - 00000000 ____D () C:\Users\katerine\AppData\Local\Spotify
2014-10-02 20:05 - 2014-03-26 19:39 - 00000000 ____D () C:\Program Files (x86)\Speed Test 127
2014-10-02 20:05 - 2014-03-26 19:39 - 00000000 ____D () C:\Program Files (x86)\PC Performer
2014-10-02 20:05 - 2013-10-06 10:54 - 00000000 ____D () C:\Program Files (x86)\SpecialSavings
2014-10-02 20:04 - 2013-09-24 22:12 - 00000342 _____ () C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
2014-10-02 17:41 - 2009-07-14 06:45 - 00024656 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-02 17:41 - 2009-07-14 06:45 - 00024656 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-02 16:51 - 2014-02-26 19:26 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-10-02 16:15 - 2013-09-21 15:11 - 00000000 ____D () C:\Program Files (x86)\BrowseFox
2014-10-02 16:12 - 2013-09-24 22:12 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-10-02 16:09 - 2012-04-19 18:14 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-02 16:09 - 2012-03-18 18:16 - 00000000 ____D () C:\Users\katerine\Tracing
2014-10-02 16:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-01 22:15 - 2013-10-06 10:54 - 00000000 ____D () C:\ProgramData\IBUpdaterService
2014-10-01 22:15 - 2011-09-03 00:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-01 22:06 - 2012-01-29 22:24 - 00000000 ____D () C:\ProgramData\Norton
2014-10-01 21:06 - 2014-02-26 19:26 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-10-01 20:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-10-01 20:34 - 2014-08-25 18:49 - 00003118 _____ () C:\Windows\System32\Tasks\PC Performer
2014-09-26 15:43 - 2014-03-26 19:39 - 00000282 _____ () C:\Windows\Tasks\PC Performer_DEFAULT.job
2014-09-26 13:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-25 13:24 - 2012-09-13 09:04 - 00000000 ____D () C:\Windows\Minidump
2014-09-25 10:17 - 2014-04-11 16:48 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-25 09:44 - 2013-10-05 16:53 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-25 09:28 - 2014-03-26 19:40 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-17 11:56 - 2012-01-29 22:59 - 01556124 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-17 11:56 - 2011-10-22 00:18 - 00664068 _____ () C:\Windows\system32\perfh01D.dat
2014-09-17 11:56 - 2011-10-22 00:18 - 00142836 _____ () C:\Windows\system32\perfc01D.dat
2014-09-17 11:56 - 2009-07-14 07:13 - 01556124 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-17 11:55 - 2013-08-14 18:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-17 11:45 - 2012-01-29 20:40 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-17 11:05 - 2014-04-18 18:37 - 00072821 _____ () C:\Windows\system32\ScanResults.xml
2014-09-17 10:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-04 12:48 - 2009-07-14 06:45 - 00326784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-04 12:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-04 10:43 - 2012-07-07 11:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service


Some content of TEMP:
====================
C:\Users\katerine\AppData\Local\Temp\dsrlte.exe
C:\Users\katerine\AppData\Local\Temp\SkypeSetup.exe
C:\Users\katerine\AppData\Local\Temp\uninst1.exe




==================== Bamital & volsnap Check =================


(There is no automatic fix for files that do not pass verification.)


C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed




LastRegBack: 2014-09-26 13:41


==================== End Of Log ============================

 

 
 

 

Tack på förhand!


Addition.txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Hej!

 

1.

Avinstallera:

Adobe Flash Player 11 Plugin, därför att det är en gammal version med många kända säkerhetshål som gör det lätt att infektera datorn från en webbsida

Java™ 6 Update 35, som ovan

IePluginService pga http://www.systemlookup.com/Drivers/10241-PluginService_exe.html

MyPC Backup pga https://www.mywot.com/en/scorecard/mypcbackup.com

PC Performer https://www.mywot.com/en/scorecard/pcperformer.com

SpecialSavings annonsprogram

Speed Test 127 annonsprogram

Utility Chest Internet Explorer Toolbar, http://www.systemlookup.com/CLSID/74327-49bar_dll.html

Yahoo! Search annonsprogram

Starta om datorn.

 

2.

Spara AdwCleaner av Xplode på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på Report-knappen.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt

 

 

 

Klistra inte in loggar i kodrutor eller liknande utan klistra in dem direkt i svaret.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
putifar
# AdwCleaner v3.311 - Report created 04/10/2014 at 17:29:31

# Updated 30/09/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : katerine - KATERINE-DATOR

# Running from : C:\Users\katerine\Desktop\adwcleaner_3.311.exe

# Option : Scan

 

***** [ Services ] *****

 

Service Found : DatamngrCoordinator

Service Found : Update BrowseFox

Service Found : Util BrowseFox

Service Found : UtilityChest_49Service

Service Found : Wpm

Service Found : Update BrowseFox

Service Found : Util BrowseFox

Service Found : {c83c7c03-36f9-4f8f-aa6d-c837575d4eca}w64

 

***** [ Files / Folders ] *****

 

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\delta-homes.xml

File Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx

File Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx

File Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage

File Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal

File Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage

File Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

File Found : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\bprotector_extensions.sqlite

File Found : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\bprotector_prefs.js

File Found : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\invalidprefs.js

File Found : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\ask-web-search.xml

File Found : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\bingp.xml

File Found : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\dsrlte.xml

File Found : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\Web Search.xml

File Found : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\user.js

File Found : C:\Windows\Installer\18671b.msi

File Found : C:\Windows\System32\drivers\{c83c7c03-36f9-4f8f-aa6d-c837575d4eca}w64.sys

File Found : C:\Windows\System32\roboot64.exe

Folder Found : C:\Program Files (x86)\BrowseFox

Folder Found : C:\Program Files (x86)\BrowseFox

Folder Found : C:\Program Files (x86)\Movies Toolbar

Folder Found : C:\Program Files (x86)\PC Performer

Folder Found : C:\Program Files (x86)\SpecialSavings

Folder Found : C:\Program Files (x86)\Speed Test 127

Folder Found : C:\Program Files (x86)\SupTab

Folder Found : C:\Program Files (x86)\UtilityChest_49

Folder Found : C:\Program Files (x86)\WinZipper

Folder Found : C:\Program Files\Reimage

Folder Found : C:\ProgramData\apn

Folder Found : C:\ProgramData\Ask

Folder Found : C:\ProgramData\Babylon

Folder Found : C:\ProgramData\DSearchLink

Folder Found : C:\ProgramData\eSafe

Folder Found : C:\ProgramData\IBUpdaterService

Folder Found : C:\ProgramData\IePluginService

Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer

Folder Found : C:\ProgramData\WPM

Folder Found : C:\Users\katerine\AppData\Local\DProtect

Folder Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl

Folder Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje

Folder Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje

Folder Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

Folder Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo

Folder Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll

Folder Found : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll

Folder Found : C:\Users\katerine\AppData\Local\iac

Folder Found : C:\Users\katerine\AppData\Local\UtilityChest_49

Folder Found : C:\Users\katerine\AppData\LocalLow\DataMngr

Folder Found : C:\Users\katerine\AppData\LocalLow\Delta

Folder Found : C:\Users\katerine\AppData\LocalLow\iac

Folder Found : C:\Users\katerine\AppData\LocalLow\searchresultstb

Folder Found : C:\Users\katerine\AppData\LocalLow\UtilityChest_49

Folder Found : C:\Users\katerine\AppData\Roaming\Babylon

Folder Found : C:\Users\katerine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard

Folder Found : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\faststartff@gmail.com

Folder Found : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\firefox@browsefox.com

Folder Found : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\ilividmoviestoolbarha

Folder Found : C:\Users\katerine\AppData\Roaming\PerformerSoft

Folder Found : C:\Users\katerine\AppData\Roaming\SpecialSavings

Folder Found : C:\Users\katerine\AppData\Roaming\SupTab

 

***** [ Scheduled Tasks ] *****

 

Task Found : EPUpdater

Task Found : LaunchApp

Task Found : PC Performer

Task Found : PC Performer_DEFAULT

Task Found : PC Performer_UPDATES

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b&utm_medium=slbnew&utm_campaign=eXQ&utm_content=sc&from=slbnew&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1379770315

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\musict~1\datamngr\mgrldr.dll

Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\MUSICT~1\Datamngr\x64\mgrldr.dll

Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL

Key Found : HKCU\Software\5d4d6dbbd6def42

Key Found : HKCU\Software\APN DTX

Key Found : HKCU\Software\AppDataLow\Software\UtilityChest_49

Key Found : HKCU\Software\BABSOLUTION

Key Found : HKCU\Software\BrowseFox

Key Found : HKCU\Software\BrowseFox

Key Found : HKCU\Software\Classes\iLivid.torrent

Key Found : HKCU\Software\DataMngr_Toolbar

Key Found : HKCU\Software\Delta

Key Found : HKCU\Software\fTalk

Key Found : HKCU\Software\ilivid

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{84DC9F6C-C9A5-4C64-AB67-D6EF60F963C8}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{938958E8-355C-49FF-92B0-53C1B87ACEA9}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CF67755F-9265-449C-87CF-B945519E073B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{268CA04C-106C-4636-B707-95E8CD5859E0}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C428C4B-C9E2-4B74-B791-88C3FEE48F36}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{938958E8-355C-49FF-92B0-53C1B87ACEA9}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF67755F-9265-449C-87CF-B945519E073B}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\fTalk

Key Found : HKCU\Software\PerformerSoft

Key Found : HKCU\Software\SmartBar

Key Found : HKCU\Software\torch

Key Found : HKCU\Software\UtilityChest_49

Key Found : [x64] HKCU\Software\APN DTX

Key Found : [x64] HKCU\Software\BABSOLUTION

Key Found : [x64] HKCU\Software\BrowseFox

Key Found : [x64] HKCU\Software\BrowseFox

Key Found : [x64] HKCU\Software\DataMngr_Toolbar

Key Found : [x64] HKCU\Software\Delta

Key Found : [x64] HKCU\Software\fTalk

Key Found : [x64] HKCU\Software\ilivid

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{84DC9F6C-C9A5-4C64-AB67-D6EF60F963C8}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}

Key Found : [x64] HKCU\Software\PerformerSoft

Key Found : [x64] HKCU\Software\SmartBar

Key Found : [x64] HKCU\Software\torch

Key Found : [x64] HKCU\Software\UtilityChest_49

Key Found : HKLM\SOFTWARE\5d4d6dbbd6def42

Key Found : HKLM\SOFTWARE\BrowseFox

Key Found : HKLM\SOFTWARE\BrowseFox

Key Found : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}

Key Found : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}

Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}

Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}

Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{23699B0B-C14D-4054-A545-FC0927BB0879}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{25151605-D156-49DD-A659-20E69C1EE15F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{268CA04C-106C-4636-B707-95E8CD5859E0}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{2BB3E614-F616-42DD-A99A-69C1FC268741}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{35274ADF-B8DE-4909-80D1-A26269216903}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3F2F1B3C-EDA7-46EC-A1CA-12A67CD00A82}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{5BBF357E-EA8C-48BF-83CA-DE279FB83BBA}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{698E7AA1-A28E-4064-A9AB-822171AF4EF4}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{6AAFD84D-5F7F-42E5-9FB4-157925C3ED2F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{83CE5D73-E3DE-4DC5-82C2-3B65DFD0A849}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{878A5A0A-DC0A-4C37-BBE2-18C30E50F449}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{8C428C4B-C9E2-4B74-B791-88C3FEE48F36}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{929825DF-A1B4-40C9-8F3C-6DA06BADC150}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{938958E8-355C-49FF-92B0-53C1B87ACEA9}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F19923D-2A4C-45EF-A026-AE7DEE5D022C}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{A72B8EA8-5B63-4C90-9FE8-D9C76C99DE32}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{C86BFADB-406F-47C7-A8D8-FAA37B39089F}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{CF67755F-9265-449C-87CF-B945519E073B}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{D92EDE9A-70A4-469F-AF8F-38C3F278B0A1}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{F67A3AA8-88EE-4A3A-863A-B13A19F8696C}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{F8E1BDAB-F48F-46F9-8693-4EECB83D1AD7}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}

Key Found : HKLM\SOFTWARE\Classes\iLivid.torrent

Key Found : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}

Key Found : HKLM\SOFTWARE\Classes\Interface\{0E1FE4D8-70CE-417E-8FF4-C2B17FF3DD07}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}

Key Found : HKLM\SOFTWARE\Classes\Interface\{13B8FF9D-DEB0-4070-B846-D049218307B3}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1E877590-30B7-400E-A835-B942489EB7BC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Key Found : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Key Found : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}

Key Found : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}

Key Found : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}

Key Found : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Key Found : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}

Key Found : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}

Key Found : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}

Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Key Found : HKLM\SOFTWARE\Classes\Prod.cap

Key Found : HKLM\SOFTWARE\Classes\Speed Test 127.BackgroundHostObject

Key Found : HKLM\SOFTWARE\Classes\Speed Test 127.BackgroundHostObject.1

Key Found : HKLM\SOFTWARE\Classes\Speed Test 127.Navbar

Key Found : HKLM\SOFTWARE\Classes\Speed Test 127.Navbar.1

Key Found : HKLM\SOFTWARE\Classes\Speed Test 127.ScriptHostObject

Key Found : HKLM\SOFTWARE\Classes\Speed Test 127.ScriptHostObject.1

Key Found : HKLM\SOFTWARE\Classes\Speed Test 127.Tool

Key Found : HKLM\SOFTWARE\Classes\Speed Test 127.Tool.1

Key Found : HKLM\SOFTWARE\Classes\speedupmypc

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{103E3C9A-E8AE-4B19-A339-01FE9439763E}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{24486CE9-7BC2-4516-B743-39FFDD4F861B}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{3013E03D-89D5-4580-8560-DB198297CC29}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{326C4F48-FE3B-4E54-9118-9B6C3B6C9B1E}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{39D884BB-2881-4F3A-B9B9-2D3AF4C2C191}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{53FDCCB0-2404-4274-9002-5A3A1FD40426}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{59E5BDB9-126F-4575-901E-D32132A19B94}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{5CF866F0-10A3-4ED4-9BE3-668F2F148E2F}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{618B2F0C-A1AF-4D1D-9354-CF0C42AF5BCB}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{8EFEE482-37BC-4F3D-83E6-CB5BBE077E43}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B69509B5-4A90-4433-A2DE-BE439F6581F2}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CE1482C8-E8FD-4277-9A4F-094D712F6B60}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEFDBFA7-0F18-4216-8F90-6B6F71D6AB83}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F12BA68C-976E-4567-BA3B-629DFCEBC5FE}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F2F1AE7C-149B-46D3-9498-12572C7AFE11}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{F66F6A81-E727-4774-B461-8A5CB7F7DE07}

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.DynamicBarButton

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.DynamicBarButton.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.FeedManager

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.FeedManager.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.HTMLMenu

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.HTMLMenu.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.HTMLPanel

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.HTMLPanel.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.MultipleButton

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.MultipleButton.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.PseudoTransparentPlugin

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.PseudoTransparentPlugin.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.Radio

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.Radio.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.RadioSettings

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.RadioSettings.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.ScriptButton

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.ScriptButton.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.SettingsPlugin

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.SettingsPlugin.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.SkinLauncher

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.SkinLauncher.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.SkinLauncherSettings

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.SkinLauncherSettings.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.ThirdPartyInstaller

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.ThirdPartyInstaller.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.ToolbarProtector

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.ToolbarProtector.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.UrlAlertButton

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.UrlAlertButton.1

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.XMLSessionPlugin

Key Found : HKLM\SOFTWARE\Classes\UtilityChest_49.XMLSessionPlugin.1

Key Found : HKLM\SOFTWARE\DataMngr

Key Found : HKLM\SOFTWARE\Delta

Key Found : HKLM\SOFTWARE\delta-homesSoftware

Key Found : HKLM\SOFTWARE\dosearchessoftware

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll

Key Found : HKLM\SOFTWARE\hdcode

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0E1FE4D8-70CE-417E-8FF4-C2B17FF3DD07}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13B8FF9D-DEB0-4070-B846-D049218307B3}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E877590-30B7-400E-A835-B942489EB7BC}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{878A5A0A-DC0A-4C37-BBE2-18C30E50F449}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{992177A5-DF3C-4EC2-B779-6A5F94704CCC}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFBAF9B2-2093-4D16-9D1F-348AE68408E4}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{84DC9F6C-C9A5-4C64-AB67-D6EF60F963C8}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFoxUntemp_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFoxUntemp_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseFox_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseFox_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseFox_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseFox_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{938958E8-355C-49FF-92B0-53C1B87ACEA9}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25151605-D156-49DD-A659-20E69C1EE15F}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{268CA04C-106C-4636-B707-95E8CD5859E0}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{698E7AA1-A28E-4064-A9AB-822171AF4EF4}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C428C4B-C9E2-4B74-B791-88C3FEE48F36}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9F19923D-2A4C-45EF-A026-AE7DEE5D022C}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F67A3AA8-88EE-4A3A-863A-B13A19F8696C}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UtilityChest_49bar Uninstall Internet Explorer

Key Found : HKLM\SOFTWARE\PerformerSoft

Key Found : HKLM\SOFTWARE\SupTab

Key Found : HKLM\SOFTWARE\supWPM

Key Found : HKLM\SOFTWARE\torch

Key Found : HKLM\SOFTWARE\Uniblue

Key Found : HKLM\SOFTWARE\Uniblue\DriverScanner

Key Found : HKLM\SOFTWARE\UtilityChest_49

Key Found : HKLM\SOFTWARE\V9

Key Found : HKLM\SOFTWARE\winzipersvc

Key Found : HKLM\SOFTWARE\Wpm

Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update BrowseFox

Key Found : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util BrowseFox

Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{938958E8-355C-49FF-92B0-53C1B87ACEA9}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}

Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0E1FE4D8-70CE-417E-8FF4-C2B17FF3DD07}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{13B8FF9D-DEB0-4070-B846-D049218307B3}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1E877590-30B7-400E-A835-B942489EB7BC}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{53F6A516-3DCC-48F4-835C-6C670CB39CEA}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{938958E8-355C-49FF-92B0-53C1B87ACEA9}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowseFox

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowseFox

Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]

Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CF67755F-9265-449C-87CF-B945519E073B}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7A55CBB2-2B2E-4A41-9DE1-6AC5D2C2BE0A}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]

Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CF67755F-9265-449C-87CF-B945519E073B}]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [utility Chest Search Scope Monitor]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [utilityChest_49 Browser Plugin Loader]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [utilityChest_49 Browser Plugin Loader]

Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]

Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17280

 

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] - hxxp://rts.dsrlte.com?affID=na

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [search Page] - hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=SE&userid=f632e2fa-164e-e7a4-8e63-8d4e3d822608&searchtype=ds&q={searchTerms}&installDate=21/09/2013

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [search Bar] - hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=SE&userid=f632e2fa-164e-e7a4-8e63-8d4e3d822608&searchtype=ds&q={searchTerms}&installDate=21/09/2013

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [secondary Start Pages] - hxxp://home.tb.ask.com/index.jhtml?n=77FD35DB&p2=^AYY^xdm065^YYA^se&ptb=AFEEE41E-E0A0-4A5E-8AE5-4D84BED11DA2&si=flvrunner

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] - hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=SE&userid=f632e2fa-164e-e7a4-8e63-8d4e3d822608&searchtype=ds&q={searchTerms}&installDate=21/09/2013

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [searchAssistant] - hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=SE&userid=f632e2fa-164e-e7a4-8e63-8d4e3d822608&searchtype=ds&q={searchTerms}&installDate=21/09/2013

Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=SE&userid=f632e2fa-164e-e7a4-8e63-8d4e3d822608&searchtype=ds&q={searchTerms}&installDate=21/09/2013

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=SE&userid=f632e2fa-164e-e7a4-8e63-8d4e3d822608&searchtype=ds&q={searchTerms}&installDate=21/09/2013

Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}

Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492

Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492

Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] - hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}

 

-\\ Mozilla Firefox v31.0 (x86 sv-SE)

 

[ File : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\prefs.js ]

 

Line Found : user_pref("browser.startup.homepage", "hxxp://rts.dsrlte.com?affID=na");

Line Found : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]

Line Found : user_pref("extensions.delta.admin", false);

Line Found : user_pref("extensions.delta.aflt", "babsst");

Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

Line Found : user_pref("extensions.delta.autoRvrt", "false");

Line Found : user_pref("extensions.delta.dfltLng", "sv");

Line Found : user_pref("extensions.delta.excTlbr", false);

Line Found : user_pref("extensions.delta.ffxUnstlRst", true);

Line Found : user_pref("extensions.delta.id", "62829a33000000000000001e101fe5e1");

Line Found : user_pref("extensions.delta.instlDay", "15972");

Line Found : user_pref("extensions.delta.instlRef", "sst");

Line Found : user_pref("extensions.delta.newTab", false);

Line Found : user_pref("extensions.delta.prdct", "delta");

Line Found : user_pref("extensions.delta.prtnrId", "delta");

Line Found : user_pref("extensions.delta.rvrt", "false");

Line Found : user_pref("extensions.delta.smplGrp", "none");

Line Found : user_pref("extensions.delta.tlbrId", "base");

Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");

Line Found : user_pref("extensions.delta.vrsn", "1.8.24.6");

Line Found : user_pref("extensions.delta.vrsnTs", "1.8.24.622:10:43");

Line Found : user_pref("extensions.delta.vrsni", "1.8.24.6");

Line Found : user_pref("extensions.delta_i.babExt", "");

Line Found : user_pref("extensions.delta_i.babTrack", "affID=119557&tsp=5015");

Line Found : user_pref("extensions.delta_i.srcExt", "ss");

Line Found : user_pref("extensions.helperbar.DockingPositionDown", false);

Line Found : user_pref("extensions.helperbar.SmartbarDisabled", false);

Line Found : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);

Line Found : user_pref("extensions.helperbar.Visibility", true);

Line Found : user_pref("extensions.helperbar.countryiso", "se");

Line Found : user_pref("extensions.helperbar.downloadprovider", "snapdogoblidooyb");

Line Found : user_pref("extensions.helperbar.installationid", "f632e2fa-164e-e7a4-8e63-8d4e3d822608");

Line Found : user_pref("extensions.helperbar.installdate", "21/09/2013");

Line Found : user_pref("extensions.helperbar.publisher", "snapdogoblidooyb");

Line Found : user_pref("extensions.mywebsearch.prevDefaultEngine", "dosearches");

Line Found : user_pref("extensions.mywebsearch.prevKwdEnabled", true);

Line Found : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");

Line Found : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");

Line Found : user_pref("extensions.quick_start.enable_search1", false);

Line Found : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.BUTTON_STRUCTURE", "[{\"b\":221356511,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221356512,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.firstKnownVersion", "5.40.2.29036");

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=0F8C2E9B-F3F9-4460-85AB-41A939C2527F&n=77fda47c&p2=^YP^xdm031^YYA^se&si=COKW4qTb5LkCFceXcAod91MAC[...]

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.hp.enabled", false);

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.initialized", true);

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.installation.contextKey", "");

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.installation.installDate", "2013111420");

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.installation.partnerId", "^YP^xdm031^YYA^se");

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.installation.partnerSubId", "COKW4qTb5LkCFceXcAod91MACw");

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.installation.success", true);

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.installation.toolbarId", "0F8C2E9B-F3F9-4460-85AB-41A939C2527F");

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.isCompliantUninstallImplementation", true);

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.lastActivePing", "1412188998542");

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.lastKnownVersion", "6.72.4.54367");

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.options.defaultSearch", true);

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.options.homePageEnabled", true);

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.options.keywordEnabled", true);

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.options.tabEnabled", true);

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.searchHistory", "www.assistantbolaget.se||livsanda.se||assistanstbolaget.se||livsand.se||lernia.se||bloket.se||blocket||hemmet||glasmästaregatan6a||[...]

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.toolbarCollapsed", false);

Line Found : user_pref("extensions.toolbar.mindspark._1pMembers_.weather.location", "10001");

Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled", false);

Line Found : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");

Line Found : user_pref("extensions.toolbar.mindspark.lastInstalled", "referenceboss@mindspark.com");

 

-\\ Google Chrome v37.0.2062.124

 

[ File : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

Found [search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=SE&userid=f632e2fa-164e-e7a4-8e63-8d4e3d822608&searchtype=ds&q={searchTerms}&installDate=21/09/2013

Found [search Provider] : hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6282001E101FE5E1&affID=119557&tsp=5015

Found [search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=135&systemid=431&v=u9397-126&apn_uid=2131321252024608&apn_dtid=BND431&o=APN10656&apn_ptnrs=AGH&q={searchTerms}

Found [search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=&apn_ptnrs=&apn_sauid=&apn_dtid=OSJ000&psv=&q={searchTerms}

Found [search Provider] : hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}

Found [search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=48A35D2A-2899-44EB-A960-23EE5E6CD513&n=780bd4da&ind=2014041306&p2=^ZC^xpt309^YYA^se

Found [search Provider] : hxxp://rts.dsrlte.com/?q={searchTerms}

 

*************************

 

AdwCleaner[R0].txt - [49665 octets] - [04/10/2014 13:26:30]

AdwCleaner[R1].txt - [48464 octets] - [04/10/2014 15:14:59]

AdwCleaner[R2].txt - [48027 octets] - [04/10/2014 17:29:31]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [48088 octets] ##########

 

 

 

post-69126-0-43445100-1412436734.jpg

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
putifar
Postad (redigerade)

Det som irriterar mig mest är att ljuset på skärmen släcks. Man ser att den är igång men utan ljus, detta händer titt som tett.
Ibland funkar det, ibland inte.

Redigerad av putifar

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

1. Menar du att det går att se vad det står på den mörka skärmen om du lyser på den med en stark lampa?

 

2. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.

Klicka på Clean-knappen.
Tryck på OK.
Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[s0].txt

 

3. Starta FRST.

Sätt en bock framför Addition.txt.

Skanna med FRST.

Klistra in eller bifoga FRST.txt och Addition.txt.

 

4. Skanna datorn online på http://www.eset.com/onlinescan/ och använd helst Internet Explorer till det.
För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Välj alternativet Enable detection of potentially unwanted applications.

Klicka på Advanced Settings.
Ta bort bocken framför Remove found threats.
Bocka för:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology

Klicka på Start

När skanningen är klar klicka på List of found threats, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
putifar

1. Ja! Men nu har det inte hänt på ett tag, men jag är inte helt säker på att det är borta helt. 

2. 
# AdwCleaner v3.311 - Report created 05/10/2014 at 19:44:42

# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : katerine - KATERINE-DATOR
# Running from : C:\Users\katerine\Desktop\adwcleaner_3.311.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : DatamngrCoordinator
[#] Service Deleted : Update BrowseFox
[#] Service Deleted : Util BrowseFox
[#] Service Deleted : UtilityChest_49Service
Service Deleted : Wpm
Service Deleted : {c83c7c03-36f9-4f8f-aa6d-c837575d4eca}w64
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\DSearchLink
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\IePluginService
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
[!] Folder Deleted : C:\Program Files (x86)\BrowseFox
Folder Deleted : C:\Program Files (x86)\Movies Toolbar
Folder Deleted : C:\Program Files (x86)\PC Performer
Folder Deleted : C:\Program Files (x86)\SpecialSavings
Folder Deleted : C:\Program Files (x86)\Speed Test 127
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\UtilityChest_49
Folder Deleted : C:\Program Files (x86)\WinZipper
[!] Folder Deleted : C:\Program Files (x86)\BrowseFox
Folder Deleted : C:\Program Files\Reimage
Folder Deleted : C:\Users\katerine\AppData\Local\DProtect
Folder Deleted : C:\Users\katerine\AppData\Local\iac
Folder Deleted : C:\Users\katerine\AppData\Local\UtilityChest_49
Folder Deleted : C:\Users\katerine\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\katerine\AppData\LocalLow\Delta
Folder Deleted : C:\Users\katerine\AppData\LocalLow\iac
Folder Deleted : C:\Users\katerine\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\katerine\AppData\LocalLow\UtilityChest_49
Folder Deleted : C:\Users\katerine\AppData\Roaming\Babylon
Folder Deleted : C:\Users\katerine\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\katerine\AppData\Roaming\SpecialSavings
Folder Deleted : C:\Users\katerine\AppData\Roaming\SupTab
Folder Deleted : C:\Users\katerine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Deleted : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\ilividmoviestoolbarha
Folder Deleted : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\firefox@browsefox.com
Folder Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Folder Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje
Folder Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Folder Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Folder Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll
[!] Folder Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje
[!] Folder Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll
File Deleted : C:\Windows\Installer\18671b.msi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\drivers\{c83c7c03-36f9-4f8f-aa6d-c837575d4eca}w64.sys
File Deleted : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\bprotector_extensions.sqlite
File Deleted : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\bprotector_prefs.js
File Deleted : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\invalidprefs.js
File Deleted : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\ask-web-search.xml
File Deleted : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\bingp.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\delta-homes.xml
File Deleted : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\dsrlte.xml
File Deleted : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\Web Search.xml
File Deleted : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\user.js
File Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx
File Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
File Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
File Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : EPUpdater
Task Deleted : LaunchApp
Task Deleted : PC Performer
Task Deleted : PC Performer_DEFAULT
Task Deleted : PC Performer_UPDATES
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Speed Test 127.BackgroundHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Speed Test 127.BackgroundHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Test 127.Navbar
Key Deleted : HKLM\SOFTWARE\Classes\Speed Test 127.Navbar.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Test 127.ScriptHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Speed Test 127.ScriptHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Test 127.Tool
Key Deleted : HKLM\SOFTWARE\Classes\Speed Test 127.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.Radio
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.SkinLauncher
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.SkinLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.SkinLauncherSettings
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.SkinLauncherSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.ToolbarProtector.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\UtilityChest_49.XMLSessionPlugin.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseFox_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseFox_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [utility Chest Search Scope Monitor]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [utilityChest_49 Browser Plugin Loader]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFoxUntemp_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFoxUntemp_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update BrowseFox
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util BrowseFox
Key Deleted : HKCU\Software\5d4d6dbbd6def42
Key Deleted : HKLM\SOFTWARE\5d4d6dbbd6def42
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23699B0B-C14D-4054-A545-FC0927BB0879}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25151605-D156-49DD-A659-20E69C1EE15F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{268CA04C-106C-4636-B707-95E8CD5859E0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2BB3E614-F616-42DD-A99A-69C1FC268741}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35274ADF-B8DE-4909-80D1-A26269216903}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3F2F1B3C-EDA7-46EC-A1CA-12A67CD00A82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BBF357E-EA8C-48BF-83CA-DE279FB83BBA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{698E7AA1-A28E-4064-A9AB-822171AF4EF4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AAFD84D-5F7F-42E5-9FB4-157925C3ED2F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83CE5D73-E3DE-4DC5-82C2-3B65DFD0A849}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{878A5A0A-DC0A-4C37-BBE2-18C30E50F449}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C428C4B-C9E2-4B74-B791-88C3FEE48F36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{929825DF-A1B4-40C9-8F3C-6DA06BADC150}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{938958E8-355C-49FF-92B0-53C1B87ACEA9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F19923D-2A4C-45EF-A026-AE7DEE5D022C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A72B8EA8-5B63-4C90-9FE8-D9C76C99DE32}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C86BFADB-406F-47C7-A8D8-FAA37B39089F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CF67755F-9265-449C-87CF-B945519E073B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D92EDE9A-70A4-469F-AF8F-38C3F278B0A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F67A3AA8-88EE-4A3A-863A-B13A19F8696C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F8E1BDAB-F48F-46F9-8693-4EECB83D1AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0E1FE4D8-70CE-417E-8FF4-C2B17FF3DD07}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{13B8FF9D-DEB0-4070-B846-D049218307B3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1E877590-30B7-400E-A835-B942489EB7BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{103E3C9A-E8AE-4B19-A339-01FE9439763E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{24486CE9-7BC2-4516-B743-39FFDD4F861B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3013E03D-89D5-4580-8560-DB198297CC29}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{326C4F48-FE3B-4E54-9118-9B6C3B6C9B1E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39D884BB-2881-4F3A-B9B9-2D3AF4C2C191}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{53FDCCB0-2404-4274-9002-5A3A1FD40426}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{59E5BDB9-126F-4575-901E-D32132A19B94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5CF866F0-10A3-4ED4-9BE3-668F2F148E2F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{618B2F0C-A1AF-4D1D-9354-CF0C42AF5BCB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8EFEE482-37BC-4F3D-83E6-CB5BBE077E43}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B69509B5-4A90-4433-A2DE-BE439F6581F2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CE1482C8-E8FD-4277-9A4F-094D712F6B60}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEFDBFA7-0F18-4216-8F90-6B6F71D6AB83}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F12BA68C-976E-4567-BA3B-629DFCEBC5FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F2F1AE7C-149B-46D3-9498-12572C7AFE11}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F66F6A81-E727-4774-B461-8A5CB7F7DE07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{938958E8-355C-49FF-92B0-53C1B87ACEA9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{268CA04C-106C-4636-B707-95E8CD5859E0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8C428C4B-C9E2-4B74-B791-88C3FEE48F36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{938958E8-355C-49FF-92B0-53C1B87ACEA9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF67755F-9265-449C-87CF-B945519E073B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{06E05B40-77FA-40B6-9077-ED1A7577B1EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58F7B5CA-1162-42E8-8BBC-D543B4EDD780}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{938958E8-355C-49FF-92B0-53C1B87ACEA9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CF67755F-9265-449C-87CF-B945519E073B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25151605-D156-49DD-A659-20E69C1EE15F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{268CA04C-106C-4636-B707-95E8CD5859E0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{698E7AA1-A28E-4064-A9AB-822171AF4EF4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C428C4B-C9E2-4B74-B791-88C3FEE48F36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9F19923D-2A4C-45EF-A026-AE7DEE5D022C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F67A3AA8-88EE-4A3A-863A-B13A19F8696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0E1FE4D8-70CE-417E-8FF4-C2B17FF3DD07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13B8FF9D-DEB0-4070-B846-D049218307B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E877590-30B7-400E-A835-B942489EB7BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D86A75B-CB6B-4764-885D-CA6336F04BA2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{878A5A0A-DC0A-4C37-BBE2-18C30E50F449}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{992177A5-DF3C-4EC2-B779-6A5F94704CCC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFBAF9B2-2093-4D16-9D1F-348AE68408E4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{84DC9F6C-C9A5-4C64-AB67-D6EF60F963C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{84DC9F6C-C9A5-4C64-AB67-D6EF60F963C8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CF67755F-9265-449C-87CF-B945519E073B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CF67755F-9265-449C-87CF-B945519E073B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7A55CBB2-2B2E-4A41-9DE1-6AC5D2C2BE0A}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{75CC1BBE-D96F-45DF-A622-D60BFA8AF49E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{938958E8-355C-49FF-92B0-53C1B87ACEA9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E09EF104-3849-47F4-B005-A120558F3FEF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FB61B649-3FC8-4754-89A2-501456130AB5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0E1FE4D8-70CE-417E-8FF4-C2B17FF3DD07}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{13B8FF9D-DEB0-4070-B846-D049218307B3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1E877590-30B7-400E-A835-B942489EB7BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{53F6A516-3DCC-48F4-835C-6C670CB39CEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5E58CDA9-3B21-4611-A859-26EE28950E61}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C5561B6-3DD2-46B5-83BE-EAE744366046}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{938958E8-355C-49FF-92B0-53C1B87ACEA9}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\APN DTX
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\BrowseFox
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\fTalk
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\PerformerSoft
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\UtilityChest_49
Key Deleted : HKCU\Software\AppDataLow\Software\UtilityChest_49
Key Deleted : HKLM\SOFTWARE\BrowseFox
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Delta
Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
Key Deleted : HKLM\SOFTWARE\dosearchessoftware
Key Deleted : HKLM\SOFTWARE\hdcode
Key Deleted : HKLM\SOFTWARE\PerformerSoft
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\UtilityChest_49
Key Deleted : HKLM\SOFTWARE\V9
Key Deleted : HKLM\SOFTWARE\winzipersvc
Key Deleted : HKLM\SOFTWARE\Wpm
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\fTalk
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UtilityChest_49bar Uninstall Internet Explorer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowseFox
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\musict~1\datamngr\mgrldr.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~3\Wincert\WIN64C~1.DLL
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\MUSICT~1\Datamngr\x64\mgrldr.dll
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [secondary Start Pages]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [searchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
 
-\\ Mozilla Firefox v31.0 (x86 sv-SE)
 
[ File : C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\prefs.js ]
 
Line Deleted : user_pref("browser.startup.homepage", "hxxp://rts.dsrlte.com?affID=na");
Line Deleted : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "sv");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "62829a33000000000000001e101fe5e1");
Line Deleted : user_pref("extensions.delta.instlDay", "15972");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.622:10:43");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119557&tsp=5015");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", true);
Line Deleted : user_pref("extensions.helperbar.countryiso", "se");
Line Deleted : user_pref("extensions.helperbar.downloadprovider", "snapdogoblidooyb");
Line Deleted : user_pref("extensions.helperbar.installationid", "f632e2fa-164e-e7a4-8e63-8d4e3d822608");
Line Deleted : user_pref("extensions.helperbar.installdate", "21/09/2013");
Line Deleted : user_pref("extensions.helperbar.publisher", "snapdogoblidooyb");
Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "dosearches");
Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://www.bing.com/search?FORM=UP97DF&PC=UP97&q=");
Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.BUTTON_STRUCTURE", "[{\"b\":221356511,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221356512,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.firstKnownVersion", "5.40.2.29036");
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=0F8C2E9B-F3F9-4460-85AB-41A939C2527F&n=77fda47c&p2=^YP^xdm031^YYA^se&si=COKW4qTb5LkCFceXcAod91MAC[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.hp.enabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.installation.installDate", "2013111420");
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.installation.partnerId", "^YP^xdm031^YYA^se");
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.installation.partnerSubId", "COKW4qTb5LkCFceXcAod91MACw");
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.installation.toolbarId", "0F8C2E9B-F3F9-4460-85AB-41A939C2527F");
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.isCompliantUninstallImplementation", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.lastActivePing", "1412188998542");
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.lastKnownVersion", "6.72.4.54367");
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.options.defaultSearch", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.options.homePageEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.options.keywordEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.options.tabEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.searchHistory", "www.assistantbolaget.se||livsanda.se||assistanstbolaget.se||livsand.se||lernia.se||bloket.se||blocket||hemmet||glasmästaregatan6a||[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.toolbarCollapsed", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._1pMembers_.weather.location", "10001");
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "referenceboss@mindspark.com");
 
-\\ Google Chrome v37.0.2062.124
 
[ File : C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [search Provider] : hxxp://feed.snapdo.com/?publisher=SnapdoGOblidooYB&dpid=SnapdoGOblidooYB&co=SE&userid=f632e2fa-164e-e7a4-8e63-8d4e3d822608&searchtype=ds&q={searchTerms}&installDate=21/09/2013
Deleted [search Provider] : hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=6282001E101FE5E1&affID=119557&tsp=5015
Deleted [search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=135&systemid=431&v=u9397-126&apn_uid=2131321252024608&apn_dtid=BND431&o=APN10656&apn_ptnrs=AGH&q={searchTerms}
Deleted [search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=&apn_ptnrs=&apn_sauid=&apn_dtid=OSJ000&psv=&q={searchTerms}
Deleted [search Provider] : hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=HitachiXHTS543232A7A384_E2P31243FEZAGPFEZAGPX&ts=1393435492&type=default&q={searchTerms}
Deleted [search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=48A35D2A-2899-44EB-A960-23EE5E6CD513&n=780bd4da&ind=2014041306&p2=^ZC^xpt309^YYA^se
Deleted [search Provider] : hxxp://rts.dsrlte.com/?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [49665 octets] - [04/10/2014 13:26:30]
AdwCleaner[R1].txt - [48464 octets] - [04/10/2014 15:14:59]
AdwCleaner[R2].txt - [48525 octets] - [04/10/2014 17:29:31]
AdwCleaner[R3].txt - [48586 octets] - [05/10/2014 15:29:50]
AdwCleaner[s0].txt - [41713 octets] - [05/10/2014 19:44:42]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [41774 octets] ##########

3.
Se bifogade filer.

4.
C:\AdwCleaner\Quarantine\C\Program Files\Reimage\Reimage Repair\ReimageRepair.exe.vir Win32/SearchPlugin.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\BrowseFoxUn.exe.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\BrowseFox.BrowserAdapter.exe.vir a variant of Win32/BrowseFox.P potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\BrowseFox.BrowserAdapter64.exe.vir Win64/BrowseFox.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\BrowseFox.PurBrowse64.exe.vir a variant of Win64/BrowseFox.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\c83c7c0336f94f8faa6d.dll.vir Win32/BrowseFox.N potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\c83c7c0336f94f8faa6d64.dll.vir Win64/BrowseFox.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\utilBrowseFox.exe.vir a variant of MSIL/BrowseFox.H potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\{c83c7c03-36f9-4f8f-aa6d-c837575d4eca}.dll.vir a variant of Win32/BrowseFox.M potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\{c83c7c03-36f9-4f8f-aa6d-c837575d4eca}64.dll.vir Win64/BrowseFox.D potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\plugins\BrowseFox.BOAS.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\plugins\BrowseFox.Bromon.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\plugins\BrowseFox.BroStats.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\plugins\BrowseFox.BrowserAdapter.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\plugins\BrowseFox.CompatibilityChecker.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\plugins\BrowseFox.FFUpdate.dll.vir a variant of MSIL/BrowseFox.E potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\plugins\BrowseFox.GCUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\plugins\BrowseFox.IEUpdate.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\plugins\BrowseFox.OfSvc.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\plugins\BrowseFox.PurBrowse.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseFox\bin\plugins\BrowseFox.Repmon.dll.vir a variant of MSIL/BrowseFox.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\del_DM_DLL_nsyE3FF.dll.vir a variant of Win32/Toolbar.SearchSuite.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\del_DM_LL_nsyE3FF.dll.vir Win32/Toolbar.SearchSuite.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\del_IEBHO_nsyE3FF.dll.vir a variant of Win32/Toolbar.SearchSuite.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\del_mg_nsyE3FF.dll.vir a variant of Win32/Toolbar.SearchSuite.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_BHO_nsyE3FF.dll.vir a variant of Win64/Toolbar.SearchSuite.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_DM_DLL_nsyE3FF.dll.vir a variant of Win64/Toolbar.SearchSuite.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_DM_LL_nsyE3FF.dll.vir a variant of Win64/Toolbar.SearchSuite.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_mg_nsyE3FF.dll.vir a variant of Win64/Toolbar.SearchSuite.C potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49bprtct.dll.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49datact.dll.vir a variant of Win32/Toolbar.MyWebSearch.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49dyn.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49feedmg.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49highin.exe.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49hkstub.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49httpct.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49idle.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49impipe.exe.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49medint.exe.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49mlbtn.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49Plugin.dll.vir a variant of Win32/Toolbar.MyWebSearch potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49radio.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49regfft.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49reghk.dll.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49regiet.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49script.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49sknlcr.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49skplay.exe.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\49uabtn.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\AppIntegratorStub64.dll.vir Win64/Toolbar.MyWebSearch.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\DPNMNGR.DLL.vir a variant of Win32/Toolbar.MyWebSearch.AI potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\EXEMANAGER.DLL.vir a variant of Win32/Toolbar.MyWebSearch.AI potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\Hpg64.dll.vir Win64/Toolbar.MyWebSearch.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\T8TICKER.DLL.vir a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\UtilityChest_49\bar\1.bin\VERIFY.DLL.vir a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir Win32/Toolbar.Babylon.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir a variant of Win32/ELEX.AE potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll.vir Win32/Toolbar.Linkury.D potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\firefox@browsefox.com\chrome\content\overlay.js.vir Win32/BrowseFox.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\katerine\AppData\Roaming\SupTab\SupTab.dll.vir a variant of Win32/Thinknice.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir a variant of Win64/Systweak.A potentially unwanted application
C:\Program Files (x86)\BrowseFox\bin\BrowseFox.BrowserAdapter.exe a variant of Win32/BrowseFox.P potentially unwanted application
C:\Program Files (x86)\BrowseFox\bin\BrowseFox.BrowserAdapter64.exe Win64/BrowseFox.B potentially unwanted application
C:\Program Files (x86)\BrowseFox\bin\c83c7c0336f94f8faa6d.dll Win32/BrowseFox.N potentially unwanted application
C:\Program Files (x86)\BrowseFox\bin\c83c7c0336f94f8faa6d64.dll Win64/BrowseFox.C potentially unwanted application
C:\Program Files (x86)\BrowseFox\bin\{c83c7c03-36f9-4f8f-aa6d-c837575d4eca}.dll a variant of Win32/BrowseFox.M potentially unwanted application
C:\Program Files (x86)\BrowseFox\bin\{c83c7c03-36f9-4f8f-aa6d-c837575d4eca}64.dll Win64/BrowseFox.D potentially unwanted application
C:\Users\katerine\AppData\Local\fTalk\Helper.dll a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application
C:\Users\katerine\AppData\Local\fTalk\Uninstall.exe a variant of Win32/KoyoteLab.A potentially unwanted application
C:\Users\katerine\AppData\Local\Temp\dsrlte.exe a variant of Win32/Toolbar.Montiera.L potentially unwanted application
C:\Users\katerine\AppData\Local\Temp\DTX\Reporting\ReportingHelper.dll a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Users\katerine\Documents\PCSUUpdate.exe a variant of Win32/Speedchecker.A potentially unwanted application
C:\Users\katerine\Downloads\iLividSetup-r776-n-bc (1).exe a variant of Win32/iLivid.A potentially unwanted application
C:\Users\katerine\Downloads\iLividSetup-r776-n-bc.exe a variant of Win32/iLivid.A potentially unwanted application
C:\Users\katerine\Downloads\ReimageRepair (1).exe Win32/SearchPlugin.A potentially unwanted application
C:\Users\katerine\Downloads\ReimageRepair(1).exe Win32/SearchPlugin.A potentially unwanted application
C:\Users\katerine\Downloads\ReimageRepair(2).exe Win32/SearchPlugin.A potentially unwanted application
C:\Users\katerine\Downloads\ReimageRepair(3).exe Win32/SearchPlugin.A potentially unwanted application
C:\Users\katerine\Downloads\ReimageRepair(4).exe Win32/SearchPlugin.A potentially unwanted application
C:\Users\katerine\Downloads\ReimageRepair(5).exe Win32/SearchPlugin.A potentially unwanted application
C:\Users\katerine\Downloads\ReimageRepair.exe Win32/SearchPlugin.A potentially unwanted application
C:\Windows\Installer\MSI27B.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\Installer\MSI91D7.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-DIC3V7[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-DIC3V7[2].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-DIC3V7[3].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-DIC3V7[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-DIC3V7[2].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-DIC3V7[3].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
 

 

FRST.txt

Addition.txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

1. Då är det bakgrundsbelysningen i skärmen som inte fungerar jämnt. Eftersom det går till och från verkar det vara ett glapp någonstans. Det är svårt att göra något åt det själv.

 

2. Är fTalk något som ska vara installerat i datorn eller har det bara råkat följt med något annat program?

C:\Users\katerine\AppData\Local\fTalk\Uninstall.exe a variant of Win32/KoyoteLab.A potentially unwanted application

 

3. I mappen "Mina dokument finns denna programfil:

PCSUUpdate.exe a variant of Win32/Speedchecker.A potentially unwanted application

 

I mappen "Hämtade filer" finns dessa installationsfiler:

iLividSetup-r776-n-bc (1).exe a variant of Win32/iLivid.A potentially unwanted application

iLividSetup-r776-n-bc.exe a variant of Win32/iLivid.A potentially unwanted application

ReimageRepair (1).exe Win32/SearchPlugin.A potentially unwanted application

ReimageRepair(1).exe Win32/SearchPlugin.A potentially unwanted application

ReimageRepair(2).exe Win32/SearchPlugin.A potentially unwanted application

ReimageRepair(3).exe Win32/SearchPlugin.A potentially unwanted application

ReimageRepair(4).exe Win32/SearchPlugin.A potentially unwanted application

ReimageRepair(5).exe Win32/SearchPlugin.A potentially unwanted application

ReimageRepair.exe Win32/SearchPlugin.A potentially unwanted application

 

Tänk efter om programmen verkligen ska installeras något mer och om de inte ska det ta bort filerna.

 

 

4. Starta Anteckningar.

Kopiera alla rader i rutan:

HKLM\...\Run: [Utility Chest Home Page Guard 64 bit] => "C:\PROGRA~2\UTILIT~2\bar\1.bin\AppIntegrator64.exe"
C:\PROGRA~2\UTILIT~2\
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\Run: [PC Performer44286.exe] => "C:\Users\katerine\AppData\Local\Temp\PC Performer44286.exe" /XML="" /ROS /STP=1:2 <===== ATTENTION
C:\Users\katerine\AppData\Local\Temp\PC Performer44286.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: D - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {5555bc15-37e4-11e3-a10f-74de2b86f812} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {6b07e6e4-4b12-11e1-940b-74de2b86f812} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {7f58ba54-4d5f-11e3-8307-806e6f6e6963} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {a29f467d-4aa5-11e1-943a-001e101fabdd} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {c0e36e23-5813-11e3-8bd5-582c80139263} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {c0e36e31-5813-11e3-8bd5-582c80139263} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {c7e09f78-5858-11e3-b559-74de2b86f812} - D:\AutoRun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKCU - {558D709E-C8B9-4650-9EBD-C4B3EF208A0C} URL = http://rts.dsrlte.com/?q={searchTerms}&r=144
SearchScopes: HKCU - {B0CC940C-FF58-41E7-B5DF-CC5C9654DAA7} URL = http://www.search.ask.com/web?p2=%5EATG%5EDDC010%5EYY%5ESE&gct=&itbv=12.3.0.985&o=APN10733&tpid=DIC3V7&apn_uid=10C96662-D22E-49F5-AD2A-58443CC058F9&apn_ptnrs=%5EATG&apn_dtid=%5EDDC010%5EYY%5ESE&apn_dbr=torch.exe_0_25.0.0.4508&doi=2013-10-05&trgb=IE&q={searchTerms}&psv=
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {44494333-5637-006A-76A7-7A786E7484D7} -  No File
FF Extension: Speed Test 127 - C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\speedtest4354@BestOffers [2014-03-26]
C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\speedtest4354@BestOffers
FF Extension: No Name - C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\extensions\faststartff@gmail.com [Not Found]
FF SearchPlugin: C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\keepmysearch.xml
C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\keepmysearch.xml
CHR NewTab: Default -> "chrome-extension://gchljcfaonjffjifnjlcalnhgdmjckhg/spent.html", "chrome-extension://amfclgbdpgndipgoegfpkkgobahigbcl/redirect.html"
CHR Plugin: (Norton Confidential) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.2.6_0\npcoplgn.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Extension: (New Tab Page) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2013-09-21]
CHR Extension: (CursorMania) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchljcfaonjffjifnjlcalnhgdmjckhg [2014-04-13]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 cpuz134; \??\C:\Users\katerine\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
2014-10-05 19:44 - 2013-09-21 15:11 - 00000000 ____D () C:\Program Files (x86)\BrowseFox
C:\Users\katerine\AppData\Local\Temp\dsrlte.exe
C:\Users\katerine\AppData\Local\Temp\dsrsetup.exe
EmptyTemp:
och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

Datorn kommer att startas om automatiskt.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

 

 

5. Sök igenom datorn med Malwarebytes Anti-Malware (MBAM) som redan är installerat i datorn. Ta bort det som programmet hittar.

 

6. Hur fungerar datorn nu?

Några fler frågor innan jag skriver hur FRST mm ska avinstalleras?

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
putifar

2. Ftalk är inget om används så det är nu borttaget.

Fixlog.txt
 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-10-2014
Ran by katerine at 2014-10-06 14:47:13 Run:1
Running from C:\Users\katerine\Desktop
Loaded Profile: katerine (Available profiles: katerine)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKLM\...\Run: [utility Chest Home Page Guard 64 bit] => "C:\PROGRA~2\UTILIT~2\bar\1.bin\AppIntegrator64.exe"
C:\PROGRA~2\UTILIT~2\
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\Run: [PC Performer44286.exe] => "C:\Users\katerine\AppData\Local\Temp\PC Performer44286.exe" /XML="" /ROS /STP=1:2 <===== ATTENTION
C:\Users\katerine\AppData\Local\Temp\PC Performer44286.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: D - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {5555bc15-37e4-11e3-a10f-74de2b86f812} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {6b07e6e4-4b12-11e1-940b-74de2b86f812} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {7f58ba54-4d5f-11e3-8307-806e6f6e6963} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {a29f467d-4aa5-11e1-943a-001e101fabdd} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {c0e36e23-5813-11e3-8bd5-582c80139263} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {c0e36e31-5813-11e3-8bd5-582c80139263} - D:\AutoRun.exe
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\...\MountPoints2: {c7e09f78-5858-11e3-b559-74de2b86f812} - D:\AutoRun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKCU - {558D709E-C8B9-4650-9EBD-C4B3EF208A0C} URL = http://rts.dsrlte.com/?q={searchTerms}&r=144
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {44494333-5637-006A-76A7-7A786E7484D7} -  No File
FF Extension: Speed Test 127 - C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\speedtest4354@BestOffers [2014-03-26]
C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\speedtest4354@BestOffers
FF Extension: No Name - C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\extensions\faststartff@gmail.com [Not Found]
FF SearchPlugin: C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\keepmysearch.xml
C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\keepmysearch.xml
CHR NewTab: Default -> "chrome-extension://gchljcfaonjffjifnjlcalnhgdmjckhg/spent.html", "chrome-extension://amfclgbdpgndipgoegfpkkgobahigbcl/redirect.html"
CHR Plugin: (Norton Confidential) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.2.6_0\npcoplgn.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Extension: (New Tab Page) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2013-09-21]
CHR Extension: (CursorMania) - C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchljcfaonjffjifnjlcalnhgdmjckhg [2014-04-13]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S3 cpuz134; \??\C:\Users\katerine\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
2014-10-05 19:44 - 2013-09-21 15:11 - 00000000 ____D () C:\Program Files (x86)\BrowseFox
C:\Users\katerine\AppData\Local\Temp\dsrlte.exe
C:\Users\katerine\AppData\Local\Temp\dsrsetup.exe
EmptyTemp:
*****************
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Utility Chest Home Page Guard 64 bit => value deleted successfully.
"C:\PROGRA~2\UTILIT~2" => File/Directory not found.
HKU\S-1-5-21-3496354996-269935204-3173920864-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PC Performer44286.exe => value deleted successfully.
"C:\Users\katerine\AppData\Local\Temp\PC Performer44286.exe" => File/Directory not found.
"HKU\S-1-5-21-3496354996-269935204-3173920864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3496354996-269935204-3173920864-1000" => Key not found.
"HKU\S-1-5-21-3496354996-269935204-3173920864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5555bc15-37e4-11e3-a10f-74de2b86f812}" => Key deleted successfully.
"HKCR\CLSID\{5555bc15-37e4-11e3-a10f-74de2b86f812}" => Key not found.
"HKU\S-1-5-21-3496354996-269935204-3173920864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6b07e6e4-4b12-11e1-940b-74de2b86f812}" => Key deleted successfully.
"HKCR\CLSID\{6b07e6e4-4b12-11e1-940b-74de2b86f812}" => Key not found.
"HKU\S-1-5-21-3496354996-269935204-3173920864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7f58ba54-4d5f-11e3-8307-806e6f6e6963}" => Key deleted successfully.
"HKCR\CLSID\{7f58ba54-4d5f-11e3-8307-806e6f6e6963}" => Key not found.
"HKU\S-1-5-21-3496354996-269935204-3173920864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a29f467d-4aa5-11e1-943a-001e101fabdd}" => Key deleted successfully.
"HKCR\CLSID\{a29f467d-4aa5-11e1-943a-001e101fabdd}" => Key not found.
"HKU\S-1-5-21-3496354996-269935204-3173920864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0e36e23-5813-11e3-8bd5-582c80139263}" => Key deleted successfully.
"HKCR\CLSID\{c0e36e23-5813-11e3-8bd5-582c80139263}" => Key not found.
"HKU\S-1-5-21-3496354996-269935204-3173920864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0e36e31-5813-11e3-8bd5-582c80139263}" => Key deleted successfully.
"HKCR\CLSID\{c0e36e31-5813-11e3-8bd5-582c80139263}" => Key not found.
"HKU\S-1-5-21-3496354996-269935204-3173920864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7e09f78-5858-11e3-b559-74de2b86f812}" => Key deleted successfully.
"HKCR\CLSID\{c7e09f78-5858-11e3-b559-74de2b86f812}" => Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{558D709E-C8B9-4650-9EBD-C4B3EF208A0C}" => Key deleted successfully.
"HKCR\CLSID\{558D709E-C8B9-4650-9EBD-C4B3EF208A0C}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B0CC940C-FF58-41E7-B5DF-CC5C9654DAA7}" => Key deleted successfully.
"HKCR\CLSID\{B0CC940C-FF58-41E7-B5DF-CC5C9654DAA7}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{44494333-5637-006A-76A7-7A786E7484D7} => value deleted successfully.
"HKCR\CLSID\{44494333-5637-006A-76A7-7A786E7484D7}" => Key not found.
C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\speedtest4354@BestOffers => Moved successfully.
"C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\Extensions\speedtest4354@BestOffers" => File/Directory not found.
C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\extensions\faststartff@gmail.com not found.
C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\keepmysearch.xml => Moved successfully.
"C:\Users\katerine\AppData\Roaming\Mozilla\Firefox\Profiles\v49wutc4.default\searchplugins\keepmysearch.xml" => File/Directory not found.
Chrome NewTab deleted successfully.
C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.2.6_0\npcoplgn.dll not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll not found.
C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl => Moved successfully.
C:\Users\katerine\AppData\Local\Google\Chrome\User Data\Default\Extensions\gchljcfaonjffjifnjlcalnhgdmjckhg => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
cpuz134 => Service deleted successfully.
C:\Program Files (x86)\BrowseFox => Moved successfully.
C:\Users\katerine\AppData\Local\Temp\dsrlte.exe => Moved successfully.
C:\Users\katerine\AppData\Local\Temp\dsrsetup.exe => Moved successfully.
EmptyTemp: => Removed 354.8 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
 
Jag tycker datorn flyter på som den skall, och jag har inte hittat något udda beteende när jag lekt runt.
Tack för all hjälp, du är bäst!

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

Bara trevligt att kunna hjälpa till :)

 

Nu återstår bara en sista städomgång:

1. Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.
Klicka på Uninstall-knappen.

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet: http://oldtimer.geekstogo.com/OTC.exe
Dubbelklicka på filen för att starta programmet.
Tryck på knappen CleanUp! och FRST kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar som är kvar.

3. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/
Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



  • Liknande Innehåll

    • X-Men
      Av X-Men
      Enligt företaget Billig Tekniks hemsida är det betydligt viktigare att ha virus i en Windowsbaserad dator än antivirusprogram i en Apple-dator.
      Om detta går det att läsa på deras sida där de presenterar det som allmänt kallas för motmedel mot virus.
       
      Det finns ingen förklaring på varför det är bättre med ett riktigt bra virus i en Windowsbaserad dator än ett antivirusprogram i en Appledator.
      Men upplysningen kan vara värd en hel del för alla dessa som betalar dyrt för sina säkerhetsprogram. De är, enligt Billig Tekniks hemsida, onödiga i en Windowsbaserad dator. Där skall man ha virus och inget annat.
       
      http://www.billigteknik.se/221-antivirus
    • AnnaK
      Av AnnaK
      Besökte en blogg där personen hänvisade till en hemsida. När jag klickade på länken började en signal ljuda och ett fönster med följande text dök upp:
      " Meddelande från webplats….
      Har upptäckt att ditt aktuella Microsoft Windowssystem är föråldrat och korrupt.
      Detta gör att dina systemfiler automatiskt raderas.
      Var vänlig och följ instruktionerna omedelbart för att åtgärda detta problem och försäkra att ditt system hålls uppdaterat".
      En ok knapp fanns på samma fönster.
       
      Bakom detta fönster syntes ett annat fönster som jag inte såg texten på iom att det första fönstret skymde texten, men något med 
      x Ditt windows
      Windowsservern
      Var vänlig att
      Föråldrat. Det                                      sekunder 
      Nödvändigt                                         senaste
      programvaran
       
      Jag startade aktivitetshanteraren och stängde ner Internet utan att klicka på fönstret. Gjorde jag rätt och framförallt, är det någon skada skedd när jag gjorde så? Jag vill inte lägga ut länken, däremot kan jag skicka den via PM, om någon av er rutinerade vill gå in själva och testa och kolla. Tack på förhand!
       
      Hittade precis detta inlägg när jag googlade. https://eforum.idg.se/topic/355956-explorer-11-oroande-meddelande/
      Där Cecilia tipsar om; ".... börja rensningen med AdwCleaner.
      Spara AdwCleaner på Skrivbordet: https://toolslib.net/downloads/viewdownload/1-adwcleaner/ "
      samt
      "...Ta fram fliken Scan och dubbelklicka på den översta och senaste loggfilen.
      En rapport kommer upp, kopiera innehållet och klistra in i ditt svar...".
      Jag gör detta och återkommer med log.
    • William04
      Av William04
      Hej! Jag letar efter ett bra program för att streama AirPlay från PC, det vill säga till en Apple TV. Det finns en hel bunt med sådana program som kan ta emot AirPlay som Reflector och AirServer, men nu vill jag skicka innehållet som finns på min skärm till en Apple TV. Jag har hittat många program som t.ex. AirParrot, men dessa kostar pengar. Är det någon som vet eller känner till om det finns något program som gör detta gratis (eller med en hyfsat lång provperiod (>30 dagar)). Det enda jag kunde hitta var 5K player (https://www.5kplayer.com/), som verkar vara perfekt och lite till, men på internet står det att det i vissa fall förekommer virus, något som verkar knepigt att förstå och få en klarhet i om det gör det eller inte och jag kan inte hitta någonting tydligt eller någon recension gjord av tidningar. Har någon av er erfarenhet med 5kPlayer? Jag vågar inte ladda ner programet eftersom att jag inte har förnyat min licens för Panda Antivirus än, men när det är gjort kan en moderator gärna stänga tråden.
       
      Tacksam för alla svar, perspektiv och länkar!
    • DePhaz
      Av DePhaz
      Jo, som sagt. Jag måste vara ärlig nog att säga att jag inte riktigt hängt med i rapporteringen kring den senaste virus attacken. Allt jag vet är att det är många som är drabbade värden över och vilken typ av attack det rör sig om. SVT är dok inte övertydliga och nämnde bara att det kunde komma via mail men inget mera (de är experter på att utelämna det viktiga och slösa tid på allt annat). Så nu undrar jag: vad vågar man egentligen göra på nätet just nu? Vågar man ladda ner filer och vilken typ då? Bilder, musik, arkiv filer? Hur vågar jag bete mig för att inte få detta virus? Eller kommer det bara via e-post? Jag har min e-post via Yahoo och jag drunknar inte precis i skräppost. Har inte sett till ett enda på år och dar. 
       
      Jag sitter nu på en Ubuntu dator men vissa filer jag laddar ner (downloads till spel i  *.rar eller*.zip format) för jag över till min Windows Vista dator via USB minne (jag vill INTE diskutera att byta ut detta nu fungerande OS). Brukar först skanna minnet med ClamTK och innan jag packar upp filerna på rätt dator så kontrollerar jag dem med Avast vilket då är uppdaterat. Det är enda gången som den datorn är internet ansluten numera. Skulle inte tro att det finns så många uppdateringar till den längre. Ubuntu (12.04) datorn och Linux Mint (13) datorn uppdateras med jämna mellanrum. Mer än så kan man väl inte göra... 
       
      Så om någon som är insatt skulle kunna svara på mina frågor och förklara lite närmare så vore jag tacksam. 
    • sheridanz
      Av sheridanz
      Hej
      Finns någon som kan hjälpa mej.
      Jag försöker hjälpa en kompis med hennes dator och avast säger virus och skadlig kod
      Det verkar som virusprog blir stoppat då jag ska lösa problemen för det händer inget.
       
      Här är loggen, hoppas jag gjort rätt nu
       
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-09-2016 Ran by Kristina (administrator) on HEMMA (20-09-2016 19:33:10) Running from C:\Users\Kristina\Downloads Loaded Profiles: Kristina (Available Profiles: Kristina) Platform: Windows 10 Home Version 1511 (X64) Language: Svenska (Sverige) Internet Explorer Version 11 (Default browser: "C:\Users\Kristina\AppData\Local\Chromium\Application\chrome.exe" -- "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/   ==================== Processes (Whitelisted) =================   (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)   (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     ==================== Registry (Whitelisted) ===========================   (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)   HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-08-16] (Realtek semiconductor) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2015-10-05] (Synaptics Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-20] (AVAST Software) HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" HKU\S-1-5-21-530700673-802275041-1869102837-1001\...\RunOnce: [uninstall C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kristina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-20] (AVAST Software) BootExecute: autocheck autochk * aswBoot.exe /M:e57b5ad6 /wow /dir:"C:\Program Files\AVAST Software\Avast"   ==================== Internet (Whitelisted) ====================   (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)   Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ce834fcf-2140-4a52-bfc6-2a1e800e0e0e}: [DhcpNameServer] 192.168.1.1   Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131188616072905365&GUID=D2809E83-13A4-4605-9C95-BA46E070299F HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131188616072942096&GUID=D2809E83-13A4-4605-9C95-BA46E070299F HKU\S-1-5-21-530700673-802275041-1869102837-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE13&ocid=UE13DHP SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-530700673-802275041-1869102837-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =  SearchScopes: HKU\S-1-5-21-530700673-802275041-1869102837-1001 -> {1A117CDD-327D-424F-95CB-8BCF9CAD3B06} URL = hxxps://se.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms} SearchScopes: HKU\S-1-5-21-530700673-802275041-1869102837-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://se.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_togoo_16_36&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dse%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0CtDtAzzzyyCtAyCtCzy0D0CtDyBtD0AtN0D0Tzu0StCyBtCyDtN1L2XzutAtFtByEtFyCtFzytN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyC0DyEtBzy0Czy0CtGyByBtAyCtG0F0CyByEtGtA0AyDyEtG0BzztAyDyEyEyDtAyBtCtD0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyE0A0F0F0B0AzztGyEtDtCyDtGyEyDyEyCtGzztA0AtDtGyCtD0F0FtDyE0FtC0DyB0A0D2QtN0A0LzuyE%26cr%3D1467038996%26a%3Dwbf_togoo_16_36%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms} StartMenuInternet: IEXPLORE.EXE - iexplore.exe   FireFox: ======== FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-20] (Google Inc.) FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-20] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-20] FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF   Chrome:  ======= CHR HomePage: Default -> hxxps://www.superstart.se/ CHR Profile: C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default [2016-09-20] CHR Extension: (Google Presentationer) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-20] CHR Extension: (Google Dokument) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-20] CHR Extension: (Google Drive) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-20] CHR Extension: (YouTube) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-20] CHR Extension: (Google Kalkylark) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-20] CHR Extension: (Google Dokument Offline) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-20] CHR Extension: (Betalning via Chrome Web Store) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-20] CHR Extension: (Gmail) - C:\Users\Kristina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-20]   ==================== Services (Whitelisted) ========================   (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)   R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-20] (AVAST Software) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328616 2015-10-05] (Intel Corporation) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-10-05] (Synaptics Incorporated) S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)   ===================== Drivers (Whitelisted) ==========================   (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)   S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-20] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-20] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-20] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-20] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-20] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-20] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-09-20] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-20] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-20] (AVAST Software) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-08-16] (Realtek                                            ) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2016-01-21] (Realtek Semiconductor Corporation) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-08-16] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-08-16] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation                           ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-12-24] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-10-05] (Synaptics Incorporated) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S1 ghxgxala; \??\C:\WINDOWS\system32\drivers\ghxgxala.sys [X]   ==================== NetSvcs (Whitelisted) ===================   (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)     ==================== One Month Created files and folders ========   (If an entry is included in the fixlist, the file/folder will be moved.)   2016-09-20 19:33 - 2016-09-20 19:34 - 00012601 _____ C:\Users\Kristina\Downloads\FRST.txt 2016-09-20 19:32 - 2016-09-20 19:33 - 00000000 ____D C:\FRST 2016-09-20 19:32 - 2016-09-20 19:32 - 00000000 ____D C:\Users\Kristina\Downloads\FRST-OlderVersion 2016-09-20 19:27 - 2016-09-20 19:32 - 02402816 _____ (Farbar) C:\Users\Kristina\Downloads\FRST64.exe 2016-09-20 19:12 - 2016-09-20 19:12 - 00000000 ____D C:\Users\Kristina\AppData\Local\CEF 2016-09-20 19:01 - 2016-09-20 19:01 - 00000000 ___HD C:\OneDriveTemp 2016-09-20 18:58 - 2016-09-20 19:01 - 00002279 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-09-20 18:58 - 2016-09-20 19:01 - 00002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-09-20 18:57 - 2016-09-20 19:13 - 00001014 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-09-20 18:57 - 2016-09-20 19:08 - 00004072 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-09-20 18:57 - 2016-09-20 19:08 - 00003840 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-09-20 18:57 - 2016-09-20 19:08 - 00001010 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-09-20 18:57 - 2016-09-20 18:57 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2016-09-20 18:57 - 2016-09-20 18:57 - 00000000 ____D C:\Program Files (x86)\Google 2016-09-20 18:56 - 2016-09-20 18:56 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\AVAST Software 2016-09-20 18:55 - 2016-09-20 18:55 - 00969184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys 2016-09-20 18:55 - 2016-09-20 18:55 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update 2016-09-20 18:55 - 2016-09-20 18:55 - 00001950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk 2016-09-20 18:55 - 2016-09-20 18:55 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2016-09-20 18:55 - 2016-09-20 18:54 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2016-09-20 18:55 - 2016-09-20 18:54 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2016-09-20 18:55 - 2016-09-20 18:54 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2016-09-20 18:55 - 2016-09-20 18:54 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2016-09-20 18:55 - 2016-09-20 18:54 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2016-09-20 18:55 - 2016-09-20 18:54 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2016-09-20 18:55 - 2016-09-20 18:54 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys 2016-09-20 18:54 - 2016-09-20 18:54 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2016-09-20 18:54 - 2016-09-20 18:54 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr 2016-09-20 18:54 - 2016-09-20 18:54 - 00000102 _____ C:\Users\Kristina\AppData\Roaming\WB.CFG 2016-09-20 18:53 - 2016-09-20 18:57 - 00000000 ____D C:\Program Files\AVAST Software 2016-09-20 18:52 - 2016-09-20 18:57 - 00000000 ____D C:\ProgramData\AVAST Software 2016-09-20 18:52 - 2016-09-20 18:52 - 06334848 _____ (AVAST Software) C:\Users\Kristina\Downloads\avast_free_antivirus_setup_online.exe 2016-09-20 18:49 - 2016-09-20 18:52 - 00004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{40277EE3-BB8B-465F-B093-C31454961555} 2016-09-20 18:30 - 2016-09-20 18:30 - 00003240 _____ C:\WINDOWS\System32\Tasks\{0FC3EE4B-CCE1-4DAF-A40F-CAD35D34374C} 2016-09-20 18:25 - 2016-09-20 18:25 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence 2016-09-20 18:19 - 2016-09-20 18:19 - 00003334 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task 2016-09-20 18:17 - 2016-09-20 18:17 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\Skype 2016-09-11 11:10 - 2016-09-20 19:00 - 00000000 ____D C:\Users\Kristina\AppData\Local\Google 2016-09-11 11:00 - 2016-09-20 19:25 - 00000868 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-09-11 11:00 - 2016-09-20 18:38 - 00000930 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-09-11 11:00 - 2016-09-20 18:25 - 00004006 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-09-11 11:00 - 2016-09-11 11:32 - 00003854 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-09-11 09:20 - 2016-09-11 11:32 - 00000000 ____D C:\Users\Kristina\AppData\Local\Adobe 2016-09-11 09:04 - 2016-09-11 09:05 - 00000000 ____D C:\ProgramData\Uniblue 2016-09-11 08:57 - 2016-09-20 19:27 - 00000296 _____ C:\WINDOWS\Tasks\PC-Mechanic Maintenance.job 2016-09-11 08:57 - 2016-09-20 19:00 - 00000310 _____ C:\WINDOWS\Tasks\PC-Mechanic Startup.job 2016-09-11 08:57 - 2016-09-20 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue 2016-09-11 08:57 - 2016-09-20 18:34 - 00000000 ____D C:\Program Files (x86)\Uniblue 2016-09-11 08:57 - 2016-09-11 10:16 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\Uniblue 2016-09-11 08:57 - 2016-09-11 08:57 - 00003342 _____ C:\WINDOWS\System32\Tasks\PC-Mechanic Maintenance 2016-09-11 08:57 - 2016-09-11 08:57 - 00002716 _____ C:\WINDOWS\System32\Tasks\PC-Mechanic Startup 2016-09-11 08:55 - 2016-09-20 18:25 - 00002479 _____ C:\Users\Kristina\Desktop\Chromium.lnk 2016-09-11 08:55 - 2016-09-11 08:55 - 00002360 _____ C:\Users\Kristina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk 2016-09-11 08:54 - 2016-09-11 08:58 - 00000000 ____D C:\Users\Kristina\AppData\Local\Chromium 2016-09-11 08:54 - 2016-09-11 08:56 - 01184656 _____ (Uniblue Systems Limited ) C:\Users\Kristina\Downloads\pcmechanicpm_15523713_.exe 2016-09-11 08:54 - 2016-09-11 08:56 - 00000000 ____D C:\Users\Kristina\AppData\Local\{B3DE8582-9776-E93A-FAEE-CCD2DE86304A} 2016-09-11 08:53 - 2016-09-20 19:18 - 00000000 ____D C:\Users\Kristina\AppData\Roaming\{59FD6F46-7CAF-0230-1799-25E2CB4BD8DC} 2016-09-11 08:53 - 2016-09-20 18:53 - 00000996 _____ C:\WINDOWS\Tasks\Yahoo! Powered lonal.job 2016-09-11 08:53 - 2016-09-20 18:53 - 00000000 ____D C:\ProgramData\{30E2F581-BAA0-7F47-3C66-E105A6246ACB} 2016-09-11 08:53 - 2016-09-20 18:48 - 00000000 ____D C:\Program Files\ByteFence 2016-09-11 08:53 - 2016-09-20 18:21 - 00000000 ____D C:\Program Files (x86)\Corner Sunshine 2016-09-11 08:53 - 2016-09-11 08:55 - 00000000 ____D C:\Users\Kristina\AppData\Local\{59A06FFC-7D08-0344-1090-26AC34F8DA34} 2016-09-11 08:53 - 2016-09-11 08:53 - 74530506 _____ C:\Users\Kristina\Downloads\ChromeSetup [1].exe 2016-09-11 08:53 - 2016-09-11 08:53 - 00004092 _____ C:\WINDOWS\System32\Tasks\LaunchPreSignup 2016-09-11 08:53 - 2016-09-11 08:53 - 00004080 _____ C:\WINDOWS\System32\Tasks\Yahoo! Powered lonal 2016-09-11 08:53 - 2016-09-11 08:53 - 00002551 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk 2016-09-11 08:53 - 2016-09-11 08:53 - 00000254 __RSH C:\ProgramData\ntuser.pol 2016-09-11 08:51 - 2016-09-11 08:52 - 00974208 _____ ( ) C:\Users\Kristina\Downloads\ChromeSetup.exe 2016-08-29 11:24 - 2016-08-29 11:24 - 00032768 _____ C:\Users\Kristina\Downloads\123.pdf   ==================== One Month Modified files and folders ========   (If an entry is included in the fixlist, the file/folder will be moved.)   2016-09-20 19:31 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-09-20 19:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-09-20 19:20 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-09-20 19:01 - 2015-03-24 13:50 - 00000000 __RDO C:\Users\Kristina\OneDrive 2016-09-20 19:00 - 2015-03-24 13:41 - 00000000 __SHD C:\Users\Kristina\IntelGraphicsProfiles 2016-09-20 18:59 - 2016-01-21 21:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-09-20 18:58 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-09-20 18:55 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-09-20 18:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-09-20 18:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-09-20 18:22 - 2015-10-30 20:12 - 00747608 _____ C:\WINDOWS\system32\perfh01D.dat 2016-09-20 18:22 - 2015-10-30 20:12 - 00151176 _____ C:\WINDOWS\system32\perfc01D.dat 2016-09-20 18:22 - 2015-10-05 20:17 - 01768152 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-09-20 18:19 - 2015-10-05 20:24 - 00002383 _____ C:\Users\Kristina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-09-20 18:07 - 2015-10-05 19:08 - 00000000 ___HD C:\$SysReset 2016-09-20 18:05 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-09-11 10:45 - 2016-01-21 20:55 - 00000000 ____D C:\Users\Kristina 2016-09-11 10:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration 2016-09-11 10:33 - 2015-10-05 20:14 - 00000000 ____D C:\Users\Kristina\AppData\Local\Packages 2016-09-11 08:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-09-11 08:53 - 2015-10-05 20:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2016-08-29 11:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache   ==================== Files in the root of some directories =======   2016-09-20 18:54 - 2016-09-20 18:54 - 0000102 _____ () C:\Users\Kristina\AppData\Roaming\WB.CFG 2016-01-21 20:51 - 2016-01-21 20:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl   ==================== Bamital & volsnap =================   (There is no automatic fix for files that do not pass verification.)   C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed     LastRegBack: 2016-09-06 15:43   ==================== End of FRST.txt ============================Addition.txt
  • Senaste som Tittar

    Inga registrerade medlemmar är inne på denna sida.

  • Obesvarade ämnen

  • Nya ämnen

  • Aktuella jobb

    Alla lediga jobb
×
×
  • Skapa nytt...