Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hidden random multiple IE ad sites in task manager (Windows 7)


  • Please log in to reply
5 replies to this topic

#1 Robaron

Robaron

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:40 AM

Posted 23 May 2015 - 01:21 PM

Hi, I found another similar topic about this in this forum (http://www.bleepingcomputer.com/forums/t/576474/internet-explorer-running-on-its-own-to-random-multiple-ad-sites-windows-7/), which I followed. I´m not fully done yet (running a full scan with Zemana antimalware at the moment - I´ve done the Wipe, System ninja, Ccleaner and MWav parts so far). While running Zemava, the software failed to handle a blue mars malware. I did a google search about it and found out some troubling news about it. Seems like it can do alot of damage to the computer. I´ll add the full Zemana log when it is done. 

 

 

The log from MWav here:

 

23 maj 2015 12:18:37 [0b90] - **********************************************************
23 maj 2015 12:18:37 [0b90] - eScans verktyg för skydd mot virus & spionprogram.
23 maj 2015 12:18:37 [0b90] - Upphovsrätt © MicroWorld Technologies
23 maj 2015 12:18:37 [0b90] - **********************************************************
23 maj 2015 12:18:37 [0b90] - Source: C:\Users\Aronsson\DOWNLO~1\MWAV(1~1.EXE
23 maj 2015 12:18:37 [0b90] - Version 14.0.178 (C:\USERS\ARONSSON\APPDATA\LOCAL\TEMP\MEXE.COM)
23 maj 2015 12:18:37 [0b90] - Loggfil: C:\Users\Aronsson\AppData\Local\Temp\MWAV.LOG
23 maj 2015 12:18:37 [0b90] - MWAV Registered: TRUE
23 maj 2015 12:18:37 [0b90] - User Account: Aronsson (Administrator Mode)
23 maj 2015 12:18:37 [0b90] - OS Type: Windows Workstation [InstallType: Client]
23 maj 2015 12:18:37 [0b90] - OS: Windows 7 64-Bit [OS Install Date: 14 Mar 2012 03:13:16]
23 maj 2015 12:18:37 [0b90] - Ver: Personal Service Pack 1 (Build 7601)
23 maj 2015 12:18:37 [0b90] - System Up Time: 36 Minutes, 12 Seconds
23 maj 2015 12:18:37 [0b90] - Parent Process Name : C:\Users\Aronsson\Downloads\mwav (1).exe
23 maj 2015 12:18:37 [0b90] - Windows Root  Folder: C:\Windows
23 maj 2015 12:18:37 [0b90] - Windows Sys32 Folder: C:\Windows\system32
23 maj 2015 12:18:37 [0b90] - DHCP NameServer: 193.150.193.150 83.255.245.11
23 maj 2015 12:18:37 [0b90] - Interface0 DHCPNameServer: 193.150.193.150 83.255.245.11
23 maj 2015 12:18:37 [0b90] - Interface1 DHCPNameServer: 195.54.122.221 195.54.122.211
23 maj 2015 12:18:37 [0b90] - Interface2 DHCPNameServer: 195.54.122.221 195.54.122.211
23 maj 2015 12:18:37 [0b90] - Interface3 DHCPNameServer: 10.4.41.15
23 maj 2015 12:18:37 [0b90] - Local Fixed Drives: c:\,d:\,f:\,g:\,j:\
23 maj 2015 12:18:37 [0b90] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
23 maj 2015 12:18:37 [0b90] - [CREATED ZIP FILE: C:\Users\Aronsson\AppData\Local\Temp\pinfect.zip]
23 maj 2015 12:18:37 [0b90] - Senaste datum för filerna i MWAV: Mon Mar  2 17:13:53 2015.
23 maj 2015 12:18:38 [0b90] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\Aronsson\AppData\Local\Temp\ESCANDB.LOG]
23 maj 2015 12:18:38 [0b90] - Loaded/Created FileScan Cache Database...
23 maj 2015 12:18:38 [0b90] - Loading AV Library [DB]...
23 maj 2015 12:18:39 [0b90] - ArchiveScan: DISABLED
23 maj 2015 12:18:40 [0b90] - AV Library Loaded - MultiThreaded - 8 : [DB-DIRECT].
23 maj 2015 12:18:40 [0b90] - MWAV doing self scanning...
23 maj 2015 12:18:40 [0b90] - MWAV files are clean.
23 maj 2015 12:18:53 [0b90] - ArchiveScan: DISABLED
23 maj 2015 12:18:53 [0b90] - Virus Database Date: 02 Mar 2015
23 maj 2015 12:18:53 [0b90] - Virus Database Count: 6701505
23 maj 2015 12:18:53 [0b90] - Sign Version: 7.59505 [518257]
23 maj 2015 12:19:37 [0b90] - Downloading AntiVirus and Anti-Spyware Databases...
23 maj 2015 12:24:58 [0b90] - Update Successful...
23 maj 2015 12:25:25 [0b90] - Indexed Spyware Databases Successfully Created...
23 maj 2015 12:25:25 [0b90] - Old Sign Version: 7.59505 New Sign Version: 7.60710
23 maj 2015 12:25:34 [0b90] - Reload of AntiVirus Signatures successfully done.
23 maj 2015 12:25:34 [0b90] - Virus Database Date: 23 May 2015
23 maj 2015 12:25:34 [0b90] - Virus Database Count: 5546829
23 maj 2015 12:25:34 [0b90] - Sign Version: 7.60710 [519462]
 
23 maj 2015 12:28:28 [0b90] - **********************************************************
23 maj 2015 12:28:28 [0b90] - MWAV - eScanAV AntiVirus Toolkit.
23 maj 2015 12:28:28 [0b90] - Copyright © MicroWorld Technologies
23 maj 2015 12:28:28 [0b90] - 
23 maj 2015 12:28:28 [0b90] - Support: support@escanav.com
23 maj 2015 12:28:28 [0b90] - Web: http://www.escanav.com
23 maj 2015 12:28:28 [0b90] - **********************************************************
23 maj 2015 12:28:28 [0b90] - Version 14.0.178[DB] (C:\USERS\ARONSSON\APPDATA\LOCAL\TEMP\MEXE.COM)
23 maj 2015 12:28:28 [0b90] - Log File: C:\Users\Aronsson\AppData\Local\Temp\MWAV.LOG
23 maj 2015 12:28:28 [0b90] - User Account: Aronsson (Administrator Mode)
23 maj 2015 12:28:28 [0b90] - Parent Process Name : C:\Users\Aronsson\Downloads\mwav (1).exe
23 maj 2015 12:28:28 [0b90] - Windows Root  Folder: C:\Windows
23 maj 2015 12:28:28 [0b90] - Windows Sys32 Folder: C:\Windows\system32
23 maj 2015 12:28:28 [0b90] - OS: Windows 7 64-Bit [OS Install Date: 14 Mar 2012 03:13:16]
23 maj 2015 12:28:28 [0b90] - Ver: Personal Service Pack 1 (Build 7601)
23 maj 2015 12:28:28 [0b90] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.
 
23 maj 2015 12:28:43 [0108] - Options Selected by User:
23 maj 2015 12:28:43 [0108] - Memory Check: Enabled
23 maj 2015 12:28:43 [0108] - Registry Check: Enabled
23 maj 2015 12:28:43 [0108] - StartUp Folder Check: Enabled
23 maj 2015 12:28:43 [0108] - System Folder Check: Enabled
23 maj 2015 12:28:43 [0108] - Services Check: Enabled
23 maj 2015 12:28:43 [0108] - Scan Spyware: Enabled
23 maj 2015 12:28:43 [0108] - Scan Archives: Disabled
23 maj 2015 12:28:43 [0108] - Drive Check: Disabled
23 maj 2015 12:28:43 [0108] - All Drive Check :Enabled
23 maj 2015 12:28:43 [0108] - Folder Check: Disabled
23 maj 2015 12:28:43 [0108] - SCAN: All_Files [ANSI]
23 maj 2015 12:28:43 [0108] - MWAV Mode( B): Scan and Clean files (for viruses, adware and spyware)
 
23 maj 2015 12:28:43 [0108] - Scanning DNS Records...
23 maj 2015 12:28:43 [0108] - Scanning Master Boot Record (User)...
23 maj 2015 12:28:43 [0108] - Scanning Logical Boot Records...
23 maj 2015 12:28:44 [0108] - ***** Scanning For Hidden Rootkit Processes *****
23 maj 2015 12:28:44 [0108] - ***** Scanning For Hidden Rootkit Services *****
 
23 maj 2015 12:28:48 [0108] - ***** Scanning Memory Files *****
23 maj 2015 12:28:58 [0108] - Scanning File C:\Users\Aronsson\AppData\Roaming\vmlczegc\encecal.dll
23 maj 2015 12:28:58 [0108] - Module C:\Users\Aronsson\AppData\Roaming\vmlczegc\encecal.dll found loaded in Memory...
23 maj 2015 12:28:58 [0108] - Parent Process: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
23 maj 2015 12:28:58 [0108] - List of all Processes Sharing [encecal.dll] : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
23 maj 2015 12:28:58 [0108] - *** Terminating Infected Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe...
23 maj 2015 12:29:00 [0108] - *** Termination Successful.
23 maj 2015 12:29:00 [0108] - File C:\Users\Aronsson\AppData\Roaming\vmlczegc\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Renamed.
 
23 maj 2015 12:29:00 [0108] - Dummy folder [C:\Users\Aronsson\AppData\Roaming\vmlczegc\encecal.dll] made to prevent virus recreation(3).
 
23 maj 2015 12:29:02 [0108] - ***** Scanning Registry Files *****
23 maj 2015 12:29:02 [0108] - ERROR(3)!!! Invalid Entry  = C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho.dll (in key HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}). Action Taken: Removing it.
23 maj 2015 12:29:39 [0108] - ERROR(3)!!! Invalid Entry  = C:\Program Files (x86)\SaveSense\SaveSenseIE.dll (in key HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2e32cfe5-df92-4ae5-b0be-609ed0df74a6}). Action Taken: Removing it.
23 maj 2015 12:29:39 [0108] - ERROR(3)!!! Invalid Entry  = C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho64.dll (in key HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}). Action Taken: Removing it.
23 maj 2015 12:29:40 [0108] - ERROR(3)!!! Invalid Entry {5F327514-6C5E-4d60-8F16-D07FA08A78ED} = C:\Windows\system32\wuaucpl.cpl (in key HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). Action Taken: Removing it.
23 maj 2015 12:29:41 [0108] - ERROR(l)!!! Invalid Entry AppInit_DLLs = c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
23 maj 2015 12:29:41 [0108] - ** NON-STANDARD WINLOGON NOTIFY KEY [SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
23 maj 2015 12:29:41 [0108] - Invalid Entry DllName = SDWinLogon.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon). Action Taken: Deleting Registry Key SDWinLogon.
23 maj 2015 12:29:42 [0108] - ERROR(3)!!! Invalid Entry  = "%1" %* (in key HKCR64\htafile\shell\open\command). Action Taken: Removing it.
 
23 maj 2015 12:29:42 [0108] - ***** Scanning StartUp Folders *****
23 maj 2015 12:29:42 [0f20] - Scanning File C:\Users\Aronsson\Desktop\Allt annat\Min hja¨rtans aller ka¨resta 1404 (1).pdf
23 maj 2015 12:29:42 [0abc] - Scanning File C:\Users\Aronsson\Desktop\Allt annat\Min hja¨rtans aller ka¨resta 1404 (1) - genväg.lnk
23 maj 2015 12:29:42 [0c98] - Scanning File C:\Users\Aronsson\Desktop\Allt annat\filminspelningen\Min hja¨rtans aller ka¨resta 1404.pdf
23 maj 2015 12:31:03 [0c98] - Scanning File C:\Users\Aronsson\AppData\Roaming\azaxlsdd\encecal.dll
23 maj 2015 12:31:03 [0c98] - File C:\Users\Aronsson\AppData\Roaming\azaxlsdd\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:31:09 [0abc] - Scanning File C:\Users\Aronsson\AppData\Roaming\dgzfchgx\encecal.dll
23 maj 2015 12:31:09 [0abc] - File C:\Users\Aronsson\AppData\Roaming\dgzfchgx\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:31:14 [0c98] - ScanFile (C:\Users\Aronsson\AppData\Roaming\Dropbox\bin\Dropbox.exe) took 5179 ms
23 maj 2015 12:31:17 [0f20] - Scanning File C:\Users\Aronsson\AppData\Roaming\edxyllem\encecal.dll
23 maj 2015 12:31:17 [0f20] - File C:\Users\Aronsson\AppData\Roaming\edxyllem\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:31:17 [0abc] - Scanning File C:\Users\Aronsson\AppData\Roaming\ebivptvf\encecal.dll
23 maj 2015 12:31:17 [0abc] - File C:\Users\Aronsson\AppData\Roaming\ebivptvf\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:31:33 [0abc] - Scanning File C:\Users\Aronsson\AppData\Roaming\Firestorm_x64\behnzach_arad\Mr Podj (thepodj_binder).txt
23 maj 2015 12:32:09 [0f3c] - Scanning File C:\Users\Aronsson\AppData\Roaming\gmmohssv\encecal.dll
23 maj 2015 12:32:09 [0f3c] - File C:\Users\Aronsson\AppData\Roaming\gmmohssv\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:32:10 [0f3c] - Scanning File C:\Users\Aronsson\AppData\Roaming\lgkraakl\encecal.dll
23 maj 2015 12:32:10 [0f3c] - File C:\Users\Aronsson\AppData\Roaming\lgkraakl\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:32:15 [1344] - Scanning File C:\Users\Aronsson\AppData\Roaming\mrqvhlbg\encecal.dll
23 maj 2015 12:32:15 [1344] - File C:\Users\Aronsson\AppData\Roaming\mrqvhlbg\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:32:15 [0f3c] - Scanning File C:\Users\Aronsson\AppData\Roaming\nelzphod\encecal.dll
23 maj 2015 12:32:15 [0f3c] - File C:\Users\Aronsson\AppData\Roaming\nelzphod\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:32:15 [0c98] - Scanning File C:\Users\Aronsson\AppData\Roaming\mzvftatf\encecal.dll
23 maj 2015 12:32:15 [0c98] - File C:\Users\Aronsson\AppData\Roaming\mzvftatf\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:32:15 [0abc] - Scanning File C:\Users\Aronsson\AppData\Roaming\myhyrkcr\encecal.dll
23 maj 2015 12:32:15 [0abc] - File C:\Users\Aronsson\AppData\Roaming\myhyrkcr\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:32:15 [0724] - Scanning File C:\Users\Aronsson\AppData\Roaming\njaecbfb\encecal.dll
23 maj 2015 12:32:15 [0724] - File C:\Users\Aronsson\AppData\Roaming\njaecbfb\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:32:17 [0abc] - Scanning File C:\Users\Aronsson\AppData\Roaming\odovzgay\encecal.dll
23 maj 2015 12:32:17 [0abc] - File C:\Users\Aronsson\AppData\Roaming\odovzgay\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:32:18 [0724] - Scanning File C:\Users\Aronsson\AppData\Roaming\rcfkocdv\encecal.dll
23 maj 2015 12:32:18 [0724] - File C:\Users\Aronsson\AppData\Roaming\rcfkocdv\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:32:19 [0abc] - Scanning File C:\Users\Aronsson\AppData\Roaming\quzppbyj\encecal.dll
23 maj 2015 12:32:19 [0abc] - File C:\Users\Aronsson\AppData\Roaming\quzppbyj\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:33:39 [0f3c] - Scanning File C:\Users\Aronsson\AppData\Roaming\sursenel\encecal.dll
23 maj 2015 12:33:39 [0f3c] - File C:\Users\Aronsson\AppData\Roaming\sursenel\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:33:50 [0724] - Scanning File C:\Users\Aronsson\AppData\Roaming\txqnfeye\encecal.dll
23 maj 2015 12:33:50 [0724] - File C:\Users\Aronsson\AppData\Roaming\txqnfeye\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:33:55 [13ac] - Scanning File C:\Users\Aronsson\AppData\Roaming\vdwbrueq\encecal.dll
23 maj 2015 12:33:55 [13ac] - File C:\Users\Aronsson\AppData\Roaming\vdwbrueq\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:33:55 [0724] - Scanning File C:\Users\Aronsson\AppData\Roaming\wsbngqjl\encecal.dll
23 maj 2015 12:33:55 [0724] - File C:\Users\Aronsson\AppData\Roaming\wsbngqjl\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:33:55 [0724] - Scanning File C:\Users\Aronsson\AppData\Roaming\zjeqjknz\encecal.dll
23 maj 2015 12:33:55 [0724] - File C:\Users\Aronsson\AppData\Roaming\zjeqjknz\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:33:55 [1344] - Scanning File C:\Users\Aronsson\AppData\Roaming\xpdzmwlr\encecal.dll
23 maj 2015 12:33:55 [1344] - File C:\Users\Aronsson\AppData\Roaming\xpdzmwlr\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:33:55 [0f3c] - Scanning File C:\Users\Aronsson\AppData\Roaming\yeeujips\encecal.dll
23 maj 2015 12:33:55 [0f3c] - File C:\Users\Aronsson\AppData\Roaming\yeeujips\encecal.dll infected by "Application.Generic.1281625 (DB)" Virus! Action Taken: File Deleted.
 
23 maj 2015 12:34:03 [0abc] - ScanFile (C:\ProgramData\Apple Computer\Installer Cache\QuickTime 7.76.80.95\QuickTime.msi) took 6068 ms
23 maj 2015 12:35:30 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [1344] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0005.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0006.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [1344] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0005.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\7-Zip-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [1344] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0005.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Delta.Toolbar-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Delta.Toolbar-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [1344] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\FastClick-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0005.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Babylon.Toolbar-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:30 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0005.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\ilivid.Toolbar-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0007.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\jZip.Toolbar-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0006.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Linkury.Smartbar-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\ilivid.Toolbar-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0006.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0008.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0010.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0007.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\jZip.Toolbar-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0013.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0009.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0012.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0006.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0005.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0005.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0005.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0006.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0005.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0006.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0007.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0005.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0011.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0006.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0007.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Media Player-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0007.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Paint-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Regedit-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Paint-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Wordpad-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Paint-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Wordpad-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Toolbar.Snap.do-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Toolbar.Snap.do-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Wordpad-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Media Player-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Toolbar.Snap.do-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Wajam-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [1344] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Toolbar.Snap.do-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Somoto.BetterInstaller-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Win32.BitGuard-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Wajam-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [1344] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Win32.BitGuard-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Win32.Downloader.gen-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [1344] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [1344] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0006.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0005.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0005.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\XingHao.LyricsPal-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [1344] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0001.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0c98] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0007.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0abc] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\XingHao.LyricsPal-0000.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:31 [0724] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:32 [0f20] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0004.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:32 [13ac] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\XingHao.LyricsPal-0002.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:32 [0f04] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\XingHao.LyricsPal-0003.zip not Scanned. Possibly password protected...
23 maj 2015 12:35:32 [0f3c] - C:\ProgramData\Spybot - Search & Destroy\Quarantine\Somoto.BetterInstaller-0000.zip not Scanned. Possibly password protected...
 
23 maj 2015 12:35:32 [0108] - ***** Scanning Service Files *****
23 maj 2015 12:35:48 [0108] - ERROR(2)!!! Invalid Entry system32\DRIVERS\EIO64.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\EIO64.
23 maj 2015 12:36:05 [0108] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TrkWks].
 
23 maj 2015 12:36:10 [0108] - ***** Scanning Registry and File system for Adware/Spyware *****
23 maj 2015 12:36:10 [0108] - Loading Spyware Signatures from new External Database [Name: C:\Users\Aronsson\AppData\Local\Temp\spydb.avs, Size: 464724]...
23 maj 2015 12:36:10 [0108] - Indexed Spyware Databases Successfully Created...
 
23 maj 2015 12:38:20 [0108] - Offending Registry Entry found: HKLM\software\microsoft\windows\currentversion\uninstall\xvid
23 maj 2015 12:38:20 [0108] - System found infected with Cutwail Trojan (HKLM\software\microsoft\windows\currentversion\uninstall\xvid)! Action taken: Entries Removed.
23 maj 2015 12:38:20 [0108] - Object "Cutwail Trojan" found in File System! Action Taken: Entries Removed.
 
23 maj 2015 12:38:20 [0108] - Offending Registry Entry found: HKCR\secfile
23 maj 2015 12:38:20 [0108] - System found infected with Defense Center Spyware/Adware (HKCR\secfile)! Action taken: Entries Removed.
23 maj 2015 12:38:20 [0108] - Object "Defense Center Spyware/Adware" found in File System! Action Taken: Entries Removed.
 
 
23 maj 2015 12:38:20 [0108] - ***** Scanning Registry Files *****
23 maj 2015 12:38:20 [0108] - ERROR(3)!!! Invalid Entry  = C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho64.dll (in key HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}). Action Taken: Removing it.
23 maj 2015 12:38:21 [0108] - ERROR(l)!!! Invalid Entry AppInit_DLLs = c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
23 maj 2015 12:38:21 [0108] - ** C:\Windows\system32\drivers\etc\hosts Not Present! Created New One.
23 maj 2015 12:38:21 [0108] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
23 maj 2015 12:38:21 [0108] - ** Deleted Value of "NoActiveDesktop" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer". Its value was DWORD:1.
23 maj 2015 12:38:21 [0108] - ** Deleted Value of "ForceActiveDesktopOn" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer". Its value was DWORD:0.
23 maj 2015 12:38:21 [0108] - ** Deleted Value of "NoComponents" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:1.
23 maj 2015 12:38:21 [0108] - ** Deleted Value of "NoAddingComponents" in "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop". Its value was DWORD:1.
23 maj 2015 12:38:21 [0108] - ** Value in 64-bit HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
23 maj 2015 12:38:21 [0108] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
23 maj 2015 12:38:21 [0108] - ** Value in 64-bit HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
 
23 maj 2015 12:38:21 [0108] - ***** Scanning System32 Folders *****
 
 
23 maj 2015 12:40:37 [0108] - ***** Scanning All Drives *****
23 maj 2015 12:40:37 [0108] - ***** C:,D:,F:,G:,J: ***** 
23 maj 2015 12:40:38 [0108] - Scanning C:\ Drive
23 maj 2015 12:40:58 [13ac] - ScanFile (C:\MSOCache\All Users\{90140000-003D-0000-0000-0000000FF1CE}-C\SingleImageWW.msi) took 6646 ms
23 maj 2015 12:48:36 [1344] - ScanFile (C:\Program Files\AVAST Software\Avast\Setup\ais_cmp_webrep-7e7.vpx) took 5507 ms
23 maj 2015 12:56:06 [1344] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.3\nvcompiler.dl_) took 5756 ms
23 maj 2015 12:56:20 [0f3c] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{199B2371-466D-4B2E-8FB7-72F1BD745A59}\nvcompiler.dl_) took 7332 ms
23 maj 2015 12:56:28 [13ac] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{1F51772C-E910-487F-9677-DB63EE7E17B1}\nvcompiler.dl_) took 5631 ms
23 maj 2015 12:56:34 [1344] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{199B2371-466D-4B2E-8FB7-72F1BD745A59}\nvoglv64.dl_) took 15880 ms
23 maj 2015 12:56:35 [0f20] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{1F51772C-E910-487F-9677-DB63EE7E17B1}\nvwgf2um.dl_) took 5242 ms
23 maj 2015 12:56:37 [0c98] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{1F51772C-E910-487F-9677-DB63EE7E17B1}\nvoglv64.dl_) took 9782 ms
23 maj 2015 12:56:38 [0f04] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3E7EC124-884C-43E4-A7F6-F66FF162A68A}\nvcompiler.dl_) took 5835 ms
23 maj 2015 12:56:39 [0f3c] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3E7EC124-884C-43E4-A7F6-F66FF162A68A}\NvCplSetupInt.exe) took 5335 ms
23 maj 2015 12:56:42 [0724] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3E7EC124-884C-43E4-A7F6-F66FF162A68A}\nvd3dum.dl_) took 5179 ms
23 maj 2015 12:56:47 [0abc] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3E7EC124-884C-43E4-A7F6-F66FF162A68A}\nvoglv32.dl_) took 8487 ms
23 maj 2015 12:56:48 [0f3c] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3E7EC124-884C-43E4-A7F6-F66FF162A68A}\nvoglv64.dl_) took 8721 ms
23 maj 2015 12:56:50 [13ac] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{3E7EC124-884C-43E4-A7F6-F66FF162A68A}\nvwgf2umx.dl_) took 6989 ms
23 maj 2015 12:56:50 [1344] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{69A5AC4C-4FDE-4D81-92B2-31F0FF7C22F7}\nvcompiler.dl_) took 5538 ms
23 maj 2015 12:56:57 [0f04] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{69A5AC4C-4FDE-4D81-92B2-31F0FF7C22F7}\nvoglv64.dl_) took 6053 ms
23 maj 2015 12:57:02 [13ac] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{B8688D95-FB15-41FB-B49F-7892663E23EA}\nvcompiler32.dl_) took 7238 ms
23 maj 2015 12:57:04 [0724] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{B8688D95-FB15-41FB-B49F-7892663E23EA}\nvcompiler.dl_) took 8533 ms
23 maj 2015 12:57:07 [0f3c] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{B8688D95-FB15-41FB-B49F-7892663E23EA}\NvCplSetupInt.exe) took 10577 ms
23 maj 2015 12:57:07 [0abc] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{B8688D95-FB15-41FB-B49F-7892663E23EA}\nvoglv32.dl_) took 6568 ms
23 maj 2015 12:57:13 [0f04] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{B8688D95-FB15-41FB-B49F-7892663E23EA}\nvoglv64.dl_) took 12278 ms
23 maj 2015 12:57:13 [1344] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BB7085B0-BF9E-440C-934D-9A240A6A48F1}\nvcompiler.dl_) took 7223 ms
23 maj 2015 12:57:16 [0c98] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BB7085B0-BF9E-440C-934D-9A240A6A48F1}\nvd3dumx.dl_) took 5975 ms
23 maj 2015 12:57:18 [0f20] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BB7085B0-BF9E-440C-934D-9A240A6A48F1}\nvlddmkm.sy_) took 5304 ms
23 maj 2015 12:57:21 [0abc] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BB7085B0-BF9E-440C-934D-9A240A6A48F1}\nvwgf2umx.dl_) took 5569 ms
23 maj 2015 12:57:21 [13ac] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BB7085B0-BF9E-440C-934D-9A240A6A48F1}\nvoglv64.dl_) took 8252 ms
23 maj 2015 12:57:23 [0f3c] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{BB7085B0-BF9E-440C-934D-9A240A6A48F1}\nvoglv32.dl_) took 10577 ms
23 maj 2015 12:57:26 [1344] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{C68188D0-456B-4F34-8343-FB129B8CCDF9}\nvcompiler.dl_) took 5538 ms
23 maj 2015 12:57:32 [0f04] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{C68188D0-456B-4F34-8343-FB129B8CCDF9}\nvoglv32.dl_) took 5007 ms
23 maj 2015 12:57:33 [0f3c] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{C68188D0-456B-4F34-8343-FB129B8CCDF9}\nvoglv64.dl_) took 5163 ms
23 maj 2015 12:57:33 [13ac] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{C68188D0-456B-4F34-8343-FB129B8CCDF9}\nvopencl.dl_) took 5319 ms
23 maj 2015 12:57:38 [0f3c] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{D2A9D589-10A7-4B0A-A099-C690256CB232}\nvcompiler32.dl_) took 5476 ms
23 maj 2015 12:57:40 [0f04] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{D2A9D589-10A7-4B0A-A099-C690256CB232}\nvcompiler.dl_) took 7176 ms
23 maj 2015 12:57:40 [0f20] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{C68188D0-456B-4F34-8343-FB129B8CCDF9}\nvwgf2umx.dl_) took 9984 ms
23 maj 2015 12:57:48 [0f3c] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{D2A9D589-10A7-4B0A-A099-C690256CB232}\nvwgf2umx.dl_) took 6146 ms
23 maj 2015 12:57:48 [0f04] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{D2A9D589-10A7-4B0A-A099-C690256CB232}\nvlddmkm.sy_) took 8331 ms
23 maj 2015 12:57:50 [0c98] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{E5D6419D-81D9-4C22-A4AF-2CFC527F901C}\nvcompiler.dl_) took 5709 ms
23 maj 2015 12:57:51 [13ac] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{D2A9D589-10A7-4B0A-A099-C690256CB232}\nvwgf2um.dl_) took 8659 ms
23 maj 2015 12:57:57 [13ac] - ScanFile (C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{E5D6419D-81D9-4C22-A4AF-2CFC527F901C}\nvoglv64.dl_) took 5803 ms
23 maj 2015 13:03:51 [0f3c] - ScanFile (C:\Program Files (x86)\Overwolf\0.85.190.0\libcef.dll) took 5663 ms
23 maj 2015 13:04:00 [0724] - ScanFile (C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe) took 6583 ms
23 maj 2015 13:04:45 [0f20] - ScanFile (C:\Program Files (x86)\Rockstar Games\Social Club\renderer.dll) took 7878 ms
23 maj 2015 13:05:47 [13ac] - ScanFile (C:\Program Files (x86)\Sony Media Go Install\WindowsXP-KB942288-v3-x86.exe) took 6177 ms
23 maj 2015 13:06:23 [1344] - ScanFile (C:\Program Files (x86)\Steam\bin\cef.pak) took 5912 ms
23 maj 2015 13:06:24 [0724] - ScanFile (C:\Program Files (x86)\Steam\bin\libcef.dll) took 7130 ms
23 maj 2015 13:10:36 [0f3c] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 13:10:36 [0f3c] - Scanning File C:\System Volume Information\{d7931416-fb40-11e4-a13b-14dae9f4765f}{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 13:10:36 [0f20] - Scanning File C:\System Volume Information\{92a46adc-ff62-11e4-af04-14dae9f4765f}{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 13:10:36 [1344] - Scanning File C:\System Volume Information\{d7931526-fb40-11e4-a13b-14dae9f4765f}{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 13:56:46 [1344] - Scanning File C:\Users\Aronsson\AppData\Roaming\Firestorm_x64\behnzach_arad\Mr Podj (thepodj_binder).txt
23 maj 2015 13:56:56 [0724] - Scanning File C:\Users\Aronsson\Desktop\Allt annat\Min hja¨rtans aller ka¨resta 1404 (1) - genväg.lnk
23 maj 2015 13:56:56 [13ac] - Scanning File C:\Users\Aronsson\Desktop\Allt annat\Min hja¨rtans aller ka¨resta 1404 (1).pdf
23 maj 2015 13:56:58 [0724] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Delkurs 1\Amna° forskning.docx
23 maj 2015 13:57:00 [0f20] - Scanning File C:\Users\Aronsson\Desktop\Allt annat\filminspelningen\Min hja¨rtans aller ka¨resta 1404.pdf
23 maj 2015 13:57:05 [0724] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Självständigt arbete\A¨mnesval Sja¨lvsta¨ndigt arbete H13.pdf
23 maj 2015 13:57:05 [0f04] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Delkurs 3\System+fo¨r+utbildning+eller+utbildning+fo¨r+ett+system.doc
23 maj 2015 13:57:05 [13ac] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Självständigt arbete\Kursschema+Sja¨lvsta¨ndigt+arbete+HT13+Maria+Olson.doc
23 maj 2015 13:57:05 [0f20] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Självständigt arbete\Gemensamt+Fo¨rela¨sningsschema+Sja¨lvsta¨ndigt+arbete+CeHum+H13.docx
23 maj 2015 13:57:05 [0abc] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Självständigt arbete\Sja¨lvsta¨ndigt_arbete_ht13_handledartillfa¨llen.pdf
23 maj 2015 13:57:05 [0f20] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Självständigt arbete\Va¨lkomstbrev från kursansvarig Sja¨lvsta¨ndigt arbete AN H13.pdf
23 maj 2015 13:57:09 [0c98] - ScanFile (C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Delkurs 1\SPSS_Statistics_22_TR_win64_.exe) took 6022 ms
23 maj 2015 13:58:46 [0f3c] - ScanFile (C:\Users\Aronsson\Documents\Spel\Dator\Mass Effect\Mass Effect\Me2\ME2_Kasumi.exe) took 9578 ms
23 maj 2015 13:58:48 [0724] - ScanFile (C:\Users\Aronsson\Documents\Spel\Dator\Mass Effect\Mass Effect\Me2\ME2_ShadowBroker.exe) took 10749 ms
23 maj 2015 13:59:52 [0f04] - ScanFile (C:\Users\Aronsson\Documents\Spel\Rollspel\Traveller\13Mann-Robots-PDF\00000533.zip) took 10671 ms
23 maj 2015 14:00:34 [13ac] - Scanning File C:\Users\Aronsson\Downloads\A¨mnesfo¨rslagargumenterandeartikel.doc
23 maj 2015 14:00:44 [0724] - ScanFile (C:\Users\Aronsson\Downloads\asuspctool_win8_64_ver15065.zip) took 10000 ms
23 maj 2015 14:00:48 [0f04] - Scanning File C:\Users\Aronsson\Downloads\Mall fo¨r argumenterande tal.png
23 maj 2015 14:00:48 [0f04] - Scanning File C:\Users\Aronsson\Downloads\Min hja¨rtans aller ka¨resta 1404 (1).pdf
23 maj 2015 14:00:48 [1344] - Scanning File C:\Users\Aronsson\Downloads\Min hja¨rtans aller ka¨resta 1404.pdf
23 maj 2015 14:00:59 [1344] - ScanFile (C:\Users\Aronsson\Downloads\mwav.exe) took 9937 ms
23 maj 2015 14:01:00 [13ac] - ScanFile (C:\Users\Aronsson\Downloads\mwav (1).exe) took 10904 ms
23 maj 2015 14:01:32 [13ac] - C:\Users\Aronsson\Dropbox\Rollspel\Mutant-Undergångens Arvtagare\Hindenburg\A2_Hindenburg Lösen- Erfarenhet.pdf not Scanned. Possibly password protected...
23 maj 2015 14:01:51 [0c98] - C:\Users\Aronsson\Dropbox\Universitetet\Mappar från skrivbordet - flyttade\Spel\Rollspel\Mutant-Undergångens Arvtagare\Hindenburg\A3_Hindenburg Lösen- Erfarenhet.pdf not Scanned. Possibly password protected...
23 maj 2015 14:01:51 [13ac] - C:\Users\Aronsson\Dropbox\Universitetet\Mappar från skrivbordet - flyttade\Spel\Rollspel\Mutant-Undergångens Arvtagare\Hindenburg\A2_Hindenburg Lösen- Erfarenhet.pdf not Scanned. Possibly password protected...
23 maj 2015 14:01:52 [13ac] - C:\Users\Aronsson\Dropbox\Universitetet\Mappar från skrivbordet - flyttade\Spel\Rollspel\Mutant-Undergångens Arvtagare\Hindenburg\hma_alt Lösen- Välkommen.pdf not Scanned. Possibly password protected...
23 maj 2015 14:01:52 [0c98] - C:\Users\Aronsson\Dropbox\Universitetet\Mappar från skrivbordet - flyttade\Spel\Rollspel\Mutant-Undergångens Arvtagare\Hindenburg\Hemligheter_aventyr Lösen- mest.pdf not Scanned. Possibly password protected...
23 maj 2015 14:01:52 [1344] - C:\Users\Aronsson\Dropbox\Universitetet\Mappar från skrivbordet - flyttade\Spel\Rollspel\Mutant-Undergångens Arvtagare\Hindenburg\Kejsarlangden Lösen- inledande.pdf not Scanned. Possibly password protected...
23 maj 2015 14:01:52 [0f3c] - C:\Users\Aronsson\Dropbox\Universitetet\Mappar från skrivbordet - flyttade\Spel\Rollspel\Mutant-Undergångens Arvtagare\Karle\Automatstadens_dunkel Lösen- Tvillingtornet.pdf not Scanned. Possibly password protected...
23 maj 2015 14:01:52 [0f20] - C:\Users\Aronsson\Dropbox\Universitetet\Mappar från skrivbordet - flyttade\Spel\Rollspel\Mutant-Undergångens Arvtagare\Hindenburg\HMA_hist_dok Lösen- Gunder.pdf not Scanned. Possibly password protected...
23 maj 2015 14:01:52 [0c98] - C:\Users\Aronsson\Dropbox\Universitetet\Mappar från skrivbordet - flyttade\Spel\Rollspel\Mutant-Undergångens Arvtagare\Pirit\sagen Lösen- Beläget.pdf not Scanned. Possibly password protected...
23 maj 2015 14:01:53 [0c98] - C:\Users\Aronsson\Dropbox\Universitetet\Mappar från skrivbordet - flyttade\Spel\Rollspel\Mutant-Undergångens Arvtagare\Varelser\Nya_varelser Lösen- startavgiften.pdf not Scanned. Possibly password protected...
23 maj 2015 14:01:53 [0f3c] - C:\Users\Aronsson\Dropbox\Universitetet\Mappar från skrivbordet - flyttade\Spel\Rollspel\Mutant-Undergångens Arvtagare\Nordholmia\drake Lösen- Dressinen.pdf not Scanned. Possibly password protected...
23 maj 2015 14:01:53 [0abc] - C:\Users\Aronsson\Dropbox\Universitetet\Mappar från skrivbordet - flyttade\Spel\Rollspel\Mutant-Undergångens Arvtagare\Nordholmia\Dod_mans_dilemma Lösen- Kejsarens.pdf not Scanned. Possibly password protected...
23 maj 2015 14:02:07 [0abc] - ScanFile (C:\Users\Aronsson\Google Drive\Robert Telefonbackup\asuspctool_win8_64_ver15065.zip) took 7612 ms
23 maj 2015 14:02:27 [0abc] - ScanFile (C:\Users\Aronsson\Google Drive\Robert Telefonbackup\PadFone Infinity-D6ATCT003727\backup\0690dca9-1c88-40e1-b74d-b596a931ea08) took 5413 ms
23 maj 2015 14:02:46 [0f3c] - ScanFile (C:\Users\Aronsson\Google Drive\Robert Telefonbackup\PadFone Infinity-D6ATCT003727\backup\09630960-da88-41fe-9fc7-3419cfe8edc4) took 7831 ms
23 maj 2015 14:11:57 [0abc] - ScanFile (C:\Users\Aronsson\Google Drive\Robert Telefonbackup\PadFone Infinity-D6ATCT003727\backup\daac16c3-80ba-4b76-aede-02fb6834442b) took 5319 ms
23 maj 2015 14:13:48 [0f20] - Scanning File C:\Users\Aronsson\Pictures\Groaza.jpg
23 maj 2015 14:22:19 [0abc] - ScanFile (C:\Windows\Installer\152ee67.msp) took 6567 ms
23 maj 2015 14:22:34 [0724] - ScanFile (C:\Windows\Installer\31f4600.msp) took 6864 ms
23 maj 2015 14:22:43 [0c98] - ScanFile (C:\Windows\Installer\5c9d6d.msi) took 6193 ms
23 maj 2015 14:23:00 [0724] - ScanFile (C:\Windows\Installer\c8ca98.msi) took 5959 ms
23 maj 2015 14:23:01 [0c98] - ScanFile (C:\Windows\Installer\c8cc50.msp) took 5741 ms
23 maj 2015 14:23:02 [13ac] - ScanFile (C:\Windows\Installer\a0e6f9.msp) took 14866 ms
23 maj 2015 14:23:10 [1344] - ScanFile (C:\Windows\Installer\e395d2.msi) took 12059 ms
23 maj 2015 14:27:48 [1344] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\nv_disp.inf_amd64_neutral_d895694e10f22a11\NvCplSetupInt.exe) took 10842 ms
23 maj 2015 14:28:09 [13ac] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_1792c53aad83c3b4\NvCplSetupInt.exe) took 7691 ms
23 maj 2015 14:29:31 [1344] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_neutral_b62d86fb4cd99b19\NvCplSetupInt.exe) took 9797 ms
23 maj 2015 14:30:17 [0f3c] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\nv_dispwu.inf_amd64_neutral_104ae97042f2a706\NvCplSetupInt.exe) took 5117 ms
23 maj 2015 14:54:11 [0108] - Scanning D:\ Drive
23 maj 2015 15:02:33 [1344] - ScanFile (D:\SteamLibrary\SteamApps\common\Skyrim\Data\tools\GenerateFNIS_for_Modders\GenerateFNISforModders.exe) took 5631 ms
23 maj 2015 15:02:33 [0abc] - ScanFile (D:\SteamLibrary\SteamApps\common\Skyrim\Data\tools\GenerateFNIS_for_Users\GenerateFNISforUsers.exe) took 5897 ms
23 maj 2015 15:02:34 [0108] - Scanning F:\ Drive
23 maj 2015 15:03:42 [13ac] - ScanFile (F:\Documents and Settings\Gordon\Local Settings\Temp\Rar$EX12.907\Players\Debug\Install Flash Player 10 UB.dmg.zip) took 9423 ms
23 maj 2015 15:03:46 [0c98] - ScanFile (F:\Documents and Settings\Gordon\Local Settings\Temp\Rar$EX12.907\Players\Debug\FlashPlayer.exe) took 6614 ms
23 maj 2015 15:03:56 [1344] - ScanFile (F:\Documents and Settings\Gordon\Local Settings\Temp\Rar$EX12.907\Players\Release\Install Flash Player 10 UB.dmg.zip) took 8019 ms
23 maj 2015 15:04:24 [0f04] - ScanFile (F:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\4T67KTIN\iTunes[2].msi) took 5725 ms
23 maj 2015 15:10:20 [0724] - ScanFile (F:\Documents and Settings\Robert\Desktop\Mappar\exe-filer\7-5_xp_dd_ccc_wdm_enu_46743.exe) took 6474 ms
23 maj 2015 15:10:28 [0abc] - ScanFile (F:\Documents and Settings\Robert\Desktop\Mappar\exe-filer\blender-2.44-windows.exe) took 5569 ms
23 maj 2015 15:10:31 [0f3c] - ScanFile (F:\Documents and Settings\Robert\Desktop\Mappar\exe-filer\Azureus_2.5.0.4a_Win32.setup.exe) took 7316 ms
23 maj 2015 15:10:32 [0c98] - ScanFile (F:\Documents and Settings\Robert\Desktop\Mappar\exe-filer\psa30se_sv_se.exe) took 5788 ms
23 maj 2015 15:10:39 [0c98] - ScanFile (F:\Documents and Settings\Robert\Desktop\Mappar\exe-filer\Second Life 1-17-0-109 Voice Beta Setup.exe) took 6958 ms
23 maj 2015 15:10:52 [13ac] - ScanFile (F:\Documents and Settings\Robert\Desktop\Mappar\exe-filer\Avast\setupeng.exe) took 14414 ms
23 maj 2015 15:10:56 [0c98] - ScanFile (F:\Documents and Settings\Robert\Desktop\Mappar\exe-filer\Silverfall_Editor_1.17.exe) took 15647 ms
23 maj 2015 15:11:15 [0724] - ScanFile (F:\Documents and Settings\Robert\Desktop\Mappar\exe-filer\rad_w2kxp_omega_38330.exe) took 17769 ms
23 maj 2015 15:11:24 [0f3c] - ScanFile (F:\Documents and Settings\Robert\Desktop\Mappar\exe-filer\Second Life\Second Life 1-14-0-1 Setup.exe) took 10327 ms
23 maj 2015 15:11:26 [0f04] - ScanFile (F:\Documents and Settings\Robert\Desktop\Mappar\exe-filer\7-3_xp_dd_ccc_wdm_enu_43737.exe) took 22807 ms
23 maj 2015 15:11:26 [0f04] - Scanning of F:\Documents and Settings\Robert\Desktop\Mappar\exe-filer\7-3_xp_dd_ccc_wdm_enu_43737.exe Timed out!!!
23 maj 2015 15:11:32 [1344] - ScanFile (F:\Documents and Settings\Robert\Desktop\Mappar\Rollspel\Trudvang\Genererade Trudvangkaraktärer\CharGen_0.8.1.exe\CharGen.exe) took 8581 ms
23 maj 2015 15:11:52 [1344] - ScanFile (F:\Documents and Settings\Robert\Desktop\SetupVCTwin.exe) took 5663 ms
23 maj 2015 15:11:55 [13ac] - ScanFile (F:\Documents and Settings\Robert\Desktop\Måste sorteras\CharGen.exe) took 7940 ms
23 maj 2015 15:11:59 [0abc] - ScanFile (F:\Documents and Settings\Robert\Desktop\Mappar\spel\dataspel\Archlord\Archlord_Installer.exe) took 25272 ms
23 maj 2015 15:11:59 [0abc] - Scanning of F:\Documents and Settings\Robert\Desktop\Mappar\spel\dataspel\Archlord\Archlord_Installer.exe Timed out!!!
23 maj 2015 15:14:49 [0724] - ScanFile (F:\Documents and Settings\Robert\Local Settings\Temp\.zylomisrtemp1329573594\ZylomGameITemp.exe) took 9235 ms
23 maj 2015 15:16:40 [0f3c] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\2RSKFIT4\Snapshot_002????[1].png
23 maj 2015 15:16:40 [0724] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\2K2R8DNF\%BB?_-%BB?_-%BE%C6T%B9?%BA_hefar2[1].jpg
23 maj 2015 15:16:57 [13ac] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\5FTCJ5WV\Apple-bra¨nslecell-med-iphone-AB[1].jpg
23 maj 2015 15:17:32 [0f20] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\B0ZW08X2\o¨l2000[1].jpg
23 maj 2015 15:17:32 [0c98] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\B0ZW08X2\Ska¨rmavbild+2011-12-22+kl.+13.23.09[1].png
23 maj 2015 15:17:32 [13ac] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\8A665206\???????,_????[1].txt
23 maj 2015 15:18:27 [0c98] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\EY3QBI73\A°Rets-ba¨sta-prylar-AB[1].jpg
23 maj 2015 15:20:51 [1344] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Aldora Hair\Aldora for Genesis\Morphs\DAZ 3D\Base\FBMHeavy.dsf) took 6021 ms
23 maj 2015 15:20:54 [0abc] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Aldora Hair\Aldora for Genesis\Morphs\DAZ 3D\Base\FBMBasicMale.dsf) took 8533 ms
23 maj 2015 15:20:56 [0c98] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Aldora Hair\Aldora for Genesis\Morphs\DAZ 3D\Base\AllFuller.dsf) took 10187 ms
23 maj 2015 15:20:57 [0f04] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Aldora Hair\Aldora for Genesis\Morphs\DAZ 3D\Base\RFrameCheeks.dsf) took 5553 ms
23 maj 2015 15:21:04 [1344] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Duke Hair\Duke for Genesis\Duke for Genesis.dsf) took 9906 ms
23 maj 2015 15:21:05 [0abc] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Aldora Hair\Aldora for Genesis\UV Sets\DAZ 3D\Base\default.dsf) took 10748 ms
23 maj 2015 15:21:05 [0f20] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Aldora Hair\Aldora for Genesis\Morphs\DAZ 3D\Base\FBMBasicChild.dsf) took 19188 ms
23 maj 2015 15:21:07 [0f04] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Genesis\Base\Genesis.dsf) took 8923 ms
23 maj 2015 15:21:20 [0f04] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Genesis\Base\Tools\Projection Templates\Bodysuit Tight\BodySuitTight_Shell.dsf) took 7707 ms
23 maj 2015 15:21:21 [0f3c] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Genesis\Base\Tools\Projection Templates\Shirt Tight\ShirtLongTight.dsf) took 5819 ms
23 maj 2015 15:21:28 [0724] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Journeyer Scout\Pants for Genesis\Pants for Genesis.dsf) took 7020 ms
23 maj 2015 15:21:30 [0f20] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Journeyer Scout\Boots for Genesis\Boots for Genesis.dsf) took 12246 ms
23 maj 2015 15:21:32 [0abc] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Journeyer Scout\Sash for Genesis\Sash for Genesis.dsf) took 7488 ms
23 maj 2015 15:21:34 [0f3c] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\K4 Basic Wear\Boxers for Genesis\Boxers for Genesis.dsf) took 5584 ms
23 maj 2015 15:21:38 [1344] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Journeyer Scout\Wristguards for Genesis\Wristguards for Genesis.dsf) took 10015 ms
23 maj 2015 15:21:44 [0c98] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Magus\Collar for Genesis\Collar for Genesis.dsf) took 7878 ms
23 maj 2015 15:21:46 [1344] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Magus\Leggings for Genesis\Leggings for Genesis.dsf) took 5460 ms
23 maj 2015 15:21:49 [0724] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Magus\Jacket for Genesis\Jacket for Genesis.dsf) took 11576 ms
23 maj 2015 15:21:53 [0f04] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\Magus\Staff for Genesis\Staff for Genesis.dsf) took 8065 ms
23 maj 2015 15:21:54 [0abc] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\SallyMae Hair\SallyMae for Genesis\Morphs\DAZ 3D\Base\AllFuller.dsf) took 8424 ms
23 maj 2015 15:21:55 [0724] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\SallyMae Hair\SallyMae for Genesis\Morphs\DAZ 3D\Base\FBMBasicChild.dsf) took 5414 ms
23 maj 2015 15:21:59 [1344] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\SallyMae Hair\SallyMae for Genesis\Morphs\DAZ 3D\Base\FBMHeavy.dsf) took 9080 ms
23 maj 2015 15:22:02 [13ac] - ScanFile (F:\Documents and Settings\Robert\My Documents\blender-2.61-release-windows64.exe) took 23618 ms
23 maj 2015 15:22:02 [13ac] - Scanning of F:\Documents and Settings\Robert\My Documents\blender-2.61-release-windows64.exe Timed out!!!
23 maj 2015 15:22:04 [0724] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ 3D\Studio\My Library\data\DAZ 3D\SallyMae Hair\SallyMae for Genesis\UV Sets\DAZ 3D\Base\default.dsf) took 5523 ms
23 maj 2015 15:22:33 [1344] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ Studio Products\Bryce_7.1.0.109_Win32.exe) took 8221 ms
23 maj 2015 15:22:51 [0abc] - ScanFile (F:\Documents and Settings\Robert\My Documents\DAZ Studio Products\Hexagon_2.5.1.79_Win32.exe) took 6131 ms
23 maj 2015 15:23:02 [0724] - ScanFile (F:\Documents and Settings\Robert\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\BridgeStartMeeting\BridgeStartMeeting.msi) took 5007 ms
23 maj 2015 15:23:02 [0f3c] - ScanFile (F:\Documents and Settings\Robert\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeTypeSupportAll\AdobeTypeSupportAll.msi) took 5257 ms
23 maj 2015 15:23:33 [0f20] - ScanFile (F:\Documents and Settings\Robert\Säkerhetssparade Filer\Rollspel\MUA\Version Noll Alt regler\VersionNollRegler.pdf) took 6833 ms
23 maj 2015 15:28:42 [0724] - ScanFile (F:\NVIDIA\nForceWin2KXP\6.86\Ethernet\NAM\NAMSetup.exe) took 7566 ms
23 maj 2015 15:28:43 [0f20] - ScanFile (F:\Perfect World\PW_International.part1.exe) took 6770 ms
23 maj 2015 15:44:33 [0f04] - ScanFile (F:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\core2.zip) took 10156 ms
23 maj 2015 15:46:24 [1344] - ScanFile (F:\Program Files\GameShadow\Downloads\ATI Graphics Drivers\Patches\cat_vnnn_v83fullxpnet.exe) took 5600 ms
23 maj 2015 15:46:24 [0f04] - ScanFile (F:\Program Files\GameShadow\Downloads\ATI Graphics Drivers\Patches\cat_vnnn_v710fullxpnet.exe) took 5912 ms
23 maj 2015 15:46:25 [0f3c] - ScanFile (F:\Program Files\GameShadow\Downloads\ATI Graphics Drivers\Patches\cat_vnnn_v82fullxpnet.exe) took 6615 ms
23 maj 2015 15:46:27 [0724] - ScanFile (F:\Program Files\GameShadow\Downloads\ATI Graphics Drivers\Patches\cat_vnnn_v81fullxpnet.exe) took 8455 ms
23 maj 2015 15:46:30 [1344] - ScanFile (F:\Program Files\GameShadow\Downloads\Tomb Raider - Legend\Patches\tombraiderlegend_vnnn_v120.exe) took 5039 ms
23 maj 2015 15:46:34 [0f20] - ScanFile (F:\Program Files\GameShadow\Downloads\ATI Graphics Drivers\Patches\cat_vnnn_v711fullxpnet.exe) took 16006 ms
23 maj 2015 15:53:55 [0c98] - ScanFile (F:\Program Files\Zylom Games\Love and Death - Bitten Deluxe\assets\movies\teaser.swf) took 11731 ms
23 maj 2015 16:02:35 [0c98] - ScanFile (F:\System Volume Information\_restore{E5562308-07BF-488D-A109-2680A94C67F1}\RP692\A0167280.exe) took 5241 ms
23 maj 2015 16:03:40 [0f20] - ScanFile (F:\UDK\UDK-2012-01\Binaries\Win32\UDK.exe) took 8284 ms
23 maj 2015 16:14:34 [0c98] - ScanFile (F:\WINDOWS\Downloaded Installations\{9DF687E7-381C-4882-A05F-4ADF1DD53394}\NVIDIA ForceWare Network Access Manager.msi) took 8252 ms
23 maj 2015 16:16:18 [0c98] - ScanFile (F:\WINDOWS\Installer\11bd52e.msp) took 5180 ms
23 maj 2015 16:16:33 [0f3c] - ScanFile (F:\WINDOWS\Installer\260c720.msi) took 5070 ms
23 maj 2015 16:16:36 [0abc] - ScanFile (F:\WINDOWS\Installer\260c712.msi) took 8892 ms
23 maj 2015 16:16:40 [0724] - ScanFile (F:\WINDOWS\Installer\2f210ca.msp) took 5460 ms
23 maj 2015 16:16:41 [0f04] - ScanFile (F:\WINDOWS\Installer\33ee229.msi) took 5211 ms
23 maj 2015 16:16:43 [0f20] - ScanFile (F:\WINDOWS\Installer\33efbe4.msp) took 7581 ms
23 maj 2015 16:16:47 [0abc] - ScanFile (F:\WINDOWS\Installer\3cfd4.msp) took 6583 ms
23 maj 2015 16:16:53 [13ac] - ScanFile (F:\WINDOWS\Installer\6e8e0b.msp) took 5663 ms
23 maj 2015 16:16:55 [0f3c] - ScanFile (F:\WINDOWS\Installer\969d022.msp) took 5241 ms
23 maj 2015 16:17:00 [0f20] - ScanFile (F:\WINDOWS\Installer\cf7aa.msi) took 5913 ms
23 maj 2015 16:17:04 [0724] - ScanFile (F:\WINDOWS\Installer\f668c1.msi) took 6926 ms
23 maj 2015 16:17:04 [0f3c] - ScanFile (F:\WINDOWS\Installer\fb5cfb.msi) took 5320 ms
23 maj 2015 16:27:24 [0108] - Scanning G:\ Drive
23 maj 2015 16:27:30 [0f04] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-05-05 120003\Backup files 117.zip) took 5616 ms
23 maj 2015 16:27:31 [0f20] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-05-05 120003\Backup files 123.zip) took 6615 ms
23 maj 2015 16:27:32 [0f3c] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-05-05 120003\Backup files 190.zip) took 5070 ms
23 maj 2015 16:27:32 [0724] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-05-05 120003\Backup files 183.zip) took 5600 ms
23 maj 2015 16:27:33 [13ac] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-05-05 120003\Backup files 194.zip) took 5039 ms
23 maj 2015 16:27:42 [0f20] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-05-05 120003\Backup files 210.zip) took 9360 ms
23 maj 2015 16:27:42 [0f3c] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-05-05 120003\Backup files 255.zip) took 7192 ms
23 maj 2015 16:27:44 [0abc] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-05-05 120003\Backup files 332.zip) took 5163 ms
23 maj 2015 16:27:47 [0f04] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-05-05 120003\Backup files 335.zip) took 5834 ms
23 maj 2015 16:27:52 [0abc] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-05-05 120003\Backup files 381.zip) took 7285 ms
23 maj 2015 16:27:53 [0f20] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-05-05 120003\Backup files 372.zip) took 8814 ms
23 maj 2015 16:28:10 [1344] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-06-09 120003\Backup files 8.zip) took 10562 ms
23 maj 2015 16:28:11 [0724] - ScanFile (G:\ARONSSONBURKEN\Backup Set 2014-05-05 120003\Backup Files 2014-06-16 131909\Backup files 6.zip) took 9625 ms
23 maj 2015 16:28:48 [0abc] - Scanning File G:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 16:28:48 [13ac] - Scanning File G:\System Volume Information\{948b6d94-f546-11e3-aecc-14dae9f4765f}{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 16:28:49 [0108] - Scanning J:\ Drive
23 maj 2015 16:29:13 [0f3c] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2014-06-29 151150\Backup Files 2014-06-29 164239\Backup files 52.zip) took 6739 ms
23 maj 2015 16:29:43 [0724] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2014-12-09 012318\Backup Files 2014-12-16 120024\Backup files 166.zip) took 9158 ms
23 maj 2015 16:29:44 [1344] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2014-12-09 012318\Backup Files 2014-12-16 120024\Backup files 189.zip) took 6927 ms
23 maj 2015 16:29:51 [0f04] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2014-12-09 012318\Backup Files 2014-12-16 120024\Backup files 229.zip) took 10187 ms
23 maj 2015 16:29:55 [0f20] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2014-12-09 012318\Backup Files 2014-12-16 120024\Backup files 283.zip) took 8892 ms
23 maj 2015 16:30:05 [0f04] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2014-12-09 012318\Backup Files 2014-12-16 120024\Backup files 331.zip) took 13104 ms
23 maj 2015 16:30:09 [0724] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2014-12-09 012318\Backup Files 2014-12-16 120024\Backup files 349.zip) took 15912 ms
23 maj 2015 16:30:46 [0c98] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2015-05-18 120019\Backup Files 2015-05-18 120019\Backup files 158.zip) took 8283 ms
23 maj 2015 16:30:49 [0f3c] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2015-05-18 120019\Backup Files 2015-05-18 120019\Backup files 240.zip) took 7894 ms
23 maj 2015 16:30:50 [0724] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2015-05-18 120019\Backup Files 2015-05-18 120019\Backup files 246.zip) took 7223 ms
23 maj 2015 16:30:50 [0abc] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2014-12-09 012318\Backup Files 2015-04-20 120008\Backup files 12.zip) took 21497 ms
23 maj 2015 16:30:50 [0abc] - Scanning of J:\ARONSSONBURKEN\Backup Set 2014-12-09 012318\Backup Files 2015-04-20 120008\Backup files 12.zip Timed out!!!
23 maj 2015 16:31:00 [0724] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2015-05-18 120019\Backup Files 2015-05-18 120019\Backup files 321.zip) took 6568 ms
23 maj 2015 16:31:10 [1344] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2015-05-18 120019\Backup Files 2015-05-18 120019\Backup files 444.zip) took 6646 ms
23 maj 2015 16:31:13 [0f20] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2015-05-18 120019\Backup Files 2015-05-18 120019\Backup files 416.zip) took 11170 ms
23 maj 2015 16:31:21 [0724] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2015-05-18 120019\Backup Files 2015-05-18 120019\Backup files 533.zip) took 7301 ms
23 maj 2015 16:31:23 [0f04] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2015-05-18 120019\Backup Files 2015-05-18 120019\Backup files 397.zip) took 22527 ms
23 maj 2015 16:31:23 [0f04] - Scanning of J:\ARONSSONBURKEN\Backup Set 2015-05-18 120019\Backup Files 2015-05-18 120019\Backup files 397.zip Timed out!!!
23 maj 2015 16:31:23 [0f20] - ScanFile (J:\ARONSSONBURKEN\Backup Set 2015-05-18 120019\Backup Files 2015-05-18 120019\Backup files 530.zip) took 9781 ms
23 maj 2015 16:47:40 [0f3c] - ScanFile (J:\Games Steam\SteamApps\common\A Vampyre Story\directX\JUN2008_XAudio_x64.cab) took 849254 ms
23 maj 2015 16:47:40 [0f3c] - Scanning of J:\Games Steam\SteamApps\common\A Vampyre Story\directX\JUN2008_XAudio_x64.cab Timed out!!!
23 maj 2015 16:47:40 [0724] - ScanFile (J:\Games Steam\SteamApps\common\A Vampyre Story\directX\JUN2006_XACT_x64.cab) took 850268 ms
23 maj 2015 16:47:40 [0724] - Scanning of J:\Games Steam\SteamApps\common\A Vampyre Story\directX\JUN2006_XACT_x64.cab Timed out!!!
23 maj 2015 16:47:41 [0f20] - ScanFile (J:\Games Steam\SteamApps\common\A Vampyre Story\directX\JUN2008_XAudio_x86.cab) took 849831 ms
23 maj 2015 16:47:41 [0f20] - Scanning of J:\Games Steam\SteamApps\common\A Vampyre Story\directX\JUN2008_XAudio_x86.cab Timed out!!!
23 maj 2015 16:47:41 [13ac] - ScanFile (J:\Games Steam\SteamApps\common\A Vampyre Story\directX\JUN2007_XACT_x64.cab) took 849956 ms
23 maj 2015 16:47:41 [13ac] - Scanning of J:\Games Steam\SteamApps\common\A Vampyre Story\directX\JUN2007_XACT_x64.cab Timed out!!!
23 maj 2015 16:47:41 [0abc] - ScanFile (J:\Games Steam\SteamApps\common\A Vampyre Story\directX\Mar2008_d3dx10_37_x64.cab) took 849924 ms
23 maj 2015 16:47:41 [0abc] - Scanning of J:\Games Steam\SteamApps\common\A Vampyre Story\directX\Mar2008_d3dx10_37_x64.cab Timed out!!!
23 maj 2015 16:48:53 [0abc] - ScanFile (J:\Games Steam\SteamApps\common\ArcheAge\Games\ArcheAge\Live\bin32\hshield\ehsvc.dll) took 7363 ms
23 maj 2015 16:48:58 [0f3c] - ScanFile (J:\Games Steam\SteamApps\common\ArcheAge\Games\ArcheAge\Live\bin32\x2game.dll) took 6147 ms
23 maj 2015 16:49:10 [0f04] - ScanFile (J:\Games Steam\SteamApps\common\Champions Online\Champions Online\Live\GameClient.exe) took 9672 ms
23 maj 2015 16:49:12 [13ac] - ScanFile (J:\Games Steam\SteamApps\common\Champions Online\Champions Online.exe) took 5663 ms
23 maj 2015 16:56:27 [0f04] - ScanFile (J:\Games Steam\SteamApps\common\EverQuest 2\LaunchPad.libs\Awesomium.dll) took 5600 ms
23 maj 2015 16:57:14 [0724] - ScanFile (J:\Games Steam\SteamApps\common\EverQuest 2\paks\VoiceOver1.vpk) took 7254 ms
23 maj 2015 16:58:57 [1344] - ScanFile (J:\Games Steam\SteamApps\common\Star Trek Online\Star Trek Online\Live\GameClient.exe) took 5148 ms
23 maj 2015 16:59:04 [0abc] - ScanFile (J:\Games Steam\SteamApps\common\Star Trek Online\Star Trek Online.exe) took 8720 ms
23 maj 2015 17:03:16 [0abc] - Scanning File J:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 17:03:16 [13ac] - Scanning File J:\System Volume Information\{d79313c9-fb40-11e4-a13b-14dae9f4765f}{3808876b-c176-4e48-b7ae-04046e6cc752}
 
23 maj 2015 17:03:55 [0108] - ***** Checking for specific ITW Viruses *****
 
23 maj 2015 17:03:55 [0108] - ***** Scanning complete. *****
 
23 maj 2015 17:03:55 [0108] - *** Terminating Process EXPLORER.EXE as one of its child processes libraries was infected...
23 maj 2015 17:03:56 [0108] - Memory/System Found Infected!!! Rescanning all objects to ensure that system is clean...
 
23 maj 2015 17:03:57 [0108] - Options Selected by User:
23 maj 2015 17:03:57 [0108] - Memory Check: Enabled
23 maj 2015 17:03:57 [0108] - Registry Check: Enabled
23 maj 2015 17:03:57 [0108] - StartUp Folder Check: Enabled
23 maj 2015 17:03:57 [0108] - System Folder Check: Enabled
23 maj 2015 17:03:57 [0108] - Services Check: Enabled
23 maj 2015 17:03:57 [0108] - Scan Spyware: Enabled
23 maj 2015 17:03:57 [0108] - Scan Archives: Disabled
23 maj 2015 17:03:57 [0108] - Drive Check: Disabled
23 maj 2015 17:03:57 [0108] - All Drive Check :Enabled
23 maj 2015 17:03:57 [0108] - Folder Check: Disabled
23 maj 2015 17:03:57 [0108] - SCAN: All_Files [ANSI]
23 maj 2015 17:03:57 [0108] - MWAV Mode( B): Scan and Clean files (for viruses, adware and spyware)
 
23 maj 2015 17:03:57 [0108] - Scanning Master Boot Record (User)...
23 maj 2015 17:03:57 [0108] - Scanning Logical Boot Records...
23 maj 2015 17:04:01 [0108] - ***** Scanning For Hidden Rootkit Processes *****
23 maj 2015 17:04:02 [0108] - ***** Scanning For Hidden Rootkit Services *****
 
23 maj 2015 17:04:13 [0108] - ***** Scanning Memory Files *****
 
23 maj 2015 17:04:19 [0108] - ***** Scanning Registry Files *****
23 maj 2015 17:04:19 [0108] - ERROR(3)!!! Invalid Entry  = C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho64.dll (in key HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}). Action Taken: Removing it.
23 maj 2015 17:04:22 [0108] - ERROR(l)!!! Invalid Entry AppInit_DLLs = c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
 
23 maj 2015 17:04:25 [0108] - ***** Scanning StartUp Folders *****
23 maj 2015 17:04:25 [13ac] - Scanning File C:\Users\Aronsson\Desktop\Allt annat\Min hja¨rtans aller ka¨resta 1404 (1).pdf
23 maj 2015 17:04:25 [1344] - Scanning File C:\Users\Aronsson\Desktop\Allt annat\Min hja¨rtans aller ka¨resta 1404 (1) - genväg.lnk
23 maj 2015 17:04:25 [0724] - Scanning File C:\Users\Aronsson\Desktop\Allt annat\filminspelningen\Min hja¨rtans aller ka¨resta 1404.pdf
23 maj 2015 17:04:44 [0f04] - Scanning File C:\Users\Aronsson\AppData\Roaming\Firestorm_x64\behnzach_arad\Mr Podj (thepodj_binder).txt
 
23 maj 2015 17:06:13 [0108] - ***** Scanning Service Files *****
 
23 maj 2015 17:06:28 [0108] - ***** Scanning Registry and File system for Adware/Spyware *****
23 maj 2015 17:06:28 [0108] - Loading Spyware Signatures from new External Database [Name: C:\Users\Aronsson\AppData\Local\Temp\spydb.avs, Size: 464724]...
23 maj 2015 17:06:28 [0108] - Indexed Spyware Databases Successfully Created...
 
 
23 maj 2015 17:10:07 [0108] - ***** Scanning Registry Files *****
23 maj 2015 17:10:07 [0108] - ERROR(3)!!! Invalid Entry  = C:\Program Files (x86)\TheTorntv V10\TheTorntv V10-bho64.dll (in key HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611331111}). Action Taken: Removing it.
23 maj 2015 17:10:07 [0108] - ERROR(l)!!! Invalid Entry AppInit_DLLs = c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
23 maj 2015 17:10:09 [0108] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
23 maj 2015 17:10:09 [0108] - ** Value in 64-bit HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
23 maj 2015 17:10:09 [0108] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
23 maj 2015 17:10:09 [0108] - ** Value in 64-bit HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.google.com
 
23 maj 2015 17:10:09 [0108] - ***** Scanning System32 Folders *****
 
 
23 maj 2015 17:11:16 [0108] - ***** Scanning All Drives *****
23 maj 2015 17:11:16 [0108] - ***** C:,D:,F:,G:,J: ***** 
23 maj 2015 17:11:16 [0108] - Scanning C:\ Drive
23 maj 2015 17:16:46 [1344] - Scanning File C:\System Volume Information\{92a46adc-ff62-11e4-af04-14dae9f4765f}{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 17:16:46 [0f20] - Scanning File C:\System Volume Information\{d7931526-fb40-11e4-a13b-14dae9f4765f}{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 17:16:46 [0724] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 17:16:46 [0abc] - Scanning File C:\System Volume Information\{d7931416-fb40-11e4-a13b-14dae9f4765f}{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 17:18:55 [1344] - Scanning File C:\Users\Aronsson\AppData\Roaming\Firestorm_x64\behnzach_arad\Mr Podj (thepodj_binder).txt
23 maj 2015 17:19:02 [0724] - Scanning File C:\Users\Aronsson\Desktop\Allt annat\Min hja¨rtans aller ka¨resta 1404 (1) - genväg.lnk
23 maj 2015 17:19:02 [0abc] - Scanning File C:\Users\Aronsson\Desktop\Allt annat\Min hja¨rtans aller ka¨resta 1404 (1).pdf
23 maj 2015 17:19:02 [13ac] - Scanning File C:\Users\Aronsson\Desktop\Allt annat\filminspelningen\Min hja¨rtans aller ka¨resta 1404.pdf
23 maj 2015 17:19:02 [0f3c] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Delkurs 1\Amna° forskning.docx
23 maj 2015 17:19:02 [0f3c] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Delkurs 3\System+fo¨r+utbildning+eller+utbildning+fo¨r+ett+system.doc
23 maj 2015 17:19:02 [0f04] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Självständigt arbete\Kursschema+Sja¨lvsta¨ndigt+arbete+HT13+Maria+Olson.doc
23 maj 2015 17:19:02 [1344] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Självständigt arbete\Sja¨lvsta¨ndigt_arbete_ht13_handledartillfa¨llen.pdf
23 maj 2015 17:19:02 [0724] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Självständigt arbete\A¨mnesval Sja¨lvsta¨ndigt arbete H13.pdf
23 maj 2015 17:19:02 [0f20] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Självständigt arbete\Gemensamt+Fo¨rela¨sningsschema+Sja¨lvsta¨ndigt+arbete+CeHum+H13.docx
23 maj 2015 17:19:02 [0abc] - Scanning File C:\Users\Aronsson\Documents\Arbete\Jobbrelaterat\Kurs 2014\Självständigt arbete\Va¨lkomstbrev från kursansvarig Sja¨lvsta¨ndigt arbete AN H13.pdf
23 maj 2015 17:19:15 [0f20] - Scanning File C:\Users\Aronsson\Downloads\A¨mnesfo¨rslagargumenterandeartikel.doc
23 maj 2015 17:19:16 [0724] - Scanning File C:\Users\Aronsson\Downloads\Mall fo¨r argumenterande tal.png
23 maj 2015 17:19:16 [13ac] - Scanning File C:\Users\Aronsson\Downloads\Min hja¨rtans aller ka¨resta 1404 (1).pdf
23 maj 2015 17:19:16 [0f20] - Scanning File C:\Users\Aronsson\Downloads\Min hja¨rtans aller ka¨resta 1404.pdf
23 maj 2015 17:21:03 [1344] - Scanning File C:\Users\Aronsson\Pictures\Groaza.jpg
23 maj 2015 17:29:07 [0108] - Scanning D:\ Drive
23 maj 2015 17:30:46 [0108] - Scanning F:\ Drive
23 maj 2015 17:31:49 [0c98] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\2RSKFIT4\Snapshot_002????[1].png
23 maj 2015 17:31:49 [1344] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\2K2R8DNF\%BB?_-%BB?_-%BE%C6T%B9?%BA_hefar2[1].jpg
23 maj 2015 17:31:50 [1344] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\5FTCJ5WV\Apple-bra¨nslecell-med-iphone-AB[1].jpg
23 maj 2015 17:31:52 [0f04] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\8A665206\???????,_????[1].txt
23 maj 2015 17:31:52 [0f20] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\B0ZW08X2\Ska¨rmavbild+2011-12-22+kl.+13.23.09[1].png
23 maj 2015 17:31:52 [0f3c] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\B0ZW08X2\o¨l2000[1].jpg
23 maj 2015 17:31:54 [1344] - Scanning File F:\Documents and Settings\Robert\Local Settings\Temporary Internet Files\Content.IE5\EY3QBI73\A°Rets-ba¨sta-prylar-AB[1].jpg
23 maj 2015 17:49:27 [0108] - Scanning G:\ Drive
23 maj 2015 17:49:36 [0abc] - Scanning File G:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 17:49:36 [0724] - Scanning File G:\System Volume Information\{948b6d94-f546-11e3-aecc-14dae9f4765f}{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 17:49:36 [0108] - Scanning J:\ Drive
23 maj 2015 17:51:37 [13ac] - Scanning File J:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
23 maj 2015 17:51:37 [0c98] - Scanning File J:\System Volume Information\{d79313c9-fb40-11e4-a13b-14dae9f4765f}{3808876b-c176-4e48-b7ae-04046e6cc752}
 
23 maj 2015 17:51:41 [0108] - ***** Checking for specific ITW Viruses *****
 
23 maj 2015 17:51:41 [0108] - ***** Scanning complete. *****
 
23 maj 2015 17:51:41 [0108] - Total Objects Scanned: 2265995
23 maj 2015 17:51:41 [0108] - Total Critical Objects: 24
23 maj 2015 17:51:41 [0108] - Total Disinfected Objects: 0
23 maj 2015 17:51:41 [0108] - Total Objects Renamed: 1
23 maj 2015 17:51:41 [0108] - Total Deleted Objects: 23
23 maj 2015 17:51:41 [0108] - Total Errors: 14
23 maj 2015 17:51:41 [0108] - Time Elapsed: 05:04:45
23 maj 2015 17:51:41 [0108] - Virus Database Date: 23 May 2015
23 maj 2015 17:51:41 [0108] - Virus Database Count: 5546829
23 maj 2015 17:51:41 [0108] - Sign Version: 7.60710 [519462]
 
23 maj 2015 17:51:41 [0108] - Scan Completed.

Edited by Robaron, 23 May 2015 - 02:34 PM.


BC AdBot (Login to Remove)

 


#2 Robaron

Robaron
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:40 AM

Posted 23 May 2015 - 01:38 PM

The log from the Zemana software:
 
Zemana AntiMalware 2.14.2.667 (Installed)
-------------------------------------------------------
Scan Result           : Completed
Scan Date             : 2015-5-23
Operating System      : Windows 7 64-bit
Processor             : 4X Intel® Core™ i5-2400 CPU @ 3.10GHz
BIOS Mode             : Legacy
CUID                  : 00F66B4B6A49BC4EEB2E96
Scan Type             : Deep Scan
Duration              : 116m 53s
Scanned Objects       : 307606
Detected Objects      : 22
Excluded Objects      : 0
Read Level            : SCSI
Auto Upload           : Yes
Show All Extensions   : No
Scan Documents        : Yes
Domain Info           : WORKGROUP,1,2
 
 
Detected Objects
-------------------------------------------------------
Firefox Search
   Status             : Scanned
   Object             : Search Results - http://dts.search-results.com
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detection          : Suspicious Browser Setting
   Cleaning Action    : Repair
   Traces             :
                Browser Setting - Firefox Search
 
Firefox Homepage
   Status             : Scanned
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detection          : Suspicious Browser Setting
   Cleaning Action    : Repair
   Traces             :
                Browser Setting - Firefox Homepage
 
Chrome Policy
   Status             : Scanned
   Object             : mpcknfcdcgpffjddjeceioobdelceffo;C:\Users\Aronsson\AppData\Local\Minibar\update_chrome.xml
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detection          : Suspicious Browser Setting
   Cleaning Action    : Repair
   Traces             :
                Browser Setting - Chrome Policy
 
jZip.exe
   Status             : Scanned
   Object             : %programfiles%\jzip\jzip.exe
   MD5                : 105DCACC21E41A7B2376162FCFC05C19
   Publisher          : Bandoo Media Inc
   Size               : 3560336
   Version            : 1.3.0.0
   Detection          : Adware:Win32/BandooMedia!Ep
   Cleaning Action    : Quarantine
   Traces             :
                File - %programfiles%\jzip\jzip.exe
                Reference - C:\Users\Aronsson\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\jZip.lnk
 
roboot64.exe
   Status             : Scanned
   Object             : %systemroot%\system32\roboot64.exe
   MD5                : CAC8EA64B05C6C3380D95CFED1FE5809
   Publisher          : The Phone Support Pvt. Ltd.
   Size               : 20328
   Version            : 3.0.0.5326
   Detection          : Scareware:Win32/FakeAV.Gen
   Cleaning Action    : Quarantine
   Traces             :
                File - %systemroot%\system32\roboot64.exe
 
VuzeFW.exe
   Status             : Scanned
   Object             : %programfiles%\vuze\vuzefw.exe
   MD5                : 10B8FD725D073FFE3A035F4BD0B5B2D1
   Publisher          : Azureus Software, Inc.
   Size               : 44544
   Version            : -
   Detection          : Downloader:Win32/Generic
   Cleaning Action    : Quarantine
   Traces             :
                File - %programfiles%\vuze\vuzefw.exe
 
ResourcesLOC.dll
   Status             : Scanned
   Object             : %programfiles%\jzip\resourcesloc.dll
   MD5                : 0AE9D449280E775F9F965C6B28FBFC63
   Publisher          : Bandoo Media Inc
   Size               : 688016
   Version            : 1.3.0.0
   Detection          : Adware:Win32/BandooMedia!Ep
   Cleaning Action    : Quarantine
   Traces             :
                File - %programfiles%\jzip\resourcesloc.dll
 
jZipShell.dll
   Status             : Scanned
   Object             : %programfiles%\jzip\jzipshell.dll
   MD5                : E312A8C2269A11073C6886629B582BC0
   Publisher          : Bandoo Media Inc
   Size               : 550288
   Version            : 1.3.0.0
   Detection          : Adware:Win32/BandooMedia!Ep
   Cleaning Action    : Quarantine
   Traces             :
                File - %programfiles%\jzip\jzipshell.dll
 
change.exe
   Status             : Scanned
   Object             : %programfiles%\jzip\change.exe
   MD5                : AB11A6C3702559541F7FC990027D0F11
   Publisher          : Bandoo Media Inc
   Size               : 690064
   Version            : -
   Detection          : Adware:Win32/BandooMedia!Ep
   Cleaning Action    : Quarantine
   Traces             :
                File - %programfiles%\jzip\change.exe
 
ticyver.dll
   Status             : Scanned
   Object             : %appdata%\sursenel\ticyver.dll
   MD5                : 936DF537F21E98B4E3A9EC80D8AE1A00
   Publisher          : -
   Size               : 168960
   Version            : -
   Detection          : Adware:Win64/Blackoat.A!Eclr
   Cleaning Action    : Quarantine
   Traces             :
                File - %appdata%\sursenel\ticyver.dll
                Registry - HKCU\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32\@
 
ARTP3.exe
   Status             : Scanned
   Object             : %programw6432%\adware-removal-tool\artp3.exe
   MD5                : 785CC096C1286D187B1C5C6AE95BA774
   Publisher          : Pawan Kumar
   Size               : 118440
   Version            : 3.8.0.0
   Detection          : Trojan:Win32/Quarand!Itkt
   Cleaning Action    : Quarantine
   Traces             :
                File - %programw6432%\adware-removal-tool\artp3.exe
 
SoftonicDownloader_for_virtual-clonedrive.exe
   Status             : Scanned
   Object             : %userprofile%\downloads\softonicdownloader_for_virtual-clonedrive.exe
   MD5                : 02539FE02D7AD6FB5E172CD7D859E80A
   Publisher          : Softonic International
   Size               : 367256
   Version            : 1.41.3.10
   Detection          : Adware:Win32/SoftonicBundle!Ep
   Cleaning Action    : Quarantine
   Traces             :
                File - %userprofile%\downloads\softonicdownloader_for_virtual-clonedrive.exe
 
SoftonicDownloader_for_virtual-clonedrive (1).exe
   Status             : Scanned
   Object             : %userprofile%\downloads\softonicdownloader_for_virtual-clonedrive (1).exe
   MD5                : 02539FE02D7AD6FB5E172CD7D859E80A
   Publisher          : Softonic International
   Size               : 367256
   Version            : 1.41.3.10
   Detection          : Adware:Win32/SoftonicBundle!Ep
   Cleaning Action    : Quarantine
   Traces             :
                File - %userprofile%\downloads\softonicdownloader_for_virtual-clonedrive (1).exe
 
ninja-setup-3.0.6.exe
   Status             : Scanned
   Object             : %userprofile%\downloads\ninja-setup-3.0.6.exe
   MD5                : 24FE0BB7A85A866B487D15C0EB6E3A74
   Publisher          : -
   Size               : 2507200
   Version            : 0.0.0.0
   Detection          : Adware:Win32/OpenCandy
   Cleaning Action    : Quarantine
   Traces             :
                File - %userprofile%\downloads\ninja-setup-3.0.6.exe
 
BlueMarsUserClient-0.99.0.74-setup.exe
   Status             : Failed
   Object             : %userprofile%\downloads\bluemarsuserclient-0.99.0.74-setup.exe
   MD5                : 6EC1EE871CEF41CB816B70B03718832B
   Publisher          : -
   Size               : 123392
   Version            : -
   Detection          : 
   Cleaning Action    : Quarantine
   Traces             :
                File - %userprofile%\downloads\bluemarsuserclient-0.99.0.74-setup.exe
 
ticyver.dll
   Status             : Scanned
   Object             : %appdata%\wsbngqjl\ticyver.dll
   MD5                : 936DF537F21E98B4E3A9EC80D8AE1A00
   Publisher          : -
   Size               : 168960
   Version            : -
   Detection          : Adware:Win64/Blackoat.A!Eclr
   Cleaning Action    : Quarantine
   Traces             :
                File - %appdata%\wsbngqjl\ticyver.dll
 
ticyver.dll
   Status             : Scanned
   Object             : %appdata%\zjeqjknz\ticyver.dll
   MD5                : 936DF537F21E98B4E3A9EC80D8AE1A00
   Publisher          : -
   Size               : 168960
   Version            : -
   Detection          : Adware:Win64/Blackoat.A!Eclr
   Cleaning Action    : Quarantine
   Traces             :
                File - %appdata%\zjeqjknz\ticyver.dll
 
ticyver.dll
   Status             : Scanned
   Object             : %appdata%\vmlczegc\ticyver.dll
   MD5                : 936DF537F21E98B4E3A9EC80D8AE1A00
   Publisher          : -
   Size               : 168960
   Version            : -
   Detection          : Adware:Win64/Blackoat.A!Eclr
   Cleaning Action    : Quarantine
   Traces             :
                File - %appdata%\vmlczegc\ticyver.dll
 
encecal.dll.mwt
   Status             : Scanned
   Object             : %appdata%\vmlczegc\encecal.dll.mwt
   MD5                : 78E1C1134DAFF65C33432CB711A9CD0B
   Publisher          : -
   Size               : 140800
   Version            : -
   Detection          : Adware:Win32/Vorniac.A!Aaak
   Cleaning Action    : Quarantine
   Traces             :
                File - %appdata%\vmlczegc\encecal.dll.mwt
 
ticyver.dll
   Status             : Scanned
   Object             : %appdata%\rcfkocdv\ticyver.dll
   MD5                : 936DF537F21E98B4E3A9EC80D8AE1A00
   Publisher          : -
   Size               : 168960
   Version            : -
   Detection          : Adware:Win64/Blackoat.A!Eclr
   Cleaning Action    : Quarantine
   Traces             :
                File - %appdata%\rcfkocdv\ticyver.dll
 
ticyver.dll
   Status             : Scanned
   Object             : %appdata%\njaecbfb\ticyver.dll
   MD5                : 936DF537F21E98B4E3A9EC80D8AE1A00
   Publisher          : -
   Size               : 168960
   Version            : -
   Detection          : Adware:Win64/Blackoat.A!Eclr
   Cleaning Action    : Quarantine
   Traces             :
                File - %appdata%\njaecbfb\ticyver.dll
 
ticyver.dll
   Status             : Scanned
   Object             : %appdata%\mzvftatf\ticyver.dll
   MD5                : 936DF537F21E98B4E3A9EC80D8AE1A00
   Publisher          : -
   Size               : 168960
   Version            : -
   Detection          : Adware:Win64/Blackoat.A!Eclr
   Cleaning Action    : Quarantine
   Traces             :
                File - %appdata%\mzvftatf\ticyver.dll
 
ticyver.dll
   Status             : Scanned
   Object             : %appdata%\dgzfchgx\ticyver.dll
   MD5                : 936DF537F21E98B4E3A9EC80D8AE1A00
   Publisher          : -
   Size               : 168960
   Version            : -
   Detection          : Adware:Win64/Blackoat.A!Eclr
   Cleaning Action    : Quarantine
   Traces             :
                File - %appdata%\dgzfchgx\ticyver.dll
 
 
Cleaning Result
-------------------------------------------------------
Cleaned               : 22
Reported as safe      : 0
Failed                : 0
 


#3 Robaron

Robaron
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:40 AM

Posted 23 May 2015 - 01:50 PM

Ok, the junkware removal tool was disturbing. With the other tools, I was able to install the tool and could then run it when I was done closing whichever program neccesary, but with this, it started as it was installed, which meant I had no time to close any anti-spyware, and firewall software before it was scanned. It had deleted some files that I can only hope was not neccesary for my computer.

 

Adding the JRT log file here:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.8 (05.23.2015:2)
OS: Windows 7 Home Premium x64
Ran by Aronsson on 2015-05-23 at 20:41:18,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
Successfully deleted: [Task] C:\Windows\system32\tasks\EPUpdater
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220622332211}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0063311.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0063311.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0063311.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550655335511}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660666336611}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644334411}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220622332211}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550655335511}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660666336611}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644334411}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611331111}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611331111}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0063311.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0063311.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0063311.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550655335511}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660666336611}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644334411}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550655335511}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660666336611}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644334411}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update WebSpades
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util WebSpades
 
 
 
~~~ Files
 
Failed to delete: [File] C:\Users\Aronsson\AppData\Roaming\vmlczegc\encecal.dll [Adware.AdPeak?]
Successfully deleted: [File] C:\Windows\wininit.ini
Successfully deleted: [File] C:\Users\Aronsson\AppData\Roaming\microsoft\internet explorer\quick launch\jzip.lnk
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Program Files (x86)\compuclever
Successfully deleted: [Folder] C:\Program Files (x86)\globalupdate
Successfully deleted: [Folder] C:\Program Files (x86)\minibar
Successfully deleted: [Folder] C:\Program Files (x86)\webspades
Successfully deleted: [Folder] C:\ProgramData\ask
Successfully deleted: [Folder] C:\Users\Aronsson\appdata\local\appshat mobile apps
Successfully deleted: [Folder] C:\Users\Aronsson\appdata\local\crashrpt
Successfully deleted: [Folder] C:\Users\Aronsson\appdata\local\globalupdate
Successfully deleted: [Folder] C:\Users\Aronsson\appdata\local\minibar
Successfully deleted: [Folder] C:\Users\Aronsson\appdata\local\webplayer
Successfully deleted: [Folder] C:\Users\Aronsson\appdata\locallow\delta
Successfully deleted: [Folder] C:\Users\Aronsson\appdata\locallow\minibar
Successfully deleted: [Folder] C:\Users\Aronsson\AppData\Roaming\compuclever
Successfully deleted: [Folder] C:\Users\Aronsson\AppData\Roaming\drivercure
Successfully deleted: [Folder] C:\Users\Aronsson\AppData\Roaming\systweak
Successfully deleted: [Folder] C:\Users\Aronsson\AppData\Roaming\vmlczegc [Adware.AdPeak?]
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\Aronsson\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015-05-23 at 20:43:51,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 


#4 Robaron

Robaron
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:40 AM

Posted 23 May 2015 - 01:52 PM

It also seems like the JRT wasn´t installed at all on my computer, preventing me from running it as an administrator.



#5 Robaron

Robaron
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:40 AM

Posted 23 May 2015 - 02:12 PM

Ok, I downloaded it again; this time without "open"-ing it. This time I ran it as an administrator.

 

Here's the log from JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.8 (05.23.2015:2)
OS: Windows 7 Home Premium x64
Ran by Aronsson on 2015-05-23 at 20:56:26,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015-05-23 at 20:58:35,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


#6 Robaron

Robaron
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:40 AM

Posted 23 May 2015 - 02:33 PM

The log from AdwCleaner:

 

# AdwCleaner v4.205 - Logfile created 23/05/2015 at 21:24:47
# Updated 21/05/2015 by Xplode
# Database : 2015-05-21.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Aronsson - ARONSSONBURKEN
# Running from : C:\Users\Aronsson\Downloads\adwcleaner_4.205.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jZip
Folder Deleted : C:\Program Files (x86)\jZip
Folder Deleted : C:\Users\Aronsson\AppData\Local\jZip
Folder Deleted : C:\Users\Aronsson\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Aronsson\AppData\Roaming\sursenel
Folder Deleted : C:\Users\Aronsson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
Folder Deleted : C:\Users\Gordon\AppData\Local\jZip
Folder Deleted : C:\Users\Gordon\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\Liv\AppData\Local\jZip
Folder Deleted : C:\Users\Liv\AppData\Local\Search Extensions
Folder Deleted : C:\Users\Liv\AppData\LocalLow\Delta
Folder Deleted : C:\Users\Liv\AppData\LocalLow\ilividtoolbarguid
Folder Deleted : C:\Users\Liv\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\Liv\AppData\LocalLow\Yahoo! Companion
[!] Folder Deleted : C:\Users\Aronsson\AppData\Roaming\Mozilla\Firefox\Profiles\lu7antul.default\Extensions
 
\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Folder Deleted : C:\Users\Aronsson\AppData\Roaming\Mozilla\Firefox\Profiles\lu7antul.default\Extensions\{97A78363-
 
B868-4B48-AC91-A783A31215AF}
Folder Deleted : C:\Users\Aronsson\AppData\Roaming\Mozilla\Firefox\Profiles\lu7antul.default\Extensions\{F34C9277-
 
6577-4DFF-B2D7-7D58092F272F}
File Deleted : C:\Users\Gordon\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\jZip.lnk
File Deleted : C:\Users\Liv\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\jZip.lnk
File Deleted : C:\Users\Aronsson\AppData\Roaming\Mozilla\Firefox\Profiles\lu7antul.default\user.js
File Deleted : C:\Users\Gordon\AppData\Local\Google\Chrome\User Data\Default\Local Storage
 
\hxxp_search.babylon.com_0.localstorage
File Deleted : C:\Users\Gordon\AppData\Local\Google\Chrome\User Data\Default\Local Storage
 
\hxxp_search.babylon.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
Task Deleted : BitGuard
Task Deleted : EPUpdater
Task Deleted : amiupdaterExd
Task Deleted : amiupdaterExi
Task Deleted : 83f13898-bf8e-43ba-9442-9aab3fa7b2c2
Task Deleted : ed2ec57f-ad2d-4ccb-826e-7fce23b111f1-1
Task Deleted : ed2ec57f-ad2d-4ccb-826e-7fce23b111f1-11
Task Deleted : ed2ec57f-ad2d-4ccb-826e-7fce23b111f1-2
Task Deleted : ed2ec57f-ad2d-4ccb-826e-7fce23b111f1-3
Task Deleted : ed2ec57f-ad2d-4ccb-826e-7fce23b111f1-4
Task Deleted : ed2ec57f-ad2d-4ccb-826e-7fce23b111f1-5
Task Deleted : ed2ec57f-ad2d-4ccb-826e-7fce23b111f1-5_user
Task Deleted : ed2ec57f-ad2d-4ccb-826e-7fce23b111f1-6
Task Deleted : ed2ec57f-ad2d-4ccb-826e-7fce23b111f1-7
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\jZip.file
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKCU\Software\a2d68bb36dee41
Key Deleted : HKLM\SOFTWARE\a2d68bb36dee41
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0207057-3461-4F7F-B689-D016B7A03964}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-
 
9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-
 
750DD60FFC73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-
 
F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-
 
0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-
 
3D28A3A86D8A}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A0207057-3461-4F7F-B689-D016B7A03964}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A75ACCCD-3CC9-4865-8BE3-F523FDA2164F}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\jZip
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\WebSpades
Key Deleted : HKCU\Software\sidecom
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\jZip
Key Deleted : HKLM\SOFTWARE\Minibar
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Wajam
Key Deleted : HKLM\SOFTWARE\WebSpades
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7d0ff442-6ee9-4afb-74ec-015a61fc9fd0}
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\0E12F736682067FDE4D1158D5940A82E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\6AA0923513360135B272E8289C5F13FA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\922525DCC5199162F8935747CA3D8E59
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\BCDA179D619B91648538E3394CAC94CC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components
 
\EF8E618DB3AEDFBB384561B5C548F65E
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-
 
loopback>;<local>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17801
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v43.0.2357.65
 
 
-\\ Chromium v
 
 
*************************
 
AdwCleaner[R0].txt - [287 bytes] - [19/08/2014 13:48:29]
AdwCleaner[R1].txt - [287 bytes] - [19/08/2014 13:48:53]
AdwCleaner[R2].txt - [16153 bytes] - [23/05/2015 21:20:39]
AdwCleaner[S0].txt - [15050 bytes] - [23/05/2015 21:24:47]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15110  bytes] ##########
 
 
Ok, so now I´m not sure how it looks. Am I done now, or should I continue? Btw, thanks for the great help. 

Edited by Robaron, 23 May 2015 - 02:36 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users