Koneessa yllä kuvattu ongelma ja tässä jo kahdella ohjelmalla tehty scannaus koneeseen ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.5.7 (08.18.2015:1) OS: Windows 7 Home Premium x64 Ran by edun tehdas on su 23.08.2015 at 23:32:04,23 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully deleted: [Service] {27899312-155f-40f3-8661-fb6675d82b4b}Gw64 [Reboot required] Successfully deleted: [Service] swdumon [Reboot required] ~~~ Tasks Successfully deleted: [Task] C:\Windows\system32\tasks\SlimDrivers Startup Successfully deleted: [Task] C:\Windows\Tasks\SlimDrivers Startup.job ~~~ Registry Values Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{31264A33-A653-46C4-AF49-1232C59A7DA5} Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_9B23C247D9EC0AF7306296C0D8E59AD8 Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{31264A33-A653-46C4-AF49-1232C59A7DA5} Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2993531832-2737209305-762235433-1000\Software\Microsoft\Internet Explorer\Main\\Start Page ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{31264a33-a653-46c4-af49-1232c59a7da5} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar.CT3329621 Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F82F8384-F22C-468F-A861-72CDD691A430} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3329621 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{31264a33-a653-46c4-af49-1232c59a7da5} ~~~ Files Successfully deleted: [File] C:\Windows\system32\drivers\swdumon.sys Successfully deleted: [File] C:\Windows\system32\drivers\{27899312-155f-40f3-8661-fb6675d82b4b}Gw64.sys ~~~ Folders Failed to delete: [Folder] C:\Program Files (x86)\autocompletepro Failed to delete: [Folder] C:\Program Files\fileviewpro Failed to delete: [Folder] C:\Users\edun tehdas\Appdata\Local\slimware utilities inc Successfully deleted: [Folder] C:\Program Files (x86)\tbccint Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fileviewpro Successfully deleted: [Folder] C:\ProgramData\tbccint Successfully deleted: [Folder] C:\Users\edun tehdas\Appdata\Local\fileviewpro Successfully deleted: [Folder] C:\Users\edun tehdas\Appdata\Local\tbccint Successfully deleted: [Folder] C:\Users\edun tehdas\Appdata\LocalLow\tbccint Successfully deleted: [Folder] C:\users\Public\Documents\downloaded installers ~~~ FireFox Successfully deleted: [File] C:\Users\edun tehdas\AppData\Roaming\mozilla\firefox\profiles\4drayv5x.default\user.js Successfully deleted the following from C:\Users\edun tehdas\AppData\Roaming\mozilla\firefox\profiles\4drayv5x.default\prefs.js user_pref(CT3329621.FF19Solved, true); user_pref(CT3329621.fullUserID, UN36705016741663938.IN.20140828220900); user_pref(CT3329621.searchRevert, false); user_pref(CT3329621.installerVersion, 1.8.1.4); user_pref(CT3329621.UserID, UN36705016741663938); user_pref(CT3329621.installDate, 28/08/2014 22:09:08); user_pref(CT3329621.installSessionId, 7b420aa2-a808-458b-b47f-48ac12f0f7b7); user_pref(CT3329621.installSp, false); user_pref(CT3329621.searchUninstallUserMode, 4); user_pref(CT3329621.searchUserMode, 4); user_pref(CT3329621.toolbarInstallDate, 28-08-2014 22:09:00); user_pref(CT3329621.versionFromInstaller, 10.33.0.17); user_pref(CT3329621.xpeMode, 1); user_pref(smartbar.machineId, NEHNXOTIASD7H/VIOD03B7VOAHLRQQ9ZBABMR0FK8AYSGZTLEBTVUDALNK8WTDUV5OPYB2LDAGIUW19UOFMIFQ); user_pref(CT3329621.searchProtector.notifyChanges, {\dataType\:\string\,\data\:\false\}); Emptied folder: C:\Users\edun tehdas\AppData\Roaming\mozilla\firefox\profiles\4drayv5x.default\minidumps [1 files] ~~~ Chrome Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [C:\Users\edun tehdas\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\edun tehdas\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\edun tehdas\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\edun tehdas\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [ bopakagnckmlgajfccecajhnimjiiedh, oilkkkefbalmbfppgjmgjoefbclebkce ] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on su 23.08.2015 at 23:39:25,01 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v5.003 - Logfile created 23/08/2015 at 23:44:40 # Updated 20/08/2015 by Xplode # Database : 2015-08-23.3 [Server] # Operating system : Windows 7 Home Premium Service Pack 1 (x64) # Username : edun tehdas - EDUNTEHDAS-PC # Running from : C:\Users\edun tehdas\Desktop\adwcleaner_5.003.exe # Option : Cleaning ***** [ Services ] ***** [-] Service Deleted : swdumon ***** [ Folders ] ***** [-] Folder Deleted : C:\Program Files\FileViewPro [-] Folder Deleted : C:\Program Files (x86)\AutocompletePro [-] Folder Deleted : C:\Users\edun tehdas\AppData\Local\slimware utilities inc [-] Folder Deleted : C:\Users\edun tehdas\AppData\LocalLow\BS_Player_ControlBar_B [-] Folder Deleted : C:\Users\edun tehdas\AppData\Roaming\WSE_Vosteran ***** [ Files ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\AutocompletePro.DLL [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL [-] Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO [-] Key Deleted : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1 [-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [support@predictad.com] [-] Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31264A33-A653-46C4-AF49-1232C59A7DA5} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31264A33-A653-46C4-AF49-1232C59A7DA5} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} [-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} [-] Key Deleted : HKCU\Software\Conduit [-] Key Deleted : HKCU\Software\InstallCore [-] Key Deleted : HKCU\Software\Softonic [-] Key Deleted : HKCU\Software\BS_Player_ControlBar_B [-] Key Deleted : HKCU\Software\Vosteran Browser [-] Key Deleted : HKCU\Software\Appscion [-] Key Deleted : HKCU\Software\SlimWare Utilities Inc [-] Key Deleted : HKCU\Software\AppDataLow\Toolbar [-] Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint [-] Key Deleted : HKCU\Software\AppDataLow\Software\TbccintSearchScopes [-] Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B [-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainerV2 [-] Key Deleted : HKLM\SOFTWARE\Conduit [-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1 [!] Key Not Deleted : [x64] HKCU\Software\Conduit [!] Key Not Deleted : [x64] HKCU\Software\InstallCore [!] Key Not Deleted : [x64] HKCU\Software\Softonic [!] Key Not Deleted : [x64] HKCU\Software\BS_Player_ControlBar_B [!] Key Not Deleted : [x64] HKCU\Software\Vosteran Browser [!] Key Not Deleted : [x64] HKCU\Software\Appscion [!] Key Not Deleted : [x64] HKCU\Software\SlimWare Utilities Inc [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileViewPro_is1 ***** [ Web browsers ] ***** [-] [C:\Users\edun tehdas\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : vosteran.com [-] [C:\Users\edun tehdas\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : recordpad.en.softonic.com [-] [C:\Users\edun tehdas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : [-] [C:\Users\edun tehdas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://Vosteran.com/?f=7&a=vst_ir_14_52_ie&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyD0A0D0AyD0C0A0A0DtAtAtN0D0Tzu0StCtDzzyBtN1L2XzutAtFyCtFtCyDtFtAtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEzz0A0A0B0BtDtAtG0D0F0C0FtGzyzyyD0EtGtDyDyDyEtGyEyC0Bzz0E0AyEzy0CtCyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0CtCzytD0DzytG0A0A0B0CtGyEyEzy0CtG0Azz0F0CtGtB0FtB0CyByEyCyByD0D0E0A2Q&cr=255358836&ir= ************************* :: Proxy settings cleared :: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6959 bytes] ##########
tässä vielä Eset logi ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=22c8f349e010454a8746b452a605500f # end=init # utc_time=2015-08-23 09:38:17 # local_time=2015-08-24 12:38:17 (+0200, Suomen kesäaika) # country="Finland" # osver=6.1.7601 NT Service Pack 1 Update Init Update Download Update Finalize Updated modules version: 25412 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=22c8f349e010454a8746b452a605500f # end=updated # utc_time=2015-08-23 09:43:49 # local_time=2015-08-24 12:43:49 (+0200, Suomen kesäaika) # country="Finland" # osver=6.1.7601 NT Service Pack 1 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=22c8f349e010454a8746b452a605500f # engine=25412 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-08-23 11:00:47 # local_time=2015-08-24 02:00:47 (+0200, Suomen kesäaika) # country="Finland" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='Microsoft Security Essentials' # compatibility_mode=5895 16777213 100 100 2812876 63358441 0 0 # scanned=152018 # found=23 # cleaned=23 # scan_time=4617 sh=1F55D8E2F8FC4E59BD273385B36F587A6339D154 ft=1 fh=cff91789842d382b vn="a variant of Win64/Toolbar.Conduit.B potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\edun tehdas\AppData\LocalLow\BS_Player_ControlBar_B\hk64tbBS_0.dll.vir" sh=F96DA94717A42485BFA09554472D1669B972A051 ft=1 fh=16edae702d5a3472 vn="a variant of Win64/Toolbar.Conduit.B potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\edun tehdas\AppData\LocalLow\BS_Player_ControlBar_B\hk64tbBS_P.dll.vir" sh=580C2639CC01D65EB0FCEB9DD82C837172F1685A ft=1 fh=1952ebb7aff3fa0f vn="a variant of Win32/Toolbar.Conduit.X potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\edun tehdas\AppData\LocalLow\BS_Player_ControlBar_B\hktbBS_0.dll.vir" sh=BFFE5205E1E634259011D14420D2A522291DF4EE ft=1 fh=d361417ca891f53c vn="a variant of Win32/Toolbar.Conduit.X potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\edun tehdas\AppData\LocalLow\BS_Player_ControlBar_B\hktbBS_P.dll.vir" sh=EBAFB2A15CAC7320C18180C08C710DDF26D2377D ft=1 fh=719e845c1b9128d3 vn="a variant of Win32/ClientConnect.A potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\edun tehdas\AppData\LocalLow\BS_Player_ControlBar_B\ldrtbBS_0.dll.vir" sh=C2A322173BFE435CA8D1E821F5A0DCB97A5C7F2D ft=1 fh=a133df1df4cb7951 vn="a variant of Win32/ClientConnect.A potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\edun tehdas\AppData\LocalLow\BS_Player_ControlBar_B\ldrtbBS_P.dll.vir" sh=AA02280C86FEA8E28A4DFF9716B10A8A78000A4B ft=1 fh=4057356bf50aa26b vn="a variant of Win32/ClientConnect.A potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\edun tehdas\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll.vir" sh=97D24FECAD3F726C56C0303CC66B4576877E9868 ft=1 fh=f7ae4dc8920ef0d0 vn="a variant of Win32/ClientConnect.A potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\edun tehdas\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_P.dll.vir" sh=7BBC831D6FFD6C5E502F77E8F9CEA30E3591B4D5 ft=1 fh=115fba91741456d3 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\edun tehdas\AppData\LocalLow\BS_Player_ControlBar_B\tbBS_0.dll.vir" sh=A7EBFC93E91E27D27C26D1E9483909E41F3A32FC ft=1 fh=ea857f061ec5d00e vn="a variant of Win32/Toolbar.Conduit.Y potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\edun tehdas\AppData\LocalLow\BS_Player_ControlBar_B\tbBS_1.dll.vir" sh=F2D0E0D3645DDD751F293C391C560C4142FCD1D3 ft=1 fh=2fcbc68ed4edd523 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\edun tehdas\AppData\LocalLow\BS_Player_ControlBar_B\tbBS_P.dll.vir" sh=5B58B6F92DED2D6F8AD2FE3FF1DF97BC9A807447 ft=1 fh=ac64c53df19989ca vn="a variant of Win32/Complitly.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Free MP3 Ringtone Maker\AutoCompletePro.exe" sh=108A500E4A188882CBA720723607F417A6501924 ft=1 fh=5c9da47200740b7c vn="a variant of Win32/Conduit.SearchProtect.N potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\edun tehdas\AppData\Roaming\Mozilla\Firefox\Profiles\4drayv5x.default\extensions\{31264a33-a653-46c4-af49-1232c59a7da5}\ctypes\FirefoxCtype.dll" sh=C015E890715621E6FF97D3BF893BC75E8E27DE77 ft=1 fh=3ad6b33bccff1099 vn="a variant of Win32/Conduit.SearchProtect.N potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\edun tehdas\AppData\Roaming\Mozilla\Firefox\Profiles\4drayv5x.default\extensions\{31264a33-a653-46c4-af49-1232c59a7da5}\Plugins\npFirefoxPlugin.dll" sh=B51714E06801AF7F538B5046DC046652B2C914D9 ft=1 fh=fe8b613ff32c279e vn="Win32/Toolbar.Conduit.M potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\edun tehdas\Downloads\bsplayer266.1075.exe" sh=1E8D6D4D150418D7488F10727D1A501C92AB2BC7 ft=1 fh=d0d96b6fc37e5b37 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\edun tehdas\Downloads\ringtone_maker_setup10.exe" sh=B0AEDE1B9E50A5EEF61279895C5DE004859FEA06 ft=1 fh=0296d334baa238d6 vn="a variant of Win32/GetNow.I potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\edun tehdas\Downloads\SAMSUNG UE40F6400 user guide provided through pdfretriever.com.exe" sh=1CA92C4EA18B2DE382FC69916810CB1A57DD294A ft=1 fh=5389521047dcbfc0 vn="Win32/Solvusoft.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\edun tehdas\Downloads\Setup_FileViewPro_[2015].exe" sh=445142800155D77C8B7F56F05C6A5D266CC67898 ft=1 fh=0b940dc33d5fc122 vn="a variant of Win32/SoftonicDownloader.G potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\edun tehdas\Downloads\SoftonicDownloader_for_bs-player(1).exe" sh=445142800155D77C8B7F56F05C6A5D266CC67898 ft=1 fh=0b940dc33d5fc122 vn="a variant of Win32/SoftonicDownloader.G potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\edun tehdas\Downloads\SoftonicDownloader_for_bs-player.exe" sh=F6DED2A3ECC9E7BA1E770D42E5CED60EE1B1816B ft=1 fh=6288a12efe159bd1 vn="a variant of Win32/InstallCore.TS potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\edun tehdas\Downloads\wmvtomp4_setup(1).exe" sh=E66AD63A8056DF11FB7239F35193F7D7B5A09D0F ft=1 fh=1c70ea29221f42ca vn="a variant of Win32/SoftPulse.S potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Lapset\Downloads\Setup v2 1 (1).exe" sh=5B4FF5E154EBC9444AF2FDEB0A7DC39464BC7B50 ft=1 fh=ca02b90b221f42ca vn="a variant of Win32/SoftPulse.S potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Lapset\Downloads\Setup v2 1.exe"
Onko noi poistot vaikuttanut koneen toimintaan mitenkään? Aja vielä kertaalleen Adwcleaner se ei näköjään ollut poistanut kaikkea katsotaan josko se toisella kertaa.
Edelleen kone jumittaa ja on todella hidas. tässä uusi logi # AdwCleaner v5.003 - Logfile created 24/08/2015 at 21:51:59 # Updated 20/08/2015 by Xplode # Database : 2015-08-23.3 [Server] # Operating system : Windows 7 Home Premium Service Pack 1 (x64) # Username : edun tehdas - EDUNTEHDAS-PC # Running from : C:\Users\edun tehdas\Desktop\adwcleaner_5.003.exe # Option : Cleaning ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** [-] [C:\Users\edun tehdas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : [-] [C:\Users\edun tehdas\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://Vosteran.com/?f=7&a=vst_ir_14_52_ie&cd=2XzuyEtN2Y1L1QzuzytDyE0C0EyD0A0D0AyD0C0A0A0DtAtAtN0D0Tzu0StCtDzzyBtN1L2XzutAtFyCtFtCyDtFtAtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEzz0A0A0B0BtDtAtG0D0F0C0FtGzyzyyD0EtGtDyDyDyEtGyEyC0Bzz0E0AyEzy0CtCyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0CtCzytD0DzytG0A0A0B0CtGyEyEzy0CtG0Azz0F0CtGtB0FtB0CyByEyCyByD0D0E0A2Q&cr=255358836&ir= ************************* :: Proxy settings cleared :: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1237 bytes] ##########
Lataa tfccleaner työpöydälle alla olevasta linkistä. http://www.bleepingcompu/ter.com/download/tfc Aukaise TFC ja klikkaa start, tästä ei tule lokia. Lataa Malwarebytes allaolevasta linkistä. https://www.malwarebytes.org/mwb-download/ Asennuksen lopussa ota valinta pois ruudusta, Aloita kokeilujakso Malwarebytes Anti-Malware pro. Aukaise Malwarebytes anna sen päivittää itsensä Klikkaa Scan now Kun tarkistus on ohi Klikkaa Historia - Ohjelmistoloki - Klikkaa Tarkistuslokia - Vie - Tekstitiedosto ja tallenna se vaikka työpöydälle ja liitä tänne. Lataa crystaldiskinfo työpöydälle. http://crystalmark.info/download/index-e.html Huom: asennettava versio yrittää tyrkyttää ylimääräisiä ohjelmia, tarkkana siis, portable version mukana ei tule mitään ylimääräistä. Aukaise crystaldiskinfo, ota siitä kuvankaappaus ja pistä tänne.