Säkerhet

Nytt virusprogram

Mon, 13 Feb 2012 23:13:12 +0000

Hej

Kom på att jag inte hade nått antivirus program i laptopen. Finns de några bra för en vanlig hemanvändare som kanske är gratis?

Vänligen
...RLR

Vill få DDS loggen kollad

Sat, 11 Feb 2012 19:23:12 +0000

Hej!

Jag skulle villa ha loggen kollad.

DDS (Ver_10-12-12.02) - NTFSx86
Run by Andreas Janson at 19:58:42,05 on 2012-02-11
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.1271.541 [GMT 1:00]

AV: Panda Cloud Antivirus *Enabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
FW: Online Armor Firewall *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program\Tall Emu\Online Armor\OAcat.exe
C:\Program\Tall Emu\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program\SUPERAntiSpyware\SASCORE.EXE
C:\Program\Java\jre6\bin\jqs.exe
C:\Program\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Program\NDAS\System\ndassvc.exe
C:\Program\Secunia\PSI\PSIA.exe
C:\Program\SQUEEZ~2\server\Bin\MSWIN3~1\mysqld.exe
C:\Program\Secunia\PSI\sua.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program\Tall Emu\Online Armor\OAui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program\Delade filer\Java\Java Update\jusched.exe
C:\Program\Tall Emu\Online Armor\OAhlp.exe
C:\Program\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Windows Live\Messenger\msnmsgr.exe
C:\Program\Secunia\PSI\psi_tray.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Program\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Andreas Janson\Skrivbord\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.bredbandskollen.se/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program\winamp toolbar\winamptb.dll
BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program\winamp toolbar\winamptb.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\program\windows live\messenger\msnmsgr.exe" /background
uRun: [SUPERAntiSpyware] c:\program\superantispyware\SUPERAntiSpyware.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [@OnlineArmor GUI] "c:\program\tall emu\online armor\OAui.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [KONICA MINOLTA magicolor 2400W STD] c:\windows\system32\MSTMON_S.EXE STARTUP
mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program\delade filer\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime
mRun: [APSDaemon] "c:\program\delade filer\apple\apple application support\APSDaemon.exe"
mRun: [PSUNMain] "c:\program\panda security\panda cloud antivirus\PSUNMain.exe" /Traybar
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\secuni~1.lnk - c:\program\secunia\psi\psi_tray.exe
IE: &Winamp Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe
LSP: c:\program\netlimiter\nl_lsp.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1273668429105
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: !SASWinLogon - c:\program\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxsrvc.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: OA Shell Helper: {4f07da45-8170-4859-9b5f-037ef2970034} - c:\program\tallem~1\online~1\oaevent.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\andrea~1\applic~1\mozilla\firefox\profiles\diu8etui.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.tradera.com/-4-x-1-digiality-diseqc-switch--auktion_302323_148089808|http://www.tradera.com/silvercrest-sl-80-digital-harddisk-satellit-mottagare-auktion_302318_148427146|http://www.tradera.com/usb-tv-mottagare--auktion_170903_148809270|http://www.tradera.com/internetradio-natverksspelare-pinnacle-soundbridge-m400-auktion_170611_148006247|http://www.tradera.com/popcorn-hour-a-110-tradlost-natverk-sata-320gb-hd-hdmi-auktion_170205_148647943|http://www.tradera.com/popcorn-hour-a-110-43-1000-gb-hd-auktion_170205_148670509|http://www.tradera.com/hd-mediaspelare-boxee-med-hdmi-tradlost-natverk-auktion_302385_148508647|http://www.tradera.com/pinnacle-soundbridge-homemusic-internetradio-natverksspelare-auktion_170611_148900652
FF - prefs.js: keyword.URL - hxxp://se.search.yahoo.com/search?ei=utf-8&fr=panda&type=PCAFSI1190&p=
FF - plugin: c:\program\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program\personal\bin\np_prsnl.dll

============= SERVICES / DRIVERS ===============

R0 lfsfilt;Lean File Sharing;c:\windows\system32\drivers\lfsfilt.sys [2010-9-4 254440]
R0 lpx;LPX Protocol;c:\windows\system32\drivers\lpx.sys [2007-6-29 62056]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2011-12-26 28552]
R1 ndasfat;NDAS FAT;c:\windows\system32\drivers\ndasfat.sys [2010-9-4 372584]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2010-5-17 205864]
R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2011-4-27 40296]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2010-5-17 25192]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2010-5-17 29464]
R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [2011-4-28 129992]
R1 SASDIFSV;SASDIFSV;c:\program\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program\superantispyware\SASKUTIL.SYS [2010-5-6 67664]
R2 !SASCORE;SAS Core Service;c:\program\superantispyware\SASCORE.EXE [2010-7-5 116608]
R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program\panda security\panda cloud antivirus\PSANHost.exe [2011-4-28 140608]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [2011-8-1 143752]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [2011-4-28 97096]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [2011-4-28 111688]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [2011-4-28 112456]
R3 ndasbus;NDAS Bus Driver;c:\windows\system32\drivers\ndasbus.sys [2007-6-29 75880]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S0 aessqgy;aessqgy;c:\windows\system32\drivers\pjcwqtqc.sys --> c:\windows\system32\drivers\pjcwqtqc.sys [?]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2011-4-27 103168]
S3 ndasscsi;NDAS SCSI Miniport Driver;c:\windows\system32\drivers\ndasscsi.sys [2007-6-29 187368]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-8-2 32512]
S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\drivers\nordecr.sys [2007-10-30 23040]
S3 VAC;S5L840F USB Device;c:\windows\system32\drivers\S5L840F.sys [2010-6-8 94829]

=============== Created Last 30 ================

==================== Find3M ====================

2011-11-25 21:57:54 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 22:01:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 14:40:46 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12:55 60928 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:22:17 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-16 14:22:17 152064 ----a-w- c:\windows\system32\schannel.dll

============= FINISH: 20:11:27,03 ===============

Bifogade filer

Attach.txt (13,31Kb)
Antal nedladdningar: 4

Fundering över säkerhet i Windows Live Mail

Wed, 08 Feb 2012 10:46:52 +0000

Hej

I tidigare versioner av mail som Outlook Express så klickade man bort Förhandsgranska för att förhindra att elakheter skulle kunna smitta ned datorn.

Har inte hittat att man kan klicka bort Förhandsgranska i Windows Live Mail utan där ser man alla nya mail. Funderar över om detta kan innebära en säkerhetsrisk eller har man tagit bort denna risk i Live Mail?

Någon som vet?

/Olle

Virus vid namn internet security

Tue, 07 Feb 2012 08:27:53 +0000

Hej
Igår fick jag ett virus som heter internet security som gav väldigt mycket problem. Jag kunde inte starta upp någonting men jag kunde gå in i msconfig-autostart och där fanns internet security som jag bockade av och då kunde jag starta om datorn och få igång malware. Jag körde en snabbskanning och hittade ett par skadliga program bland annat internet security och alla dessa togs bort, men jag vet inte om jag fått bort hela viruset för när jag gick in i msconfig-autostart igen så finns internet security fortfarande där. Det är dock avbockat. Jag kunde se var filen isecurity.exe låg...C:\users\patrik\appdata\roaming\isecurity.exe men där finns ingenting. Jag kommer till roaming men hittar inte isecurity.exe filen.
Är det för att filen fortfarande ligger där gömd eller har jag fått bort allt?

Drabbad av Trojan.Generic och Tracur.X på datorn

Mon, 06 Feb 2012 22:27:22 +0000

Hej,

för några dagar sedan så spammade jag hela mitt LinkedIn nätverk via min hotmailkonto. Jag vet inte varför det skedde (var i skidbacken när hela processen satte igång.

Nu när jag kommit hem från fjällen valde jag att köra diverse antivirus och maleware- program, bland annat CCleaner, Malewarebytes Anti-Malware och SpyHunter.

Malewarebytes upptäckte en trojan som jag valde att läsa om och enligt den sidan rekommenderades en sökning med Spyhunter.

Vid körning med Spyhunter dyker diverse trojaner upp:

- Trojan.Generic (jestertb.dll)
- Trojan.Downloader.Tracur.X (iExplorer.exe)
- UnknownRootkit (HDAShCut.exe)
- Atlas DMT (4st bl.a. ANON.9VMNIKLO.txt)

För att ta bort dessa behöver jag "nu" köpa Spyhunter. Vill inte lägga ut pengar på detta då jag inte är säker på att detta verkligen löser mitt problem?!?!?

Kan någon av dessa "stulit med" lösen till hotmail och sedan genererat alla mail? Behöver jag efter rensning se till att uppdatera lösenord på diverse sajter eller redan nu påbörja denna uppdatering av lösenord via annan dator?

Bfogar nedan DSS

Bifogade filer

attach.zip (4,53Kb)
Antal nedladdningar: 2

Gratis antivirusprogram

Sat, 04 Feb 2012 11:31:25 +0000

Hej!

Jag letar efter ett gratis antivirusprogram som är bra.
Har ni några tips?

Nortonvarningar

Fri, 03 Feb 2012 11:45:05 +0000

Hej, tur att den här sidan finns. Här får man vid behov bra hjälp samtidigt som man annars lär av andras undringar och problem. Nu har jag en konkret undring. Jag har Win7, Explorer 9, Norton 360.

Igår fick jag en meddelande om att Norton blockerat någonting med Exploit Website 9 (IP-nummer Moskva). Ingen åtgärd behövdes från min sida. Idag fick jag ett meddelande om att Norton blockerat någonting med Mass Injection Website (IP-nummer Jämtland). Inte nu heller behövdes åtgärd från min sida.

Misstänksam som jag är ibland, så har jag ändå kört full Nortonsökning (=Ok), sökning med Malwarebytes (gratisversion, =Ok), Norton Power Eraser (=Ok, förutom ett frågetecken för en genväg till Photoshop) samt DDS. Resultaten från DDS bifogas här.

Vad är det frågan om? Vad säger DDS-resultatet? Bör jag kunna sitta lugnt nu vid min dator?

/Ulf

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Ulf at 12:15:45 on 2012-02-03
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.6071.4644 [GMT 1:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SysWOW64\AsHookDevice.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\LTONHIS\Touch Manager\SKDaemon.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://svd.se/
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Trusted Zone: skatteverket.se
Trusted Zone: transportstyrelsen.se
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 81.26.228.3 81.26.227.3
TCP: Interfaces\{855FC6ED-6AD4-47DC-83EE-94A2DCB530EE} : DhcpNameServer = 81.26.228.3 81.26.227.3
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{3049C3E9-B461-4BC5-8870-4C09146192CA}
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
{6D53EC84-6AAE-4787-AEEE-F4628F01010C}
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 SMR250;Symantec SMR Utility Service 2.5.0;C:\Windows\system32\drivers\SMR250.SYS --> C:\Windows\system32\drivers\SMR250.SYS [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120121.002\BHDrvx64.sys [2012-1-24 1157240]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120202.002\IDSviA64.sys [2012-2-3 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 Device Handle Service;Device Handle Service;C:\Windows\SysWOW64\AsHookDevice.exe [2010-8-28 203392]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-10-6 130008]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-7-24 2253120]
R2 OMSI download service;Sony Ericsson OMSI download service;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2011-6-4 90112]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-28 2314240]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-9 138360]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-19 136176]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\system32\DRIVERS\ggflt.sys --> C:\Windows\system32\DRIVERS\ggflt.sys [?]
S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-19 136176]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);C:\Windows\system32\DRIVERS\s1039bus.sys --> C:\Windows\system32\DRIVERS\s1039bus.sys [?]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s1039mdfl.sys --> C:\Windows\system32\DRIVERS\s1039mdfl.sys [?]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s1039mdm.sys --> C:\Windows\system32\DRIVERS\s1039mdm.sys [?]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s1039mgmt.sys --> C:\Windows\system32\DRIVERS\s1039mgmt.sys [?]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);C:\Windows\system32\DRIVERS\s1039nd5.sys --> C:\Windows\system32\DRIVERS\s1039nd5.sys [?]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s1039obex.sys --> C:\Windows\system32\DRIVERS\s1039obex.sys [?]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);C:\Windows\system32\DRIVERS\s1039unic.sys --> C:\Windows\system32\DRIVERS\s1039unic.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-02-03 10:57:02 96376 ----a-w- C:\Windows\System32\drivers\SMR250.SYS
2012-02-03 08:46:48 -------- d-----w- C:\Users\Ulf\AppData\Local\NPE
2012-01-31 08:01:18 912504 ----a-r- C:\Windows\System32\drivers\N360x64\0502000.00D\symefa64.sys
2012-01-31 08:01:18 744568 ----a-r- C:\Windows\System32\drivers\N360x64\0502000.00D\srtsp64.sys
2012-01-31 08:01:18 450680 ----a-r- C:\Windows\System32\drivers\N360x64\0502000.00D\symds64.sys
2012-01-31 08:01:18 40568 ----a-r- C:\Windows\System32\drivers\N360x64\0502000.00D\srtspx64.sys
2012-01-31 08:01:18 386168 ----a-w- C:\Windows\System32\drivers\N360x64\0502000.00D\symnets.sys
2012-01-31 08:01:18 171128 ----a-r- C:\Windows\System32\drivers\N360x64\0502000.00D\ironx64.sys
2012-01-31 08:01:11 -------- d-----w- C:\Windows\System32\drivers\N360x64\0502000.00D
2012-01-30 19:42:44 -------- d-----w- C:\Users\Ulf\AppData\Local\{114036CE-A0BC-4C6D-8EED-2EEDB072E806}
2012-01-16 11:12:31 230352 ----a-w- C:\Windows\System32\drivers\truecrypt.sys
2012-01-11 07:42:43 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-11 07:42:43 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-11 07:42:43 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-11 07:42:42 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-11 07:42:42 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-11 07:42:42 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-11 07:42:41 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-11 07:42:41 67072 ----a-w- C:\Windows\SysWow64\packager.dll
.
==================== Find3M ====================
.
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-23 14:55:18 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-20 07:54:43 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-11-20 07:54:43 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2011-11-10 04:54:13 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 12:16:29,59 ===============
Attach.txt (6,86Kb)
Antal nedladdningar: 1

'win32/win maximizer irriterar

Thu, 02 Feb 2012 16:03:50 +0000

Sedan två dar påpekar påpekar Security Essentials att man identifierat ett potentiellt hot, som då heter win32win maximizer. Jag har rensat åtskilliga gånger och startat om datorn efter varje rensning men problemet kvarstår.
Jag har nyss uppdaterat Security Essentials, Windows Vista.
Vad kan man göra???

Surun, erfarenheter?

Thu, 26 Jan 2012 08:48:01 +0000

Surun, finns det någon här som har erfarenheter?

http://translate.google.com/translate?u=http%3A%2F%2Fkay-bruns.de%2Fwp%2Fsoftware%2Fsurun%2F&langpair=de|en&hl=de&safe=active&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools

En tråkig historia

Tue, 24 Jan 2012 21:28:18 +0000

En tråkig historia: http://www.h-online....ny-1420620.html

Hjälp med "rensning"...

Mon, 23 Jan 2012 14:16:51 +0000

Hej,

Här kommer lite loggar som jag undrar om de ser "farliga" ut och vad jag bör göra.

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Databasversion: v2012.01.23.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Tomas Stenlund :: TOMAS [administratör]

2012-01-23 12:34:14
mbam-log-2012-01-23 (14-17-32).txt

Skanningstyp: Snabbskanning
Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM
Inaktiverade skanningsalternativ: P2P
Antal skannade objekt: 191067
Förfluten tid: 6 minut(er), 9 sekund(er)

Upptäckta minnesprocesser: 1
C:\Documents and Settings\Tomas Stenlund\xxlmi91t9w.exe (Trojan.Scar) -> 3216 -> Ingen åtgärd.

Upptäckta minnesmoduler: 0
(Inga skadliga poster hittades)

Upptäckta registernycklar: 0
(Inga skadliga poster hittades)

Upptäckta registervärden: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|xxlmi91t9w (Trojan.Scar) -> Data: C:\Documents and Settings\Tomas Stenlund\xxlmi91t9w.exe -> Ingen åtgärd.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|{95678ACD-AB74-7538-BA75-440222005237} (Trojan.Ransom.BP) -> Data: "C:\Documents and Settings\Tomas Stenlund\Application Data\Exyte\kooglo.exe" -> Ingen åtgärd.

Upptäckta registerdataposter: 0
(Inga skadliga poster hittades)

Upptäckta mappar: 0
(Inga skadliga poster hittades)

Upptäckta filer: 2
C:\Documents and Settings\Tomas Stenlund\xxlmi91t9w.exe (Trojan.Scar) -> Ingen åtgärd.
C:\Documents and Settings\Tomas Stenlund\Application Data\Exyte\kooglo.exe (Trojan.Ransom.BP) -> Ingen åtgärd.

(klar)

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13
Run by Tomas Stenlund at 15:01:14 on 2012-01-23
Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.2047.1424 [GMT 1:00]
.
AV: Norman Security Suite *Enabled/Updated* {EB9EFB40-AE72-4C43-B204-0FCD0E92D5F1}
FW: Norman Security Suite *Enabled*
.
============== Running Processes ===============
.
C:\Program\Norman\Npm\Bin\elogsvc.exe
C:\Program\Norman\Ngs\Bin\Nnf.exe
C:\Program\Norman\Ngs\Bin\Nprosec.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program\Norman\Npm\Bin\Zanda.exe
C:\Program\Norman\npm\bin\nvoy.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program\Norman\npf\bin\npfsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program\Dassault Systemes\B20\intel_a\code\bin\CATSysDemon.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program\Analog Devices\SoundMAX\Smax4.exe
C:\Program\Logitech\MediaLife\MediaLifeService.exe
C:\Program\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program\Java\jre1.6.0_07\bin\jusched.exe
C:\Program\TOPRO\TPPOLL.EXE
C:\Program\Delade filer\Pure Networks Shared\Platform\nmctxth.exe
C:\Program\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
C:\Program\Norman\Npm\Bin\ZLH.EXE
C:\Program\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program\Windows Media Player\WMPNSCFG.exe
C:\Program\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program\Logitech\SetPoint\SetPoint.exe
C:\Program\Personal\bin\Personal.exe
C:\Program\Delade filer\Logitech\KHAL\KHALMNPR.EXE
C:\Program\Norman\npf\bin\npfuser.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program\Norman\Npm\Bin\scheduler.exe
C:\Program\Norman\Npm\Bin\Njeeves.exe
C:\Program\Norman\Nse\Bin\NSESVC.EXE
C:\Program\Norman\Nvc\Bin\nvcoas.exe
C:\Program\Norman\Nvc\Bin\Nip.exe
C:\Program\Norman\Nvc\Bin\cclaw.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.leta.se/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=54ee21620000000000000013d33c9162&tlver=1.4.19.19&affID=17160
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program\java\jre1.6.0_07\bin\ssv.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [LDM] c:\program\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
uRun: [Google Update] "c:\documents and settings\tomas stenlund\lokala inställningar\application data\google\update\GoogleUpdate.exe" /c
uRun: [Startw3i] c:\program\pc speed maximizer\Startw3i.exe
uRun: [WMPNSCFG] c:\program\windows media player\WMPNSCFG.exe
uRun: [1k0qd29gzp] c:\documents and settings\tomas stenlund\1k0qd29gzp.exe
uRun: [xxlmi91t9w] c:\documents and settings\tomas stenlund\xxlmi91t9w.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SoundMAXPnP] c:\program\analog devices\soundmax\SMax4PNP.exe
mRun: [SoundMAX] "c:\program\analog devices\soundmax\Smax4.exe" /tray
mRun: [KAZAA] "c:\program\kazaa lite k++\kpp.exe" "c:\program\kazaa lite k++\KazaaLite.kpp" /SYSTRAY
mRun: [MediaLifeService] "c:\program\logitech\medialife\MediaLifeService.exe"
mRun: [MMTray] "c:\program\musicmatch\musicmatch jukebox\mm_tray.exe"
mRun: [mmtask] "c:\program\musicmatch\musicmatch jukebox\mmtask.exe"
mRun: [SunJavaUpdateSched] "c:\program\java\jre1.6.0_07\bin\jusched.exe"
mRun: [TPPOLL] c:\program\topro\TPPOLL.EXE
mRun: [nmctxth] "c:\program\delade filer\pure networks shared\platform\nmctxth.exe"
mRun: [Linksys Wireless Manager] "c:\program\linksys\linksys wireless manager\LinksysWirelessManager.exe" /cm /min /lcid 1053
mRun: [Norman ZANDA] "c:\program\norman\npm\bin\ZLH.EXE" /LOAD /SPLASH
mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime
mRun: [AppleSyncNotifier] c:\program\delade filer\apple\mobile device support\AppleSyncNotifier.exe
mRun: [iTunesHelper] "c:\program\itunes\iTunesHelper.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\tomass~1\start-~1\program\autost~1\allian~1.lnk - \\bokföring\c\allians\allians\data\AlliansPathfinder.exe
StartupFolder: c:\docume~1\tomass~1\start-~1\program\autost~1\flipto~1.lnk - c:\program\fliptoast\fliptoast.exe
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\acroba~1.lnk - c:\program\adobe\acrobat 5.0\distillr\AcroTray.exe
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\adobeg~1.lnk - c:\program\delade filer\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\logite~2.lnk - c:\program\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\logite~1.lnk - c:\program\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\micros~1.lnk - c:\program\microsoft office\office10\OSA.EXE
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\personal.lnk - c:\program\personal\bin\Personal.exe
IE: E&xportera till Microsoft Excel - c:\program\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program\java\jre1.6.0_07\bin\ssv.dll
LSP: c:\program\norman\ngs\bin\nlf.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/SE/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1127129685578
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{188CA1A0-EAC7-42AE-B1A6-AC3854AE4924} : DhcpNameServer = 192.168.2.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program\delade filer\microsoft shared\web folders\PKMCDO.DLL
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program\delade filer\pure networks shared\platform\puresp4.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R1 NGS;Norman General Security Driver;c:\program\norman\ngs\bin\ngs.sys [2010-9-23 26744]
R1 NPROSEC;Norman Security driver;c:\program\norman\ngs\bin\nprosec.sys [2010-9-23 74144]
R1 tdi_nf;Norman Network Filter TDIL driver;c:\windows\system32\drivers\tdi_nf.sys [2010-9-23 378000]
R2 BBDemon;Backbone Service;c:\program\dassault systemes\b20\intel_a\code\bin\CATSysDemon.exe [2010-1-9 36864]
R2 Ndiskio;Ndiskio;c:\program\norman\nse\bin\Ndiskio.sys [2010-9-23 22880]
R2 NNFSVC;Norman Network Filtering service;c:\program\norman\ngs\bin\nnf.exe [2010-9-23 223000]
R2 Norman ZANDA;Norman ZANDA;c:\program\norman\npm\bin\Zanda.exe [2010-5-18 428912]
R2 NPFSvc32;Norman Personal Firewall Service;c:\program\norman\npf\bin\npfsvc32.exe [2010-9-23 290472]
R2 NPROSECSVC;Norman Security service;c:\program\norman\ngs\bin\nprosec.exe [2010-9-23 90144]
R2 nregsec;Norman Registry Security driver;c:\program\norman\ngs\bin\nregsec.sys [2010-9-23 40384]
R2 NVOY;Norman Resource Provider;c:\program\norman\npm\bin\nvoy.exe [2010-9-23 100336]
R3 nnetsec;Norman Network Security service;c:\windows\system32\drivers\nnetsec.sys [2010-9-23 48272]
R3 NNetSecC;Norman Network Filter NDIS common driver;c:\program\norman\ngs\bin\nnetsecc.sys [2010-8-18 23040]
R3 nsesvc;Norman Scanner Engine Service;c:\program\norman\nse\bin\Nsesvc.exe [2010-9-23 288072]
R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [2010-9-23 24176]
R3 nvcoas;Norman Virus Control on-access component;c:\program\norman\nvc\bin\Nvcoas.exe [2010-9-23 198168]
R3 Scheduler;Norman Scheduler Service;c:\program\norman\npm\bin\scheduler.exe [2010-9-23 99312]
S3 DCamUSBIntel;Digi-Microscope;c:\windows\system32\drivers\TP6800.SYS [2010-7-7 210924]
S3 LUMDriver;LUMDriver;c:\windows\system32\drivers\LUMDriver.sys [2007-4-24 16688]
S3 rt2870;Linksys 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2010-9-2 644096]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\drivers\nordecr.sys [2010-5-3 23040]
.
=============== Created Last 30 ================
.
2023-04-03 13:06:00 135168 ----a-w- c:\windows\system32\vbSendMail.dll
2012-01-23 14:01:14 -------- d--h--w- c:\documents and settings\tomas stenlund\Skrivare
2012-01-23 14:01:14 -------- d-----w- c:\documents and settings\all users\Favoriter
2012-01-16 08:31:48 -------- d-----w- C:\dd65e93db154262c1fe7bb27ba98
2012-01-05 16:34:47 -------- d-----w- c:\documents and settings\tomas stenlund\application data\Tuidgob
2012-01-05 16:34:47 -------- d-----w- c:\documents and settings\tomas stenlund\application data\Exyte
2012-01-04 16:45:07 -------- d-----w- c:\windows\system32\20-20 Technologies
2012-01-03 07:22:02 103864 ----a-w- c:\program\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2011-12-10 14:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-25 21:57:54 293376 ----a-w- c:\windows\system32\SET20A.tmp
2011-11-23 14:40:46 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12:55 60928 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:22:17 354816 ----a-w- c:\windows\system32\SET204.tmp
2011-11-16 14:22:17 152064 ----a-w- c:\windows\system32\SET203.tmp
2011-11-11 08:02:32 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-01 16:07:11 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-31 23:37:14 832512 ----a-w- c:\windows\system32\wininet.dll
2011-10-31 23:37:14 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-10-31 23:37:13 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-10-31 23:37:13 17408 ----a-w- c:\windows\system32\corpol.dll
2011-10-28 05:32:19 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:49:54 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:49:54 2028032 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 15:01:53,71 ===============

VundoFix

Sun, 22 Jan 2012 15:56:36 +0000

Nån som vet var jag kan få tag på senaste VundoFix (v6.3.23) ?

HiJackThis-logg

Sun, 22 Jan 2012 15:48:43 +0000

Tja!

Min dator börjar bli lite seg tycker jag och beter sig skumt ibland.
Kan någon vänlig själ tyda denna HiJackThis-logg åt mig?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:34:51, on 2012-01-22
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [EPSON SX525WD Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU "C:\Windows\TEMP\E_SF0F2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Google Update] "C:\Users\na\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9496 bytes

Emotum mobile broadband?

Sun, 22 Jan 2012 09:13:37 +0000

Hej
Jag har upptäckt att jag har ett program Emotum mobile broadband installerat på min laptop. Jag kör med Net1 och mig veterligen har jag inte sett detta ovannämda program i datorn tidigare. Vad är det? Och måste jag ha det kvar då jag ibland kör med en "dong" från net1?
Tacksam för svar innan jag avinstallerar det.

Problem med datorvirus, olmarik tdl4 win32

Sat, 21 Jan 2012 20:25:07 +0000

Hej, har som sagt fått ett virus som heter olmarik och har haft det ca en månad nu kanske. Har ESET som virusprogram, men det går inte att ta bort med det programmet. Datorn har automatiskt ändrat aktivitetsfältet & startmenyn till det gamla, gråa som finns på de äldre operativsystemen. Har kört combofix och fått en logg. Vet inte vad jag ska göra härnäst, ska jag posta loggen som kanske är till hjälp för någon av er? Tack.

Symantec erkänner: "Hackare stal källkod"

Fri, 20 Jan 2012 18:45:35 +0000

2012-01-18 07:11
PC För Alla - Symantec erkänner: "Hackare stal källkod"
Dålig reklam för ett stort säkerhetsföretag...

Har själv Norton Internet Security 2012 (NIS 2012) men inte PCanywhere som också nämns i artikeln.
Är det något som en annan behöver tänka på?
Vilka drabbas egentligen?

Nortons gratisprogram

Wed, 18 Jan 2012 14:33:36 +0000

Jag har redan Nortons internet security och ska snart förnya det. Hur bär jag mig åt för att få del av gratisversionen som prenumerant? Ska jag avinstallera min gamla version?
Alva

McAfee får kritik

Mon, 16 Jan 2012 16:45:55 +0000

McAfee får kritik för att fortfarande efter 180 dagar inte åtgärdat öppet hål i sin produkt.

http://www.h-online.com/security/news/item/Critical-hole-in-McAfee-products-still-open-after-more-than-180-days-1413775.html

Virus vid namn Trojan.Agent/Gen-FraudLoad

Sun, 15 Jan 2012 14:25:04 +0000

Hittade detta med SuperAntiSpyware.

Någon som känner till om det är något allvarligt? Kommer det ens funka att ta bort?

Edit: provade att ta bort det med Superantispyware. Ska skanna igen och se om den finner något..

Min dator motta/skickar data til en mängd olika ip-adresser?

Mon, 09 Jan 2012 22:54:21 +0000

Hej,

Min dator har plötsligt börjat skicka ut data till en mängd olika ip-adresser (ses under TCP-anslutningar).
Tittar man på aktivitetshanteraren under ressursövervakning så ser man en massa nätverksaktivitet.

Någon som vet vad det kan bero på? Virus eller okända "gäster" på besök?
Finns det någon software som kan fixa detta? Har redan kört Malwarebytes men problemet kvarstår.

Jag upptäckte detta då min internetanslutning har börjat krångla och nu går extremt långsamt och slår av och på.

Ca varje 30:sekund mottar/ skickar min dator information til x antal ip adresser. Jag ser vilka i Resursövervakaren (TCP anslutningar). Har kollat olika adresser och dom flesta finns i USA.
Det känns som att någon typ av script har blivit installerat på min dator som nu sätter igång detta utskick av vad det nu är.
Jag har kopplat bort min router och köra direkt mot mitt modem men problemet är precis samma som tidigare.

Ljudet knastrar och sprakar, CPU:n går i taket men datorn flyter ok i övrigt

Mon, 09 Jan 2012 19:39:26 +0000

Blev tipsad av fantastiskt hjälpsamma Cecilia att göra ett inlägg i den här tråden efter att sökt hjälp i en tidigare tråd.

Mitt problem är att jag inte kan spela ljud och se på video för att CPU:n går upp i 100 % och ljudet bara sprakar. Funkar ok till och från men sprakar för mycket för att det ska gå att se på film eller lyssna på musik.

Jag körde F-Secure (via comhem) igår och den scanningen hittade inget virus eller skadligt program.

Har kört DDS och klistrar här nedan in DDS.txt

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Berner at 20:13:07 on 2012-01-09
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.46.1053.18.4092.2435 [GMT 1:00]
.
AV: Com Hem Säkerhetspaket 9.12 *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Com Hem Säkerhetspaket 9.12 *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Com Hem Säkerhetspaket 9.12 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Program Files (x86)\com hem security\Anti-Virus\fsgk32st.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\com hem security\Anti-Virus\FSGK32.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\com hem security\Common\FSMA32.EXE
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Personal\bin\Personal.exe
C:\Program Files (x86)\com hem security\Common\FSM32.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\com hem security\Common\FSHDLL32.EXE
C:\Program Files (x86)\com hem security\Common\FSHDLL64.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\taskeng.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\com hem security\ORSP Client\fsorsp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\com hem security\FWES\Program\fsdfwd.exe
C:\Program Files (x86)\com hem security\Anti-Virus\fssm32.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\Berner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Users\Berner\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\com hem security\Anti-Virus\fsav32.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\splwow64.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://g.live.com/1rewlive4startup/home
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_SE&c=94&bd=Pavilion&pf=cnnb
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_SE&c=94&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_SE&c=94&bd=Pavilion&pf=cnnb
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: []
mRun: [F-Secure Manager] "C:\Program Files (x86)\com hem security\Common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "C:\Program Files (x86)\com hem security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe
uPolicies-system: WallpaperStyle = 2
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: HideFastUserSwitching = 0 (0x0)
dPolicies-system: WallpaperStyle = 2
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
LSP: C:\Program Files (x86)\com hem security\FSPS\program\FSLSP.DLL
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://kitchenplanner.ikea.com/SE/Core/Player/2020PlayerAX_Win32.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} - hxxp://www.o2c.de/download/o2cplayer.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
TCP: DhcpNameServer = 83.255.245.11 193.150.193.150
TCP: Interfaces\{38F1F2BF-ECF8-442C-B6D6-3DC879DA3607} : DhcpNameServer = 40.4.1.100
TCP: Interfaces\{D6B611A5-69E8-4A2D-B6BF-9CA47F54CB08} : DhcpNameServer = 83.255.245.11 193.150.193.150
TCP: Interfaces\{D6B611A5-69E8-4A2D-B6BF-9CA47F54CB08}\E42465 : DhcpNameServer = 213.142.0.244 213.142.0.242
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [(Standard)]
mRun-x64: [F-Secure Manager] "C:\Program Files (x86)\com hem security\Common\FSM32.EXE" /splash
mRun-x64: [F-Secure TNB] "C:\Program Files (x86)\com hem security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
SEH-X64: {E54729E8-BB3D-4270-9D49-7389EA579090}: EasyBits Security Shield Hook - prevents launching insecure programs by kids
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2012-01-09 19:08:37 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1B4AEA1E-93F7-4AB0-A5F1-938E1B734E65}\offreg.dll
2012-01-07 21:42:38 -------- d-----w- C:\Windows\System32\SPReview
2012-01-06 14:46:57 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1B4AEA1E-93F7-4AB0-A5F1-938E1B734E65}\mpengine.dll
2012-01-06 09:55:12 -------- d-----w- C:\Program Files\CCleaner
2012-01-03 20:53:50 -------- d-----w- C:\Users\Berner\AppData\Local\{FDD407F2-D56A-46DE-B4E1-6F63B96F34B8}
2012-01-03 19:21:29 -------- d-----w- C:\Users\Berner\AppData\Local\Apps
2012-01-03 15:39:02 -------- d-----w- C:\Windows\pss
2012-01-03 08:11:17 -------- d-----w- C:\Users\Berner\AppData\Local\{BCD32E93-9407-446F-8EEC-88D535040394}
2012-01-03 08:09:53 -------- d-----w- C:\Users\Berner\AppData\Local\{51DC5D14-6791-40F0-833B-3B86831E2582}
2012-01-02 09:08:00 -------- d-----w- C:\Users\Berner\AppData\Local\{5C5799A4-9A0B-4380-91BC-FA7EA597F6C6}
2012-01-02 09:07:04 -------- d-----w- C:\Users\Berner\AppData\Local\{6161F307-A0EA-4EDF-935A-4DEF74555578}
2012-01-01 14:32:05 -------- d-----w- C:\Users\Berner\AppData\Local\{01FC0597-A551-4CDB-9088-5E35333F9083}
2012-01-01 14:31:36 -------- d-----w- C:\Users\Berner\AppData\Local\{2BB98DA9-3A11-44AB-9A20-534676ED75F3}
2012-01-01 10:48:07 -------- d-----w- C:\Users\Berner\AppData\Local\{9ECA1CD6-3088-4AFA-BB72-E76450AD37F9}
2012-01-01 10:47:05 -------- d-----w- C:\Users\Berner\AppData\Local\{94F61658-4F34-4144-A0AA-24D2390004D5}
2011-12-28 17:00:00 -------- d-----w- C:\Users\Berner\AppData\Local\{37E97785-4BAD-49F0-A504-968E29612689}
2011-12-28 16:57:48 -------- d-----w- C:\Users\Berner\AppData\Local\{5D10DEB4-2665-48C7-9783-34FB5E104894}
2011-12-27 18:50:13 -------- d-----w- C:\Users\Berner\AppData\Local\{B19DEC2B-C134-44DA-9BD9-91B8EFD16BF1}
2011-12-23 07:00:34 -------- d-----w- C:\Users\Berner\AppData\Local\{9DB164AB-8FA2-4998-9BC8-D92D2E3DC9E1}
2011-12-20 18:59:35 -------- d-----w- C:\Users\Berner\AppData\Local\{FDEB5A0A-5DFC-4C9D-A65A-CEE2316212E7}
2011-12-20 18:58:47 -------- d-----w- C:\Users\Berner\AppData\Local\{0B8B47AD-CA54-4693-924B-82A2B31F87BB}
2011-12-19 18:43:15 -------- d-----w- C:\Users\Berner\AppData\Local\{04DB037B-164A-499E-8BBF-2D11BF2268FB}
2011-12-19 18:42:12 -------- d-----w- C:\Users\Berner\AppData\Local\{7D35B883-7ADA-4566-959B-10ED90F0578F}
2011-12-18 18:37:27 -------- d-----w- C:\Users\Berner\AppData\Local\{1F43E1BF-9EA8-45FC-BCB1-32E5BA75D4BA}
2011-12-18 18:35:50 -------- d-----w- C:\Users\Berner\AppData\Local\{ED62FC79-C896-4FD8-9069-3AC3446FC380}
2011-12-17 15:53:51 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-17 15:53:47 3141632 ----a-w- C:\Windows\System32\win32k.sys
2011-12-17 15:53:43 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-17 15:53:42 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-17 15:52:04 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-17 15:52:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-17 15:36:05 -------- d-----w- C:\Users\Berner\AppData\Local\{7E2697C6-48F4-465B-B9C4-04499EBAD6A6}
2011-12-17 15:34:17 -------- d-----w- C:\Users\Berner\AppData\Local\{DBFE306F-453F-42DA-8750-B27410F8ED0C}
2011-12-14 19:32:54 -------- d-----w- C:\Users\Berner\AppData\Local\{2D4B1FE6-405E-47D9-91AF-27862DA6F36A}
2011-12-14 19:32:00 -------- d-----w- C:\Users\Berner\AppData\Local\{4C6E5422-D02E-400B-82D6-17F7EAE6E95F}
2011-12-13 18:07:34 -------- d-----w- C:\Users\Berner\AppData\Local\{5780B71B-2430-4035-9FDD-17AAD005E68A}
2011-12-13 18:06:36 -------- d-----w- C:\Users\Berner\AppData\Local\{FA772689-9875-401A-8627-71DC5EA8BE8E}
.
==================== Find3M ====================
.
2012-01-08 10:12:54 152064 ----a-w- C:\Windows\SysWow64\msclmd.dll
2012-01-08 10:12:52 175104 ----a-w- C:\Windows\System32\msclmd.dll
2011-11-15 13:29:56 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-11-10 04:54:13 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-11-07 20:58:34 50384 ----a-w- C:\Windows\System32\drivers\fses.sys
2011-11-07 20:30:03 42672 ----a-w- C:\Windows\SysWow64\drivers\fsbts.sys
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 20:21:13,28 ===============

Hoppas ni kan hjälpa mig.

Bifogade filer

Attach.txt (5,26Kb)
Antal nedladdningar: 3

Låsta sektorer på HD.

Tue, 03 Jan 2012 16:37:35 +0000

Hej! En process körs hela tiden. Denna process ( ej startad av mig ) gör att jag ej kan komma åt vissa kataloger . Jag får beskedet " Åtkomst nekad"! Det har åxå skapats en massa kataloger och filer ( som jag ej skapat). Dessa har oftast attributet HIDDEN! Det går ej att ändra attribut på dessa, varken i windows eller Dos. Det ligger LOCKED sectors på HD. Det går ej att
gå in med en sektor-editor. Jag har Norton 360 men denna visar inte på något som är fel. Jag har åxå Norton Utilities, men
en del funktioner i denna går ej att köra då HD är upptagen av ett annat program (Jag hade inget program igång).
Jag har använt TUNE-UP UTILITIES ( bra program) och sett en process som är igång hela tiden. I detta program kunde
jag åxå se, att det fanns Locked sectors på min HD. Det går att "döda" alla processer med detta program utom den process
jag nämnt. Vad gör man? Finns det ngt program som låser upp alla låsta sectorer? Då kunde man kanske boota från dvd- enheten (utan att installera) och sedan låsa upp de låsta sectorerna och därefter göra Clean free space?

Norton Internet Security ovanpå 360?

Mon, 02 Jan 2012 22:29:11 +0000

Nappade på PC för Alla erbjudandet om gratis Norton Internet Security paket. Jag har redan Norton 360 Premium på datorn men vill ju så klart slippa pröjsa för uppdateringar. Måste jag avinstallera 360 innan jag lägger på NIS?
Gunnar

Hjälp nån sida som heter www.p95.com ger mig virus

Thu, 29 Dec 2011 12:54:25 +0000

Hej jag har fått problem på internet när jag ska gå in på en sida så kommer någon sida som heter www.p95.com och spärrar mig HJÄLP!

msi-filer och _6ad647e.exe

Wed, 28 Dec 2011 19:57:50 +0000

Hej,
jag har den senaste veckan fått en mängd .msi-filer på min dator. Vid en grundligare sökning (Norton) hittade jag också en fil, _6ad647e.exe som inte gick att testa. Är det någon som har en susning om vad det här handlar om?

Hänger exe-filen ihop med .msi-filerna är det två olika problem min dator drabbats av? Eller det kanske helt enkelt inte rör sig om några problem? Please, help, är beroende av min dator i arbetet och har inte råd att drabbas av nåt otrevligt.

root kit win 7

Tue, 27 Dec 2011 15:43:30 +0000

Finns det något root kit som biter på win 7 64-bit ?

nån som vet?

Är detta virus ?

Tue, 27 Dec 2011 13:38:11 +0000

Hej Forumister

Jag undrar om detta är virus som Malware visade
och hur får man bort det ????

Jag klickade på knappen "Ta bort valda" längst ner
och programmet ville att jag skulle starta om datorn för
att det skulle gå bort, men
när jag körde Malware igen fick jag samma resultat

Hjälp mig är ni snälla

Kristian

P.S.
Jag har tagit bort bilderna som jag la upp tidigare dom fyller ju ingen funktion längre.

Byta virus program

Sun, 25 Dec 2011 14:43:15 +0000

Hej!

Jag har använt Norton Internet Security i flera år och börjar fundera på att byta virusprogram. Känner mest att Norton ibland tar mycket plats och prestanda och att det kanske finns bättre alternativ. Jag kollade på följande länk
http://www.matousec.com/projects/proactive-security-challenge/results.php
och enligt den var Comodo Internet Security den bästa. Vad jag har förståt så finns det brandväggar och Antivirus program. Vad är skillnaden? Norton innehöll båda. Innehåller Comodo båda? Finns det något annat alternativ som passar bättre?

Litet snabbt gratis virusprogram, vilket ska jag ha?

Sun, 25 Dec 2011 13:39:10 +0000

Jag har börjat få strul med mitt AVG Virusprogram så nu tänker jag prova nåt annat. Då jag inte ORKAR läsa igenom alla trådar i testerna som finns här på IDG och där dom flesta dessutom är på engelska så frågar jag här och nu. Vilket virusprogramm är i dag det minst resurskrävande, gratis och gärna snabbt förstås Ser och hör av många bekanta att Nod 32 ska vara det jag söker Vad säger ni som säkert kan detta område bäst?

Mysko filer hjälp tack!

Sat, 24 Dec 2011 12:54:14 +0000

Jag satt och kollade igenom mina filer nyss och märkte att jag hade 3 filer med filer i sig dessa 1 av dessa hette 2b7fe9a446e8d3ea1b8c39ad och dom andra hade liknande namn och hade filer i sig som hade namn som 1025 eller 1046 och det står att jag inte har behörighet att ta bort filerna, är dessa skadliga? och om dom är skadliga hur får jag bort dom? mitt anti virus program säger att datorn mår jätte fint men jag blev lite osäker på om det är så.
Hoppas bara på att det itne är spyware som snor mina konton men det borde jag redan märkt i så fall det står att dom skapades 7e juli 2011 men senast ändrad 2011-11-10 02:38
Skulle vara jätte bra med ett svar.

Tack på förhand och god jul!
M.V.H en rädd gamer

HOT VID KÖRNING AV MALWAREBYTES

Wed, 21 Dec 2011 13:17:45 +0000

]JAG ÄR FUNDERSAM VAD JAG SKA GÖRA MED HIJACKTHISHKOMMEMTAREN SE BILAGA H ANSLUTNINGEN ÄR EN EXTERM HÅRDDISK VID EN KÖRNING AV MALWAREBYTES KOM FÖLJANDE UPP mban-log

Malwarebytes' Anti-Malware 1.51.2.1300

DDS LOG .
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by ANDERS at 13:55:59 on 2011-12-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.3835.2016 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
svchost.exe
svchost.exe
svchost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Users\ANDERS\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
C:\Users\ANDERS\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Telia\Supportassistenten\bin\sprtcmd.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Telia\Sms och mms i datorn Desktop\mw.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
svchost.exe
C:\Program Files (x86)\Telia mobile broadband\Telia mobile broadband.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Secunia\PSI\psi.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ANDERS\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://isearch.avg.com/?cid={9986541E-F5B5-421B-ADB6-2DD91DB3F901}&mid=888582f3181347d1a90259e75b47d252-33a198595110f914f75244d5dea7745fbc956da8&lang=en&ds=ts024&pr=&d=2011-12-14 05:59:22&v=8.0.0.34&sap=hp
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&m=aspire_5552&r=273612110225l0444z1i5v47j2110n
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&m=aspire_5552&r=273612110225l0444z1i5v47j2110n
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&m=aspire_5552&r=273612110225l0444z1i5v47j2110n
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Partner BHO Class: {83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4} - C:\ProgramData\Partner\Partner.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: WOT Helper: {c920e44a-7f78-4e64-bdd7-a57026e7feb7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: TBHelper Class: {e46a2169-e328-471a-9788-f2b52bb9c681} - C:\Program Files (x86)\Telia\Sms och mms i datorn Desktop\miebho.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: eSms Verktygsfält: {6b49f76b-190a-4fc6-83ea-baad234baff8} - C:\Program Files (x86)\Telia\Sms och mms i datorn Desktop\mie.dll
TB: WOT: {71576546-354d-41c9-aae8-31f2ec22bf0d} - C:\Program Files (x86)\WOT\WOT.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "C:\Users\ANDERS\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
mRun: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Telia] "C:\Program Files (x86)\Telia\Supportassistenten\bin\sprtcmd.exe" /P TeliaDA
mRun: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
mRun: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
mRun: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [Sms och mms i datorn Desktop] "C:\Program Files (x86)\Telia\Sms och mms i datorn Desktop\mw.exe" /AutoStart
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\Users\ANDERS\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\CNETTE~1.LNK - C:\Users\ANDERS\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
StartupFolder: C:\Users\ANDERS\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\ANDERS\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: Skicka som mms... - C:\Program Files (x86)\Telia\Sms och mms i datorn Desktop\sendmms.htm
IE: Skicka som sms... - C:\Program Files (x86)\Telia\Sms och mms i datorn Desktop\sendsms.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: Interfaces\{D2953E45-8039-4C98-A678-36FA81160210} : NameServer = 195.67.199.18 195.67.199.19
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{3049C3E9-B461-4BC5-8870-4C09146192CA}
{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{B164E929-A1B6-4A06-B104-2CD0E90A88FF}
{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}
{E46A2169-E328-471A-9788-F2B52BB9C681}
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{6B49F76B-190A-4FC6-83EA-BAAD234BAFF8}
{71576546-354D-41c9-AAE8-31F2EC22BF0D}
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}
mRun-x64: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [Telia] "C:\Program Files (x86)\Telia\Supportassistenten\bin\sprtcmd.exe" /P TeliaDA
mRun-x64: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
mRun-x64: [Memeo AutoSync] C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
mRun-x64: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun-x64: [Sms och mms i datorn Desktop] "C:\Program Files (x86)\Telia\Sms och mms i datorn Desktop\mw.exe" /AutoStart
mRun-x64: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ANDERS\AppData\Roaming\Mozilla\Firefox\Profiles\uxoulm9f.default\
FF - prefs.js: browser.startup.homepage - hxxp://isearch.avg.com/?cid={9986541E-F5B5-421B-ADB6-2DD91DB3F901}&mid=888582f3181347d1a90259e75b47d252-33a198595110f914f75244d5dea7745fbc956da8&lang=en&ds=ts024&pr=&d=2011-12-14%2005:59:22&v=8.0.0.34&sap=hp
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\Sony\Media Go\npmediago.dll
FF - plugin: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\ANDERS\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-12 140672]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe [2011-12-15 494424]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-12-12 44768]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-7-14 321104]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-12-10 868896]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2011-11-3 33672]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2011-11-3 827520]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe [2011-12-15 102608]
R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-5-4 25824]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-6-21 341296]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-28 255744]
R2 SeagateDashboardService;Seagate Dashboard Service;C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-6-1 14088]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-14 994360]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-10-14 399416]
R2 sprtsvc_teliada;SupportSoft Sprocket Service (teliada);C:\Program Files (x86)\Telia\Supportassistenten\bin\sprtsvc.exe [2011-12-12 206120]
R2 tgsrvc_teliada;SupportSoft Repair Service (teliada);C:\Program Files (x86)\Telia\Supportassistenten\bin\tgsrvc.exe [2011-12-12 185640]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-7-14 243232]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 PSI;PSI;C:\Windows\system32\DRIVERS\psi_mf.sys --> C:\Windows\system32\DRIVERS\psi_mf.sys [?]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-21 366152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-11 135664]
S3 cpuz134;cpuz134;C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2011-12-14 21480]
S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-11 135664]
S3 hwusbdev;Huawei DataCard USB PNP Device;C:\Windows\system32\DRIVERS\ewusbdev.sys --> C:\Windows\system32\DRIVERS\ewusbdev.sys [?]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-27 305520]
S3 Partner Service;Partner Service;C:\ProgramData\Partner\Partner.exe [2010-7-14 332272]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-12-14 155344]
S3 SWDUMon;SWDUMon;C:\Windows\system32\DRIVERS\SWDUMon.sys --> C:\Windows\system32\DRIVERS\SWDUMon.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-12-21 11:37:10 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2CF584B3-2B6A-46DA-9660-9D9646F4521A}\offreg.dll
2011-12-21 06:08:25 388096 ----a-r- C:\Users\ANDERS\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-21 06:08:24 -------- d-----w- C:\Program Files (x86)\Trend Micro
2011-12-21 05:07:00 709968 ----a-w- C:\Windows\isRS-000.tmp
2011-12-21 05:04:05 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-21 05:04:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-20 06:07:01 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2CF584B3-2B6A-46DA-9660-9D9646F4521A}\mpengine.dll
2011-12-20 05:30:24 -------- d-----w- C:\Program Files (x86)\VideoLAN
2011-12-19 20:32:49 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-12-19 20:32:49 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-12-19 20:32:49 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-12-19 20:32:49 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-12-19 20:32:49 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-12-19 20:32:49 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-12-19 20:32:49 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-12-18 06:35:45 -------- d-----w- C:\Users\ANDERS\AppData\Local\Solid State Networks
2011-12-16 12:06:23 17200 ----a-w- C:\Windows\System32\nitrolocalui2.dll
2011-12-16 12:06:22 28976 ----a-w- C:\Windows\System32\nitrolocalmon2.dll
2011-12-16 12:06:04 -------- d-----w- C:\Program Files\Common Files\Nitro PDF
2011-12-16 12:06:04 -------- d-----w- C:\Program Files (x86)\Common Files\Nitro PDF
2011-12-16 11:17:31 95008 ----a-w- C:\Windows\System32\Primomonnt.dll
2011-12-16 11:17:29 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\OpenCandy
2011-12-16 11:17:26 -------- d-----w- C:\Program Files (x86)\Nitro PDF
2011-12-16 06:02:15 -------- d-----w- C:\Program Files (x86)\BurnAware Free
2011-12-16 03:06:32 -------- d-----w- C:\Users\ANDERS\AppData\Local\Secunia PSI
2011-12-16 03:06:15 -------- d-----w- C:\Program Files (x86)\Secunia
2011-12-15 18:33:08 -------- d-----w- C:\Users\ANDERS\Podcasts
2011-12-15 17:46:57 22872 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe
2011-12-15 17:25:28 -------- d-----w- C:\Program Files (x86)\IObit
2011-12-15 16:16:07 -------- d-----w- C:\Program Files\CCleaner
2011-12-15 14:38:22 -------- d-----w- C:\Program Files\CheckPoint
2011-12-15 05:57:31 -------- d-----w- C:\Program Files (x86)\CheckPoint
2011-12-15 05:33:16 -------- d-----w- C:\Program Files (x86)\WOT
2011-12-15 05:29:28 -------- d-----w- C:\Program Files (x86)\uTorrent
2011-12-15 05:27:46 -------- d-----w- C:\Users\ANDERS\AppData\Local\uTorrent
2011-12-15 05:15:57 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2011-12-15 03:00:46 -------- d-----w- C:\Windows\System32\SPReview
2011-12-15 02:59:57 -------- d-----w- C:\Windows\System32\EventProviders
2011-12-15 02:37:59 3650560 ----a-w- C:\Windows\System32\MSVidCtl.dll
2011-12-15 02:36:59 758272 ----a-w- C:\Windows\System32\PortableDeviceApi.dll
2011-12-15 02:35:59 776192 ----a-w- C:\Windows\SysWow64\calc.exe
2011-12-15 02:34:59 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2011-12-15 02:33:59 656384 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2011-12-15 02:32:59 94208 ----a-w- C:\Windows\SysWow64\eappgnui.dll
2011-12-15 02:31:57 189952 ----a-w- C:\Windows\SysWow64\sqmapi.dll
2011-12-15 02:31:26 189952 ----a-w- C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
2011-12-15 02:31:25 606208 ----a-w- C:\Windows\SysWow64\wbem\fastprox.dll
2011-12-15 02:31:25 363008 ----a-w- C:\Windows\SysWow64\wbemcomn.dll
2011-12-15 02:26:33 244736 ----a-w- C:\Program Files\Windows Portable Devices\sqmapi.dll
2011-12-15 02:26:32 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-12-15 02:26:07 244736 ----a-w- C:\Windows\System32\sqmapi.dll
2011-12-14 21:09:03 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-12-14 21:09:02 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-12-14 20:53:08 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-12-14 20:50:12 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-12-14 20:41:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-12-14 20:41:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-12-14 20:15:42 14744 ----a-w- C:\Users\ANDERS\AppData\Roaming\Microsoft\IdentityCRL\PRODUCTION\ppcrlconfig.dll
2011-12-14 19:49:26 -------- d-----w- C:\Program Files (x86)\Common Files\Sony Shared
2011-12-14 19:24:19 -------- d-----w- C:\Program Files (x86)\Sony
2011-12-14 19:00:58 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-14 18:53:42 -------- d-----w- C:\Program Files (x86)\Sony Media Go Install
2011-12-14 06:27:39 -------- d-----w- C:\Program Files (x86)\Sony Ericsson
2011-12-14 06:20:06 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\TweakNow SecureDelete
2011-12-14 06:20:06 -------- d-----w- C:\Program Files (x86)\TweakNow SecureDelete
2011-12-14 06:03:43 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2011-12-14 05:19:59 15672 ----a-w- C:\Windows\System32\drivers\SWDUMon.sys
2011-12-14 04:59:05 -------- d-----w- C:\Program Files (x86)\SlimDrivers
2011-12-14 04:05:51 -------- d-----w- C:\Program Files (x86)\Canon
2011-12-14 04:04:48 -------- d-----w- C:\Program Files (x86)\Common Files\Canon
2011-12-14 03:46:30 114176 ----a-w- C:\Windows\SysWow64\PCWizard.cpl
2011-12-14 03:46:30 -------- d-----w- C:\Windows\Java
2011-12-14 03:46:25 -------- d-----w- C:\Program Files (x86)\CPUID
2011-12-14 03:34:32 -------- d-----w- C:\Program Files (x86)\Avant Browser
2011-12-14 03:31:23 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2011-12-14 03:11:17 -------- d-----w- C:\ProgramData\Norton
2011-12-14 03:10:56 -------- d-----w- C:\ProgramData\NortonInstaller
2011-12-13 19:54:29 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\Memeo
2011-12-13 19:54:09 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\Seagate
2011-12-13 19:53:26 -------- d-----w- C:\Program Files (x86)\Memeo
2011-12-13 19:53:03 -------- d-----w- C:\Program Files (x86)\Seagate
2011-12-13 09:35:44 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-12-12 21:18:51 -------- d-----w- C:\Program Files (x86)\Common Files\SupportSoft
2011-12-12 21:18:46 -------- d-----w- C:\Program Files (x86)\Telia
2011-12-12 18:42:24 -------- d-----w- C:\Program Files\SDExplorer
2011-12-12 18:06:33 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-12-12 18:06:29 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-12-12 18:04:52 41184 ----a-w- C:\Windows\avastSS.scr
2011-12-12 18:04:43 -------- d-----w- C:\Program Files\AVAST Software
2011-12-12 15:49:24 -------- d-----w- C:\Users\ANDERS\AppData\Local\ElevatedDiagnostics
2011-12-12 14:12:49 2565632 ----a-w- C:\Windows\System32\esent.dll
2011-12-12 14:12:49 1659776 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-12-12 14:12:48 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-12-12 14:12:48 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-12-12 14:12:48 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-12-12 14:12:48 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-12-12 14:12:48 189824 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-12-12 14:12:48 1699328 ----a-w- C:\Windows\SysWow64\esent.dll
2011-12-12 14:12:48 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-12-12 14:12:48 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-12-12 14:12:48 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-12-12 13:15:20 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-12-12 13:15:20 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-12-12 13:15:20 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-12-12 13:15:20 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-12-12 13:15:20 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-12-12 13:15:20 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-12-12 13:15:20 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-12-12 12:29:54 29696 ----a-w- C:\Windows\System32\drivers\ewdcsc.sys
2011-12-12 12:29:54 246224 ----a-w- C:\Windows\System32\drivers\ewusbnet.sys
2011-12-12 12:29:54 117504 ----a-w- C:\Windows\System32\drivers\ewusbmdm.sys
2011-12-12 12:29:54 114304 ----a-w- C:\Windows\System32\drivers\ewusbdev.sys
2011-12-11 12:45:01 -------- d-----w- C:\Windows\SysWow64\Wat
2011-12-11 12:45:01 -------- d-----w- C:\Windows\System32\Wat
2011-12-11 12:43:49 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2011-12-11 12:43:49 1139200 ----a-w- C:\Windows\System32\FntCache.dll
2011-12-11 12:43:49 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll
2011-12-11 12:43:48 902656 ----a-w- C:\Windows\System32\d2d1.dll
2011-12-11 12:43:48 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll
2011-12-11 12:00:24 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-12-11 11:33:25 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2011-12-11 11:01:06 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-12-11 11:00:51 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-12-11 11:00:50 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-12-11 11:00:50 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-12-11 11:00:48 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-12-11 11:00:47 288640 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2011-12-11 11:00:28 870912 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-12-11 11:00:28 1465344 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-12-11 10:58:59 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-12-11 10:57:57 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-12-11 10:44:04 5561216 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-12-11 10:44:01 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-12-11 10:43:59 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-12-11 10:43:16 974336 ----a-w- C:\Windows\System32\WFS.exe
2011-12-11 10:43:16 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe
2011-12-11 10:43:12 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-12-11 10:43:10 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-12-11 10:43:10 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-12-11 10:42:34 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-12-11 10:42:34 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-12-11 10:42:34 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-12-11 10:42:34 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2011-12-11 10:42:34 207872 ----a-w- C:\Windows\System32\cfgmgr32.dll
2011-12-11 10:42:34 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-12-11 10:17:53 -------- d-----w- C:\ProgramData\MemeoCommon
2011-12-11 10:15:11 -------- d-----w- C:\ZoneAlarmBackup
2011-12-11 05:38:56 -------- d-----w- C:\Users\ANDERS\GoogleChromePortable
2011-12-11 05:38:56 -------- d-----w- C:\Users\ANDERS\fontconfig
2011-12-11 05:38:53 -------- d-----w- C:\Users\ANDERS\EPOST
2011-12-11 05:38:24 -------- d-----r- C:\Users\ANDERS\Dropbox
2011-12-11 05:33:02 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\ZoomBrowser EX
2011-12-11 05:33:02 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\XnView
2011-12-11 05:33:02 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\wsInspector
2011-12-11 05:33:02 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\Windows Live Writer
2011-12-11 05:31:56 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\r2 Studios
2011-12-11 05:31:55 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\QuickScan
2011-12-11 05:31:55 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\qualys
2011-12-11 05:31:55 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\PrimoPDF
2011-12-11 05:31:55 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\PhotoFiltre
2011-12-11 05:31:52 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\OpenOffice.org
2011-12-11 05:27:59 -------- d-----w- C:\Users\ANDERS\AppData\Roaming\AccurateRip
2011-12-11 05:27:11 -------- d-----w- C:\Users\ANDERS\AppData\Local\Zylom
2011-12-11 05:27:11 -------- d-----w- C:\Users\ANDERS\AppData\Local\Windows Live Writer
2011-12-11 05:27:11 -------- d-----w- C:\Users\ANDERS\AppData\Local\Windows Live
2011-12-11 05:26:52 -------- d-----w- C:\Users\ANDERS\AppData\Local\Tific
2011-12-11 05:26:52 -------- d-----w- C:\Users\ANDERS\AppData\Local\Thunderbird
2011-12-11 05:26:52 -------- d-----w- C:\Users\ANDERS\AppData\Local\Symantec
2011-12-11 05:26:37 -------- d-----w- C:\Users\ANDERS\AppData\Local\SupportSoft
2011-12-11 05:26:03 -------- d-----w- C:\Users\ANDERS\AppData\Local\Spotify
2011-12-11 05:26:03 -------- d-----w- C:\Users\ANDERS\AppData\Local\Sony Ericsson
2011-12-11 05:26:01 -------- d-----w- C:\Users\ANDERS\AppData\Local\Sony
2011-12-11 05:20:32 -------- d-----w- C:\Users\ANDERS\AppData\Local\SlimWare Utilities Inc
2011-12-11 05:20:25 -------- d-----w- C:\Users\ANDERS\AppData\Local\Opera
2011-12-11 05:20:25 -------- d-----w- C:\Users\ANDERS\AppData\Local\Oberon Games
2011-12-11 05:20:23 -------- d-----w- C:\Users\ANDERS\AppData\Local\NPE
2011-12-11 05:20:23 -------- d-----w- C:\Users\ANDERS\AppData\Local\Nero_AG
2011-12-11 05:18:08 -------- d-----w- C:\Users\ANDERS\AppData\Local\Nero
2011-12-11 05:17:50 -------- d-----w- C:\Users\ANDERS\AppData\Local\Mozilla
2011-12-11 05:17:50 -------- d-----w- C:\Users\ANDERS\AppData\Local\MigWiz
2011-12-11 05:17:49 -------- d-----w- C:\Users\ANDERS\AppData\Local\Microsoft Games
2011-12-11 05:16:25 -------- d-----w- C:\Users\ANDERS\AppData\Local\IsolatedStorage
2011-12-11 05:16:25 -------- d-----w- C:\Users\ANDERS\AppData\Local\Ilivid Player
2011-12-11 05:09:31 -------- d-----w- C:\Users\ANDERS\AppData\Local\F-Secure Online Backup
2011-12-11 05:09:26 -------- d-----w- C:\Users\ANDERS\AppData\Local\Evernote
2011-12-11 05:09:22 -------- d-----w- C:\Users\ANDERS\AppData\Local\Downloaded Installations
2011-12-11 05:09:08 -------- d-----w- C:\Users\ANDERS\AppData\Local\CrashDumps
2011-12-11 05:09:08 -------- d-----w- C:\Users\ANDERS\AppData\Local\Conduit
2011-12-11 05:09:07 -------- d-----w- C:\Users\ANDERS\AppData\Local\Click.to
2011-12-11 05:09:05 -------- d-----w- C:\Users\ANDERS\AppData\Local\Babylon
2011-12-11 05:09:03 -------- d-----w- C:\Users\ANDERS\AppData\Local\assembly
2011-12-11 05:09:03 -------- d-----w- C:\Users\ANDERS\AppData\Local\ashampoo
2011-12-11 05:09:03 -------- d-----w- C:\Users\ANDERS\AppData\Local\Apple Computer
2011-12-11 05:09:02 -------- d-----w- C:\Users\ANDERS\AppData\Local\Apple
2011-12-11 05:09:00 -------- d-----w- C:\Users\ANDERS\AppData\Local\Adobe
2011-12-11 05:04:55 -------- d-----w- C:\ProgramData\MFAData
2011-12-11 04:59:09 -------- d-----w- C:\MGADiagToolOutput
2011-12-11 04:59:09 -------- d-----w- C:\IBVSSTEMP
2011-12-11 04:59:06 -------- d-----w- C:\CIMTEMP
2011-12-11 04:59:05 -------- d-----w- C:\Buziol Games
2011-12-10 21:48:14 -------- d-----w- C:\Program Files (x86)\Common Files\Memeo
2011-12-10 15:08:01 -------- d-----w- C:\Windows\SysWow64\XPSViewer
2011-12-10 15:08:01 -------- d-----w- C:\Windows\SysWow64\wbem\sv-SE
2011-12-10 15:08:01 -------- d-----w- C:\Windows\SysWow64\sv
2011-12-10 15:08:01 -------- d-----w- C:\Windows\SysWow64\drivers\sv-SE
2011-12-10 15:08:00 -------- d-----w- C:\Windows\System32\sv
2011-12-10 15:08:00 -------- d-----w- C:\Windows\System32\drivers\UMDF\sv-SE
2011-12-10 15:06:59 3584 ----a-w- C:\Windows\System32\drivers\sv-SE\modem.sys.mui
2011-12-10 15:02:11 -------- d-----w- C:\Windows\NAPP_Dism_Log
2011-12-10 07:56:31 -------- d-----w- C:\Users\ANDERS\AppData\Local\Diagnostics
2011-12-10 07:35:41 -------- d-----w- C:\Users\ANDERS\AppData\Local\Google
2011-12-10 07:29:39 -------- d-----w- C:\Program Files (x86)\Telia mobile broadband
2011-12-10 07:24:36 -------- d-----w- C:\Users\ANDERS\AppData\Local\ATI
2011-12-10 07:23:24 -------- d-----w- C:\Users\ANDERS\AppData\Local\EgisTec IPS
2011-12-10 07:22:26 -------- d-----w- C:\Users\ANDERS\AppData\Local\VirtualStore
2011-12-10 07:21:30 -------- d-----w- C:\Program Files\Acer Accessory Store
2011-12-10 06:55:42 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll
2011-12-10 06:55:42 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll
2011-12-10 06:55:39 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-12-10 06:54:54 -------- d-----w- C:\Program Files (x86)\Microsoft
2011-12-10 06:54:37 -------- d-----w- C:\Program Files (x86)\Windows Live SkyDrive
2011-12-10 06:54:19 -------- d-----w- C:\Windows\PCHEALTH
2011-12-10 06:54:06 74520 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\825cb5221ccb708\DSETUP.dll
2011-12-10 06:54:06 484632 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\825cb5221ccb708\DXSETUP.exe
2011-12-10 06:54:06 1670936 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\825cb5221ccb708\dsetup32.dll
2011-12-10 06:53:43 139787088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\wlc5C81.tmp
2011-12-10 06:53:35 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-12-10 06:51:19 -------- d-----w- C:\Program Files (x86)\Common Files\CyberLink
2011-12-10 06:50:06 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-12-10 06:50:06 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-12-10 06:50:06 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2011-12-10 06:43:58 95432 ----a-w- C:\Windows\System32\RTEEL64H.dll
2011-12-10 06:43:58 76488 ----a-w- C:\Windows\System32\RTEEG64H.dll
2011-12-10 06:43:58 68640 ----a-w- C:\Windows\System32\RHCoInst64.dll
2011-12-10 06:43:58 369864 ----a-w- C:\Windows\System32\RTEEP64H.dll
2011-12-10 06:43:58 307936 ----a-w- C:\Windows\System32\RH3DHT64.dll
2011-12-10 06:43:58 307936 ----a-w- C:\Windows\System32\RH3DAA64.dll
2011-12-10 06:43:58 231328 ----a-w- C:\Windows\System32\drivers\RtHDMIVX.sys
2011-12-10 06:43:58 201928 ----a-w- C:\Windows\System32\RTEED64H.dll
2011-12-10 06:43:58 1814048 ----a-w- C:\Windows\System32\RHDMEx64.dll
2011-12-10 06:43:58 1631264 ----a-w- C:\Windows\System32\RtkHDM64.dll
2011-12-10 06:42:49 -------- d-----w- C:\Program Files\Elantech
2011-12-10 06:39:25 -------- d-----w- C:\Program Files (x86)\Launch Manager
2011-12-10 06:30:58 -------- d-----w- C:\Program Files (x86)\Acer Crystal Eye webcam
2011-12-10 06:30:34 -------- d---a-w- C:\book
2011-12-10 06:28:50 0 ----a-w- C:\Windows\ativpsrm.bin
2011-12-10 06:27:45 3 ----a-w- C:\Windows\System32\PLD_Framework.cmd
2011-12-10 06:24:43 -------- d-----w- C:\Program Files\ATI
2011-12-10 06:24:40 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-12-07 00:26:40 4448256 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2011-12-01 02:57:55 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8224BDBD-DAA6-41CC-A26D-F2117A8FB1BF}\offreg.dll
2011-12-01 02:57:49 8822856 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8224BDBD-DAA6-41CC-A26D-F2117A8FB1BF}\mpengine.dll
2011-11-30 20:31:06 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{062452A9-5872-4022-9EF1-3A225779535D}\offreg.dll
2011-11-30 20:31:02 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{062452A9-5872-4022-9EF1-3A225779535D}\mpengine.dll
2011-11-28 01:14:30 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BF70EA4C-0D41-483C-AF2D-F2A6629C6617}\offreg.dll
2011-11-28 01:14:24 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BF70EA4C-0D41-483C-AF2D-F2A6629C6617}\mpengine.dll
2011-11-22 01:13:53 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F4D63686-C6F2-42DF-BC14-3918E73D5E0B}\offreg.dll
2011-11-22 01:13:51 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F4D63686-C6F2-42DF-BC14-3918E73D5E0B}\mpengine.dll
2011-11-21 16:32:55 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C63BB3BF-272C-49E7-9B64-58E11CA33D3A}\offreg.dll
2011-11-21 16:32:42 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C63BB3BF-272C-49E7-9B64-58E11CA33D3A}\mpengine.dll
.
==================== Find3M ====================
.
2011-12-15 03:12:31 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-12-15 03:12:31 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-12-10 15:07:11 2560 ----a-w- C:\Windows\SysWow64\drivers\sv-SE\qwavedrv.sys.mui
2011-12-10 15:06:57 2560 ----a-w- C:\Windows\SysWow64\drivers\sv-SE\scfilter.sys.mui
2011-12-10 15:06:56 5632 ----a-w- C:\Windows\SysWow64\drivers\sv-SE\ndiscap.sys.mui
2011-12-10 15:06:50 47104 ----a-w- C:\Windows\SysWow64\drivers\sv-SE\tcpip.sys.mui
2011-12-10 15:06:47 15872 ----a-w- C:\Windows\SysWow64\drivers\sv-SE\pacer.sys.mui
2011-12-10 15:06:46 28672 ----a-w- C:\Windows\SysWow64\drivers\sv-SE\bfe.dll.mui
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-24 13:29:02 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29:02 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
.
============= FINISH: 13:59:38,20 ===============

Bifogade bilder

Hänvisning till fel webbsida

Tue, 20 Dec 2011 20:26:37 +0000

Hej,
skulle hjälp med att läsa nedanstående Hijack this logg. Jag blir hänvisad till fel webbsida när jag använder Internet. Detta oberoende av webbläsare. Har testat Chrome, Firefox och IE och även rensat all historik och cookies utan framgång.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:18:56, on 2011-12-20
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=041d&m=en_butterfly_m&r=27360510s306l0321z1k5f4831u257
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_Plugin.exe -update plugin
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} (IlosoftImageUploadCtl Class) - http://webc.mariakyrkan.org/auth/controls/IlosoftImageUpload.dll
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUplden-us.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VoddlerNet - Voddler - C:\Program Files (x86)\Voddler\service\voddler.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13338 bytes

SvenAlbert - Seg dator

Tue, 20 Dec 2011 19:06:09 +0000

Hejsan! Min dator har blivit väldigt seg. Jag har rensat bort mycket men det hjälper inte.
Tacksam för en analys!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:03:09, on 2011-12-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program\AVG\AVG9\avgchsvx.exe
D:\Program\AVG\AVG9\avgrsx.exe
D:\Program\Sygate\SPF\smc.exe
D:\Program\AVG\AVG9\avgcsrvx.exe
D:\WINDOWS\system32\svchost.exe
D:\Program\Lavasoft\Ad-Aware\AAWService.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program\AVG\AVG9\avgwdsvc.exe
D:\Program\Google\Update\GoogleUpdate.exe
D:\WINDOWS\System32\svchost.exe
D:\Program\Fighters\sfus.exe
D:\Program\Fighters\FighterSuiteService.exe
D:\Program\Delade filer\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
D:\Program\AVG\AVG9\avgnsx.exe
D:\WINDOWS\system32\devldr32.exe
D:\Program\AVG\AVG9\avgtray.exe
D:\Program\Personal\bin\Personal.exe
D:\Program\Mozilla Firefox\firefox.exe
D:\Program\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://swedish.toggle.com/sv/index.php?rvs=google
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.se/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://swedish.toggle.com/sv/index.php?rvs=google
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://swedish.toggle.com/sv/index.php?rvs=google
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Program\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Program\AVG Secure Search\9.0.0.18\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [SmcService] D:\Program\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [AVG9_TRAY] D:\Program\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - Global Startup: BankID säkerhetsprogram.lnk = D:\Program\Personal\bin\Personal.exe
O15 - Trusted Zone: http://www.browserscope.org
O15 - Trusted Zone: *.handelsbanken.se
O15 - Trusted Zone: http://www.hijackthis.de
O15 - Trusted Zone: http://*.novalogic.com
O15 - Trusted Zone: http://www.tele2.se
O15 - Trusted Zone: http://blogg.tkj.se
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///D:/Program/Letters%20from%20Nowhere/Images/stg_drm.ocx
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program\AVG\AVG9\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - D:\Program\Delade filer\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - D:\Program\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - D:\Program\AVG\AVG9\avgwdsvc.exe
O23 - Service: Google Update Service (gupdate1c903864f25ec9a) (gupdate1c903864f25ec9a) - Google Inc. - D:\Program\Google\Update\GoogleUpdate.exe
O23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Google Inc. - D:\Program\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - D:\Program\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - D:\Program\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - D:\Program\Sygate\SPF\smc.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - D:\Program\Fighters\sfus.exe
O23 - Service: Suite Service - SPAMfighter ApS - D:\Program\Fighters\FighterSuiteService.exe
O23 - Service: vToolbarUpdater - Unknown owner - D:\Program\Delade filer\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 6757 bytes

Vill att någon som kan kollar Hijackthis log

Tue, 20 Dec 2011 12:29:57 +0000

Hej! Jag hjälper min flickväns familj med en flytt och har satt upp denna dator men den är fruktansvärt seg. Skulle tro att det ligger lite skit (Virus?) i den. så skulle vara väldigt tacksam om någon kollar igenom denna hijackthis log

Logfile of Trend Micro HijackThis v2.0.4

Tacksam för all hjälp jag kan få!
Mvh Peter

Finns antivirus för Windows ME?

Mon, 19 Dec 2011 16:33:07 +0000

Finns det något (gratis) antivirusprogram för Windows ME? Eller någon slags on-line-scanning?

Omöjligt att avinstallera nya Zone Alarm

Wed, 14 Dec 2011 15:26:28 +0000

Dator: Windows XP

Efter att ha fått stora problem med nya versionen av free Zone Alarm, så beslöt jag att avinstallera det.
Avinstallerade med Revo Uninstaller för att säkerställa att alla filer försvann.
Har efteråt rensat med CCleaner.

Men nu till problemet - Det går inte att ta bort den mapp som Zone Alarm ligger i (CheckPoint), inte heller i felsäkert läge.
Åtkomsten är nekad.

CheckPoint-mappen innehåller fortfarande hela Zone Alarm-paketet men det går inte att hitta mappen i Revo Uninstaller eller under program/ Lägg till / Ta bort.
Med andra ord verkar det vara avinstallerat (men är det inte).

Har försökt att avinstallera det som Administratör, det hjälper inte heller. "Ett fel uppstod när nyckeln togs bort".

Gick sedan in i registret för att försöka plocka bort det därifrån (även i Felsäkert läge) men samma felmeddelande kom.

TrueVector går inte heller att ta bort - allt verkar blockerat från att ta bort som har med ZoneAlarm att göra.

Har ni några förslag? Hur löser jag det här, skulle bli mycket tacksam för hjälp!

Någonting äter minne! Datorn jätteseg

Sun, 11 Dec 2011 16:08:43 +0000

Min dator har gått så oerhört segt ett tag nu, vet inte varför. Känns som en trojan eller någonting som äter minne och prestanda. Mina scanningar hittar dock ingenting, kört Norton 360, Malwarebytes, F-secure online scan. De hittade nåt virus förut när jag sökte för kanske 2-3månader sen, datorn går fortfarande segt! + att minnesanvändningen känns alldeles för hög.

Någon som är mer insatt i detta som kan säga vad det är för fel?

Förövrigt tar det 100 år att få igång datorn, den kommer till att visa skrivbordet relativt snabbt men där står den och nöter ett bra tag. går inte att klicka på något programm etc för den jobbar så hårt.
Ibland blir det även så när den stått på nån timme utan användning. Att växling mellan program osv är gaaalet seg

Seg dator!

Sun, 11 Dec 2011 01:20:57 +0000

Vet inte om det har med datorns hårdvara att göra, eller om det är något virus eller liknande. Skulle någon vänlig själ kunna hjälpa mig? Något virus? Program som behöver updateras? Någonting

Logfile of Trend Micro HijackThis v2.0.4

Dator som tar lång tid att starta och är seg på det mesta.

Sat, 10 Dec 2011 22:43:22 +0000

Har en dator som jag antar har fått ett virus eller liknande i, eftersom den ändrat sig i beteende för ett tag sen.
Nu tar det ca fem minuter innan jag får skriva in mina inloggningsuppgifter efter att jag startat eller startat om datorn och efter det att jag loggat in så tar det ytterligare några minuter innan jag kan t.ex starta program och när jag gör det så laggar allt.
Lyckas inte bifoga 'attach.txt' som en fil.

Cecilia, var är du?

DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Admin at 22:26:46 on 2011-12-10
Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.3326.2675 [GMT 1:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program\Avira\AntiVir Desktop\avguard.exe
C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program\Avira\AntiVir Desktop\avshadow.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
C:\Program\iPod\bin\iPodService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\Program\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Admin\Application Data\Spotify\Spotify.exe
C:\Program\Tele2 Mobile Partner\Tele2 Mobile Partner.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Internet Explorer\iexplore.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.se/
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Spotify] "c:\documents and settings\admin\application data\spotify\Spotify.exe" /uri spotify:autostart
mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime
mRun: [avgnt] "c:\program\avira\antivir desktop\avgnt.exe" /min
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} - hxxp://60.248.39.151:1025/RtspVaPgDec.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1270171563500
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 130.244.127.161 130.244.127.169
TCP: Interfaces\{AF743218-FC87-42F4-A78B-96A05340E038} : DhcpNameServer = 130.244.127.161 130.244.127.169
Notify: AtiExtEvent - Ati2evxx.dll
Notify: LBTWlgn - c:\program\delade filer\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program\avira\antivir desktop\avgio.sys [2010-4-28 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program\avira\antivir desktop\sched.exe [2010-4-28 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program\avira\antivir desktop\avguard.exe [2010-4-28 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-4-28 66616]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\all users\application data\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2010-8-17 10448]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2011-11-27 11136]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2011-11-27 239104]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2011-11-27 73984]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-4-2 27632]
S2 Tele2 Mobile Partner. RunOuc;Tele2 Mobile Partner. OUC;c:\program\tele2 mobile partner\updatedog\ouc.exe [2011-11-27 655712]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-4-1 1684736]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-8-17 23456]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2011-11-27 102784]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-5-9 13224]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-4-2 22216]
S4 MBAMService;MBAMService;c:\program\malwarebytes' anti-malware\mbamservice.exe [2010-4-2 366152]
S4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program\sony ericsson\sony ericsson pc companion\PCCService.exe [2011-11-18 155344]
.
=============== Created Last 30 ================
.
2011-12-10 20:59:11 388096 ----a-r- c:\documents and settings\admin\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-12-10 20:59:06 -------- d-----w- c:\program\Trend Micro
2011-12-08 19:56:07 -------- d-----w- c:\program\delade filer\Symantec Shared
2011-12-08 19:55:22 -------- d-----w- c:\windows\system32\drivers\nss\0306010.00B
2011-12-08 19:55:22 -------- d-----w- c:\windows\system32\drivers\NSS
2011-12-08 19:55:22 -------- d-----w- c:\program\Norton Security Scan
2011-12-08 19:55:20 -------- d-----w- c:\documents and settings\all users\application data\Norton
2011-12-08 19:55:00 -------- d-----w- c:\program\NortonInstaller
2011-12-08 19:55:00 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller
2011-12-03 08:17:56 -------- d--h--w- c:\windows\PIF
2011-11-27 21:43:03 89856 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2011-11-27 21:43:03 66688 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2011-11-27 21:43:03 26624 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2011-11-27 21:43:00 861696 ----a-w- c:\windows\system32\drivers\mod7700.sys
2011-11-27 21:43:00 73984 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2011-11-27 21:43:00 28672 ----a-w- c:\windows\system32\drivers\usbccid.sys
2011-11-27 21:43:00 25856 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2011-11-27 21:43:00 239104 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2011-11-27 21:43:00 195200 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-11-27 21:43:00 19200 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2011-11-27 21:43:00 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2011-11-27 21:43:00 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2011-11-22 17:35:17 -------- d-----w- c:\documents and settings\admin\application data\Spotify
2011-11-19 09:28:59 -------- d-sh--w- c:\documents and settings\admin\IECompatCache
2011-11-19 09:28:38 -------- d-sh--w- c:\documents and settings\admin\PrivacIE
2011-11-19 09:02:59 -------- d-sh--w- c:\documents and settings\admin\IETldCache
2011-11-19 07:56:44 -------- d-----w- c:\windows\ie8updates
2011-11-19 07:40:20 -------- dc-h--w- c:\windows\ie8
2011-11-19 07:36:35 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-11-19 07:34:27 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-11-19 07:34:27 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-11-19 07:34:27 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-11-19 06:56:47 -------- d-----w- c:\program\VS Revo Group
2011-11-18 21:43:48 159744 ----a-w- c:\program\internet explorer\plugins\npqtplugin7.dll
2011-11-18 21:43:48 159744 ----a-w- c:\program\internet explorer\plugins\npqtplugin6.dll
2011-11-18 21:43:47 159744 ----a-w- c:\program\internet explorer\plugins\npqtplugin5.dll
2011-11-18 21:43:47 159744 ----a-w- c:\program\internet explorer\plugins\npqtplugin4.dll
2011-11-18 21:43:47 159744 ----a-w- c:\program\internet explorer\plugins\npqtplugin3.dll
2011-11-18 21:43:47 159744 ----a-w- c:\program\internet explorer\plugins\npqtplugin2.dll
2011-11-18 21:43:47 159744 ----a-w- c:\program\internet explorer\plugins\npqtplugin.dll
2011-11-18 21:28:36 -------- d-----w- c:\program\iPod
2011-11-18 21:28:03 -------- d-----w- c:\program\iTunes
2011-11-18 21:15:14 -------- d-----w- c:\program\Bonjour
2011-11-18 19:44:06 -------- d-----w- c:\windows\pss
2011-11-18 18:14:47 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-18 03:15:12 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-11-18 03:12:19 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-11-18 03:09:07 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-11-18 03:05:28 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-11-18 03:05:22 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-11-18 02:59:34 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-11-18 02:55:34 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-11-17 21:46:01 -------- d-----w- c:\program\Avanquest update
2011-11-17 21:45:52 -------- d-----w- c:\documents and settings\all users\application data\Avanquest
2011-11-17 20:20:41 -------- d-----w- c:\documents and settings\all users\application data\Tele2 Mobile Partner
2011-11-17 20:19:45 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2011-11-17 20:17:18 -------- d-----w- c:\program\Tele2 Mobile Partner
2011-11-17 19:30:59 -------- d-----w- c:\documents and settings\all users\application data\DatacardService
.
==================== Find3M ====================
.
2011-11-27 21:40:59 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2011-11-18 18:09:13 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-11-17 21:49:43 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-24 13:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-10 14:22:54 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06:45 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 10:41:40 612352 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 10:41:40 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 10:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2010-11-21 10:14:50 568648 ----a-w- c:\program\GoogleEarthSetup.exe
.
============= FINISH: 22:29:00,06 ===============

PRIVACY PROTECTION!

Fri, 09 Dec 2011 21:47:18 +0000

Hej!

jag behöver akut hjälp.
skulle ladda ner ett mod till call of duty mw2 (det var ej något cheat) sedan så scannade jag filen. Men NEJ det hjälpte inte så nu har privacy protection angripit min dator. Inget program går att gå in på. Är privacy protection ett fake program?? skannade tills det stog något likande ''97threaths found'' Jag har testat att lägga över olika program till usb minne men dom går inte att öppna. När jag t ex ska öppna f-secure eller något annat program så står det ''programmets namn''.exe could not open

Vad skall jag göra??. Hjälp!!

Facebook "IQ test 2011" Virus !

Fri, 09 Dec 2011 10:26:15 +0000

Hej nu är jag jätteorolig för att jag har fått nåt.

Igår tog jag ett IQ test på Facebook, och fick sedan höra att det är virus som kapar allt!

Skulle någon kunna vara så snäll och titta om jag har fått nåt??

Här är DDS :

Säkerhet angående lösenord

Wed, 07 Dec 2011 10:57:41 +0000

Hej.

Jag har en fråga angående säkerhet etc. Om jag t.ex använder en unik epostadress för detta forumet, men sedan t.ex. registrerar mig på ett annat forum, med en helt annan epostadadress, och ett helt annat logg in, fast med samma lösenord, hur stor är chansen då att om den ena sidan blir hackad, och mitt lösenord blir kapat, att nån skulle kunna ta sig in på den andra sidan med hjälp av det?

Tacksam för svar...

Säkerhetsproblem?

Wed, 07 Dec 2011 10:47:56 +0000

För någon månad sedan fick en vän låna min stationära dator en halvdag för att testa ett hemmagjort program. Jag vet vad det är för program. Inga problem där. Efter några dagar började dock mitt Noron 360 och min Outlook bråka. Nortonraden ville inte komma fram i Outlook. För att lösa det enkelt avinstallerade jag Norton och återinstallerade därefter. Resultatet blev till synes perfekt.

Datorn är mindre än ett år gammal. Den har både före och efter "testet" gått alldeles utmärkt. Men, jag kan inte släppa min misstänksamhet. Kan något olämpligt ha "följt med" in i datorns mjukvara vid testet?

Jag skulle uppskatta mycket om någon kunnig (Cecilia!) kunde ta en titt på bifogat DDS-resultat.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Ulf at 11:11:12 on 2011-12-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.6071.4534 [GMT 1:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\AsHookDevice.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\LTONHIS\Touch Manager\SKDaemon.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://svd.se/
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Trusted Zone: skatteverket.se
Trusted Zone: transportstyrelsen.se
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 195.54.122.198 195.54.122.199
TCP: Interfaces\{855FC6ED-6AD4-47DC-83EE-94A2DCB530EE} : DhcpNameServer = 195.54.122.198 195.54.122.199
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{3049C3E9-B461-4BC5-8870-4C09146192CA}
{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
{6D53EC84-6AAE-4787-AEEE-F4628F01010C}
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [RunAIShell] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20111123.001\BHDrvx64.sys [2011-11-30 1156216]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20111206.001\IDSviA64.sys [2011-12-7 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS --> C:\Windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 Device Handle Service;Device Handle Service;C:\Windows\SysWOW64\AsHookDevice.exe [2010-8-28 203392]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-10-6 130008]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-7-24 2253120]
R2 OMSI download service;Sony Ericsson OMSI download service;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2011-6-4 90112]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-8-28 2314240]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-9 138360]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-19 136176]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\system32\DRIVERS\ggflt.sys --> C:\Windows\system32\DRIVERS\ggflt.sys [?]
S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-19 136176]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);C:\Windows\system32\DRIVERS\s1039bus.sys --> C:\Windows\system32\DRIVERS\s1039bus.sys [?]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s1039mdfl.sys --> C:\Windows\system32\DRIVERS\s1039mdfl.sys [?]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s1039mdm.sys --> C:\Windows\system32\DRIVERS\s1039mdm.sys [?]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s1039mgmt.sys --> C:\Windows\system32\DRIVERS\s1039mgmt.sys [?]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);C:\Windows\system32\DRIVERS\s1039nd5.sys --> C:\Windows\system32\DRIVERS\s1039nd5.sys [?]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s1039obex.sys --> C:\Windows\system32\DRIVERS\s1039obex.sys [?]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);C:\Windows\system32\DRIVERS\s1039unic.sys --> C:\Windows\system32\DRIVERS\s1039unic.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-11-20 07:54:55 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared
2011-11-20 07:54:43 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-11-20 07:54:43 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-11-09 09:10:08 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-11-09 09:10:08 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 09:10:05 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-11-09 09:10:03 3144704 ----a-w- C:\Windows\System32\win32k.sys
.
==================== Find3M ====================
.
2011-11-23 14:55:18 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-14 22:54:52 321856 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2011-10-06 07:00:42 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2011-10-03 03:06:03 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 11:11:41,54 ===============

Bifogade filer

Attach 1.txt (6,47Kb)
Antal nedladdningar: 2

Rootkit

Tue, 06 Dec 2011 15:52:41 +0000

Har fått nåt skit på en dator. Troligtvis rootkit. C:\WINDOWS\system32\....\sfloppy.sys Vad göra?

Troligen klickat på msn-virus

Sun, 04 Dec 2011 22:00:31 +0000

Så här ligger det till... Har en bärbar dator, dr jag ej använder musen för att styra. HAr en vän på msn som mer eller mindre konstant skickar ut en viruslänk (var tredje minut lr nåt sånt), och givetvis råkade jag klicka på denna när jag skulle navigera med fingrarna på styrplattan (lr vad fan saken nu heter)..

Skannar nu med norton och superantispyware.. och får se vad de hittar.. Tänkte om att han skicakr länken igen så kan jag skriva namnet på den, och nån kan möjligtvis analysera vad viruset gör, om det är allvarligt etc... Bör jag byta lösenord med mera... har verkligen inte råd att få detta kontot kapat

Extremt tacksam för hjälp.

Förslag på spamfilter finns här

Sun, 04 Dec 2011 20:14:15 +0000

Förslag på spamfilter finns här

http://www.techsupportalert.com/best-free-spam-filter-for-the-average-user.htm

Trög dator, speciellt vid kontakt med nätet. Rootkit?

Thu, 01 Dec 2011 19:57:32 +0000

Eller har jag installerat något olämpligt tillägg tro? Jag försökte köra DDS men kan inte starta filen, den öppnas i Anteckningar som en enda röra så att säga, på vilket sätt jag än försöker starta den.

Datorn är visserligen gammal men har blivit mycket segare de senaste veckorna. Har Avast Antivirus installerat, den hittar inget. Körde Eset online scanner för nån vecka sen, den hittade heller inget, inte Malwarebytes Antimalware heller.

Kan t.ex. knappt köra VPN mot jobbet längre, laddtid på ca 5 min nu under kvällen (det är dock en privat dator så jag kan inte be jobbets IT-avd). Tacksam för hjälp!

/Jessica

Två leverantörer har blivit hackade

Thu, 01 Dec 2011 14:09:34 +0000

Två leverantörer har blivit hackade
http://news.softpedia.com/news/NOD32-and-Kaspersky-Websites-Hacked-237647.shtml

Datorn kraschar! :(

Wed, 30 Nov 2011 12:30:46 +0000

Hej,
Jag har fått jätte problem med min dator och vet inte alls vad jag ska göra nu!
Behöver hjälp.

Min dator är cirka 2 år gammal.
Hewplett-Packard Company, Systemtyp 64-bitars.
VISTA home premium, service pack 2.
(när jag försökt uppdatera VISTA så finns det inte längre uppdateringar utan den anser att jag ska byta helt.)

För ett halvår sedan fick jag stora problem med datorn och sökte då hjälp från AVAST!
Där fick jag råd att ladda ned advanced systemcare 4 och har sedan dess haft den kvar. Fick även göra lite andra grejer men dem har jag inte längre kvar då han sa att de kunde störa. Vi löste det då och fann runt 1500 virus osv på datorn, de åtgärdades. Problemet som kvarstod var att datorn blev väldigt långsam när jag anslöt till internet, likaså när den skulle starta.

NU har liknande problem uppstått igen. Började med att datamusen och tangentbordet låste sig och till slut blev hela bildskärmen svart. Efter att ha återställt BIOS så fungerade det igen (internet fortfarande segt).
går dock inte att uppdatera BIOS för då blir det samma igen. har kollat om det är någon annan uppdatering som behövs via enhetshanteraren men enligt datorn så används de senaste (bortsett från vista.)

Efter detta har problemen bara ökat!

Ibland blir den fortfarande svart när man startar den men fungerar när man startat om den några gånger.
Innan den fungerar har dock Startreparationer börjat och sedan har det fungerat under tiden datorn varit på. Internet segt.
Det jag märkte när datorn började igen var att jag inte kommer åt windows defender, felmeddelande "åtgärden har avbrutits på grund av begränsningar i datorn. Kontakta systemadministratören".
Jag är administratören på datorn.

Och nu när jag skulle starta datorn och startreparationerna blivit klara så fungerar inte AVAST!
Och jag kan inte åtgärda det heller (trots att jag kör som administratör). Den jobbar några sekunder men sen händer ingenting. När jag går in på säkerhetsenheten och försöker aktivera därifrån så får jag ett felmeddelande: "fil system shield provider not found"...

Snälla hjälp mig, är helt maktlös här!

Med vänliga hälsningar
Pejtan

Virusvarning

Wed, 30 Nov 2011 09:27:45 +0000

Varning för meil från DHL.com. Klickar man på bif filen säger virus programmet "Trolig kapning av webbläsaren" Följande text finns: "Shipment status may also be obtained from our Internet site in USA under http://track.dhl-usa.com or Globally under http://www.dhl.com/track
Please do not reply

Har fler drabbats?

Givetvis är inte DHL inblandad.