Just nu i M3-nätverket
Gå till innehåll

Finns det något mer som är skadligt i datorn?


cybertears

Rekommendera Poster

Hej!

 

Jag har suttit och rensat min kompis skoldator från virus.

 

Jag har använt AdwCleaner och kört med Eset, jag ser inget mer skadligt men jag vill ändå få det bekräftat

 

Logg för Eset:  Eset.txt

 

 

Jag har gjord diskrensning och avinstallerat  AdwCleaner

 

 

Länk till kommentar
Dela på andra webbplatser

DDS logg:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428
Run by filip at 15:08:05 on 2014-03-19
Microsoft Windows 7 Professional   6.1.7601.1.1252.46.1053.18.1015.227 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\sppsvc.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://kommun.pingpong.se
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoPublishingWizard = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoWebServices = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: dontdisplaylastusername = dword:1
IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Ski&cka till OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{11E4E055-6D48-4F53-A51F-4F2DAA86179C} : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{11E4E055-6D48-4F53-A51F-4F2DAA86179C}\B4C405D27457563747 : DHCPNameServer = 8.8.8.8
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\filip\AppData\Roaming\Mozilla\Firefox\Profiles\pqrx4uqx.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Switchdrivrutin för Intel® USB 3.0 Värdstyrenhet;C:\windows\System32\drivers\iusb3hcs.sys [2013-9-30 19224]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-9-27 248240]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2013-6-18 134944]
R3 NETwLv64;    Kortdrivrutin för Windows Vista 64-bitars Intel® Wireless WiFi Link 5000-serien;C:\windows\System32\drivers\NETwLv64.sys [2013-9-30 7533568]
R3 NisSrv;Microsoft Nätverkskontroll;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-3-19 111616]
S3 netvsc;netvsc;C:\windows\System32\drivers\netvsc60.sys [2011-4-12 168448]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-6-12 19456]
S3 SynthVid;SynthVid;C:\windows\System32\drivers\VMBusVideoM.sys [2011-4-12 22528]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\windows\System32\drivers\terminpt.sys [2013-6-12 29696]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-6-12 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2013-6-12 30208]
.
=============== Created Last 30 ================
.
2014-03-19 11:44:47    --------    d-----w-    C:\Users\filip\AppData\Roaming\Geek Uninstaller
2014-03-19 11:42:34    --------    d-----w-    C:\AdwCleaner
2014-03-19 09:12:59    74240    ----a-w-    C:\windows\SysWow64\SetIEInstalledDate.exe
2014-03-19 09:09:41    878080    ----a-w-    C:\windows\System32\advapi32.dll
2014-03-19 09:08:09    327168    ----a-w-    C:\windows\System32\mswsock.dll
2014-03-19 09:08:09    231424    ----a-w-    C:\windows\SysWow64\mswsock.dll
2014-03-19 09:08:09    1903552    ----a-w-    C:\windows\System32\drivers\tcpip.sys
2014-03-18 20:28:23    1031560    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B703762A-6B5D-498C-9CE0-4C581B780A43}\gapaengine.dll
2014-03-18 20:26:37    10521840    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BA992AFE-DD32-4CC3-BFE7-008A5D121F0E}\mpengine.dll
2014-03-18 19:42:04    --------    d-----w-    C:\Program Files (x86)\MSXML 4.0
2014-03-10 10:55:38    1002008    ----a-w-    C:\windows\SysWow64\igxpun.exe
2014-03-10 10:55:38    --------    d-----w-    C:\windows\SysWow64\x64
2014-02-25 11:36:21    10536864    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-25 11:11:28    497152    ----a-w-    C:\windows\System32\drivers\afd.sys
2014-02-25 11:11:25    633856    ----a-w-    C:\windows\System32\comctl32.dll
2014-02-25 11:11:23    530432    ----a-w-    C:\windows\SysWow64\comctl32.dll
2014-02-25 11:11:16    224256    ----a-w-    C:\windows\System32\wintrust.dll
2014-02-25 11:11:16    175104    ----a-w-    C:\windows\SysWow64\wintrust.dll
2014-02-25 11:10:49    1474048    ----a-w-    C:\windows\System32\crypt32.dll
2014-02-25 11:10:48    140288    ----a-w-    C:\windows\SysWow64\cryptsvc.dll
2014-02-25 11:10:48    1168384    ----a-w-    C:\windows\SysWow64\crypt32.dll
2014-02-25 11:10:47    184320    ----a-w-    C:\windows\System32\cryptsvc.dll
2014-02-25 11:10:47    103936    ----a-w-    C:\windows\SysWow64\cryptnet.dll
2014-02-25 11:10:45    139776    ----a-w-    C:\windows\System32\cryptnet.dll
2014-02-25 11:09:43    99840    ----a-w-    C:\windows\System32\drivers\usbccgp.sys
2014-02-25 11:09:42    7808    ----a-w-    C:\windows\System32\drivers\usbd.sys
2014-02-25 11:09:42    52736    ----a-w-    C:\windows\System32\drivers\usbehci.sys
2014-02-25 11:09:42    343040    ----a-w-    C:\windows\System32\drivers\usbhub.sys
2014-02-25 11:09:42    325120    ----a-w-    C:\windows\System32\drivers\usbport.sys
2014-02-25 11:09:42    30720    ----a-w-    C:\windows\System32\drivers\usbuhci.sys
2014-02-25 11:09:42    25600    ----a-w-    C:\windows\System32\drivers\usbohci.sys
2014-02-25 11:06:21    2048    ----a-w-    C:\windows\SysWow64\tzres.dll
2014-02-25 11:06:21    2048    ----a-w-    C:\windows\System32\tzres.dll
2014-02-25 11:06:01    571904    ----a-w-    C:\Program Files\Windows Defender\MpClient.dll
2014-02-25 11:06:01    1011712    ----a-w-    C:\Program Files\Windows Defender\MpSvc.dll
2014-02-25 11:06:00    9216    ----a-w-    C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2014-02-25 11:06:00    54784    ----a-w-    C:\Program Files (x86)\Windows Defender\MpOAV.dll
2014-02-25 11:06:00    4608    ----a-w-    C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2014-02-25 11:06:00    392704    ----a-w-    C:\Program Files (x86)\Windows Defender\MpClient.dll
2014-02-25 11:06:00    314880    ----a-w-    C:\Program Files\Windows Defender\MpCommu.dll
2014-02-25 09:29:22    --------    d-----w-    C:\Users\filip\AppData\Local\Diagnostics
.
==================== Find3M  ====================
.
2014-03-19 09:12:59    553472    ----a-w-    C:\windows\SysWow64\jscript9diag.dll
2014-03-19 09:09:41    859648    ----a-w-    C:\windows\System32\tdh.dll
2014-01-19 07:33:29    270496    ------w-    C:\windows\System32\MpSigStub.exe
.
============= FINISH: 15:11:34,03 ===============
 

attach.txt

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...