Just nu i M3-nätverket
Gå till innehåll

Ulli

Medlem
  • Antal inlägg

    50
  • Gick med

  • Senaste besök

  1. TACK!!! Du är bäst!!!

  2. Hittade min andra tråd nu så jag har ställt tillbaka mappalternativen så nu har ikonerna blivit osynliga Så igen....TACK för all hjälp, Du har åter igen räddat mig Ps: Min sambo tackar så mycket oxå...det ar hans dator som hade 36 olika hot och skadliga saker....
  3. Tack cecilia Nu är det bara en lite sak kvar.... det ligger 2 ikoner på skrivbordet som är lite genomskinliga.... vet att jag hade samma sak förra gången jag hade din hjälp och då var det något om att jag var inloggad som administratör eller liknande....kommer tyvärr inte ihåg hur jag återställde detta och min tråd om mitt förra problem är som bortblåst...
  4. Den första datorn verka må bra nu... beter sig som innan
  5. DDS (Ver_10-12-12.02) - NTFS_AMD64 Run by HaageSundqvist at 17:03:03,89 on 2011-02-08 Internet Explorer: 8.0.6001.18999 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.4094.2223 [GMT 1:00] AV: Norman Security Suite *Enabled/Updated* {D038CA80-26F3-90BF-94AA-03C4D945E661} SP: Norman Security Suite *Enabled/Updated* {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} FW: Norman Security Suite *Enabled* {E8034BA5-6C9C-91E7-BFF5-AAF12796A11A} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Norman\Npm\Bin\elogsvc.exe C:\Program Files\Norman\Ngs\Bin\Nnf.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Program Files\Norman\Npm\Bin\Zanda.exe C:\Program Files\Norman\npm\bin\nvoy.exe C:\Program Files\Norman\npf\bin\npfsvc32.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Tele2\Tele2 Sjaelvhjaelp\m2Service.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Norman\Npm\Bin\scheduler.exe C:\Program Files\Norman\Npm\Bin\Njeeves.exe C:\Program Files\Norman\Nse\Bin\NSESVC.EXE C:\Program Files\Norman\Nvc\Bin\nvcoas.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Tele2\Tele2 Sjaelvhjaelp\M2WifiMan64.exe C:\Windows\system32\UI0Detect.exe c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe C:\Program Files (x86)\Personal\bin\Personal.exe C:\hp\support\hpsysdrv.exe C:\hp\KBD\KbdStub.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\Tele2\Tele2 Sjaelvhjaelp\Selfrepair.exe C:\Program Files\Norman\Npm\Bin\Zlh.exe C:\Windows\ehome\ehmsas.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Tele2\Tele2 Sjaelvhjaelp\M2WifiMan64.exe C:\Program Files\Norman\Nvc\Bin\cclaw.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\HaageSundqvist\Desktop\dds.scr C:\Windows\SysWOW64\conime.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.se/webhp?sourceid=navclient&hl=sv&ie=UTF-8 uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=84&bd=Pavilion&pf=cndt uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mStart Page = hxxp://www.shareware-sw.com/sv/index.php?rvs=hompag mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=84&bd=Pavilion&pf=cndt mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe uRun: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe uRunOnce: [shockwave Updater] C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; Trident/4.0; GTB6.6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; WinNT-PAU 05.09.2009; .NET CLR 3.0.30729; OfficeLiveConnector.1.5; OfficeLivePatch.1.3)" -"http://www8.agame.com/games/shockwave/h/horse_eventing_2/horse_eventing2_girlsgogames_se.html" mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe mRun: [KBD] C:\HP\KBD\KbdStub.EXE mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun: [Tele2_SelfrepairClient] C:\Program Files (x86)\Tele2\Tele2 Sjaelvhjaelp\Selfrepair.exe /auto mRun: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" StartupFolder: C:\Users\HAAGES~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SKRMUR~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} - hxxps://safe.tele2.com/inc/AccountHelper.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} {9030D464-4C02-4ABF-8ECC-5164760863C6} {AA58ED58-01DD-4d91-8333-CF10577473F7} {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} {2318C2B1-4965-11d4-9B18-009027A5CD4F} TB-X64: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide ============= SERVICES / DRIVERS =============== R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2009-9-5 68640] R1 ALE_NF;Norman Network Filter ALE driver;C:\Windows\System32\drivers\ale_nf64.sys [2010-9-21 68176] R1 NGS;Norman General Security Driver;C:\Program Files\Norman\Ngs\Bin\ngs64.sys [2010-9-21 22368] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2009-7-3 1029456] R2 NNFSVC;Norman Network Filtering service;C:\Program Files\Norman\Ngs\Bin\nnf.exe [2010-9-21 223000] R2 Norman ZANDA;Norman ZANDA;C:\Program Files\Norman\Npm\Bin\Zanda.exe [2009-10-6 308408] R2 NPFSvc32;Norman Personal Firewall Service;C:\Program Files\Norman\npf\bin\npfsvc32.exe [2010-9-21 290472] R2 nregsec;Norman Registry Security driver;C:\Program Files\Norman\Ngs\Bin\nregsec64.sys [2010-9-21 39360] R2 NVOY;Norman Resource Provider;C:\Program Files\Norman\Npm\Bin\nvoy.exe [2010-9-21 100336] R2 RIS;RIS;C:\Program Files (x86)\Tele2\Tele2 Sjaelvhjaelp\m2Service.exe [2009-6-23 1246608] R3 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 27648] R3 nsesvc;Norman Scanner Engine Service;C:\Program Files\Norman\Nse\Bin\Nsesvc.exe [2011-1-6 423752] R3 NvcMFlt;NvcMFlt;C:\Windows\System32\drivers\nvcv64mf.sys [2010-9-21 28560] R3 nvcoas;Norman Virus Control on-access component;C:\Program Files\Norman\nvc\bin\Nvcoas.exe [2010-9-21 198168] R3 Scheduler;Norman Scheduler Service;C:\Program Files\Norman\Npm\Bin\scheduler.exe [2010-9-21 148240] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-16 135664] S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-23 48488] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352] S3 PerfHost;Värd för prestandaräknar-DLL;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968] S3 Tdsshbecr;Handelsbanken card reader;C:\Windows\System32\drivers\shbecr.sys [2008-9-23 50176] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-24 89920] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] =============== File Associations =============== JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* =============== Created Last 30 ================ 2011-02-08 15:25:38 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{69F253AB-E902-4074-B076-D27D8A2839F9}\mpengine.dll 2011-02-08 11:59:08 -------- d-----w- C:\Users\HAAGES~1\AppData\Roaming\Malwarebytes 2011-02-08 11:59:02 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-02-08 11:59:02 -------- d-----w- C:\PROGRA~3\Malwarebytes 2011-02-08 11:58:59 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-02-08 11:58:59 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-01-26 12:19:34 -------- d-----w- C:\Program Files (x86)\SpongeBob SquarePants Obstacle Odyssey 2011-01-26 12:19:11 -------- d-----w- C:\Program Files (x86)\bfgclient 2011-01-26 12:18:14 -------- d-----w- C:\BigFishGamesCache ==================== Find3M ==================== 2010-12-28 16:08:18 466944 ----a-w- C:\Windows\System32\odbc32.dll 2010-12-28 15:55:03 413696 ----a-w- C:\Windows\SysWow64\odbc32.dll 2010-12-14 16:15:49 1251840 ----a-w- C:\Windows\System32\sdclt.exe 2010-11-11 12:01:49 28560 ----a-w- C:\Windows\System32\drivers\nvcv64mf.sys ============= FINISH: 17:03:49,39 ===============
  6. Lite nyfiken på vad ni tycker... ska byta mobil och står och väger mellan Iphone 4 alt en HTC... Va rekomendera ni? För och nackdelar?
  7. scannade min andra dator med Malwarebytes....kan du se om det är något konstigt med en här loggen?? Tack igen... Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Databasversion: 5709 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 2011-02-08 13:36:12 mbam-log-2011-02-08 (13-36-12).txt Skanningstyp: Snabbskanning Antal skannade objekt: 174738 Förfluten tid: 10 minut(er), 34 sekund(er) Infekterade minnesprocesser: 1 Infekterade minnesmoduler: 3 Infekterade registernycklar: 16 Infekterade registervärden: 7 Infekterade registerdataposter: 0 Infekterade mappar: 1 Infekterade filer: 7 Infekterade minnesprocesser: c:\program files (x86)\application updater\applicationupdater.exe (PUP.Dealio) -> 1128 -> Unloaded process successfully. Infekterade minnesmoduler: c:\program files (x86)\youtube downloader toolbar\IE\1.0\youtubedownloadertoolbarie.dll (PUP.Dealio) -> Delete on reboot. c:\program files (x86)\youtube downloader toolbar\searchsettings.dll (PUP.Dealio) -> Delete on reboot. c:\program files (x86)\youtube downloader toolbar\searchsettingsres409.dll (PUP.Dealio) -> Delete on reboot. Infekterade registernycklar: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{418D86BE-7386-4F1A-83E0-53604ADBDA74} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{A77D3539-581D-450C-9E44-A84C415A6172} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A77D3539-581D-450C-9E44-A84C415A6172} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A77D3539-581D-450C-9E44-A84C415A6172} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F31C8969-83E7-A513-2E11-CB6D1837C2CB} (Adware.PlayMP3z) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F31C8969-83E7-A513-2E11-CB6D1837C2CB} (Adware.PlayMP3z) -> Quarantined and deleted successfully. Infekterade registervärden: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\YOUTUBE DOWNLOADER TOOLBAR\SEARCHSETTINGS.DLL (PUP.Dealio) -> Value: SEARCHSETTINGS.DLL -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\YOUTUBE DOWNLOADER TOOLBAR\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Value: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} -> Quarantined and deleted successfully. Infekterade registerdataposter: (Inga illasinnade poster hittades) Infekterade mappar: c:\Users\haagesundqvist\AppData\Roaming\microsoft\Windows\start menu\Programs\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully. Infekterade filer: c:\program files (x86)\application updater\applicationupdater.exe (PUP.Dealio) -> Quarantined and deleted successfully. c:\program files (x86)\youtube downloader toolbar\IE\1.0\youtubedownloadertoolbarie.dll (PUP.Dealio) -> Quarantined and deleted successfully. c:\program files (x86)\youtube downloader toolbar\searchsettings.dll (PUP.Dealio) -> Quarantined and deleted successfully. c:\program files (x86)\youtube downloader toolbar\searchsettingsres409.dll (PUP.Dealio) -> Quarantined and deleted successfully. c:\program files (x86)\youtube downloader toolbar\searchsettings.exe (PUP.Dealio) -> Quarantined and deleted successfully. c:\Windows\SysWOW64\MSXMLM.DLL (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Windows\System32\MSXMLM.DLL (Trojan.FakeAlert) -> Quarantined and deleted successfully.
  8. Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Databasversion: 5709 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18999 2011-02-08 13:00:41 mbam-log-2011-02-08 (13-00-41).txt Skanningstyp: Snabbskanning Antal skannade objekt: 136267 Förfluten tid: 9 minut(er), 39 sekund(er) Infekterade minnesprocesser: 1 Infekterade minnesmoduler: 0 Infekterade registernycklar: 0 Infekterade registervärden: 3 Infekterade registerdataposter: 0 Infekterade mappar: 0 Infekterade filer: 2 Infekterade minnesprocesser: c:\Users\Public\nvsvc32.exe (Backdoor.Agent) -> 4000 -> Unloaded process successfully. Infekterade minnesmoduler: (Inga illasinnade poster hittades) Infekterade registernycklar: (Inga illasinnade poster hittades) Infekterade registervärden: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NVIDIA driver monitor (Backdoor.Agent) -> Value: NVIDIA driver monitor -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\NVIDIA driver monitor (Backdoor.Agent) -> Value: NVIDIA driver monitor -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\NVIDIA driver monitor (Backdoor.Agent) -> Value: NVIDIA driver monitor -> Quarantined and deleted successfully. Infekterade registerdataposter: (Inga illasinnade poster hittades) Infekterade mappar: (Inga illasinnade poster hittades) Infekterade filer: c:\Users\Public\nvsvc32.exe (Backdoor.Agent) -> Quarantined and deleted successfully. c:\Users\hp\local settings\temporary internet files\Content.IE5\1ZMPKRPH\facebook-pic0004416951102-jpg[1].exe (Backdoor.Agent) -> Quarantined and deleted successfully.
  9. Det va en fil som skickades till mig via chatten och dum som jag var så klickade jag eftersom det va en väldigt nära vän till mig så jag misstänkte inget Hittar tyvärr inget i virus programmet, der verkar som det är raderat efter viruset hade plockats bort.
  10. DDS (Ver_10-12-12.02) - NTFSx86 Run by hp at 12:11:46,46 on 2011-02-08 Internet Explorer: 8.0.6001.18999 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.46.1053.18.2039.1068 [GMT 1:00] AV: Norman Security Suite *Enabled/Updated* {D038CA80-26F3-90BF-94AA-03C4D945E661} SP: Norman Security Suite *Enabled/Updated* {6B592B64-00C9-9F31-AE1A-38B6A2C2ACDC} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norman Security Suite *Enabled* {E8034BA5-6C9C-91E7-BFF5-AAF12796A11A} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\Norman\Npm\Bin\elogsvc.exe C:\Program Files\Norman\Ngs\Bin\Nnf.exe C:\Program Files\Norman\Ngs\Bin\Nprosec.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Norman\Npm\Bin\Zanda.exe C:\Program Files\Norman\npm\bin\nvoy.exe C:\Program Files\Norman\npf\bin\npfsvc32.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\AEADISRV.EXE C:\Windows\system32\agrsmsvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Norman\Npm\Bin\Zlh.exe C:\Program Files\Norman\Nsc\Bin\NOELauncher.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Norman\Npm\Bin\scheduler.exe C:\Program Files\Norman\Npm\Bin\Njeeves.exe C:\Program Files\Norman\nsc\bin\nassvc32.exe C:\Program Files\Norman\Nse\Bin\NSESVC.EXE C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\Windows\system32\taskeng.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\Norman\Nvc\Bin\nvcoas.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Users\Public\nvsvc32.exe C:\Program Files\Norman\Nvc\Bin\Nip.exe C:\Program Files\Norman\Nvc\Bin\cclaw.exe C:\Windows\system32\conime.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Norman\npf\bin\npfuser.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\taskeng.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\hp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KEVM6B9U\dds[1].scr C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.msn.se/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [NVIDIA driver monitor] c:\users\public\nvsvc32.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Norman ZANDA] "c:\program files\norman\npm\bin\ZLH.EXE" /LOAD /SPLASH mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [NVIDIA driver monitor] c:\users\public\nvsvc32.exe mRun: [NOELauncher] c:\program files\norman\nsc\bin\noelauncher.exe /load mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Notify: igfxcui - igfxdev.dll ============= SERVICES / DRIVERS =============== R1 ALE_NF;Norman Network Filter ALE driver;c:\windows\system32\drivers\ale_nf.sys [2010-9-21 61472] R1 NGS;Norman General Security Driver;c:\program files\norman\ngs\bin\ngs.sys [2010-9-21 26744] R1 NPROSEC;Norman Security driver;c:\program files\norman\ngs\bin\nprosec.sys [2010-9-21 74144] R2 Ndiskio;Ndiskio;c:\program files\norman\nse\bin\Ndiskio.sys [2010-9-21 22880] R2 NNFSVC;Norman Network Filtering service;c:\program files\norman\ngs\bin\nnf.exe [2010-9-21 223000] R2 Norman ZANDA;Norman ZANDA;c:\program files\norman\npm\bin\Zanda.exe [2009-10-6 308408] R2 NPFSvc32;Norman Personal Firewall Service;c:\program files\norman\npf\bin\npfsvc32.exe [2010-9-21 290472] R2 NPROSECSVC;Norman Security service;c:\program files\norman\ngs\bin\nprosec.exe [2010-9-21 90656] R2 nregsec;Norman Registry Security driver;c:\program files\norman\ngs\bin\nregsec.sys [2010-9-21 40384] R2 NVOY;Norman Resource Provider;c:\program files\norman\npm\bin\nvoy.exe [2010-9-21 100336] R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-12-21 193840] R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504] R3 NASS;Norman Anti Spam Service;c:\program files\norman\nsc\bin\nassvc32.exe [2011-2-6 141000] R3 nsesvc;Norman Scanner Engine Service;c:\program files\norman\nse\bin\Nsesvc.exe [2011-1-6 288072] R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcv32mf.sys [2010-9-21 24688] R3 nvcoas;Norman Virus Control on-access component;c:\program files\norman\nvc\bin\Nvcoas.exe [2010-9-21 198168] R3 Scheduler;Norman Scheduler Service;c:\program files\norman\npm\bin\scheduler.exe [2010-9-21 99312] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Tjänsten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-30 135664] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] =============== Created Last 30 ================ 2011-02-08 07:56:48 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{cae6bdaa-6633-4915-a701-320320ebd437}\mpengine.dll 2011-01-12 18:20:20 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll 2011-01-12 18:20:20 57344 ----a-w- c:\program files\common files\system\msadc\msadcs.dll 2011-01-12 18:20:20 413696 ----a-w- c:\windows\system32\odbc32.dll 2011-01-12 18:20:20 253952 ----a-w- c:\program files\common files\system\ado\msadox.dll 2011-01-12 18:20:20 241664 ----a-w- c:\program files\common files\system\ado\msadomd.dll 2011-01-12 18:20:20 180224 ----a-w- c:\program files\common files\system\msadc\msadco.dll 2011-01-12 18:20:16 1169408 ----a-w- c:\windows\system32\sdclt.exe ==================== Find3M ==================== 2010-11-12 17:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll ============= FINISH: 12:13:21,27 =============== Attach.txt
  11. Hej Cecilia Förlåt om det lät dumt...jag vet att ni gör det på eran fritid och ni gör ett fantastiskt jobb, har fått hjälp av er innan. Så jag ber om ursäkt om det lät dumt... Va jag menar med hackad är att jag upplever min dator väldigt konstig och som om den lever ett eget liv, detta efter ett angrepp på facebook. Körde scan och det upptäckte ett virus som togs bort men jag är orolig för jag märker att det är något som är fel. Jag har internet från tele2 och har även deras säkerhetspaket. Det verkar bara vara min laptop som är konstig och den kör jag trådlöst. Säkert bara inbillning och jag vet att facebook innehåller massa skit och jag har bytt lösenord. Men jag tänkte om det kanske fanns något program eller dyl som man kan kolla med.
  12. *suck* ingen som har ett bra svar till mig?
  13. Hur vet man om datorn har blivit hackad.... ??? Finns det något bra sätt att kolla det??
×
×
  • Skapa nytt...