Explorer.exe hänger sig

[R-oosie]

Hej. Igår dök ett problem upp. Helt plötsligt hänger sig min laptop så fort jag försöker öppna "dator" eller andra mappar i utforskaren.

överlag är hela datan mycket segare än tidigare.

 

Tacksam för hjälp

 

[Laston]

Hej! Testa att skanna med Malwarebytes och se om det inte hjälper[log]Ladda ner Malwarebytes Anti-Malware (MBAM) från en av dessa länkar:

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

http://projects.securitywonks.net/projects/details.php?file=158

Dubbelklicka på mbam-setup för att installera programmet.

 

Se till i slutet av installationen att det är bockar för:

Uppdatera Malwarebytes' Anti-Malware

Starta Malwarebytes' Anti-Malware

Tryck på Slutför

Om det finns någon uppdatering så kommer den att laddas ner och installeras.

 

När programmet startar så välj "Utför snabb skanning" och tryck på Skanna.

Skanningen tar ett tag.

När den är klar så tryck på OK och sedan "Visa resultat".

Bocka för allt och tryck sedan Ta bort markerade.

När borttagningen är klar så öppnar Anteckningar med en logg.

 

Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det.

Om det blir ett felmeddelande Error loading... efter omstarten så starta om datorn än en gång.

Om programmet inte kommer igång efter omstarten så starta det.

 

Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på fliken Loggar i MBAM.

Kopiera loggen och klistra in den i ditt svar [/log]Mvh Laston

 

[R-oosie]

tack, men den hittade inget.

 

[log]Malwarebytes' Anti-Malware 1.39

Databasversion: 2531

Windows 6.0.6001 Service Pack 1

 

2009-07-30 22:04:39

mbam-log-2009-07-30 (22-04-39).txt

 

Skanningstyp: Snabb skanning

Antal skannade objekt: 117407

Förfluten tid: 4 minute(s), 29 second(s)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 0

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 0

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

(Inga illasinnade poster hittades)

 

Infekterade registervärden:

(Inga illasinnade poster hittades)

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

(Inga illasinnade poster hittades)

 

Infekterade filer:

(Inga illasinnade poster hittades)

[/log]

 

[Laston]

Hej! Ok det var ju synd att det inte var så lätt,har du installerat nåt nytt program eller nån uppdatering som kan vara orsaken?

Mvh Laston

 

[R-oosie]

nej, inte något jag kan säga på rak arm, uppdaterade VLC media player

 

dock tar dwm.exe oerhört mycket prestanda, över 60 000 kb. vet att denna används för vistas visualiseringar m.m.. men ändå oerhört mycket

 

[Laston]

Ok,du kan ju posta en HJT logga så kan jag titta om nåt ser onormalt ut där om du vill!?

[log]Vi kan se om HijackThis visar något till att börja med. Ladda ner från en av länkarna:

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

Installera, starta och välj "Do a system scan and save a logfile", kopiera loggen som kommer upp (inget annat).

 

[/log]Mvh Laston

 

[R-oosie]

sådär

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 22:24:30, on 2009-07-30

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18813)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\ASUS\SmartLogon\sensorsrv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\ASUS\Net4Switch\Net4Switch.exe

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\ATK Hotkey\HControlUser.exe

C:\Program Files\ATKOSD2\ATKOSD2.exe

C:\Windows\System32\rundll32.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Windows\AsScrPro.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\Windows\System32\ICO.EXE

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Users\Jonathan Rosén\Program Files\DNA\btdna.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\Pelmiced.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com'>http://www.asus.com'>http://www.asus.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"

O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe

O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Jonathan Rosén\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O4 - HKUS\S-1-5-18\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Default user')

O4 - Global Startup: YouTube Uploader for CASIO.lnk = C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe

O13 - Gopher Prefix:

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe

O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe

O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: ExtraFilm upload service (EFUploadSrv) - Textalk AB - C:\Program Files\ExtraFilm Designer SE\EFUploadSrv.exe

O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

 

--

End of file - 10842 bytes

[/log]

 

[Laston]

Hej! Avinstallera detta i LäggTill/TaBort program( Skräp som ställer till trassel)

Ask Toolbar

C:\Program Files\AskBarDis\

Detta är det nåt som du vet vad det är och har installerat?(finns vissa tveksamheter om det)

C:\Program Files\HOTALBUMMyBOX

 

Jag skulle dessutom byta fildelningsklient till nån bättre om jag var du,tex Utorrent

http://www.utorrent.com/downloads

Mvh Laston

 

[inlägget ändrat 2009-07-30 22:50:12 av Laston]

[R-oosie]

fan, fortfarande inte löst.. får cancer i hjärnan av det här.

 

har ett halvår kvar på garantin (a)

 

[Laston]

Såg just att du har Bonjour installerat också,även detta program har en förmåga att kunna ställa till trassel!

Du har även många autostartande program som inte behöver ligga i autostart,du kan ju gå igenom listan ta bort dom som inte behövs o se om datorn uppför sig bättre!

http://www.bleepingcomputer.com/startups/

[log]O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"

O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [sMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe

O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [MBBalloon] C:\Program Files\HOTALBUMMyBOX\MBBalloon.exe

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Jonathan Rosén\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O4 - HKUS\S-1-5-18\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Default user')

O4 - Global Startup: YouTube Uploader for CASIO.lnk = C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe[/log]Mvh Laston

 

[R-oosie]

tar tusen år att försöka lösa problemet, datan hänger sig hela tiden, aldrig varit med om att datan varit så här seg. Var helt perfekt fram till igår eftermiddag efter att mina systrar använt den. förstår inte

 

[Laston]

Ok då kör vi ett annat program som kanske kan visa vad dom hållit på med!

 

Vi kan se vad DDS visar till att börja med. Ladda ner DDS till Skrivbordet.

http://download.bleepingcomputer.com/sUBs/dds.scr

 

Starta programmet (i Vista högerklicka och Kör som administratör).

Tryck Yes/Ja på frågan om Optional Scan.

I ditt svar bifogar du de två loggarna DSS.txt och Attach.txt på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen nappen i Besvara-fönstret

Upprepa med nästa logg.

Mvh Laston

 

[R-oosie]

tack för all hjälp så här långt.

 

[log]

DDS (Ver_09-07-30.01) - NTFSx86

Run by Jonathan Ros‚n at 13:19:02,95 on 2009-07-31

Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.6.0_13

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.46.1053.18.3070.1752 [GMT 2:00]

 

AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

SP: ESET NOD32 Antivirus 3.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\rundll32.exe

C:\Program Files\ATK Hotkey\ASLDRSrv.exe

C:\Program Files\ATKGFNEX\GFNEXSrv.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\ExtraFilm Designer SE\EFUploadSrv.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\SmartLogon\sensorsrv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Program Files\ASUS\Net4Switch\Net4Switch.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\ATK Hotkey\HControlUser.exe

C:\Program Files\ATKOSD2\ATKOSD2.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\ATK Hotkey\Hcontrol.exe

C:\Program Files\ATK Hotkey\MsgTranAgt.exe

C:\Program Files\Wireless Console 2\wcourier.exe

C:\Program Files\ASUS\ATK Media\DMEDIA.EXE

C:\Program Files\ASUS\ATK Media\GPSWATCH.EXE

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files\ASUS\Splendid\ACMON.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Windows\AsScrPro.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\Windows\System32\ICO.EXE

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Windows\System32\ACEngSvr.exe

C:\Program Files\ATK Hotkey\ATKOSD.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Users\Jonathan Rosén\Program Files\DNA\btdna.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe

C:\Program Files\ATK Hotkey\KBFiltr.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\ATK Hotkey\WDC.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Jonathan Rosén\Documents\Filhämtaren\dds.scr

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.asus.com

uDefault_Page_URL = hxxp://www.asus.com

mDefault_Page_URL = hxxp://www.asus.com

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden

uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [bitTorrent DNA] "c:\users\jonathan rosén\program files\dna\btdna.exe"

uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"

mRun: [P2Go_Menu] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"

mRun: [HControlUser] "c:\program files\atk hotkey\HcontrolUser.exe"

mRun: [ATKOSD2] "c:\program files\atkosd2\ATKOSD2.exe"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [skytel] Skytel.exe

mRun: [sMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe

mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe

mRun: [ASUS Screen Saver Protector] c:\windows\AsScrPro.exe

mRun: [ASUS Camera ScreenSaver] c:\windows\AsScrProlog.exe

mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice

mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE

mRun: [Mouse Suite 98 Daemon] ICO.EXE

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

dRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

dRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\youtub~1.lnk - c:\program files\casio\youtube uploader for casio\YStart.exe

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\programs\partygaming\partypoker\RunApp.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab

Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\jonath~1\appdata\roaming\mozilla\firefox\profiles\8ls5xmsa.defaultFF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\users\jonathan rosã©n\program files\dna\plugins\npbtdna.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextensionFF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

 

============= SERVICES / DRIVERS ===============

 

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2007-11-14 30728]

R2 EFUploadSrv;ExtraFilm upload service;c:\program files\extrafilm designer se\EFUploadSrv.exe [2008-11-27 1712128]

R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2007-11-14 455936]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-12-25 44064]

S3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\drivers\CRFILTER.sys [2008-4-7 6656]

S3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [2008-12-25 16512]

S3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\PELUSBlf.SYS [2008-12-25 13184]

S3 se46bus;Sony Ericsson Device 070 driver (WDM);c:\windows\system32\drivers\se46bus.sys [2009-2-1 61536]

S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;c:\windows\system32\drivers\se46mdfl.sys [2009-2-1 9360]

S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;c:\windows\system32\drivers\se46mdm.sys [2009-2-1 97088]

S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\se46mgmt.sys [2009-2-1 88624]

S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);c:\windows\system32\drivers\se46nd5.sys [2009-2-1 18704]

S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;c:\windows\system32\drivers\se46obex.sys [2009-2-1 86432]

S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);c:\windows\system32\drivers\se46unic.sys [2009-2-1 90800]

 

=============== Created Last 30 ================

 

2009-07-30 22:24 <DIR> --d----- c:\program files\Trend Micro

2009-07-30 21:57 <DIR> --d----- c:\users\jonath~1\appdata\roaming\Malwarebytes

2009-07-30 21:57 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys

2009-07-30 21:57 19,096 a------- c:\windows\system32\drivers\mbam.sys

2009-07-30 21:57 <DIR> --d----- c:\programdata\Malwarebytes

2009-07-30 21:57 <DIR> --d----- c:\progra~2\Malwarebytes

2009-07-30 21:57 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware

2009-07-30 11:07 <DIR> --d----- c:\programdata\WindowsSearch

2009-07-30 11:00 <DIR> --d----- c:\users\jonathan rosén\.housecall6.6

2009-07-28 17:19 <DIR> --d----- c:\program files\uTorrent

2009-07-27 23:46 <DIR> --d----- c:\program files\iPod

2009-07-27 23:46 <DIR> --d----- c:\program files\iTunes

2009-07-26 18:00 156,672 a------- c:\windows\system32\t2embed.dll

2009-07-26 18:00 72,704 a------- c:\windows\system32\fontsub.dll

2009-07-26 18:00 289,792 a------- c:\windows\system32\atmfd.dll

2009-07-26 18:00 10,240 a------- c:\windows\system32\dciman32.dll

 

==================== Find3M ====================

 

2009-07-31 13:19 1,835,008 a--sh--- c:\users\jonathan rosén\NTUSER.DAT

2009-07-31 13:16 635,644 a------- c:\windows\system32\perfh01D.dat

2009-07-31 13:16 136,178 a------- c:\windows\system32\perfc01D.dat

2009-07-31 10:38 151,534 a------- c:\programdata\nvModes.dat

2009-07-31 10:38 151,534 a------- c:\progra~2\nvModes.dat

2009-07-30 22:53 45,056 a------- c:\windows\system32\acovcnt.exe

2009-07-27 23:44 86,016 a------- c:\windows\inf\infstrng.dat

2009-07-27 23:44 51,200 a------- c:\windows\inf\infpub.dat

2009-07-21 23:52 915,456 a------- c:\windows\system32\wininet.dll

2009-07-21 23:47 109,056 a------- c:\windows\system32\iesysprep.dll

2009-07-21 23:47 71,680 a------- c:\windows\system32\iesetup.dll

2009-07-21 22:13 133,632 a------- c:\windows\system32\ieUnatt.exe

2009-06-10 00:11 86,016 a------- c:\windows\inf\infstor.dat

2009-06-05 11:42 2,060,288 a------- c:\windows\system32\usbaaplrc.dll

2009-06-05 11:42 39,424 a------- c:\windows\system32\drivers\usbaapl.sys

2009-05-13 15:20 410,984 a------- c:\windows\system32\deploytk.dll

2008-12-25 23:34 665,600 a------- c:\windows\inf\drvindex.dat

2008-04-29 08:11 290,490 a------- c:\windows\inf\perflib\041d\perfi.dat

2008-04-29 08:11 290,490 a------- c:\windows\inf\perflib\041d\perfh.dat

2008-04-29 08:11 35,978 a------- c:\windows\inf\perflib\041d\perfd.dat

2008-04-29 08:11 35,978 a------- c:\windows\inf\perflib\041d\perfc.dat

2008-01-21 04:43 174 a--sh--- c:\program files\desktop.ini

2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

 

============= FINISH: 13:19:50,70 ===============

[/log]

 

[log]

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_09-07-30.01)

 

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 2008-12-25 21:57:39

System Uptime: 2009-07-31 13:09:32 (0 hours ago)

 

Motherboard: ASUSTeK Computer Inc. | | F5GL

Processor: Intel® Pentium® Dual CPU T3200 @ 2.00GHz | Socket 478 | 2000/167mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 173 GiB total, 43,339 GiB free.

D: is FIXED (NTFS) - 115 GiB total, 113,804 GiB free.

E: is CDROM (UDF)

F: is CDROM ()

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

 

==== Installed Programs ======================

 

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 8.1.3

Adobe Shockwave Player 11.5

Adobe® Photoshop® Album Starter Edition 3.0

Apple Mobile Device Support

Apple Software Update

ASUS InstantFun

ASUS LifeFrame3

ASUS Live Update

ASUS MultiFrame

ASUS Power4Gear eXtreme

ASUS SmartLogon

ASUS Splendid Video Enhancement Technology

ASUS Virtual Camera

Asus_Camera_ScreenSaver

Atheros Client Installation Program

ATK Generic Function Service

ATK Hotkey

ATK Media

ATKOSD2

AviSynth 2.5

Battlefield 2142

bwin Poker (remove only)

Casino Action

CCleaner (remove only)

Choice Guard

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

CyberLink LabelPrint

CyberLink Power2Go

DNA

Dolby Control Center

EA Download Manager

ESET NOD32 Antivirus

Express Gate

ExtraFilm Designer SE

Football Manager 2009

GameSpy Comrade

Google Toolbar for Internet Explorer

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

ImTOO 3GP Video Converter

iTunes

Java 6 Update 13

Junk Mail filter update

LightScribe System Software 1.14.17.1

LimeWire 5.1.2

Malwarebytes' Anti-Malware

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB929729)

Microsoft .NET Framework 3.5 Language Pack SP1 - sve

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel 2007 Help Uppdatering (KB963678)

Microsoft Office Excel MUI (Swedish) 2007

Microsoft Office Home and Student 2007

Microsoft Office Live Add-in 1.3

Microsoft Office OneNote MUI (Swedish) 2007

Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669)

Microsoft Office PowerPoint MUI (Swedish) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Finnish) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Swedish) 2007

Microsoft Office Proofing (Swedish) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (Swedish) 2007

Microsoft Office Word 2007 Help Uppdatering (KB963665)

Microsoft Office Word MUI (Swedish) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft WSE 3.0 Runtime

MobileMe Control Panel

Motorola SM56 Speakerphone Modem

Mouse Suite

Mozilla Firefox (3.0.12)

MSVCRT

Multimedia Card Reader

NB Probe

Net4Switch

NVIDIA Drivers

OGA Notifier 1.7.0105.35.0

PartyPoker

Photo Transport

PowerISO

QuickTime

Realtek High Definition Audio Driver

Safari

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB969679)

Security Update for Microsoft Office Excel 2007 (KB969682)

Security Update for Microsoft Office PowerPoint 2007 (KB957789)

Security Update for Microsoft Office system 2007 (KB969613)

Security Update for Microsoft Office Word 2007 (KB969604)

Spelling Dictionaries Support For Adobe Reader 8

Spotify

Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve

Svenska Spels Poker

Synaptics Pointing Device Driver

The Sims™ 3

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

USB 2.0 1.3M UVC WebCam

Videora iPod Converter 0.90

Windows Live Communications Platform

Windows Live Essentials

Windows Live inloggningsassistenten

Windows Live Mail

Windows Live Messenger

Windows Live Upload Tool

Windows Live Writer

Windows Media Player Firefox Plugin

WinFlash

WinRAR archiver

Wireless Console 2

VLC media player 0.9.9

YouTube Uploader for CASIO

 

==== End Of File ===========================

[/log]

 

[Laston]

Hej! Varsegod,din dator är visst infekterad med en otrevlig Backdoor Trojan iallafall( Du får nog byta alla lösenord när vi är färdiga för säkerhets skull)

Använd inte datorn till annat förrän vi är färdiga!![log]Ladda ner ComboFix till Skrivbordet:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram men lämna brandväggen på.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

Kör ComboFix och följ anvisningarna som visas.

Om det kommer upp en fråga om du vill installera återställningskonsolen så svara ja.

 

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när den körs annars kan den hänga upp sig.

 

När den är färdig så ska en logg komma upp, bifoga den till ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet.

 

I ditt svar bifogar du ComboFix-loggen på detta sätt:

Tryck på LOG-knappen i Besvara-fönstret

Klistra in loggen

Tryck igen på LOG-knappen

 

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.

 

Varning! ComboFix förhindrar automatisk körning av CD, disketter och USB-enheter för att göra det lättare att rensa datorn och skydda datorn mot infektioner i framtiden. Det kan bli problem t ex om datorn har internet via ett USB-modem eller USB-nätverkskort. Säg då till i stället för att köra ComboFix.

[/log]Mvh Laston

 

[R-oosie]

hej

 

[log]ComboFix 09-07-29.04 - Jonathan Rosén 2009-07-31 16:16.1.2 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.46.1053.18.3070.2014 [GMT 2:00]

Running from: c:\users\Jonathan Rosén\Documents\Filhämtaren\ComboFix.exe

AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

SP: ESET NOD32 Antivirus 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\$recycle.bin\S-1-5-21-3509104675-2053979154-23683574-500

c:\windows\Installer\297f0b.msi

c:\windows\Installer\78fd3.msi

c:\windows\system32\acovcnt.exe

 

.

((((((((((((((((((((((((( Files Created from 2009-06-28 to 2009-07-31 )))))))))))))))))))))))))))))))

.

 

2009-07-31 14:21 . 2009-07-31 14:21 -------- d-----w- c:\users\N1\AppData\Local\temp

2009-07-31 14:21 . 2009-07-31 14:21 -------- d-----w- c:\users\Karin\AppData\Local\temp

2009-07-31 14:21 . 2009-07-31 14:21 -------- d-----w- c:\users\Filippa\AppData\Local\temp

2009-07-31 14:21 . 2009-07-31 14:21 -------- d-----w- c:\users\Elin\AppData\Local\temp

2009-07-31 14:21 . 2009-07-31 14:21 -------- d-----w- c:\users\Djamel\AppData\Local\temp

2009-07-30 20:24 . 2009-07-30 20:24 -------- d-----w- c:\program files\Trend Micro

2009-07-30 19:57 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-07-30 19:57 . 2009-07-30 19:57 -------- d-----w- c:\programdata\Malwarebytes

2009-07-30 19:57 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-07-30 19:57 . 2009-07-30 19:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-07-30 09:07 . 2009-07-30 09:07 -------- d-----w- c:\programdata\WindowsSearch

2009-07-28 15:19 . 2009-07-28 15:19 -------- d-----w- c:\program files\uTorrent

2009-07-28 15:16 . 2009-07-29 15:41 -------- d-----w- c:\users\N1\AppData\Roaming\uTorrent

2009-07-27 22:56 . 2009-07-27 22:59 -------- d-----w- c:\users\N1\AppData\Roaming\vlc

2009-07-27 22:39 . 2009-07-28 15:12 -------- d-----w- c:\users\N1\AppData\Roaming\BitTorrent

2009-07-27 22:29 . 2009-07-27 22:29 -------- d-----w- c:\users\N1\AppData\Local\Mozilla

2009-07-27 22:27 . 2009-07-27 22:27 -------- d-----w- c:\users\N1\AppData\Local\Google

2009-07-27 22:27 . 2009-07-27 22:27 -------- d-----w- c:\users\N1\AppData\Local\Apple Computer

2009-07-27 22:27 . 2009-07-27 22:27 62992 ----a-w- c:\users\N1\AppData\Local\GDIPFONTCACHEV1.DAT

2009-07-27 22:27 . 2009-07-27 22:27 -------- d-----w- c:\users\N1\AppData\Local\Power2Go

2009-07-27 21:46 . 2009-07-27 21:46 -------- d-----w- c:\program files\iPod

2009-07-27 21:46 . 2009-07-27 21:47 -------- d-----w- c:\program files\iTunes

2009-07-27 21:42 . 2009-07-27 21:42 75040 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe

2009-07-26 16:00 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll

2009-07-26 16:00 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll

2009-07-26 16:00 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll

2009-07-26 16:00 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll

2009-07-20 07:38 . 2009-07-20 07:38 680 ----a-w- c:\users\Djamel\AppData\Local\d3d9caps.dat

2009-07-16 19:18 . 2009-07-16 20:50 -------- d-----w- c:\users\Elin\AppData\Roaming\dvdcss

2009-07-14 16:27 . 2009-07-14 16:27 -------- d-----w- c:\users\Djamel\AppData\Local\Apple

2009-07-11 15:48 . 2009-07-11 15:48 -------- d-----w- c:\users\Djamel\AppData\Roaming\Sports Interactive

2009-07-11 15:27 . 2009-07-14 08:23 -------- d-----w- c:\users\Djamel\AppData\Local\Microsoft Games

2009-07-10 20:51 . 2009-07-10 20:51 -------- d-----w- c:\users\Filippa\AppData\Roaming\Apple Computer

2009-07-04 16:50 . 2009-07-04 16:50 -------- d-----w- c:\users\Filippa\AppData\Roaming\vlc

2009-07-04 16:49 . 2009-07-07 18:39 -------- d-----w- c:\users\Filippa\AppData\Roaming\dvdcss

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-07-31 14:04 . 2008-04-29 06:11 635644 ----a-w- c:\windows\system32\perfh01D.dat

2009-07-31 14:04 . 2008-04-29 06:11 136178 ----a-w- c:\windows\system32\perfc01D.dat

2009-07-31 14:00 . 2008-12-25 21:41 151844 ----a-w- c:\programdata\nvModes.dat

2009-07-31 13:34 . 2008-04-29 05:18 12 ----a-w- c:\windows\bthservsdp.dat

2009-07-31 12:20 . 2009-06-08 22:59 -------- d-----w- c:\program files\Microsoft Silverlight

2009-07-30 20:45 . 2008-12-25 13:19 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-07-30 20:43 . 2009-03-01 20:48 -------- d-----w- c:\program files\HOTALBUMMyBOX

2009-07-30 20:41 . 2009-03-01 20:41 -------- d-----w- c:\program files\CASIO

2009-07-30 07:02 . 2009-06-14 14:02 680 ----a-w- c:\users\Elin\AppData\Local\d3d9caps.dat

2009-07-27 22:59 . 2009-07-27 22:56 -------- d-----w- c:\users\N1\AppData\Roaming\vlc

2009-07-27 21:49 . 2009-03-15 14:34 -------- d-----w- c:\program files\Safari

2009-07-27 21:46 . 2008-12-25 14:36 -------- d-----w- c:\program files\Common Files\Apple

2009-07-27 07:06 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-07-21 21:52 . 2009-07-29 06:30 915456 ----a-w- c:\windows\system32\wininet.dll

2009-07-21 21:47 . 2009-07-29 06:30 109056 ----a-w- c:\windows\system32\iesysprep.dll

2009-07-21 21:47 . 2009-07-29 06:30 71680 ----a-w- c:\windows\system32\iesetup.dll

2009-07-21 20:13 . 2009-07-29 06:30 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-07-04 16:50 . 2009-07-04 16:50 -------- d-----w- c:\users\Filippa\AppData\Roaming\vlc

2009-06-29 07:45 . 2008-12-26 08:58 62992 ----a-w- c:\users\Karin\AppData\Local\GDIPFONTCACHEV1.DAT

2009-06-18 07:02 . 2008-12-25 16:00 62992 ----a-w- c:\users\Djamel\AppData\Local\GDIPFONTCACHEV1.DAT

2009-06-17 15:56 . 2009-06-17 15:56 135168 ----a-w- c:\programdata\MGS\cache\c\cashanovagetlucky_temp.b71b6ce6d93f57e6e8d79f64bfda39ca.dll

2009-06-17 15:56 . 2009-06-17 15:56 159744 ----a-w- c:\programdata\MGS\cache\c\cashanovagetlucky.70edc0ef64acff9d67d53ba965b991b4.dll

2009-06-17 15:56 . 2009-06-17 15:56 434448 ----a-w- c:\programdata\MGS\cache\c\cashanovafreerangebonus.c80646018f801b82af1a85ac0f07ba46.dll

2009-06-17 15:55 . 2009-06-17 15:55 217360 ----a-w- c:\programdata\MGS\cache\c\cashanovafreerangebonus_temp.598336f9707e832cab943342026367f4.dll

2009-06-17 15:54 . 2009-06-17 15:54 303376 ----a-w- c:\programdata\MGS\cache\m\mermaidsmillions.9379e4aac1e4731bf7922c8c2544bd7a.dll

2009-06-17 15:54 . 2009-06-17 15:54 295184 ----a-w- c:\programdata\MGS\cache\m\mermaidsmillionsxxx.85e8ee4057b7c3d431514729821caee1.dll

2009-06-17 15:54 . 2009-06-17 15:54 119056 ----a-w- c:\programdata\MGS\cache\m\mermaidsbonus.f520937c2ec436ae80b67d9c967dd3f6.dll

2009-06-17 15:51 . 2009-06-17 15:51 131344 ----a-w- c:\programdata\MGS\cache\b\bonus_threereel_types_1_2.19c24a05687d90864e9a9de516d92124.dll

2009-06-17 15:51 . 2009-06-17 15:51 45056 ----a-w- c:\programdata\MGS\cache\w\wheelofwealthbonus.273ed6671a16c67a5d50ecde6a66097a.dll

2009-06-17 15:49 . 2009-06-17 15:49 155648 ----a-w- c:\programdata\MGS\cache\b\bonuspaigowpoker.7a255497429caa23df774f47d3465136.dll

2009-06-17 15:49 . 2009-06-17 15:49 385024 ----a-w- c:\programdata\MGS\cache\b\bonusblackjack.dab6343a296b066bd5fe18d7c7d9940f.dll

2009-06-17 15:49 . 2009-06-17 15:49 446736 ----a-w- c:\programdata\MGS\cache\h\hilowbonus.ecf70c1bd892c000f22ce30d5b0ba784.dll

2009-06-17 15:49 . 2009-06-17 15:49 483600 ----a-w- c:\programdata\MGS\cache\h\hilowbonus_tggg.10cdcb3e64c301c60db4d11d2d7781a4.dll

2009-06-17 15:48 . 2009-06-17 15:48 958464 ----a-w- c:\programdata\MGS\cache\h\hilowbonus_flightzone.1173d08d2670eede892e3adf07022f08.dll

2009-06-17 15:43 . 2009-06-17 15:43 594192 ----a-w- c:\programdata\MGS\cache\s\snakesandladdersbonus.1b7d7437b87cc53b7a00c4efd2db679d.dll

2009-06-17 15:43 . 2009-06-17 15:43 57344 ----a-w- c:\programdata\MGS\cache\v\volcanobonusgame.1f5cd5f4b800bd1a6e740e08a3119e10.dll

2009-06-17 15:43 . 2009-06-17 15:43 61440 ----a-w- c:\programdata\MGS\cache\t\tikimaskbonusgame.0dc1c149f619ef0a72aacd3abdeb0dfb.dll

2009-06-17 15:42 . 2009-06-17 15:42 213089 ----a-w- c:\programdata\MGS\cache\b\bigkahuna.769fd4a48b95c8614a738f1cad88bcd5.dll

2009-06-17 15:41 . 2009-06-17 15:41 430352 ----a-w- c:\programdata\MGS\cache\s\simplepickxofyskillbonus.8d56aeea91f0d0bbdf41c578fbf38496.dll

2009-06-17 15:37 . 2009-06-17 15:37 376832 ----a-w- c:\programdata\MGS\cache\a\atlanticcityblackjack.9baef784fe666fb9d90dc331d0239eed.dll

2009-06-17 15:34 . 2009-06-17 15:34 233744 ----a-w- c:\programdata\MGS\cache\s\simplepickuntilbonus_temp.b6b7e588aedb05fa062fb8447406bca9.dll

2009-06-17 15:34 . 2009-06-17 15:34 495888 ----a-w- c:\programdata\MGS\cache\s\simplepickuntilbonus.aa7eb4e3b4774e5cad0d4f8562ca860d.dll

2009-06-17 15:34 . 2009-06-17 15:34 561424 ----a-w- c:\programdata\MGS\cache\s\simplepickuntilbonus_tggg.ca9a61a09a35dc0843cc68f532694746.dll

2009-06-17 15:34 . 2009-06-17 15:34 1056768 ----a-w- c:\programdata\MGS\cache\s\simplepickuntilbonus_flightzone.1f65e9ffaab494fa7dea6b149ec7a671.dll

2009-06-17 15:34 . 2009-06-17 15:34 204905 ----a-w- c:\programdata\MGS\cache\t\thunderstruck.0cc1be68d215832fa06fc779c0b3e069.dll

2009-06-17 15:33 . 2009-06-17 15:33 139264 ----a-w- c:\programdata\MGS\cache\l\levelupvideopokerplugin.d3ee60c36507413ca9ab67247eac5288.dll

2009-06-17 15:33 . 2009-06-17 15:33 114688 ----a-w- c:\programdata\MGS\cache\l\levelupvideopokergambleplugin.d65fe35ffb2e6dc1b9ea46def3db39dc.dll

2009-06-17 15:33 . 2009-06-17 15:33 290941 ----a-w- c:\programdata\MGS\cache\l\levelupvideopokerxxx.0d52d2ac00db83d9b97c99592ee3aa21.dll

2009-06-17 15:33 . 2009-06-17 15:33 237840 ----a-w- c:\programdata\MGS\cache\p\powerpokersuite1_nl.cebfe8812d984716506c6d9d096a5f48.dll

2009-06-17 15:33 . 2009-06-17 15:33 217360 ----a-w- c:\programdata\MGS\cache\v\videopokersuite1.03dd648f567bef124a1d270ad208752a.dll

2009-06-17 15:32 . 2009-06-17 15:32 114960 ----a-w- c:\programdata\MGS\cache\t\type_5reelnormal3_4_5.07db0a5618a0565d7bde7a2766c54711.dll

2009-06-17 15:32 . 2009-06-17 15:32 200704 ----a-w- c:\programdata\MGS\cache\3\3cardpoker.8e73a522a397f174eb628d05f72f1f40.dll

2009-06-17 15:25 . 2009-06-17 15:25 32768 ----a-w- c:\programdata\MGS\cache\_\_crt_keno.ed975aa9c9bb5e5ec89c8ffeee254e8a.dll

2009-06-17 15:25 . 2009-06-17 15:25 303204 ----a-w- c:\programdata\MGS\cache\m\mpvblackjackplugin.49e5f42fbdf0e1e2df5232e5ea419897.dll

2009-06-17 15:24 . 2009-06-17 15:24 311398 ----a-w- c:\programdata\MGS\cache\m\mpvblackjacktourxxx.e4ccb563efd75763602af7373fbd8cec.dll

2009-06-17 15:24 . 2009-06-17 15:24 327784 ----a-w- c:\programdata\MGS\cache\m\mpvtabletournamentlobby.fea1be7b63b308e9fdb6e8d4bd356052.dll

2009-06-17 15:23 . 2009-06-17 15:23 213264 ----a-w- c:\programdata\MGS\cache\c\choosebonus.df815bbfb8ae7a29a353f0ae65e4af17.dll

2009-06-17 15:21 . 2009-06-17 15:21 323856 ----a-w- c:\programdata\MGS\cache\h\hitmancontractbonus.339a969d902930975b3194643e289fc9.dll

2009-06-17 15:19 . 2009-06-17 15:19 499984 ----a-w- c:\programdata\MGS\cache\s\simplepickxofybonus.4968e33b858e6c30beb0ac4b11a9c459.dll

2009-06-17 15:19 . 2009-06-17 15:19 1032192 ----a-w- c:\programdata\MGS\cache\s\simplepickxofybonus_flightzone.4d281f29a7152da50722695b99821fe6.dll

2009-06-17 15:19 . 2009-06-17 15:19 508176 ----a-w- c:\programdata\MGS\cache\s\simplepickxofybonus_temp.556fffdfd1bc700038c0a1370a1eb004.dll

2009-06-17 15:19 . 2009-06-17 15:19 524560 ----a-w- c:\programdata\MGS\cache\s\simplepickxofybonus_tggg.f8ba0ccac248b6026b2705996790640a.dll

2009-06-17 15:17 . 2009-06-17 15:17 655360 ----a-w- c:\programdata\MGS\cache\t\transition_flightzone.2d8aa10da872f1ac4a34a2122bf3c4b2.dll

2009-06-17 15:16 . 2009-06-17 15:16 110864 ----a-w- c:\programdata\MGS\cache\t\type_3reelnormal1_2.6d58a1bcaf1d9165fa0b77fa9598b623.dll

2009-06-17 15:16 . 2009-06-17 15:08 -------- d-----w- c:\programdata\MGS

2009-06-17 15:08 . 2009-06-17 15:08 -------- d-----w- c:\programdata\Microgaming

2009-06-16 18:37 . 2008-12-26 13:18 62992 ----a-w- c:\users\Filippa\AppData\Local\GDIPFONTCACHEV1.DAT

2009-06-16 15:59 . 2008-12-25 17:47 62992 ----a-w- c:\users\Elin\AppData\Local\GDIPFONTCACHEV1.DAT

2009-06-13 14:52 . 2009-06-13 14:52 -------- d-----w- c:\programdata\Electronic Arts

2009-06-13 14:51 . 2008-12-25 20:05 -------- d-----w- c:\program files\Electronic Arts

2009-06-13 14:50 . 2009-06-13 14:50 10134 ----a-r- c:\users\Elin\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

2009-06-13 14:50 . 2009-06-13 14:50 -------- d-----w- c:\program files\Microsoft WSE

2009-06-12 18:43 . 2009-06-12 18:43 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbD98.tmp.exe

2009-06-12 17:33 . 2009-06-12 17:34 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbA4E7.tmp.exe

2009-06-12 06:00 . 2008-12-25 14:51 -------- d-----w- c:\programdata\Microsoft Help

2009-06-09 22:14 . 2009-06-09 22:14 -------- d-----w- c:\program files\QuickTime

2009-06-06 08:14 . 2008-12-25 14:55 -------- d-----w- c:\program files\Microsoft Works

2009-06-05 09:42 . 2009-06-05 09:42 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2009-06-05 09:42 . 2009-06-05 09:42 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll

2009-05-13 13:20 . 2009-01-15 23:08 410984 ----a-w- c:\windows\system32\deploytk.dll

2009-07-28 10:28 . 2008-12-25 14:21 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]

"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

"BitTorrent DNA"="c:\users\Jonathan Rosén\Program Files\DNA\btdna.exe" [2009-03-17 321344]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-09 39408]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-18 104936]

"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]

"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-11 98304]

"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-25 13548064]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-25 92704]

"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-08-28 655360]

"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-17 102400]

"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2008-12-25 3054136]

"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2008-12-25 47672]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-11-14 1410304]

"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-11-02 167936]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-13 177472]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-13 148888]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]

"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-08-12 6265376]

"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2008-08-12 1833504]

"Mouse Suite 98 Daemon"="ICO.EXE" - c:\windows\System32\ICO.EXE [2006-11-03 49152]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

 

c:\programdata\Microsoft\Windows\Start Menu\Programs\StartupYouTube Uploader for CASIO.lnk - c:\program files\CASIO\YouTube Uploader for CASIO\YStart.exe [2007-6-11 79488]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{EB427A75-C6BB-49DB-9C8F-D2C3FD561ADA}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{DF350759-9225-445B-91F1-82843A6C9FA6}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{EE31F627-7AB8-476B-AEA4-F8A9EB5418A6}"= UDP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009

"{96579AF8-848B-469D-8044-FDA5206FCCD3}"= TCP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009

"{55288098-AA6F-48BF-A714-18FEDBC18B0E}"= UDP:c:\program files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2

"{7A99FD48-4D67-49D9-AAA3-914336613393}"= TCP:c:\program files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2

"TCP Query User{0E808C34-69B1-41DA-A1CD-1B15614BD161}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent

"UDP Query User{9918D4A4-4427-42EC-87A4-E4555F9F73D7}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent

"TCP Query User{F7B099FB-02D5-40D9-92E0-AAEE5161BE49}c:\\program files\\spotify\\spotify.exe"= UDP:c:\program files\spotify\spotify.exe:Spotify

"UDP Query User{3CA70AAC-4ADC-4016-9A6C-CDD9A98E8B80}c:\\program files\\spotify\\spotify.exe"= TCP:c:\program files\spotify\spotify.exe:Spotify

"TCP Query User{E8A1C318-2796-4B3F-877D-704AB1955F0E}c:\\program files\\spotify\\spotify.exe"= UDP:c:\program files\spotify\spotify.exe:Spotify

"UDP Query User{4B6A2AD0-5FEA-4B7C-BFBC-309591E2C209}c:\\program files\\spotify\\spotify.exe"= TCP:c:\program files\spotify\spotify.exe:Spotify

"TCP Query User{CD270E1B-C411-450F-B8DB-A9E3ECC31E6B}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus

"UDP Query User{2859B19E-6D05-436B-8102-593939AF78DE}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus

"{A0F3C4FB-98A7-43DA-A310-484D30EFA28D}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{7750FC6A-2617-4AD1-9BFD-A67C93F43CE7}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"TCP Query User{65246A2F-1968-4417-A1E7-D8C8BFE2160B}c:\\program files\\burst\\core-new1.1.3\\btdownloadheadless.exe"= UDP:c:\program files\burst\core-new1.1.3\btdownloadheadless.exe:burst! download engine

"UDP Query User{D60158BD-D835-46D8-9E71-1247333A83BF}c:\\program files\\burst\\core-new1.1.3\\btdownloadheadless.exe"= TCP:c:\program files\burst\core-new1.1.3\btdownloadheadless.exe:burst! download engine

"{FA792E1D-67B9-41E5-9037-EFF4A1633097}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)

"{8325ED7D-567A-4752-BD76-72ED174DE9B2}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)

"TCP Query User{A8F58B0C-13EA-43E8-AF39-1AA915EA39C0}c:\\users\\jonathan rosén\\program files\\dna\\btdna.exe"= UDP:c:\users\jonathan rosén\program files\dna\btdna.exe:btdna.exe

"UDP Query User{CEB0BE8A-0C94-443D-BB8A-51DADD222C39}c:\\users\\jonathan rosén\\program files\\dna\\btdna.exe"= TCP:c:\users\jonathan rosén\program files\dna\btdna.exe:btdna.exe

"TCP Query User{A68DC96B-6ADF-4B6C-8BE5-CCC8F9329FA9}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent

"UDP Query User{0139042E-6AB1-4BD8-BA26-605EC361A24F}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent

"TCP Query User{F0FD0949-744D-4133-B0FE-5E2748BF6001}c:\\users\\jonathan rosén\\program files\\dna\\btdna.exe"= UDP:c:\users\jonathan rosén\program files\dna\btdna.exe:btdna.exe

"UDP Query User{2BD7D02E-3423-43B3-91AC-2DCC79D6310B}c:\\users\\jonathan rosén\\program files\\dna\\btdna.exe"= TCP:c:\users\jonathan rosén\program files\dna\btdna.exe:btdna.exe

"TCP Query User{043C4E56-EA91-441A-AE32-A7A8B7928072}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client

"UDP Query User{C9100DFD-8466-4BC5-8DF8-9C7CF39354B2}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client

"TCP Query User{3D17D350-D8FA-4452-961B-19550F4EAB8B}c:\\users\\jonathan rosén\\documents\\filhämtaren\\utorrent(2).exe"= UDP:c:\users\jonathan rosén\documents\filhämtaren\utorrent(2).exe:utorrent(2).exe

"UDP Query User{182389B7-D422-4724-AC56-59DE07EB0E8E}c:\\users\\jonathan rosén\\documents\\filhämtaren\\utorrent(2).exe"= TCP:c:\users\jonathan rosén\documents\filhämtaren\utorrent(2).exe:utorrent(2).exe

"{D4BBC47A-A97C-420C-AAB9-C225331BA66F}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire

"{020B4DDA-7AD6-4B85-8556-10C7091C3186}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire

"TCP Query User{9F12D3E7-7EB7-4B6D-BA7A-CC99DDC22FCB}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire

"UDP Query User{3AF5BE2B-E8D9-4BA4-8691-3FC217005F3F}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire

"{40AE9F65-3DAF-4849-BCFB-17B747A40A78}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes

"{B7343E49-0094-4FA0-A87F-BF1B7A78DE00}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

"{C190B8C8-0414-436C-83F2-F59840A073C9}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes

"{D8D038AF-E1FA-41F5-AAFA-D9A420892932}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

"{E472A89C-2F41-4F3F-BDDE-15E2AE8D3959}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent

"{19137BF2-13E4-4281-AE53-CC4F8261F7B4}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent

"{3941139F-42EA-4F51-A2D3-D49DB5EDC492}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)

"{09DE584E-3307-4F47-96D6-38FBBB7C3910}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

"TCP Query User{4AC31EF9-96FD-45F8-BFE5-DB7C09AD90CB}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent

"UDP Query User{4465EDFA-B136-4C85-8A9C-400B61B86A1D}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

 

R1 epfwtdir;epfwtdir;c:\windows\System32\drivers\epfwtdir.sys [2007-11-14 30728]

R2 EFUploadSrv;ExtraFilm upload service;c:\program files\ExtraFilm Designer SE\EFUploadSrv.exe [2008-11-27 1712128]

R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-11-14 455936]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [2008-12-25 44064]

S3 CRFILTER;USB Mass Storage Filter;c:\windows\System32\drivers\CRFILTER.sys [2008-04-07 6656]

S3 pelmouse;Mouse Suite Driver;c:\windows\System32\drivers\PELMOUSE.SYS [2008-12-25 16512]

S3 pelusblf;USB Mouse Low Filter Driver;c:\windows\System32\drivers\PELUSBlf.SYS [2008-12-25 13184]

S3 se46bus;Sony Ericsson Device 070 driver (WDM);c:\windows\System32\drivers\se46bus.sys [2009-02-01 61536]

S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;c:\windows\System32\drivers\se46mdfl.sys [2009-02-01 9360]

S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;c:\windows\System32\drivers\se46mdm.sys [2009-02-01 97088]

S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\se46mgmt.sys [2009-02-01 88624]

S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);c:\windows\System32\drivers\se46nd5.sys [2009-02-01 18704]

S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;c:\windows\System32\drivers\se46obex.sys [2009-02-01 86432]

S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);c:\windows\System32\drivers\se46unic.sys [2009-02-01 90800]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

"c:\program files\Common Files\LightScribe\LSRunOnce.exe"

.

Contents of the 'Scheduled Tasks' folder

 

2009-07-31 c:\windows\Tasks\User_Feed_Synchronization-{2A7E5059-7C0E-472D-AD25-79FC471BAD61}.job

- c:\windows\system32\msfeedssync.exe [2009-07-29 20:13]

 

2009-07-31 c:\windows\Tasks\User_Feed_Synchronization-{3967F2F9-F3B2-4E11-8947-8EB0A24E6821}.job

- c:\windows\system32\msfeedssync.exe [2009-07-29 20:13]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.asus.com

IE: E&xportera till Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab

FF - ProfilePath - c:\users\Jonathan Rosén\AppData\Roaming\Mozilla\Firefox\Profiles\8ls5xmsa.defaultFF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-07-31 16:21

Windows 6.0.6001 Service Pack 1 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Completion time: 2009-07-31 16:23

ComboFix-quarantined-files.txt 2009-07-31 14:23

 

Pre-Run: 47 244 308 480 byte ledigt

Post-Run: 48 334 233 600 byte ledigt

 

306 --- E O F --- 2009-07-31 12:11

[/log]

 

[Laston]

Hej! Sådär så fick vi bort den elakingen iallafall:)

Kör ATF cleaner och starta sen om datorn och berätta hur den uppför sig nu![log]Ladda ner ATF-Cleaner på Skrivbordet:

 

http://www.atribune.org/ccount/click.php?id=1

 

Stäng av alla andra program, särskilt webbläsare.

Dubbelklicka på ATF-Cleaner.exe för att starta programmet.

Bocka i Select All. Tryck på Empty Selected.

 

Om du använder Firefox: Tryck på Firefox och välj Select All. Tryck på Empty Selected. Om du vill ha kvar dina lösenord så tryck No vid frågan.

 

Om du använder Opera: Tryck på Opera och välj Select All. Tryck på Empty Selected. Om du vill ha kvar dina lösenord så tryck No vid frågan.

 

Tryck på Exit i Main-menyn för att stänga programmet.

 

Obs! Detta kommer att ta bort alla cookies, om du har cookies som du vill ha kvar så får du antingen spara undan dem innan eller låta bli att välja Select All och i stället markera allt annat.

[/log]Mvh Laston

 

[R-oosie]

den mår mycket bättre nu.

 

tack för all hjälp

 

[Laston]

Härligt,bra jobbat:)

[log]Nedanstående verktyg har förmågan att kunna ta bort/deleta filer/mappar/genvägar från de fix-program som vi har använt oss av (Dock ej TM HJT).

 

Skriv ut eller kopiera nedanstående till ett textdokument och spara det till skrivbordet:

Läs/Följ Instruktionerna noga:

 

Hämta hem avinstallationsprogrammet OTCleanIt:

 

http://oldtimer.geekstogo.com/OTC.exe

 

1: Spara ner den till skrivbordet

2: Starta programmet/verktyget genom att dubbelklicka på OTCleanIt.exe

 

3: Klicka på CleanUp! knappen.

4: Om du får varningar från dina skyddsprogram så ge OTCleanIt tillåtelse att få tillgång till Internet.

5: De olika fix-program som du har laddat ner kommer att avinstalleras, inkl. detta program, efter en omstart av datorn.

 

Mvh Laston[/log][log]C:\System Volume Information\_restore är stället där systemåterställningsfunktionen lagrar olika systemåterställningspunkter. Det betyder att medan din dator var infekterad så skapade Windows en systemåterställningspunkt. Så länge som de skadliga filerna ligger i den mappen så är de ofarliga. Däremot så om du återställer till en tidpunkt då datorn var infekterad så blir även de skadliga filerna återställda.

 

Du kan ta bort samtliga systemåterställningspunkter genom att stänga av systemåterställningsfunktionen, starta om datorn och så slå på funktionen igen. Skapa sedan en ny punkt.

Systemåterställningsfunktionen slår man av och på här:

Högerklick på Den här datorn - Egenskaper - Systemåterställning [/log]

 

[Laston]

Hej! Lite extra bara;jag ser i combologgan att du har rena autostradan i din brandvägg med godkända fildelningsprogram.inte att rekommendera om man vill undvika problem i framtiden så kolla över vilka program som du godkänt!

 

 

Det är en gammal Java-version med säkerhetshål i datorn. Jag rekommenderar dig att installera en ny från http://www.java.com/sv/ och därefter avinstallera alla Java och J2SEutom den senaste i Kontrollpanelen - Lägg till eller ta bort program (inga webbläsare igång).

Sen tackar jag för mig/Mvh Laston

 

[R-oosie]

hej, datan är bättre, men tyvärr fortfarande inte som innan problemen, ska jag skicka en ny logg?

 

[Laston]

 

Hej! Ok vad har systrarna hållit på med egentligen??Men vi kollar vidare då

 

Surfa till http://www.virustotal.com (fungerar bäst med Internet Explorer) klistra in ett av följande filnamn i rutan,

c:\programdata\MGS\cache\c\cashanovafreerangebonus.c80646018

f801b82af1a85ac0f07ba46.dll

c:\programdata\MGS\cache\c\cashanovagetlucky_temp.b71b6ce6d9

3f57e6e8d79f64bfda39ca.dll

tryck på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in resultatet från de olika antivirusprogrammen (inte Övrig information) här. Upprepa med nästa filnamn.

Mvh Laston

 

[R-oosie]

hur lång tid tror du det tar? den första filen har stått på i 2 timmar nu

 

[Laston]

Hmm låter jättekonstigt,testa att skanna på denna sida då:)Samma filer givetvis

 

http://virscan.org/

 

Mvh Laston

 

[R-oosie]

[log]första filen

a-squared 4.5.0.3 20090731163245 2009-07-31

-

0.448

AhnLab V3 2009.08.01.00 2009.08.01 2009-08-01

-

0.757

AntiVir 8.2.0.238 7.1.5.57 2009-07-31

-

0.145

Antiy 2.0.18 20090801.2664522 2009-08-01

-

0.119

Arcavir 2009 200908010851 2009-08-01

-

0.086

Authentium 5.1.1 200907311707 2009-07-31

-

2.073

AVAST! 4.7.4 090731-0 2009-07-31

-

0.033

AVG 8.5.288 270.13.39/2275 2009-08-01

-

0.330

BitDefender 7.81008.3870672 7.26937 2009-08-01

-

3.320

CA (VET) 9.0.0.143 31.6.6649 2009-08-01

-

3.423

ClamAV 0.95.2 9640 2009-08-01

-

0.085

Comodo 3.10 1836 2009-08-01

-

0.710

CP Secure 1.1.0.715 2009.08.01 2009-08-01

-

11.780

Dr.Web 4.44.0.9170 2009.08.01 2009-08-01

-

5.020

F-Prot 4.4.4.56 20090801 2009-08-01

-

1.963

F-Secure 7.02.73807 2009.07.29.10 2009-07-29

-

7.628

Fortinet 2.81-3.120 10.668 2009-08-01

-

0.233

GData 19.6806/19.422 20090801 2009-08-01

-

4.627

Ikarus T3.1.01.64 2009.08.01.73138 2009-08-01

-

4.269

JiangMin 11.0.800 2009.08.01 2009-08-01

-

3.367

Kaspersky 5.5.10 2009.08.01 2009-08-01

-

0.087

KingSoft 2009.2.5.15 2009.8.1.15 2009-08-01

-

0.495

McAfee 5.3.00 5695 2009-08-01

-

3.052

Microsoft 1.4903 2009.08.01 2009-08-01

-

5.191

Norman 6.01.09 6.01.00 2009-07-31

-

4.006

nProtect 20090801.01 4989642 2009-08-01

-

6.113

Panda 9.05.01 2009.08.01 2009-08-01

-

1.939

Quick Heal 10.00 2009.07.30 2009-07-30

-

1.154

Rising 20.0 21.40.44.00 2009-07-31

-

0.787

Sophos 2.89.1 4.44 2009-08-01

-

2.760

Sunbelt 5301 5301 2009-07-30

-

1.033

Symantec 1.3.0.24 20090731.004 2009-07-31

-

0.071

The Hacker 6.3.4.3 v00375 2009-07-31

-

0.671

Trend Micro 8.700-1004 6.336.23 2009-08-01

-

0.030

VBA32 3.12.10.9 20090731.1443 2009-07-31

-

2.003

ViRobot 20090730 2009.07.30 2009-07-30

-

0.427

VirusBuster 4.5.11.10 10.110.1/1825217 2009-07-31

-[/log]

 

[log]

andra filen

 

a-squared 4.5.0.3 20090731163245 2009-07-31

-

0.388

AhnLab V3 2009.08.01.00 2009.08.01 2009-08-01

-

0.862

AntiVir 8.2.0.238 7.1.5.57 2009-07-31

-

0.420

Antiy 2.0.18 20090801.2664522 2009-08-01

-

0.125

Arcavir 2009 200908010851 2009-08-01

-

0.052

Authentium 5.1.1 200907311707 2009-07-31

-

1.446

AVAST! 4.7.4 090801-0 2009-08-01

-

0.014

AVG 8.5.288 270.13.39/2275 2009-08-01

-

0.333

BitDefender 7.81008.3870672 7.26937 2009-08-01

-

3.351

CA (VET) 9.0.0.143 31.6.6649 2009-08-01

-

3.641

ClamAV 0.95.2 9640 2009-08-01

-

0.036

Comodo 3.10 1836 2009-08-01

-

0.732

CP Secure 1.1.0.715 2009.08.01 2009-08-01

-

11.620

Dr.Web 4.44.0.9170 2009.08.01 2009-08-01

-

5.052

F-Prot 4.4.4.56 20090801 2009-08-01

-

1.401

F-Secure 7.02.73807 2009.07.29.10 2009-07-29

-

0.121

Fortinet 2.81-3.120 10.668 2009-08-01

-

0.217

GData 19.6806/19.422 20090801 2009-08-01

-

5.496

Ikarus T3.1.01.64 2009.08.01.73138 2009-08-01

-

4.177

JiangMin 11.0.800 2009.08.01 2009-08-01

-

3.756

Kaspersky 5.5.10 2009.08.01 2009-08-01

-

0.086

KingSoft 2009.2.5.15 2009.8.1.15 2009-08-01

-

0.603

McAfee 5.3.00 5695 2009-08-01

-

3.004

Microsoft 1.4903 2009.08.01 2009-08-01

-

5.245

Norman 6.01.09 6.01.00 2009-07-31

-

4.005

nProtect 20090801.01 4989642 2009-08-01

-

6.071

Panda 9.05.01 2009.08.01 2009-08-01

-

2.257

Quick Heal 10.00 2009.07.30 2009-07-30

-

1.072

Rising 20.0 21.40.44.00 2009-07-31

-

0.803

Sophos 2.89.1 4.44 2009-08-02

-

2.770

Sunbelt 5301 5301 2009-07-30

-

1.211

Symantec 1.3.0.24 20090801.003 2009-08-01

-

0.050

The Hacker 6.3.4.3 v00375 2009-07-31

-

0.668

Trend Micro 8.700-1004 6.336.23 2009-08-01

-

0.031

VBA32 3.12.10.9 20090731.1443 2009-07-31

-

1.797

ViRobot 20090730 2009.07.30 2009-07-30

-

0.567

VirusBuster 4.5.11.10 10.110.1/1825217 2009-07-31

-

2.228[/log]

 

[Laston]

Ok ingen träff där!

Ladda ner DDS igen och följ proceduren i tidigare inlägg så får jag se om det kommit in nåt nytt !

 

Mvh Laston