Just nu i M3-nätverket
Gå till innehåll

Explorer.exe hänger sig


R-oosie

Rekommendera Poster

[log]

DDS (Ver_09-07-30.01) - NTFSx86

Run by Jonathan Ros‚n at 19:11:33,99 on 2009-08-01

Internet Explorer: 8.0.6001.18813

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.46.1053.18.3070.1778 [GMT 2:00]

 

AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

SP: ESET NOD32 Antivirus 3.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\ATK Hotkey\ASLDRSrv.exe

C:\Windows\system32\WLANExt.exe

C:\Program Files\ATKGFNEX\GFNEXSrv.exe

C:\Windows\system32\rundll32.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\ExtraFilm Designer SE\EFUploadSrv.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\ASUS\SmartLogon\sensorsrv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\ASUS\Net4Switch\Net4Switch.exe

C:\Program Files\ASUS\ASUS Live Update\ALU.exe

C:\Program Files\ATK Hotkey\Hcontrol.exe

C:\Program Files\ATK Hotkey\MsgTranAgt.exe

C:\Program Files\Wireless Console 2\wcourier.exe

C:\Program Files\ASUS\ATK Media\DMEDIA.EXE

C:\Program Files\ASUS\ATK Media\GPSWATCH.EXE

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files\ASUS\Splendid\ACMON.exe

C:\Windows\System32\ACEngSvr.exe

C:\Program Files\ATK Hotkey\ATKOSD.exe

C:\Program Files\ATK Hotkey\KBFiltr.exe

C:\Program Files\ATK Hotkey\WDC.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\ATK Hotkey\HControlUser.exe

C:\Program Files\ATKOSD2\ATKOSD2.exe

C:\Windows\System32\rundll32.exe

C:\Windows\RtHDVCpl.exe

C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Windows\AsScrPro.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\PowerISO\PWRISOVM.EXE

C:\Windows\System32\ICO.EXE

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Users\Jonathan Rosén\Program Files\DNA\btdna.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\CASIO\YouTube Uploader for CASIO\YStart.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Jonathan Rosén\Documents\Filhämtaren\dds(2).scr

C:\Windows\system32\conime.exe

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.asus.com

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden

uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [bitTorrent DNA] "c:\users\jonathan rosén\program files\dna\btdna.exe"

uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

mRun: [CLMLServer] "c:\program files\cyberlink\power2go\CLMLSvc.exe"

mRun: [P2Go_Menu] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"

mRun: [HControlUser] "c:\program files\atk hotkey\HcontrolUser.exe"

mRun: [ATKOSD2] "c:\program files\atkosd2\ATKOSD2.exe"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [skytel] Skytel.exe

mRun: [sMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe

mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe

mRun: [ASUS Screen Saver Protector] c:\windows\AsScrPro.exe

mRun: [ASUS Camera ScreenSaver] c:\windows\AsScrProlog.exe

mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice

mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE

mRun: [Mouse Suite 98 Daemon] ICO.EXE

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

dRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

dRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\youtub~1.lnk - c:\program files\casio\youtube uploader for casio\YStart.exe

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\programs\partygaming\partypoker\RunApp.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab

Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\jonath~1\appdata\roaming\mozilla\firefox\profiles\8ls5xmsa.defaultFF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\users\jonathan rosã©n\program files\dna\plugins\npbtdna.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextensionFF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

 

============= SERVICES / DRIVERS ===============

 

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2007-11-14 30728]

R2 EFUploadSrv;ExtraFilm upload service;c:\program files\extrafilm designer se\EFUploadSrv.exe [2008-11-27 1712128]

R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2007-11-14 455936]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-12-25 44064]

S3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\drivers\CRFILTER.sys [2008-4-7 6656]

S3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [2008-12-25 16512]

S3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\PELUSBlf.SYS [2008-12-25 13184]

S3 se46bus;Sony Ericsson Device 070 driver (WDM);c:\windows\system32\drivers\se46bus.sys [2009-2-1 61536]

S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;c:\windows\system32\drivers\se46mdfl.sys [2009-2-1 9360]

S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;c:\windows\system32\drivers\se46mdm.sys [2009-2-1 97088]

S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\se46mgmt.sys [2009-2-1 88624]

S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);c:\windows\system32\drivers\se46nd5.sys [2009-2-1 18704]

S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;c:\windows\system32\drivers\se46obex.sys [2009-2-1 86432]

S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);c:\windows\system32\drivers\se46unic.sys [2009-2-1 90800]

 

=============== Created Last 30 ================

 

2009-08-01 10:02 45,056 a------- c:\windows\system32\acovcnt.exe

2009-07-31 16:24 <DIR> --dsh--- C:\$RECYCLE.BIN

2009-07-31 16:15 219,648 a------- c:\windows\PEV.exe

2009-07-31 16:15 161,792 a------- c:\windows\SWREG.exe

2009-07-31 16:15 98,816 a------- c:\windows\sed.exe

2009-07-30 22:24 <DIR> --d----- c:\program files\Trend Micro

2009-07-30 21:57 <DIR> --d----- c:\users\jonath~1\appdata\roaming\Malwarebytes

2009-07-30 21:57 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys

2009-07-30 21:57 19,096 a------- c:\windows\system32\drivers\mbam.sys

2009-07-30 21:57 <DIR> --d----- c:\programdata\Malwarebytes

2009-07-30 21:57 <DIR> --d----- c:\progra~2\Malwarebytes

2009-07-30 21:57 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware

2009-07-30 11:07 <DIR> --d----- c:\programdata\WindowsSearch

2009-07-30 11:00 <DIR> --d----- c:\users\jonathan rosén\.housecall6.6

2009-07-28 17:19 <DIR> --d----- c:\program files\uTorrent

2009-07-27 23:46 <DIR> --d----- c:\program files\iPod

2009-07-27 23:46 <DIR> --d----- c:\program files\iTunes

2009-07-26 18:00 156,672 a------- c:\windows\system32\t2embed.dll

2009-07-26 18:00 72,704 a------- c:\windows\system32\fontsub.dll

2009-07-26 18:00 289,792 a------- c:\windows\system32\atmfd.dll

2009-07-26 18:00 10,240 a------- c:\windows\system32\dciman32.dll

 

==================== Find3M ====================

 

2009-08-01 19:10 1,835,008 a--sh--- c:\users\jonathan rosén\NTUSER.DAT

2009-08-01 15:52 635,644 a------- c:\windows\system32\perfh01D.dat

2009-08-01 15:52 136,178 a------- c:\windows\system32\perfc01D.dat

2009-08-01 15:02 151,844 a------- c:\programdata\nvModes.dat

2009-08-01 15:02 151,844 a------- c:\progra~2\nvModes.dat

2009-07-27 23:44 86,016 a------- c:\windows\inf\infstrng.dat

2009-07-27 23:44 51,200 a------- c:\windows\inf\infpub.dat

2009-07-21 23:52 915,456 a------- c:\windows\system32\wininet.dll

2009-07-21 23:47 109,056 a------- c:\windows\system32\iesysprep.dll

2009-07-21 23:47 71,680 a------- c:\windows\system32\iesetup.dll

2009-07-21 22:13 133,632 a------- c:\windows\system32\ieUnatt.exe

2009-06-10 00:11 86,016 a------- c:\windows\inf\infstor.dat

2009-06-05 11:42 2,060,288 a------- c:\windows\system32\usbaaplrc.dll

2009-06-05 11:42 39,424 a------- c:\windows\system32\drivers\usbaapl.sys

2009-05-21 11:33 410,984 a------- c:\windows\system32\deploytk.dll

2008-12-25 23:34 665,600 a------- c:\windows\inf\drvindex.dat

2008-04-29 08:11 290,490 a------- c:\windows\inf\perflib\041d\perfi.dat

2008-04-29 08:11 290,490 a------- c:\windows\inf\perflib\041d\perfh.dat

2008-04-29 08:11 35,978 a------- c:\windows\inf\perflib\041d\perfd.dat

2008-04-29 08:11 35,978 a------- c:\windows\inf\perflib\041d\perfc.dat

2008-01-21 04:43 174 a--sh--- c:\program files\desktop.ini

2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 11:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 11:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

 

============= FINISH: 19:11:57,73 ===============

[/log]

 

[log]

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_09-07-30.01)

 

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 2008-12-25 21:57:39

System Uptime: 2009-08-01 15:45:47 (4 hours ago)

 

Motherboard: ASUSTeK Computer Inc. | | F5GL

Processor: Intel® Pentium® Dual CPU T3200 @ 2.00GHz | Socket 478 | 2000/167mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 173 GiB total, 69,35 GiB free.

D: is FIXED (NTFS) - 115 GiB total, 113,804 GiB free.

E: is CDROM (UDF)

F: is CDROM ()

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

RP206: 2009-08-01 15:33:22 - Installed Java 6 Update 14

RP207: 2009-08-01 15:36:00 - Removed Java 6 Update 14

 

==== Installed Programs ======================

 

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 8.1.3

Adobe Shockwave Player 11.5

Adobe® Photoshop® Album Starter Edition 3.0

Apple Mobile Device Support

Apple Software Update

ASUS InstantFun

ASUS LifeFrame3

ASUS Live Update

ASUS MultiFrame

ASUS Power4Gear eXtreme

ASUS SmartLogon

ASUS Splendid Video Enhancement Technology

ASUS Virtual Camera

Asus_Camera_ScreenSaver

Atheros Client Installation Program

ATK Generic Function Service

ATK Hotkey

ATK Media

ATKOSD2

AviSynth 2.5

Battlefield 2142

bwin Poker (remove only)

CCleaner (remove only)

Choice Guard

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

CyberLink LabelPrint

CyberLink Power2Go

DNA

Dolby Control Center

EA Download Manager

ESET NOD32 Antivirus

Express Gate

ExtraFilm Designer SE

Football Manager 2009

GameSpy Comrade

Google Toolbar for Internet Explorer

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

ImTOO 3GP Video Converter

iTunes

Junk Mail filter update

LightScribe System Software 1.14.17.1

LimeWire 5.1.2

Malwarebytes' Anti-Malware

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Hotfix (KB929729)

Microsoft .NET Framework 3.5 Language Pack SP1 - sve

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel 2007 Help Uppdatering (KB963678)

Microsoft Office Excel MUI (Swedish) 2007

Microsoft Office Home and Student 2007

Microsoft Office Live Add-in 1.3

Microsoft Office OneNote MUI (Swedish) 2007

Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669)

Microsoft Office PowerPoint MUI (Swedish) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Finnish) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Swedish) 2007

Microsoft Office Proofing (Swedish) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (Swedish) 2007

Microsoft Office Word 2007 Help Uppdatering (KB963665)

Microsoft Office Word MUI (Swedish) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft WSE 3.0 Runtime

MobileMe Control Panel

Motorola SM56 Speakerphone Modem

Mouse Suite

Mozilla Firefox (3.0.12)

MSVCRT

Multimedia Card Reader

NB Probe

Net4Switch

NVIDIA Drivers

OGA Notifier 1.7.0105.35.0

PartyPoker

Photo Transport

PowerISO

QuickTime

Realtek High Definition Audio Driver

Safari

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB969679)

Security Update for Microsoft Office Excel 2007 (KB969682)

Security Update for Microsoft Office PowerPoint 2007 (KB957789)

Security Update for Microsoft Office system 2007 (KB969613)

Security Update for Microsoft Office Word 2007 (KB969604)

Spelling Dictionaries Support For Adobe Reader 8

Spotify

Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve

Svenska Spels Poker

Synaptics Pointing Device Driver

The Sims™ 3

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

USB 2.0 1.3M UVC WebCam

Videora iPod Converter 0.90

Windows Live Communications Platform

Windows Live Essentials

Windows Live inloggningsassistenten

Windows Live Mail

Windows Live Messenger

Windows Live Upload Tool

Windows Live Writer

Windows Media Player Firefox Plugin

WinFlash

WinRAR archiver

Wireless Console 2

VLC media player 0.9.9

YouTube Uploader for CASIO

 

==== End Of File ===========================

[/log]

 

återigen, stort tack för all hjälp såhär långt!

 

Länk till kommentar
Dela på andra webbplatser

  • Svars 60
  • Skapad
  • Senaste svar

Hmm vad gör du med datorn för du har fått in samma otyg idag igen???(Kommer troligen från en websida som du besöker)

Uppdatera malwarebytes och skanna med den,ska hitta detta otyg nu annars får vi börja om med ComboFix igen!!

 

Mvh Laston

 

Länk till kommentar
Dela på andra webbplatser

god damn it.. ska låsa in syrrorna asså.. jag drog på bio igår, sa åt dom att inte använda internet, så när jag kom hem fanns skiten där igen. Ska snacka med dom.

 

Länk till kommentar
Dela på andra webbplatser

Hmm Jag hittade skit som kom in igår med så nånting behöver du göra om din dator ska fungera i framtiden och framförallt dina personuppgifter inte ska hamna i orätta händer!! Malwarebytesloggan nu tack!!

Mvh Laston

 

Länk till kommentar
Dela på andra webbplatser

[log]Malwarebytes' Anti-Malware 1.39

Databasversion: 2541

Windows 6.0.6001 Service Pack 1

 

2009-08-01 19:31:35

mbam-log-2009-08-01 (19-31-35).txt

 

Skanningstyp: Snabb skanning

Antal skannade objekt: 116498

Förfluten tid: 3 minute(s), 39 second(s)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 0

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 0

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

(Inga illasinnade poster hittades)

 

Infekterade registervärden:

(Inga illasinnade poster hittades)

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

(Inga illasinnade poster hittades)

 

Infekterade filer:

(Inga illasinnade poster hittades)

[/log]

 

Länk till kommentar
Dela på andra webbplatser

Shit dom har inte uppdaterat databasen! Ja då är det bara att börja om med ComboFix då,instruktionerna finns tidigare i tråden!

Mvh Laston

 

Länk till kommentar
Dela på andra webbplatser

[log]ComboFix 09-07-31.04 - Jonathan Rosén 2009-08-01 19:42.2.2 - NTFSx86

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.46.1053.18.3070.1978 [GMT 2:00]

Running from: c:\users\Jonathan Rosén\Documents\Filhämtaren\ComboFix.exe

AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

SP: ESET NOD32 Antivirus 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\system32\acovcnt.exe

 

.

((((((((((((((((((((((((( Files Created from 2009-07-01 to 2009-08-01 )))))))))))))))))))))))))))))))

.

 

2009-08-01 17:47 . 2009-08-01 17:47 -------- d-----w- c:\users\N1\AppData\Local\temp

2009-08-01 17:47 . 2009-08-01 17:47 -------- d-----w- c:\users\Karin\AppData\Local\temp

2009-08-01 17:47 . 2009-08-01 17:47 -------- d-----w- c:\users\Filippa\AppData\Local\temp

2009-08-01 17:47 . 2009-08-01 17:47 -------- d-----w- c:\users\Elin\AppData\Local\temp

2009-08-01 17:47 . 2009-08-01 17:47 -------- d-----w- c:\users\Djamel\AppData\Local\temp

2009-07-30 20:24 . 2009-07-30 20:24 -------- d-----w- c:\program files\Trend Micro

2009-07-30 19:57 . 2009-07-13 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-07-30 19:57 . 2009-07-30 19:57 -------- d-----w- c:\programdata\Malwarebytes

2009-07-30 19:57 . 2009-07-13 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-07-30 19:57 . 2009-07-30 19:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-07-30 09:07 . 2009-07-30 09:07 -------- d-----w- c:\programdata\WindowsSearch

2009-07-28 15:19 . 2009-07-28 15:19 -------- d-----w- c:\program files\uTorrent

2009-07-28 15:16 . 2009-07-29 15:41 -------- d-----w- c:\users\N1\AppData\Roaming\uTorrent

2009-07-27 22:56 . 2009-07-27 22:59 -------- d-----w- c:\users\N1\AppData\Roaming\vlc

2009-07-27 22:39 . 2009-07-28 15:12 -------- d-----w- c:\users\N1\AppData\Roaming\BitTorrent

2009-07-27 22:29 . 2009-07-27 22:29 -------- d-----w- c:\users\N1\AppData\Local\Mozilla

2009-07-27 22:27 . 2009-07-27 22:27 -------- d-----w- c:\users\N1\AppData\Local\Google

2009-07-27 22:27 . 2009-07-27 22:27 62992 ----a-w- c:\users\N1\AppData\Local\GDIPFONTCACHEV1.DAT

2009-07-27 22:27 . 2009-07-27 22:27 -------- d-----w- c:\users\N1\AppData\Local\Power2Go

2009-07-27 21:46 . 2009-07-27 21:46 -------- d-----w- c:\program files\iPod

2009-07-27 21:46 . 2009-07-27 21:47 -------- d-----w- c:\program files\iTunes

2009-07-27 21:42 . 2009-07-27 21:42 75040 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe

2009-07-26 16:00 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll

2009-07-26 16:00 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll

2009-07-26 16:00 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll

2009-07-26 16:00 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll

2009-07-20 07:38 . 2009-07-20 07:38 680 ----a-w- c:\users\Djamel\AppData\Local\d3d9caps.dat

2009-07-16 19:18 . 2009-07-16 20:50 -------- d-----w- c:\users\Elin\AppData\Roaming\dvdcss

2009-07-11 15:48 . 2009-07-11 15:48 -------- d-----w- c:\users\Djamel\AppData\Roaming\Sports Interactive

2009-07-11 15:27 . 2009-07-14 08:23 -------- d-----w- c:\users\Djamel\AppData\Local\Microsoft Games

2009-07-10 20:51 . 2009-07-10 20:51 -------- d-----w- c:\users\Filippa\AppData\Roaming\Apple Computer

2009-07-04 16:50 . 2009-07-04 16:50 -------- d-----w- c:\users\Filippa\AppData\Roaming\vlc

2009-07-04 16:49 . 2009-07-07 18:39 -------- d-----w- c:\users\Filippa\AppData\Roaming\dvdcss

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-08-01 13:52 . 2008-04-29 06:11 635644 ----a-w- c:\windows\system32\perfh01D.dat

2009-08-01 13:52 . 2008-04-29 06:11 136178 ----a-w- c:\windows\system32\perfc01D.dat

2009-08-01 13:34 . 2009-05-13 13:20 -------- d-----w- c:\program files\Java

2009-08-01 13:26 . 2008-04-29 05:18 12 ----a-w- c:\windows\bthservsdp.dat

2009-08-01 13:02 . 2008-12-25 21:41 151844 ----a-w- c:\programdata\nvModes.dat

2009-07-31 12:20 . 2009-06-08 22:59 -------- d-----w- c:\program files\Microsoft Silverlight

2009-07-30 20:45 . 2008-12-25 13:19 -------- d--h--w- c:\program files\InstallShield Installation Information

2009-07-30 20:43 . 2009-03-01 20:48 -------- d-----w- c:\program files\HOTALBUMMyBOX

2009-07-30 20:41 . 2009-03-01 20:41 -------- d-----w- c:\program files\CASIO

2009-07-30 07:02 . 2009-06-14 14:02 680 ----a-w- c:\users\Elin\AppData\Local\d3d9caps.dat

2009-07-27 22:59 . 2009-07-27 22:56 -------- d-----w- c:\users\N1\AppData\Roaming\vlc

2009-07-27 21:49 . 2009-03-15 14:34 -------- d-----w- c:\program files\Safari

2009-07-27 21:46 . 2008-12-25 14:36 -------- d-----w- c:\program files\Common Files\Apple

2009-07-27 07:06 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail

2009-07-21 21:52 . 2009-07-29 06:30 915456 ----a-w- c:\windows\system32\wininet.dll

2009-07-21 21:47 . 2009-07-29 06:30 109056 ----a-w- c:\windows\system32\iesysprep.dll

2009-07-21 21:47 . 2009-07-29 06:30 71680 ----a-w- c:\windows\system32\iesetup.dll

2009-07-21 20:13 . 2009-07-29 06:30 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-07-04 16:50 . 2009-07-04 16:50 -------- d-----w- c:\users\Filippa\AppData\Roaming\vlc

2009-06-29 07:45 . 2008-12-26 08:58 62992 ----a-w- c:\users\Karin\AppData\Local\GDIPFONTCACHEV1.DAT

2009-06-18 07:02 . 2008-12-25 16:00 62992 ----a-w- c:\users\Djamel\AppData\Local\GDIPFONTCACHEV1.DAT

2009-06-17 15:56 . 2009-06-17 15:56 135168 ----a-w- c:\programdata\MGS\cache\c\cashanovagetlucky_temp.b71b6ce6d93f57e6e8d79f64bfda39ca.dll

2009-06-17 15:56 . 2009-06-17 15:56 159744 ----a-w- c:\programdata\MGS\cache\c\cashanovagetlucky.70edc0ef64acff9d67d53ba965b991b4.dll

2009-06-17 15:56 . 2009-06-17 15:56 434448 ----a-w- c:\programdata\MGS\cache\c\cashanovafreerangebonus.c80646018f801b82af1a85ac0f07ba46.dll

2009-06-17 15:55 . 2009-06-17 15:55 217360 ----a-w- c:\programdata\MGS\cache\c\cashanovafreerangebonus_temp.598336f9707e832cab943342026367f4.dll

2009-06-17 15:54 . 2009-06-17 15:54 303376 ----a-w- c:\programdata\MGS\cache\m\mermaidsmillions.9379e4aac1e4731bf7922c8c2544bd7a.dll

2009-06-17 15:54 . 2009-06-17 15:54 295184 ----a-w- c:\programdata\MGS\cache\m\mermaidsmillionsxxx.85e8ee4057b7c3d431514729821caee1.dll

2009-06-17 15:54 . 2009-06-17 15:54 119056 ----a-w- c:\programdata\MGS\cache\m\mermaidsbonus.f520937c2ec436ae80b67d9c967dd3f6.dll

2009-06-17 15:51 . 2009-06-17 15:51 131344 ----a-w- c:\programdata\MGS\cache\b\bonus_threereel_types_1_2.19c24a05687d90864e9a9de516d92124.dll

2009-06-17 15:51 . 2009-06-17 15:51 45056 ----a-w- c:\programdata\MGS\cache\w\wheelofwealthbonus.273ed6671a16c67a5d50ecde6a66097a.dll

2009-06-17 15:49 . 2009-06-17 15:49 155648 ----a-w- c:\programdata\MGS\cache\b\bonuspaigowpoker.7a255497429caa23df774f47d3465136.dll

2009-06-17 15:49 . 2009-06-17 15:49 385024 ----a-w- c:\programdata\MGS\cache\b\bonusblackjack.dab6343a296b066bd5fe18d7c7d9940f.dll

2009-06-17 15:49 . 2009-06-17 15:49 446736 ----a-w- c:\programdata\MGS\cache\h\hilowbonus.ecf70c1bd892c000f22ce30d5b0ba784.dll

2009-06-17 15:49 . 2009-06-17 15:49 483600 ----a-w- c:\programdata\MGS\cache\h\hilowbonus_tggg.10cdcb3e64c301c60db4d11d2d7781a4.dll

2009-06-17 15:48 . 2009-06-17 15:48 958464 ----a-w- c:\programdata\MGS\cache\h\hilowbonus_flightzone.1173d08d2670eede892e3adf07022f08.dll

2009-06-17 15:43 . 2009-06-17 15:43 594192 ----a-w- c:\programdata\MGS\cache\s\snakesandladdersbonus.1b7d7437b87cc53b7a00c4efd2db679d.dll

2009-06-17 15:43 . 2009-06-17 15:43 57344 ----a-w- c:\programdata\MGS\cache\v\volcanobonusgame.1f5cd5f4b800bd1a6e740e08a3119e10.dll

2009-06-17 15:43 . 2009-06-17 15:43 61440 ----a-w- c:\programdata\MGS\cache\t\tikimaskbonusgame.0dc1c149f619ef0a72aacd3abdeb0dfb.dll

2009-06-17 15:42 . 2009-06-17 15:42 213089 ----a-w- c:\programdata\MGS\cache\b\bigkahuna.769fd4a48b95c8614a738f1cad88bcd5.dll

2009-06-17 15:41 . 2009-06-17 15:41 430352 ----a-w- c:\programdata\MGS\cache\s\simplepickxofyskillbonus.8d56aeea91f0d0bbdf41c578fbf38496.dll

2009-06-17 15:37 . 2009-06-17 15:37 376832 ----a-w- c:\programdata\MGS\cache\a\atlanticcityblackjack.9baef784fe666fb9d90dc331d0239eed.dll

2009-06-17 15:34 . 2009-06-17 15:34 233744 ----a-w- c:\programdata\MGS\cache\s\simplepickuntilbonus_temp.b6b7e588aedb05fa062fb8447406bca9.dll

2009-06-17 15:34 . 2009-06-17 15:34 495888 ----a-w- c:\programdata\MGS\cache\s\simplepickuntilbonus.aa7eb4e3b4774e5cad0d4f8562ca860d.dll

2009-06-17 15:34 . 2009-06-17 15:34 561424 ----a-w- c:\programdata\MGS\cache\s\simplepickuntilbonus_tggg.ca9a61a09a35dc0843cc68f532694746.dll

2009-06-17 15:34 . 2009-06-17 15:34 1056768 ----a-w- c:\programdata\MGS\cache\s\simplepickuntilbonus_flightzone.1f65e9ffaab494fa7dea6b149ec7a671.dll

2009-06-17 15:34 . 2009-06-17 15:34 204905 ----a-w- c:\programdata\MGS\cache\t\thunderstruck.0cc1be68d215832fa06fc779c0b3e069.dll

2009-06-17 15:33 . 2009-06-17 15:33 139264 ----a-w- c:\programdata\MGS\cache\l\levelupvideopokerplugin.d3ee60c36507413ca9ab67247eac5288.dll

2009-06-17 15:33 . 2009-06-17 15:33 114688 ----a-w- c:\programdata\MGS\cache\l\levelupvideopokergambleplugin.d65fe35ffb2e6dc1b9ea46def3db39dc.dll

2009-06-17 15:33 . 2009-06-17 15:33 290941 ----a-w- c:\programdata\MGS\cache\l\levelupvideopokerxxx.0d52d2ac00db83d9b97c99592ee3aa21.dll

2009-06-17 15:33 . 2009-06-17 15:33 237840 ----a-w- c:\programdata\MGS\cache\p\powerpokersuite1_nl.cebfe8812d984716506c6d9d096a5f48.dll

2009-06-17 15:33 . 2009-06-17 15:33 217360 ----a-w- c:\programdata\MGS\cache\v\videopokersuite1.03dd648f567bef124a1d270ad208752a.dll

2009-06-17 15:32 . 2009-06-17 15:32 114960 ----a-w- c:\programdata\MGS\cache\t\type_5reelnormal3_4_5.07db0a5618a0565d7bde7a2766c54711.dll

2009-06-17 15:32 . 2009-06-17 15:32 200704 ----a-w- c:\programdata\MGS\cache\3\3cardpoker.8e73a522a397f174eb628d05f72f1f40.dll

2009-06-17 15:25 . 2009-06-17 15:25 32768 ----a-w- c:\programdata\MGS\cache\_\_crt_keno.ed975aa9c9bb5e5ec89c8ffeee254e8a.dll

2009-06-17 15:25 . 2009-06-17 15:25 303204 ----a-w- c:\programdata\MGS\cache\m\mpvblackjackplugin.49e5f42fbdf0e1e2df5232e5ea419897.dll

2009-06-17 15:24 . 2009-06-17 15:24 311398 ----a-w- c:\programdata\MGS\cache\m\mpvblackjacktourxxx.e4ccb563efd75763602af7373fbd8cec.dll

2009-06-17 15:24 . 2009-06-17 15:24 327784 ----a-w- c:\programdata\MGS\cache\m\mpvtabletournamentlobby.fea1be7b63b308e9fdb6e8d4bd356052.dll

2009-06-17 15:23 . 2009-06-17 15:23 213264 ----a-w- c:\programdata\MGS\cache\c\choosebonus.df815bbfb8ae7a29a353f0ae65e4af17.dll

2009-06-17 15:21 . 2009-06-17 15:21 323856 ----a-w- c:\programdata\MGS\cache\h\hitmancontractbonus.339a969d902930975b3194643e289fc9.dll

2009-06-17 15:19 . 2009-06-17 15:19 499984 ----a-w- c:\programdata\MGS\cache\s\simplepickxofybonus.4968e33b858e6c30beb0ac4b11a9c459.dll

2009-06-17 15:19 . 2009-06-17 15:19 1032192 ----a-w- c:\programdata\MGS\cache\s\simplepickxofybonus_flightzone.4d281f29a7152da50722695b99821fe6.dll

2009-06-17 15:19 . 2009-06-17 15:19 508176 ----a-w- c:\programdata\MGS\cache\s\simplepickxofybonus_temp.556fffdfd1bc700038c0a1370a1eb004.dll

2009-06-17 15:19 . 2009-06-17 15:19 524560 ----a-w- c:\programdata\MGS\cache\s\simplepickxofybonus_tggg.f8ba0ccac248b6026b2705996790640a.dll

2009-06-17 15:17 . 2009-06-17 15:17 655360 ----a-w- c:\programdata\MGS\cache\t\transition_flightzone.2d8aa10da872f1ac4a34a2122bf3c4b2.dll

2009-06-17 15:16 . 2009-06-17 15:16 110864 ----a-w- c:\programdata\MGS\cache\t\type_3reelnormal1_2.6d58a1bcaf1d9165fa0b77fa9598b623.dll

2009-06-17 15:16 . 2009-06-17 15:08 -------- d-----w- c:\programdata\MGS

2009-06-17 15:08 . 2009-06-17 15:08 -------- d-----w- c:\programdata\Microgaming

2009-06-16 18:37 . 2008-12-26 13:18 62992 ----a-w- c:\users\Filippa\AppData\Local\GDIPFONTCACHEV1.DAT

2009-06-16 15:59 . 2008-12-25 17:47 62992 ----a-w- c:\users\Elin\AppData\Local\GDIPFONTCACHEV1.DAT

2009-06-13 14:52 . 2009-06-13 14:52 -------- d-----w- c:\programdata\Electronic Arts

2009-06-13 14:51 . 2008-12-25 20:05 -------- d-----w- c:\program files\Electronic Arts

2009-06-13 14:50 . 2009-06-13 14:50 10134 ----a-r- c:\users\Elin\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe

2009-06-13 14:50 . 2009-06-13 14:50 -------- d-----w- c:\program files\Microsoft WSE

2009-06-12 18:43 . 2009-06-12 18:43 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbD98.tmp.exe

2009-06-12 17:33 . 2009-06-12 17:34 456304 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbA4E7.tmp.exe

2009-06-12 06:00 . 2008-12-25 14:51 -------- d-----w- c:\programdata\Microsoft Help

2009-06-09 22:14 . 2009-06-09 22:14 -------- d-----w- c:\program files\QuickTime

2009-06-06 08:14 . 2008-12-25 14:55 -------- d-----w- c:\program files\Microsoft Works

2009-06-05 09:42 . 2009-06-05 09:42 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2009-06-05 09:42 . 2009-06-05 09:42 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll

2009-05-21 09:33 . 2009-01-15 23:08 410984 ----a-w- c:\windows\system32\deploytk.dll

2009-07-28 10:28 . 2008-12-25 14:21 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]

"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

"BitTorrent DNA"="c:\users\Jonathan Rosén\Program Files\DNA\btdna.exe" [2009-03-17 321344]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-09 39408]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-18 104936]

"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]

"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-11 98304]

"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-25 13548064]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-25 92704]

"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-08-28 655360]

"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-17 102400]

"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2008-12-25 3054136]

"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2008-12-25 47672]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-11-14 1410304]

"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-11-02 167936]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-13 177472]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]

"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-08-12 6265376]

"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2008-08-12 1833504]

"Mouse Suite 98 Daemon"="ICO.EXE" - c:\windows\System32\ICO.EXE [2006-11-03 49152]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]

 

c:\programdata\Microsoft\Windows\Start Menu\Programs\StartupYouTube Uploader for CASIO.lnk - c:\program files\CASIO\YouTube Uploader for CASIO\YStart.exe [2007-6-11 79488]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]

"{EB427A75-C6BB-49DB-9C8F-D2C3FD561ADA}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{DF350759-9225-445B-91F1-82843A6C9FA6}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

"{EE31F627-7AB8-476B-AEA4-F8A9EB5418A6}"= UDP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009

"{96579AF8-848B-469D-8044-FDA5206FCCD3}"= TCP:c:\program files\Sports Interactive\Football Manager 2009\fm.exe:Football Manager 2009

"{55288098-AA6F-48BF-A714-18FEDBC18B0E}"= UDP:c:\program files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2

"{7A99FD48-4D67-49D9-AAA3-914336613393}"= TCP:c:\program files\Electronic Arts\Battlefield 2142\BF2142.exe:Battlefield 2

"TCP Query User{0E808C34-69B1-41DA-A1CD-1B15614BD161}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent

"UDP Query User{9918D4A4-4427-42EC-87A4-E4555F9F73D7}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent

"TCP Query User{F7B099FB-02D5-40D9-92E0-AAEE5161BE49}c:\\program files\\spotify\\spotify.exe"= UDP:c:\program files\spotify\spotify.exe:Spotify

"UDP Query User{3CA70AAC-4ADC-4016-9A6C-CDD9A98E8B80}c:\\program files\\spotify\\spotify.exe"= TCP:c:\program files\spotify\spotify.exe:Spotify

"TCP Query User{E8A1C318-2796-4B3F-877D-704AB1955F0E}c:\\program files\\spotify\\spotify.exe"= UDP:c:\program files\spotify\spotify.exe:Spotify

"UDP Query User{4B6A2AD0-5FEA-4B7C-BFBC-309591E2C209}c:\\program files\\spotify\\spotify.exe"= TCP:c:\program files\spotify\spotify.exe:Spotify

"{A0F3C4FB-98A7-43DA-A310-484D30EFA28D}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{7750FC6A-2617-4AD1-9BFD-A67C93F43CE7}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{FA792E1D-67B9-41E5-9037-EFF4A1633097}"= Disabled:UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)

"{8325ED7D-567A-4752-BD76-72ED174DE9B2}"= Disabled:TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)

"TCP Query User{A8F58B0C-13EA-43E8-AF39-1AA915EA39C0}c:\\users\\jonathan rosén\\program files\\dna\\btdna.exe"= UDP:c:\users\jonathan rosén\program files\dna\btdna.exe:btdna.exe

"UDP Query User{CEB0BE8A-0C94-443D-BB8A-51DADD222C39}c:\\users\\jonathan rosén\\program files\\dna\\btdna.exe"= TCP:c:\users\jonathan rosén\program files\dna\btdna.exe:btdna.exe

"TCP Query User{A68DC96B-6ADF-4B6C-8BE5-CCC8F9329FA9}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent

"UDP Query User{0139042E-6AB1-4BD8-BA26-605EC361A24F}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent

"TCP Query User{F0FD0949-744D-4133-B0FE-5E2748BF6001}c:\\users\\jonathan rosén\\program files\\dna\\btdna.exe"= UDP:c:\users\jonathan rosén\program files\dna\btdna.exe:btdna.exe

"UDP Query User{2BD7D02E-3423-43B3-91AC-2DCC79D6310B}c:\\users\\jonathan rosén\\program files\\dna\\btdna.exe"= TCP:c:\users\jonathan rosén\program files\dna\btdna.exe:btdna.exe

"TCP Query User{043C4E56-EA91-441A-AE32-A7A8B7928072}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client

"UDP Query User{C9100DFD-8466-4BC5-8DF8-9C7CF39354B2}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client

"TCP Query User{3D17D350-D8FA-4452-961B-19550F4EAB8B}c:\\users\\jonathan rosén\\documents\\filhämtaren\\utorrent(2).exe"= UDP:c:\users\jonathan rosén\documents\filhämtaren\utorrent(2).exe:utorrent(2).exe

"UDP Query User{182389B7-D422-4724-AC56-59DE07EB0E8E}c:\\users\\jonathan rosén\\documents\\filhämtaren\\utorrent(2).exe"= TCP:c:\users\jonathan rosén\documents\filhämtaren\utorrent(2).exe:utorrent(2).exe

"{D4BBC47A-A97C-420C-AAB9-C225331BA66F}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire

"{020B4DDA-7AD6-4B85-8556-10C7091C3186}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire

"TCP Query User{9F12D3E7-7EB7-4B6D-BA7A-CC99DDC22FCB}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire

"UDP Query User{3AF5BE2B-E8D9-4BA4-8691-3FC217005F3F}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire

"{40AE9F65-3DAF-4849-BCFB-17B747A40A78}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes

"{B7343E49-0094-4FA0-A87F-BF1B7A78DE00}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

"{C190B8C8-0414-436C-83F2-F59840A073C9}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes

"{D8D038AF-E1FA-41F5-AAFA-D9A420892932}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

"{3941139F-42EA-4F51-A2D3-D49DB5EDC492}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)

"{09DE584E-3307-4F47-96D6-38FBBB7C3910}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)

"TCP Query User{4AC31EF9-96FD-45F8-BFE5-DB7C09AD90CB}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:µTorrent

"UDP Query User{4465EDFA-B136-4C85-8A9C-400B61B86A1D}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:µTorrent

"TCP Query User{CD270E1B-C411-450F-B8DB-A9E3ECC31E6B}c:\\program files\\vuze\\azureus.exe"= Disabled:UDP:c:\program files\vuze\azureus.exe:Azureus

"UDP Query User{2859B19E-6D05-436B-8102-593939AF78DE}c:\\program files\\vuze\\azureus.exe"= Disabled:TCP:c:\program files\vuze\azureus.exe:Azureus

"{E472A89C-2F41-4F3F-BDDE-15E2AE8D3959}"= Disabled:UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent

"{19137BF2-13E4-4281-AE53-CC4F8261F7B4}"= Disabled:TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent

"TCP Query User{65246A2F-1968-4417-A1E7-D8C8BFE2160B}c:\\program files\\burst\\core-new1.1.3\\btdownloadheadless.exe"= Disabled:UDP:c:\program files\burst\core-new1.1.3\btdownloadheadless.exe:burst! download engine

"UDP Query User{D60158BD-D835-46D8-9E71-1247333A83BF}c:\\program files\\burst\\core-new1.1.3\\btdownloadheadless.exe"= Disabled:TCP:c:\program files\burst\core-new1.1.3\btdownloadheadless.exe:burst! download engine

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]

"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

 

R1 epfwtdir;epfwtdir;c:\windows\System32\drivers\epfwtdir.sys [2007-11-14 30728]

R2 EFUploadSrv;ExtraFilm upload service;c:\program files\ExtraFilm Designer SE\EFUploadSrv.exe [2008-11-27 1712128]

R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-11-14 455936]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [2008-12-25 44064]

S3 CRFILTER;USB Mass Storage Filter;c:\windows\System32\drivers\CRFILTER.sys [2008-04-07 6656]

S3 pelmouse;Mouse Suite Driver;c:\windows\System32\drivers\PELMOUSE.SYS [2008-12-25 16512]

S3 pelusblf;USB Mouse Low Filter Driver;c:\windows\System32\drivers\PELUSBlf.SYS [2008-12-25 13184]

S3 se46bus;Sony Ericsson Device 070 driver (WDM);c:\windows\System32\drivers\se46bus.sys [2009-02-01 61536]

S3 se46mdfl;Sony Ericsson Device 070 USB WMC Modem Filter;c:\windows\System32\drivers\se46mdfl.sys [2009-02-01 9360]

S3 se46mdm;Sony Ericsson Device 070 USB WMC Modem Driver;c:\windows\System32\drivers\se46mdm.sys [2009-02-01 97088]

S3 se46mgmt;Sony Ericsson Device 070 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\se46mgmt.sys [2009-02-01 88624]

S3 se46nd5;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (NDIS);c:\windows\System32\drivers\se46nd5.sys [2009-02-01 18704]

S3 se46obex;Sony Ericsson Device 070 USB WMC OBEX Interface;c:\windows\System32\drivers\se46obex.sys [2009-02-01 86432]

S3 se46unic;Sony Ericsson Device 070 USB Ethernet Emulation SEMC46 (WDM);c:\windows\System32\drivers\se46unic.sys [2009-02-01 90800]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]

"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

"c:\program files\Common Files\LightScribe\LSRunOnce.exe"

.

Contents of the 'Scheduled Tasks' folder

 

2009-08-01 c:\windows\Tasks\User_Feed_Synchronization-{2A7E5059-7C0E-472D-AD25-79FC471BAD61}.job

- c:\windows\system32\msfeedssync.exe [2009-07-29 20:13]

 

2009-08-01 c:\windows\Tasks\User_Feed_Synchronization-{3967F2F9-F3B2-4E11-8947-8EB0A24E6821}.job

- c:\windows\system32\msfeedssync.exe [2009-07-29 20:13]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.asus.com

IE: E&xportera till Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab

FF - ProfilePath - c:\users\Jonathan Rosén\AppData\Roaming\Mozilla\Firefox\Profiles\8ls5xmsa.defaultFF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll

FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

.

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-08-01 19:47

Windows 6.0.6001 Service Pack 1 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

Completion time: 2009-08-01 19:49

ComboFix-quarantined-files.txt 2009-08-01 17:49

ComboFix2.txt 2009-07-31 14:23

 

Pre-Run: 74 446 733 312 byte ledigt

Post-Run: 74 413 572 096 byte ledigt

 

302 --- E O F --- 2009-07-31 12:11

[/log]

 

Länk till kommentar
Dela på andra webbplatser

Bra nu har vi fått bort denna elaking igen!!

skanna även denna fil så får jag se om även den ska bort,kom in igår kväll!!

 

c:\windows\PEV.exe

 

Länk till kommentar
Dela på andra webbplatser

[log]a-squared 4.5.0.3 20090728220216 2009-07-28

-

0.346

AhnLab V3 2009.07.28.02 2009.07.28 2009-07-28

-

0.900

AntiVir 8.2.0.234 7.1.5.39 2009-07-28

-

0.545

Antiy 2.0.18 20090728.2650168 2009-07-28

-

0.121

Arcavir 2009 200907280849 2009-07-28

-

0.069

Authentium 5.1.1 200907281114 2009-07-28

W32/Heuristic-210!Eldorado (Heuristic)

4.745

AVAST! 4.7.4 090727-0 2009-07-27

-

0.093

AVG 8.5.288 270.13.34/2268 2009-07-28

-

2.075

BitDefender 7.81008.3850261 7.26856 2009-07-28

-

3.414

CA (VET) 9.0.0.143 31.6.6642 2009-07-28

-

6.740

ClamAV 0.95.2 9624 2009-07-28

-

0.037

Comodo 3.10 1793 2009-07-28

-

5.833

CP Secure 1.1.0.715 2009.07.28 2009-07-28

Troj.GameThief.W32.WOW.bwa

11.629

Dr.Web 4.44.0.9170 2009.07.28 2009-07-28

-

5.270

F-Prot 4.4.4.56 20090728 2009-07-28

Possible W32/Heuristic-210!Eldorado (not disinfectable)

4.325

F-Secure 7.02.73807 2009.07.24.08 2009-07-24

-

11.431

Fortinet 2.81-3.120 10.654 2009-07-28

-

0.986

GData 19.6747/19.415 20090728 2009-07-28

-

4.838

Ikarus T3.1.01.64 2009.07.28.73117 2009-07-28

-

3.826

JiangMin 11.0.800 2009.07.28 2009-07-28

-

3.684

Kaspersky 5.5.10 2009.07.28 2009-07-28

-

0.236

KingSoft 2009.2.5.15 2009.7.28.21 2009-07-28

-

0.540

McAfee 5.3.00 5690 2009-07-27

-

6.165

Microsoft 1.4903 2009.07.28 2009-07-28

-

5.156

Norman 6.01.09 6.01.00 2009-07-28

-

4.011

nProtect 20090727.02 4947667 2009-07-27

-

6.545

Panda 9.05.01 2009.07.27 2009-07-27

-

4.343

Quick Heal 10.00 2009.07.28 2009-07-28

Suspicious - DNAScan

1.150

Rising 20.0 21.40.14.00 2009-07-28

-

1.093

Sophos 2.88.0 4.43 2009-07-28

-

3.384

Sunbelt 5288 5288 2009-07-27

-

3.392

Symantec 1.3.0.24 20090727.006 2009-07-27

-

0.232

The Hacker 6.3.4.3 v00376 2009-07-28

-

0.712

Trend Micro 8.700-1004 6.325.00 2009-07-28

-

0.051

VBA32 3.12.10.9 20090727.1245 2009-07-27

-

2.240

ViRobot 20090728 2009.07.28 2009-07-28

-

0.434

VirusBuster 4.5.11.10 10.109.14/1834980 2009-07-27

-

2.644[/log]

 

Länk till kommentar
Dela på andra webbplatser

Hej! Jag är lite kluven på resultatet i denna skan men den info jag kan få fram så är det False Positive så vi lämnar denna fil då!Då ska det vara ok igen om du nu tycker att datorn fungerar som den ska igen!!??

Mvh Laston

 

Länk till kommentar
Dela på andra webbplatser

hej.

 

tyvärr kvarstår problemen.. börjar bli sugen på en systemåterställning, skulle det hjälpa?

 

Länk till kommentar
Dela på andra webbplatser

Hej! Är det så att datorn fortfarande är infekterad så hjälper inte systemåterställning!! Vet du vad denna fil som du skannade kommer ifrån och vart den hör hemma?Finns inga USB-minnen som du kopplar in som kan smitta om datorn?

Mvh Laston

 

Länk till kommentar
Dela på andra webbplatser

Infektioner kan spridas mellan datorer via iPods också.

 

Visste du vad HOTALBUMMyBOX är för något?

 

Vet du vad mappen c:\programdata\MGS hör till för något program?

 

Det finns rester av Norton/Symantec i loggen så städa bort sådant med städprogrammet:

http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039

 

Ladda ner Security Check by screen317 till Skrivbordet.

http://screen317.spywareinfoforum.org/SecurityCheck.exe

 

Kör Security Check (i Vista högerklicka och Kör som administratör).

 

När det är klart så kommer en loggfil upp i Anteckningar, checkup.txt, klistra in den i ditt svar.

 

Skanna datorn online på

http://www.kaspersky.com/virusscanner

Spara loggen om något hittas och klistra in i ditt svar.

 

 

Länk till kommentar
Dela på andra webbplatser

hotalbum är program till min kamera, följde med.

 

den andra filen, mgs, vet jag däremot inte vad det är.

 

första scanen

[log]Results of screen317's Security Check version 0.98.7

Windows Vista Service Pack 1

Out of date service pack!!

``````````````````````````````

Antivirus/Firewall Check:

ESET NOD32 Antivirus

ESET NOD32 Antivirus

Antivirus up to date!

``````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

HijackThis 2.0.2

CCleaner (remove only)

Adobe Flash Player 10

Adobe Reader 8.1.3

Out of date Adobe Reader installed!

``````````````````````````````

Process Check:

objlist.exe by Laurent

``````````````````````````````

DNS Vulnerability Check:

GREAT! (Very random)

 

`````````End of Log```````````

[/log]

 

Länk till kommentar
Dela på andra webbplatser

Kolla upp vilka program med säkerhetshål som finns i datorn genom att låta Secunias Software Inspector kolla upp datorn.

http://secunia.com/vulnerability_scanning/

Uppdatera programmen som hittas, t ex Adobe Reader.

 

Vad finns i mappen c:\programdata\MGS?

 

Är det fortfarande så att explorer.exe (Utforskaren, Den här datorn mm) hänger sig?

 

Länk till kommentar
Dela på andra webbplatser

Var det Kaspersky som hittade Trojan-Downloader.WMA.Wimad.n?

I vilken fil och mapp hittades den?

 

Länk till kommentar
Dela på andra webbplatser

C:\Users\Jonathan Rosén\Music\Shared\Greese\summer loving.wma

där hittades den

 

och ja, det var kaspersky som hittade den. kan tyvärr inte skicka rapporten då web browsern hänger sig när jag försöker spara den.

 

Länk till kommentar
Dela på andra webbplatser

hej

 

har tagit bort filen nu, datan beter sig något bättre och tillåter mig att hantera explorer.exe ibland, hänger sig dock fortfarande men inte lika ofta.

 

Länk till kommentar
Dela på andra webbplatser

Kommer det något i Problemrapporter eller i Loggboken (båda i Kontrollpanelen, den senare under Administrationsverktyg) samtidigt som explorer hänger sig?

 

Länk till kommentar
Dela på andra webbplatser

här är en rapport

 

[log]Beskrivning

Ett problem orsakade att detta program slutade att fungera med Windows.

 

Problemsignatur

Händelsenamn: AppHangXProcB1

Programnamn: Explorer.EXE

Programversion: 6.0.6001.18164

Programmets tidsstämpel: 4907e242

Signatur för avstannande: 70f9

Typ av avstannande: 129

Väntar på programnamn: ekrn.exe:AmonPort

Väntar på programversion: 0.0.0.0

OS-version: 6.0.6001.2.1.0.768.3

Språkvariant-ID: 1053

Ytterligare signatur 1: 105aee30e84c0d63e197fc7ffbff8dab

Ytterligare signatur 2: ddd2

Ytterligare signatur 3: d96bc6760c8f260e8cbd385b42c61e6e

Ytterligare signatur 4: 9bc5

Ytterligare signatur 5: bdfcc016be67c83dee9ed471843c2ea6

Ytterligare signatur 6: a600

Ytterligare signatur 7: 8c446e8f351f3ff8456bee64eba30e80

 

Extra information om problemet

Bucket-ID: 406012546

[/log]

 

Länk till kommentar
Dela på andra webbplatser

Väntar på programnamn: ekrn.exe:AmonPort

Det där är ett program som hör till Nod32 så pröva med att ominstallera det.

 

Vad finns i mappen c:\programdata\MGS?

 

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...