Just nu i M3-nätverket
Jump to content

Mail-virus?


kaka*

Recommended Posts

Jag använder Windows Live Mail och titt som tätt skickar min mail ut konstiga spam-mail till större delen av min kontaktlista...

 

Varför? Och hur blir jag av med det?

 

Lite pinsamt när chefen får reklam från nogot amerikanskt damklädesföretag och svarar undrande om det var menat till honom...

Link to comment
Share on other sites

Det första du ska göra är att byta lösenord och ev. hemlig fråga till ditt mejl-konto.

 

Vi kan se vad DDS visar till att börja med. Spara DDS på Skrivbordet.

http://download.bleepingcomputer.com/sUBs/dds.scr

 

Starta programmet genom att dubbelklicka på det.

Tryck Yes/Ja om frågan om Optional Scan dyker upp.

I ditt svar klistrar du in loggen DSS.txt. Medan du bifogar Attach.txt som en fil.

Link to comment
Share on other sites

Man kan inte använda hotmail och när jag är inloggad på windowslivemessenger så får jag en massa spam som säger klicka på länken vinn iphone <3<3 från såna som inte har vart inne på msn på två år :D. Dom e också offline. Jag ska ta en annan epostadress hotmail är inte bra. ANVÄND GMAIL!

Link to comment
Share on other sites

när jag är inloggad på windowslivemessenger så får jag en massa spam som säger klicka på länken vinn iphone <3<3 från såna som inte har vart inne på msn på två år :D. Dom e också offline.

Det låter som att de andra har fått sina konton kapade.

Link to comment
Share on other sites

Det låter som att de andra har fått sina konton kapade.

Ja det gör det igår fick jag ett mail också blablabla vinn en iphone klicka på länken blablabla

Link to comment
Share on other sites

DDS (Ver_10-03-17.01) - NTFSx86

Run by David at 16:43:08,33 on 2010-04-13

Internet Explorer: 8.0.6001.18904 BrowserJavaVersion: 1.6.0_19

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.3070.1665 [GMT 2:00]

 

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\Fingerprint Sensor\AtService.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\DigitalPersona\Bin\DpHostW.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\Glocalnet\Glocalnet Mobilt Bredband\GtDetectSc.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Voddler\service\voddler.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Synaptics\SynTP\SynTPStart.exe

C:\Program Files\HP\QuickPlay\QPService.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\DigitalPersona\Bin\DpAgent.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Voddler\service\VNetManager.exe

C:\Windows\ehome\ehtray.exe

C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Personal\bin\Personal.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Glocalnet\Glocalnet Mobilt Bredband\Glocalnet Mobilt Bredband.exe

C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Program Files\MPS Broadband\My Content Manager\My Content Manager.exe

C:\Program Files\Microsoft Works\WkCalRem.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\ehome\ehsched.exe

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Windows\ehome\ehRecvr.exe

C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskeng.exe

C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\David\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\David\Downloads\dds.scr

C:\Windows\system32\conime.exe

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.swedbank.se/

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uDefault_Search_URL = hxxp://www.google.com/ie

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=81&bd=Pavilion&pf=laptop

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Länkhjälp till Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: DigitalPersona Personal Extension: {395610ae-c624-4f58-b89e-23733ea00f9a} - c:\program files\digitalpersona\bin\DpOtsPluginIe8.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\norton internet security\engine\16.8.0.41\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\norton internet security\engine\16.8.0.41\IPSBHO.DLL

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - c:\program files\ekort\EKortHelper.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\norton internet security\engine\16.8.0.41\coIEPlg.dll

TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - c:\program files\ekort\EKortToolbar.dll

TB: {71B6ACF7-4F0F-4FD8-BB69-6D1A4D271CB7} - No File

TB: {4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - No File

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [iSUSPM] "c:\programdata\macrovision\flexnet connect\6\ISUSPM.exe" -scheduler

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [Google Update] "c:\users\david\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe

mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"

mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

mRun: [OnScreenDisplay] c:\program files\hewlett-packard\hp quicktouch\HPKBDAPP.exe

mRun: [uCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\1.0"

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe

mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe

mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [TrayServer] c:\program files\magix\movies on dvd 7\TrayServer.exe

mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe

mRun: [DpAgent] c:\program files\digitalpersona\bin\dpagent.exe

mRun: [e-kort] c:\progra~1\ekort\ekort.exe /dontopenmycards /Autostart

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [<NO NAME>]

mRun: [VoddlerNet Manager] c:\program files\voddler\service\VNetManager.exe

StartupFolder: c:\users\david\appdata\roaming\micros~1\windows\startm~1\programs\startup\skrmur~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\users\david\appdata\roaming\micros~1\windows\startm~1\programs\startup\wkcalrem.lnk - c:\program files\microsoft works\WkCalRem.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bankid~1.lnk - c:\program files\personal\bin\Personal.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\glocal~1.lnk - c:\program files\glocalnet\glocalnet mobilt bredband\Glocalnet Mobilt Bredband.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mycont~1.lnk - c:\program files\mps broadband\my content manager\My Content Manager.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Download with Xilisoft YouTube Video Converter - c:\program files\xilisoft\youtube video converter\upod_link.HTM

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Skicka bild till &Bluetooth-enhet... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm

IE: Skicka sida till &Bluetooth-enhet... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab

DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} - hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab

DPF: {3CB21A24-BAAE-4D2D-87B7-1273719BCF56} - hxxps://mpsmppgw01.mpsnordic.se/toolbox/1_1/resources/COPPTest.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab

DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\norton internet security\engine\16.8.0.41\CoIEPlg.dll

LSA: Notification Packages = scecli DPPWDFLT

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\david\appdata\roaming\mozilla\firefox\profiles\wc2id7qe.default\

FF - prefs.js: browser.startup.homepage - www.swedbank.se

FF - component: c:\program files\digitalpersona\bin\firefoxext\components\dpffcli.dll

FF - component: c:\program files\ekort\components\SlimOrbAddonEkort.dll

FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coffplgn\components\coFFPlgn.dll

FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\ipsffplgn\components\IPSFFPl.dll

FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll

FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\personal\bin\np_prsnl.dll

FF - plugin: c:\program files\voddler\plugin\npvoddler.dll

FF - plugin: c:\users\david\appdata\local\google\update\1.2.183.23\npGoogleOneClick8.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

 

============= SERVICES / DRIVERS ===============

 

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1008000.029\SymEFA.sys [2010-1-28 310320]

R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1008000.029\BHDrvx86.sys [2010-1-28 259632]

R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1008000.029\cchpx86.sys [2010-1-28 482432]

R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20100409.001\IDSvix86.sys [2010-4-12 343088]

R2 ATService;AuthenTec Fingerprint Service;c:\program files\fingerprint sensor\AtService.exe [2009-9-11 1811704]

R2 GtDetectSc;GtDetectSc;c:\program files\glocalnet\glocalnet mobilt bredband\GtDetectSc.exe [2007-12-18 196704]

R2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\norton internet security\engine\16.8.0.41\ccSvcHst.exe [2010-1-28 117640]

R2 VoddlerNet;VoddlerNet;c:\program files\voddler\service\voddler.exe [2010-3-18 1160912]

R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2009-9-14 659328]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-8-28 102448]

R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\nis\1008000.029\symndisv.sys [2010-1-28 48688]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\magix\common\database\bin\fbserver.exe [2009-7-29 1527900]

S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-21 21504]

S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2007-11-13 106112]

S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2007-10-9 59264]

S3 UPnPService;UPnPService;c:\program files\common files\magix shared\upnpservice\UPnPService.exe [2009-7-29 544768]

 

=============== Created Last 30 ================

 

2010-04-08 17:10:05 0 d-----w- c:\users\david\appdata\roaming\Personal

2010-04-08 17:10:02 0 d-----w- c:\program files\Personal

2010-03-31 13:18:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-03-31 13:08:19 0 d-----w- c:\programdata\Sun

2010-03-21 20:37:31 0 d-----w- C:\Voddler

2010-03-21 20:36:42 0 d-----w- c:\program files\Voddler

 

==================== Find3M ====================

 

2010-04-13 06:25:51 635644 ----a-w- c:\windows\system32\perfh01D.dat

2010-04-13 06:25:51 136178 ----a-w- c:\windows\system32\perfc01D.dat

2010-04-12 20:44:49 2140 ----a-w- c:\windows\bthservsdp.dat

2010-04-05 21:37:18 66419 ----a-w- c:\users\david\appdata\roaming\nvModes.dat

2010-03-09 02:28:20 411368 ----a-w- c:\windows\system32\deploytk.dll

2010-02-23 06:33:45 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-02-23 06:33:45 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-02-23 04:55:36 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-02-20 23:06:41 24064 ----a-w- c:\windows\system32\nshhttp.dll

2010-02-20 23:05:14 30720 ----a-w- c:\windows\system32\httpapi.dll

2010-02-20 20:53:34 411648 ----a-w- c:\windows\system32\drivers\http.sys

2010-02-19 23:47:50 3604480 ----a-w- c:\windows\system32\GPhotos.scr

2010-02-12 10:32:56 293376 ----a-w- c:\windows\system32\browserchoice.exe

2010-02-02 20:15:12 51200 ----a-w- c:\windows\inf\infpub.dat

2010-02-02 20:15:12 143360 ----a-w- c:\windows\inf\infstrng.dat

2010-02-02 20:15:12 143360 ----a-w- c:\windows\inf\infstor.dat

2010-02-02 20:14:08 28672 ----a-w- c:\windows\system32\AF15BDAEX.dll

2010-01-25 12:00:35 471552 ----a-w- c:\windows\system32\secproc_isv.dll

2010-01-25 12:00:35 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll

2010-01-25 12:00:35 152064 ----a-w- c:\windows\system32\secproc_ssp.dll

2010-01-25 12:00:22 471552 ----a-w- c:\windows\system32\secproc.dll

2010-01-25 11:58:52 332288 ----a-w- c:\windows\system32\msdrm.dll

2010-01-25 08:21:20 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe

2010-01-25 08:21:20 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe

2010-01-25 08:21:18 518144 ----a-w- c:\windows\system32\RMActivate.exe

2010-01-25 08:21:18 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe

2010-01-23 09:26:13 2048 ----a-w- c:\windows\system32\tzres.dll

2009-11-25 02:31:33 665600 ----a-w- c:\windows\inf\drvindex.dat

2008-09-21 17:29:10 174 --sha-w- c:\program files\desktop.ini

2007-12-23 12:17:13 35978 ----a-w- c:\windows\inf\perflib\041d\perfd.dat

2007-12-23 12:17:13 35978 ----a-w- c:\windows\inf\perflib\041d\perfc.dat

2007-12-23 12:17:13 290490 ----a-w- c:\windows\inf\perflib\041d\perfi.dat

2007-12-23 12:17:13 290490 ----a-w- c:\windows\inf\perflib\041d\perfh.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2009-10-23 16:38:59 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

2008-08-11 19:55:17 22 --sha-w- c:\windows\sminst\HPCD.sys

 

============= FINISH: 16:45:26,24 ===============

Link to comment
Share on other sites

Är det Norton årsmodell 2010 du har? Om inte så uppgradera från deras webbplats.

 

Avinstallera följande eftersom det är gamla versioner med säkerhetshål:

Java™ 6 Update 2

Java™ 6 Update 7

Håll webbläsarna avstängda när du gör det.

 

Låt Secunias Software Inspector kolla upp om där finns fler program med säkerhetshål i datorn.

 

Jag kan inte se något skadligt i loggen. Om det fortfarande skickas spam från ditt konto nu efter lösenordsbytet så kolla upp datorn med någon online-skanning och ett bra antispionprogram:

http://www.eset.eu/online-scanner

http://www.malwarebytes.org/mbam.php

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...