Just nu i M3-nätverket
Jump to content

Kommer ej ut på internät


Patrir

Recommended Posts

Hallå!

 

 

Loggades ut från facebook för att de stod att jag hade virus infekterade filer på datorn.

 

Efter de funkade ingen sida alls att gå in på, prövat tre olika webbläsare, och samma på varje "sidan kan inte visas" eller

 

"Den här webbsidan är inte tillgänglig"

 

 

Långt ner står det i chrome "fel 102 (net::ERR_CONNECTION_REFUSED): Servern vägrade ansluta."

 

Har kört igenom Avast och med Ad-aware och tagit bort de infekterade som kom upp.

 

Och nu har jag inte en blekaste vad jag ska ta mig till!?

 

Nere i hörnet står det att jag är ansluten till nätvärk, och internet funkar på bärbara.

 

 

Någon som har nå tips va jag ska ta mig till?

 

 

 

Mvh Patrik Söderqvist

 

 

 

Link to comment
Share on other sites

Kan du föra över filer mellan den dator du sitter vid nu och datorn med problem?

I så fall följ anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn där du då för över de olika programmen och loggarna mellan datorerna med hjälp av lokalt nätverk, USB-minne, CD-skiva etc.

 

 

Har nu bifogat DDS.txt, jag fattar ju ingenting av den, så hoppas du gör! Hoppas du kan hjälpa mig! :)

Tack på för hand.

 

Patrik Söderqvist

DDS.txt

Link to comment
Share on other sites

Jag klistrar in loggen så att det blir lättare att söka information och att senare gå tillbaka och jämföra.

 

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24

Run by Patrik at 16:04:38 on 2012-07-08

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.16381.12729 [GMT 2:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Lavasoft Ad-Aware *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}

SP: Lavasoft Ad-Aware *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVAST Software\Avast\afwServ.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\DAODx.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\Patrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Personal\bin\Personal.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\PROGRA~2\AD-AWA~1\AdAware.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Voddler\service\voddler.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskmgr.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.se/

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll

TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [Google Update] "C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [spotify Web Helper] "C:\Users\Patrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run

mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Search

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

IE: {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\AllMusicConverter\YouTubeRipper.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{6706964F-D3ED-40E7-8612-CB55951294FA} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{A45C0842-1D1F-4A74-8BCE-5B4BEC32156F} : DhcpNameServer = 80.251.201.177 80.251.201.178

TCP: Interfaces\{B7AEB0FE-1C7C-4510-BC46-AA945C48BB8A} : DhcpNameServer = 192.168.1.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{6c97a91e-4524-4019-86af-2aa2d567bf5c}

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{AA58ED58-01DD-4d91-8333-CF10577473F7}

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{32099AAC-C132-4136-9E9A-4E364A424E17}

{98889811-442D-49dd-99D7-DC866BE87DBC}

{2318C2B1-4965-11d4-9B18-009027A5CD4F}

{6c97a91e-4524-4019-86af-2aa2d567bf5c}

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun-x64: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run

mRun-x64: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

Hosts: 255.255.255.255 easyanticheat.se # misleading site

Hosts: 255.255.255.255 www.easyanticheat.se # misleading site

Hosts: 255.255.255.255 easyanticheat.com # misleading site

Hosts: 255.255.255.255 www.easyanticheat.com # misleading site

Hosts: 255.255.255.255 easyanticheat.info # misleading site

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\kqsfbpq3.default\

FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)

FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=112560&tt=010712_1&babsrc=HP_ss&mntrId=061e1ffd00000000000000241d7ffc44

FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=112560&tt=010712_1&babsrc=KW_ss&mntrId=061e1ffd00000000000000241d7ffc44&q=

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl.dll

FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl64.dll

FF - plugin: C:\Program Files (x86)\Voddler\plugin\npvoddler.dll

FF - plugin: C:\Program Files (x86)\VOIPlay\npvoiplay.dll

FF - plugin: C:\Users\Patrik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112560&tt=010712_1

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - 061e1ffd00000000000000241d7ffc44

FF - user.js: extensions.BabylonToolbar_i.hardId - 061e1ffd00000000000000241d7ffc44

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15525

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1722:25:19

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - base

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);

============= SERVICES / DRIVERS ===============

.

R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\aswNdis.sys --> C:\Windows\system32\DRIVERS\aswNdis.sys [?]

R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\system32\drivers\aswNdis2.sys --> C:\Windows\system32\drivers\aswNdis2.sys [?]

R1 aswFW;avast! TDI Firewall driver;C:\Windows\system32\drivers\aswFW.sys --> C:\Windows\system32\drivers\aswFW.sys [?]

R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?]

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 SbFw;SbFw;C:\Windows\system32\drivers\SbFw.sys --> C:\Windows\system32\drivers\SbFw.sys [?]

R1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2011-10-26 101112]

R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-5-3 1226096]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-5 361984]

R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-6 44808]

R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-7-6 133912]

R2 ESLWireAC;ESLWireAC;\??\C:\Windows\system32\drivers\ESLWireACD.sys --> C:\Windows\system32\drivers\ESLWireACD.sys [?]

R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?]

R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 ESLvnic1;ESLvnic Virtual Network 64 Bit;C:\Windows\system32\DRIVERS\ESLvnic.sys --> C:\Windows\system32\DRIVERS\ESLvnic.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\Windows\system32\DRIVERS\SBFWIM.sys --> C:\Windows\system32\DRIVERS\SBFWIM.sys [?]

R3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]

R3 sbwtis;sbwtis;C:\Windows\system32\DRIVERS\sbwtis.sys --> C:\Windows\system32\DRIVERS\sbwtis.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-1 135664]

S3 ENTECH64;ENTECH64;\??\C:\Windows\system32\DRIVERS\ENTECH64.sys --> C:\Windows\system32\DRIVERS\ENTECH64.sys [?]

S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-1 135664]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-8-15 17152]

S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]

S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;C:\Windows\system32\DRIVERS\sbfwim.sys --> C:\Windows\system32\DRIVERS\sbfwim.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

.

=============== Created Last 30 ================

.

2012-07-06 10:49:12 -------- d-----w- C:\Users\Patrik\AppData\Local\adaware

2012-07-06 10:49:11 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection

2012-07-06 10:48:57 60536 ----a-w- C:\Windows\System32\drivers\sbhips.sys

2012-07-06 10:48:36 119416 ----a-w- C:\Windows\System32\drivers\SbFwIm.sys

2012-07-06 10:48:33 256632 ----a-w- C:\Windows\System32\drivers\SbFw.sys

2012-07-06 10:48:31 45936 ----a-w- C:\Windows\System32\sbbd.exe

2012-07-06 10:48:27 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus

2012-07-06 10:20:39 142128 ----a-w- C:\Windows\System32\drivers\aswFW.sys

2012-07-06 10:20:28 266776 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys

2012-07-06 10:20:28 19600 ----a-w- C:\Windows\System32\drivers\aswKbd.sys

2012-07-06 10:20:28 12368 ----a-w- C:\Windows\System32\drivers\aswNdis.sys

2012-07-06 10:12:29 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2012-07-06 10:12:24 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2012-07-06 10:12:18 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2012-07-06 10:10:46 41224 ----a-w- C:\Windows\avastSS.scr

2012-07-06 10:10:36 -------- d-----w- C:\ProgramData\AVAST Software

2012-07-06 10:10:36 -------- d-----w- C:\Program Files\AVAST Software

2012-07-06 10:08:52 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner

2012-07-06 10:08:42 -------- d-----w- C:\Program Files (x86)\adawaretb

2012-07-06 10:08:15 -------- d-----w- C:\Users\Patrik\AppData\Roaming\Ad-Aware Antivirus

2012-07-06 10:03:51 -------- dc----w- C:\ProgramData\{42E04EE4-AB57-407A-9691-3FFA8B8FEBBE}

2012-07-06 10:03:17 -------- d-----w- C:\Program Files\Lavasoft

2012-07-06 09:28:18 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E8A5AB58-4D90-490D-9F56-1397C3087ADC}\mpengine.dll

2012-07-04 20:27:41 -------- d-----w- C:\Program Files (x86)\TorrentSearch

2012-07-04 20:27:41 -------- d-----w- C:\Program Files (x86)\OApps

2012-07-04 20:27:23 -------- d-----w- C:\Program Files (x86)\intellidownload

2012-07-04 20:25:10 -------- d-----w- C:\Users\Patrik\AppData\Roaming\YourFileDownloader

2012-07-04 19:34:28 1332224 ----a-w- C:\Windows\SysWow64\SYNSOEMU.DLL

2012-07-03 20:19:22 172219 ----a-w- C:\torrent.exe

2012-07-03 19:22:24 -------- d-----w- C:\Users\Patrik\AppData\Roaming\OpenOffice.org

2012-07-03 19:18:04 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3

2012-07-03 19:09:50 -------- d-----w- C:\Users\Patrik\AppData\Roaming\BabylonToolbar

2012-06-25 04:45:42 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-25 04:44:27 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-25 04:44:11 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-25 04:44:11 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-14 14:22:00 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-06-14 14:21:59 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-06-14 14:21:59 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-06-14 14:21:56 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-06-14 14:21:56 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-06-14 14:21:56 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-06-14 14:21:56 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-06-14 14:21:56 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-06-14 14:21:56 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-06-14 14:01:59 -------- d-----w- C:\Windows\System32\SPReview

2012-06-14 14:01:00 -------- d-----w- C:\Windows\System32\EventProviders

2012-06-14 13:57:58 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-14 13:56:35 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-06-14 13:56:33 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-06-14 13:56:33 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-06-14 13:56:28 3146752 ----a-w- C:\Windows\System32\win32k.sys

2012-06-14 13:56:26 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

.

==================== Find3M ====================

.

2012-07-01 19:08:28 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2012-07-01 19:08:28 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2012-07-01 19:08:14 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2012-06-14 19:10:44 175616 ----a-w- C:\Windows\System32\msclmd.dll

2012-06-14 19:10:44 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

.

============= FINISH: 16:05:42,12 ===============

Link to comment
Share on other sites

Avinstallera Babylon Toolbar pga http://www.systemlookup.com/CLSID/71915-BabylonToolbarTlbr_dll.html både i Kontrollpanelen - Program och funktioner, och i Firefox - Verktyg - Tillägg - (någon flik).

 

Vet du vad följande är? Är det något du har lagt in med vilje?

Hosts: 255.255.255.255 easyanticheat.se # misleading site

Hosts: 255.255.255.255 www.easyanticheat.se # misleading site

Hosts: 255.255.255.255 easyanticheat.com # misleading site

Hosts: 255.255.255.255 www.easyanticheat.com # misleading site

Hosts: 255.255.255.255 easyanticheat.info # misleading site

 

Att ha både Ad-Aware version 10 och Avast kan leda till konstiga problem. Börja med att avinstallera båda så får vi se om det får igång internet.

Link to comment
Share on other sites

Avinstallera Babylon Toolbar pga http://www.systemloo...arTlbr_dll.html både i Kontrollpanelen - Program och funktioner, och i Firefox - Verktyg - Tillägg - (någon flik).

 

Vet du vad följande är? Är det något du har lagt in med vilje?

Hosts: 255.255.255.255 easyanticheat.se # misleading site

Hosts: 255.255.255.255 www.easyanticheat.se # misleading site

Hosts: 255.255.255.255 easyanticheat.com # misleading site

Hosts: 255.255.255.255 www.easyanticheat.com # misleading site

Hosts: 255.255.255.255 easyanticheat.info # misleading site

 

Att ha både Ad-Aware version 10 och Avast kan leda till konstiga problem. Börja med att avinstallera båda så får vi se om det får igång internet.

 

easyanticheat har jag ej installerat. Finns inte på kontrollpanelen heller...

Link to comment
Share on other sites

Om du inte har kvar Attach.txt från när du körde DDS får du köra DDS igen.

Link to comment
Share on other sites

Jag behöver se den andra loggen från DDS, Attach.txt, också.

 

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume3

Install Date: 2009-11-30 14:44:55

System Uptime: 2012-07-08 21:50:25 (2 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA790FXT-UD5P

Processor: AMD Phenom II X6 1055T Processor | Socket M2 | 2812/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 233 GiB total, 2,408 GiB free.

D: is FIXED (NTFS) - 932 GiB total, 108,625 GiB free.

E: is Removable

F: is FIXED (NTFS) - 596 GiB total, 56,895 GiB free.

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description:

Device ID: ROOT\MEDIA\0000

Manufacturer:

Name:

PNP Device ID: ROOT\MEDIA\0000

Service:

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Hosts File Hijack ======================

.

Hosts: 255.255.255.255 easyanticheat.se # misleading site

Hosts: 255.255.255.255 www.easyanticheat.se # misleading site

Hosts: 255.255.255.255 easyanticheat.com # misleading site

Hosts: 255.255.255.255 www.easyanticheat.com # misleading site

Hosts: 255.255.255.255 easyanticheat.info # misleading site

Hosts: 255.255.255.255 www.easyanticheat.info # misleading site

Hosts: 255.255.255.255 easyanticheat.org # misleading site

Hosts: 255.255.255.255 www.easyanticheat.org # misleading site

 

 

 

Kom på vad easyanticheat är. De är som en fusk-koll när man spelar Counter-strike på en sida.

 

 

.

Link to comment
Share on other sites

Det där är bara början på Attach.txt.

 

ATTACH.TXT

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume3

Install Date: 2009-11-30 14:44:55

System Uptime: 2012-07-09 22:36:47 (25 hours ago)

.

Motherboard: Gigabyte Technology Co., Ltd. | | GA-MA790FXT-UD5P

Processor: AMD Phenom II X6 1055T Processor | Socket M2 | 2812/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 233 GiB total, 6,068 GiB free.

D: is FIXED (NTFS) - 932 GiB total, 112,643 GiB free.

E: is Removable

F: is FIXED (NTFS) - 596 GiB total, 56,895 GiB free.

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description:

Device ID: ROOT\MEDIA\0000

Manufacturer:

Name:

PNP Device ID: ROOT\MEDIA\0000

Service:

.

==== System Restore Points ===================

.

RP565: 2012-07-10 03:00:28 - Windows Update

.

==== Hosts File Hijack ======================

.

Hosts: 255.255.255.255 easyanticheat.se # misleading site

Hosts: 255.255.255.255 www.easyanticheat.se # misleading site

Hosts: 255.255.255.255 easyanticheat.com # misleading site

Hosts: 255.255.255.255 www.easyanticheat.com # misleading site

Hosts: 255.255.255.255 easyanticheat.info # misleading site

Hosts: 255.255.255.255 www.easyanticheat.info # misleading site

Hosts: 255.255.255.255 easyanticheat.org # misleading site

Hosts: 255.255.255.255 www.easyanticheat.org # misleading site

.

==== Installed Programs ======================

.

"Nero SoundTrax Help

3DMark Vantage

3DMark05

Ad-Aware Antivirus

Ad-Aware Browsing Protection

Adobe AIR

Adobe Community Help

Adobe Flash Player 10 ActiveX

Adobe Photoshop CS5.1

Adobe Reader 9.3 - Svenska

Adobe Shockwave Player 11.5

Advertising Center

AllMusicConverter 4.0.4

AllMusicConverter Media Suite 4.0.4

AMD VISION Engine Control Center

Apple-programstöd

Apple Software Update

ArenanBrowser v1.3.3

ASIO4ALL

Assassin's Creed Revelations

µTorrent

avast! Internet Security

AVS Audio Converter 7

AVS Update Manager 1.0

AVS4YOU Software Navigator 1.4

BankID säkerhetsprogram

Battlefield 3™

Battlelog Web Plugins

Call of Duty: Modern Warfare 2

Call of Duty: Modern Warfare 2 - Multiplayer

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Counter-Strike

Counter-Strike: Source

Counter-Strike: Source Beta

DAEMON Tools Toolbar

DC++ 0.770

Default Tab

Diablo III

DolbyFiles

ESN Sonar

EVEREST Ultimate Edition v5.50

FL Studio 9

FM Graphics Guru 1.1

Football Manager 2010

Football Manager 2011

Football Manager 2011 Demo

Football Manager 2012

Free M4a to MP3 Converter 6.1

Futuremark SystemInfo

Games4u Play

GCFScape 1.7.1

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Grand Theft Auto: Episodes from Liberty City

Hardcore

HydraVision

IL Download Manager

ImagXpress

Java Auto Updater

Java 6 Update 24

Libra version 3

Menu Templates - Starter Kit

Microsoft Choice Guard

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

mIRC

Mount & Blade: With Fire and Sword

Movie Templates - Starter Kit

Mozilla Firefox 10.0 (x86 sv-SE)

Mozilla Firefox 4.0b8 (x86 sv-SE)

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Native Instruments Massive

Native Instruments Service Center

Nero 6 Ultra Edition

Nero 9

Nero BurningROM

Nero BurnRights

Nero ControlCenter

Nero CoverDesigner

Nero CoverDesigner Help

Nero Disc Copy Gadget

Nero Disc Copy Gadget Help

Nero DiscSpeed

Nero DriveSpeed

Nero Express

Nero InfoTool

Nero Installer

Nero Live

Nero Live Help

Nero PhotoSnap

Nero PhotoSnap Help

Nero Recode

Nero Recode Help

Nero Rescue Agent

Nero RescueAgent Help

Nero ShowTime

Nero StartSmart

Nero StartSmart Help

Nero WaveEditor

Nero WaveEditor Help

Nero Vision

NeroBurningROM

NeroExpress

neroxml

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

OpenOffice.org 3.4

Opera 10.63

Origin

PDF Settings CS5

PKR

PoiZone

PokerStars

PunkBuster Services

QuickTime

Rapture3D 2.4.4 Game

reFX Nexus 1.0.9

reFX Nexus VSTi RTAS v2.2.0

reFX Vanguard 1.7.2

Safari

Sawer

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2518870)

SHIFT 2 UNLEASHED™

Skype Click to Call

Skype™ 5.9

Sony ACID Pro 6.0

Sony Media Manager 2.2

SoundTrax

Speedway Liga

Spotify

Steam

Svenska Spels Poker

System Requirements Lab CYRI

Toxic Biohazard

Ubisoft Game Launcher

UK Truck Simulator 1.02

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Watson

Waves Diamond Bundle v5.2

Waves SSL Collection v1.2

Ventrilo Client

VentriloMIX

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Live OneCare safety scanner

Windows Live Upload Tool

Virtual DJ - Atomix Productions

VLC media player 1.0.3

VoddlerNet

VoddlerPlayer

VOIPlay

.

==== End Of File ===========================

 

 

DDS.TXT

 

 

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24

Run by Patrik at 23:33:30 on 2012-07-10

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.16381.14212 [GMT 2:00]

.

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: Lavasoft Ad-Aware *Disabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}

SP: Lavasoft Ad-Aware *Disabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\afwServ.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Windows\system32\taskeng.exe

C:\Windows\DAODx.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Voddler\service\voddler.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Users\Patrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files (x86)\Personal\bin\Personal.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.se/

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll

TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [Google Update] "C:\Users\Patrik\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [spotify Web Helper] "C:\Users\Patrik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Search

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

IE: {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files (x86)\AllMusicConverter\YouTubeRipper.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.53.0.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{6706964F-D3ED-40E7-8612-CB55951294FA} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{A45C0842-1D1F-4A74-8BCE-5B4BEC32156F} : DhcpNameServer = 80.251.201.177 80.251.201.178

TCP: Interfaces\{B7AEB0FE-1C7C-4510-BC46-AA945C48BB8A} : DhcpNameServer = 192.168.1.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{AA58ED58-01DD-4d91-8333-CF10577473F7}

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{32099AAC-C132-4136-9E9A-4E364A424E17}

{98889811-442D-49dd-99D7-DC866BE87DBC}

{2318C2B1-4965-11d4-9B18-009027A5CD4F}

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run

IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

Hosts: 255.255.255.255 easyanticheat.se # misleading site

Hosts: 255.255.255.255 www.easyanticheat.se # misleading site

Hosts: 255.255.255.255 easyanticheat.com # misleading site

Hosts: 255.255.255.255 www.easyanticheat.com # misleading site

Hosts: 255.255.255.255 easyanticheat.info # misleading site

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\kqsfbpq3.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=112560&tt=010712_1&babsrc=HP_ss&mntrId=061e1ffd00000000000000241d7ffc44

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl.dll

FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl64.dll

FF - plugin: C:\Program Files (x86)\Voddler\plugin\npvoddler.dll

FF - plugin: C:\Program Files (x86)\VOIPlay\npvoiplay.dll

FF - plugin: C:\Users\Patrik\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112560&tt=010712_1

FF - user.js: extensions.BabylonToolbar_i.babExt -

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

FF - user.js: extensions.BabylonToolbar_i.id - 061e1ffd00000000000000241d7ffc44

FF - user.js: extensions.BabylonToolbar_i.hardId - 061e1ffd00000000000000241d7ffc44

FF - user.js: extensions.BabylonToolbar_i.instlDay - 15525

FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1722:25:19

FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar_i.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar_i.tlbrId - base

FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);

============= SERVICES / DRIVERS ===============

.

R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\aswNdis.sys --> C:\Windows\system32\DRIVERS\aswNdis.sys [?]

R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\system32\drivers\aswNdis2.sys --> C:\Windows\system32\drivers\aswNdis2.sys [?]

R1 aswFW;avast! TDI Firewall driver;C:\Windows\system32\drivers\aswFW.sys --> C:\Windows\system32\drivers\aswFW.sys [?]

R1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys --> C:\Windows\system32\drivers\aswKbd.sys [?]

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 SbFw;SbFw;C:\Windows\system32\drivers\SbFw.sys --> C:\Windows\system32\drivers\SbFw.sys [?]

R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-5-3 1226096]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-5 361984]

R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-6-24 55424]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-7-6 133912]

R2 ESLWireAC;ESLWireAC;\??\C:\Windows\system32\drivers\ESLWireACD.sys --> C:\Windows\system32\drivers\ESLWireACD.sys [?]

R2 sbapifs;sbapifs;C:\Windows\system32\DRIVERS\sbapifs.sys --> C:\Windows\system32\DRIVERS\sbapifs.sys [?]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-11-20 240232]

R2 VoddlerNet;VoddlerNet;C:\Program Files (x86)\Voddler\service\voddler.exe [2010-4-15 867024]

R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 ESLvnic1;ESLvnic Virtual Network 64 Bit;C:\Windows\system32\DRIVERS\ESLvnic.sys --> C:\Windows\system32\DRIVERS\ESLvnic.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;C:\Windows\system32\DRIVERS\SBFWIM.sys --> C:\Windows\system32\DRIVERS\SBFWIM.sys [?]

S1 SBRE;SBRE;C:\Windows\System32\drivers\SBREDrv.sys [2011-10-26 101112]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-1 135664]

S2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2011-12-19 3289032]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-5 160944]

S3 ENTECH64;ENTECH64;\??\C:\Windows\system32\DRIVERS\ENTECH64.sys --> C:\Windows\system32\DRIVERS\ENTECH64.sys [?]

S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-2-1 135664]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-8-15 17152]

S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]

S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;C:\Windows\system32\DRIVERS\sbfwim.sys --> C:\Windows\system32\DRIVERS\sbfwim.sys [?]

S3 sbhips;sbhips;C:\Windows\system32\drivers\sbhips.sys --> C:\Windows\system32\drivers\sbhips.sys [?]

S3 sbwtis;sbwtis;C:\Windows\system32\DRIVERS\sbwtis.sys --> C:\Windows\system32\DRIVERS\sbwtis.sys [?]

S3 SMServer;SMServer;C:\Windows\SysWOW64\snmvtsvc.exe [2010-7-11 245760]

S3 STSService;STSService;C:\Program Files (x86)\AllMusicConverter Media Suite\STSService.exe [2010-6-15 348160]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-07-06 10:48:57 60536 ----a-w- C:\Windows\System32\drivers\sbhips.sys

2012-07-06 10:48:36 119416 ----a-w- C:\Windows\System32\drivers\SbFwIm.sys

2012-07-06 10:48:33 256632 ----a-w- C:\Windows\System32\drivers\SbFw.sys

2012-07-06 10:48:31 45936 ----a-w- C:\Windows\System32\sbbd.exe

2012-07-06 10:48:27 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus

2012-07-06 10:20:39 142128 ----a-w- C:\Windows\System32\drivers\aswFW.sys

2012-07-06 10:20:28 266776 ----a-w- C:\Windows\System32\drivers\aswNdis2.sys

2012-07-06 10:20:28 19600 ----a-w- C:\Windows\System32\drivers\aswKbd.sys

2012-07-06 10:20:28 12368 ----a-w- C:\Windows\System32\drivers\aswNdis.sys

2012-07-06 10:12:24 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2012-07-06 10:12:18 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2012-07-06 10:10:46 41224 ----a-w- C:\Windows\avastSS.scr

2012-07-06 10:10:36 -------- d-----w- C:\ProgramData\AVAST Software

2012-07-06 10:10:36 -------- d-----w- C:\Program Files\AVAST Software

2012-07-06 10:08:15 -------- d-----w- C:\Users\Patrik\AppData\Roaming\Ad-Aware Antivirus

2012-07-06 10:03:51 -------- dc----w- C:\ProgramData\{42E04EE4-AB57-407A-9691-3FFA8B8FEBBE}

2012-07-06 10:03:17 -------- d-----w- C:\Program Files\Lavasoft

2012-07-06 09:28:18 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E8A5AB58-4D90-490D-9F56-1397C3087ADC}\mpengine.dll

2012-07-04 20:27:41 -------- d-----w- C:\Program Files (x86)\TorrentSearch

2012-07-04 20:27:41 -------- d-----w- C:\Program Files (x86)\OApps

2012-07-04 20:27:23 -------- d-----w- C:\Program Files (x86)\intellidownload

2012-07-04 20:25:10 -------- d-----w- C:\Users\Patrik\AppData\Roaming\YourFileDownloader

2012-07-04 19:34:28 1332224 ----a-w- C:\Windows\SysWow64\SYNSOEMU.DLL

2012-07-03 20:19:22 172219 ----a-w- C:\torrent.exe

2012-07-03 19:22:24 -------- d-----w- C:\Users\Patrik\AppData\Roaming\OpenOffice.org

2012-07-03 19:18:04 -------- d-----w- C:\Program Files (x86)\OpenOffice.org 3

2012-06-25 04:45:42 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-25 04:44:27 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-25 04:44:11 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-25 04:44:11 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-14 14:22:00 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-06-14 14:21:59 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-06-14 14:21:59 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-06-14 14:21:56 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-06-14 14:21:56 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-06-14 14:21:56 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-06-14 14:21:56 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-06-14 14:21:56 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-06-14 14:21:56 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-06-14 14:01:59 -------- d-----w- C:\Windows\System32\SPReview

2012-06-14 14:01:00 -------- d-----w- C:\Windows\System32\EventProviders

2012-06-14 13:57:58 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-14 13:56:35 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-06-14 13:56:33 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-06-14 13:56:33 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-06-14 13:56:28 3146752 ----a-w- C:\Windows\System32\win32k.sys

2012-06-14 13:56:26 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

.

==================== Find3M ====================

.

2012-07-01 19:08:28 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2012-07-01 19:08:28 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2012-07-01 19:08:14 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2012-06-14 19:10:44 175616 ----a-w- C:\Windows\System32\msclmd.dll

2012-06-14 19:10:44 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

.

============= FINISH: 23:33:43,33 ===============

Link to comment
Share on other sites

Försök leta reda på en logg (de loggar) i Avast som visar vad för något programmet har hittat, både typ av skadligt program och vilka filer/mappar det gäller. Klistra in innehållet i loggen (loggarna) i ditt svar.

 

När det gäller Ad-Aware så hittar man loggarna i mappen C:\ProgramData\Lavasoft\AntiMalware\History\

där loggfilerna har formen <date information>.xml. Leta reda på de(n) logg(ar) där något har hittats och klistra in den (dem) också.

 

När ovanstående är klart, så kan du avinstallera:

Ad-Aware Antivirus

Ad-Aware Browsing Protection

avast! Internet Security

Det är inte lämpligt att köra Ad-Aware version 10 och Avast i samma dator. Det kommer att orsaka konflikter och ge upphov till olika problem, t ex förlorad internet-åtkomst.

Link to comment
Share on other sites

Försök leta reda på en logg (de loggar) i Avast som visar vad för något programmet har hittat, både typ av skadligt program och vilka filer/mappar det gäller. Klistra in innehållet i loggen (loggarna) i ditt svar.

 

När det gäller Ad-Aware så hittar man loggarna i mappen C:\ProgramData\Lavasoft\AntiMalware\History\

där loggfilerna har formen <date information>.xml. Leta reda på de(n) logg(ar) där något har hittats och klistra in den (dem) också.

 

När ovanstående är klart, så kan du avinstallera:

Ad-Aware Antivirus

Ad-Aware Browsing Protection

avast! Internet Security

Det är inte lämpligt att köra Ad-Aware version 10 och Avast i samma dator. Det kommer att orsaka konflikter och ge upphov till olika problem, t ex förlorad internet-åtkomst.

 

 

Ad-Aware hittar jag inga log filer...

 

Avast Software/Avast/Log hittar jag massa log filer.

 

aswAr.log

 

Chest.log

 

Firewall.og

 

htmRemoterContent.log

 

Mail.log

 

nshield.log

 

selfdef.log

 

Setup.log

 

SpamEngine.log

 

usntr.log

 

 

Nån speciell som du vill se`?

Link to comment
Share on other sites

Finns det något i Ad-Awares karantän?

 

Eftersom jag inte har Avast så vet jag inte vad som finns i olika loggar, men Firewall, Mail, Setup och SpamEngine lär ju knappast innehålla vilka skadliga filer som har hittats. Du får öppna dem och se om någon listar de skadliga filer som Avast hittade.

Link to comment
Share on other sites

Finns det något i Ad-Awares karantän?

 

Eftersom jag inte har Avast så vet jag inte vad som finns i olika loggar, men Firewall, Mail, Setup och SpamEngine lär ju knappast innehålla vilka skadliga filer som har hittats. Du får öppna dem och se om någon listar de skadliga filer som Avast hittade.

 

 

Tack för att du försök hjälpa mig, men det lutar åt nu att jag köper en ny hårddisk och omformaterar, har sökt hjälp på problemet över en vecka nu och ingen finner bra svar.

 

De verkar inte finnas några lösningar alls, ju mer jag söker destå mera ser jaf folk med samma problem, men de finns verkliigen inga lösningar någostans.

 

de som om de är omöjligt att fixa,

har internet på allt, förutomwebbläsaren, och ju mer jag läser hör jagbara att folk formaterar, de verkar vara den enda utvägen.

 

Men tack för allt hjälp

 

Mvh

 

Patrik Söderqvist

Link to comment
Share on other sites

Har du prövat med att skriva in DSN-servrar i inställningarna för nätverkskortet i stället för att det står på automatiskt?

Förutom din internet-leverantörs egna så kan du ju pröva med t ex OpenDNS: 208.67.222.222

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...