Just nu i M3-nätverket
Jump to content

Polisvirus, Tur?


Ceddan

Recommended Posts

Plötsligt svartade skärmen och sidan för polisviruset startade. Panik startade, stängde av datorn så fort som möjligt. Startade om och kom direkt in på sidan, inga ikoner fanns på skrivbordet. Testade en massa saker som felsäkertläge mm mm men kunskapen som jag har är väl inte den vassaste. Tillslut loggade jag in barnens inloggning och Där kom jag in. Gjorde en "återställning från tidigare punkt" och vips så kom jag in på min inloggning. Tog hem Ad Aware (free ware) och skannade datorn (tog över 5 timmar)

 

Scanningen hittade några träffar:

 

Cookie: tracking cookie

 

 

LooksLike.Java.CVE-2013-1493a (v)

 

Trojan.Win32.Generic!BT

 

Trojan.Win32.Generic!BT

 

Trojan.Win32.Generic!BT

 

 

 

jag har kört "cleaning" så att nu säger Ad Aware att datorn är "grön.

 

 

Ska jag vara lugn nu?

 

Bifogar ett word doc med print screen!

 

/ceddan

Link to comment
Share on other sites

Ok, men finns dessa sidor (på svenska är väl bara att glömma) på engelska?, Vill gärna inte ladda det något som jag inte känner igen . (tror det är en smart inställning ;) )

Link to comment
Share on other sites

Om du kollar runt lite så ser du att det vimlar av loggar från DDS-programmet både i Eforum och ute på internet. Det är riskfritt att ladda ner och köra DDS.

 

Det är inte nödvändigt att köra Erunt utan det är bara för din egen säkerhet utifall att något händer under rensningen. Det är i betydligt mindre än 1% av de datorer som jag hjälper till att rensa som Erunt har behövts användas för återställa och i inget av fallen med polistrojanen.

 

Visst är det bra att vara försiktig med vad man laddar ner :thumbsup: men nu får du nog försöka lita på mig.

Link to comment
Share on other sites

inte meningen att misstro dej!

 

Är det så här:

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16490 BrowserJavaVersion: 1.6.0_38

Run by Fredrik at 16:16:32 on 2013-06-28

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.4044.1405 [GMT 2:00]

.

AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}

AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}

SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

C:\Program Files (x86)\adawaretb\ffHelper.exe

C:\ProgramData\Search Protection\SearchProtection.exe

C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe

C:\PROGRA~2\AD-AWA~1\AdAware.exe

C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe

C:\PROGRA~2\MICROS~1\Office12\WINWORD.EXE

C:\Windows\splwow64.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Fredrik\AppData\Roaming\Spotify\spotify.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=1E5CDBE4191E1B618E3E3851CD25C0C6

uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

mWinlogon: Userinit = userinit.exe

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

BHO: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\npchrome_frame.dll

TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f

uRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f

mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

mRun: [search Protection] C:\ProgramData\Search Protection\SearchProtection.exe

mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: HideFastUserSwitching = dword:0

IE: E&xportera till Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_38-windows-i586.cab

TCP: NameServer = 213.50.29.170 192.168.0.1

TCP: Interfaces\{75D988D4-F89A-429E-9599-1C456018627F} : DHCPNameServer = 213.50.29.170 192.168.0.1

TCP: Interfaces\{75D988D4-F89A-429E-9599-1C456018627F}\6596C6C616374716E6 : DHCPNameServer = 213.50.29.170 192.168.0.1

TCP: Interfaces\{75D988D4-F89A-429E-9599-1C456018627F}\8445340205F627471626C6560284F6473707F647 : DHCPNameServer = 192.168.1.1

Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\npchrome_frame.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll

SEH: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab

x64-Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - <orphaned>

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Fredrik\AppData\Roaming\Mozilla\Firefox\Profiles\pmci4thn.default\

FF - prefs.js: browser.search.selectedEngine - Bing

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

FF - prefs.js: browser.search.selectedEngine - SecureSearch

FF - prefs.js: browser.startup.homepage - hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_1&ent=hp&u=1E5CDBE4191E1B618E3E3851CD25C0C6

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl.dll

FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl64.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Fredrik\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll

FF - plugin: C:\Users\Fredrik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-12-18 279616]

R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2013-6-13 1236336]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-4-7 203776]

R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-6 291896]

R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-10 26680]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-7-13 13336]

R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-7-13 2372096]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008]

R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-3-23 87040]

R2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-9-20 3677000]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-7-13 2656280]

R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]

R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-15 317440]

R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2011-1-8 12262688]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-7-13 1860672]

R3 NisSrv;Microsoft Nätverkskontroll;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-5-27 565352]

S0 gfibto;gfibto;C:\Windows\System32\drivers\gfibto.sys [2013-1-2 14456]

S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-3-1 161384]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-4-13 48488]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-16 1071160]

S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]

S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2010-6-25 36928]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-7-13 335464]

S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]

S3 TdsNordecr;Nordea NCR1 SmartCard Reader;C:\Windows\System32\drivers\nordecr.sys [2007-10-30 28672]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-5 1255736]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

.

=============== Created Last 30 ================

.

2013-06-28 11:42:30 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0CE0925C-A7F3-4B25-B040-BC897B3226E1}\mpengine.dll

2013-06-28 06:02:55 -------- d-----w- C:\ProgramData\Ad-Aware Antivirus

2013-06-28 05:58:19 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus

2013-06-28 05:58:01 -------- d-----w- C:\ProgramData\Downloaded Installations

2013-06-28 05:57:56 -------- d-----w- C:\ProgramData\Search Protection

2013-06-28 05:57:54 -------- d-----w- C:\Users\Fredrik\AppData\Local\adawarebp

2013-06-28 05:57:54 -------- d-----w- C:\ProgramData\blekko toolbars

2013-06-28 05:57:33 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner

2013-06-28 05:57:20 -------- d-----w- C:\Program Files (x86)\adawaretb

2013-06-28 05:56:32 9552976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-06-28 05:56:18 47496 ----a-w- C:\Windows\System32\sbbd.exe

2013-06-28 05:56:17 -------- d-----w- C:\Users\Fredrik\AppData\Roaming\Ad-Aware Antivirus

2013-06-25 12:37:37 -------- d-----w- C:\Users\Fredrik\AppData\Local\{25EB0DA1-BEA5-49C2-8556-1FF00C3E0FE9}

2013-06-24 13:23:36 -------- d-----w- C:\Users\Fredrik\AppData\Local\{317AD3C8-8983-47FB-911C-E6B58DDEA4C9}

2013-06-21 07:24:51 964552 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{712698AE-AA47-426A-8708-1B1C01082D90}\gapaengine.dll

2013-06-12 19:45:16 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-06-12 19:45:15 751104 ----a-w- C:\Windows\System32\win32spl.dll

2013-06-12 19:45:14 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-06-12 19:45:11 30720 ----a-w- C:\Windows\System32\cryptdlg.dll

2013-06-12 19:45:11 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll

2013-06-12 19:44:52 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-06-12 19:44:52 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-06-12 19:44:51 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-06-12 19:44:51 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-06-12 19:44:51 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-06-12 19:44:51 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2013-06-12 19:44:51 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-06-12 19:44:51 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-06-12 19:44:51 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-06-12 19:44:51 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-06-06 16:26:17 -------- d-----w- C:\Users\Fredrik\AppData\Local\{DED5C69E-62D8-4905-97C5-FD719F306762}

2013-05-31 14:33:11 -------- d-----r- C:\Program Files (x86)\Skype

2013-05-31 14:32:19 -------- d-----w- C:\Users\Fredrik\AppData\Local\{C0D22EF9-3E93-47EB-8B0A-FE45BB42495E}

.

==================== Find3M ====================

.

2013-06-28 05:56:18 14456 ----a-w- C:\Windows\System32\drivers\gfibto.sys

2013-06-11 21:49:18 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-11 21:49:18 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-27 21:17:28 74272 ----a-w- C:\Windows\System32\RtNicProp64.dll

2013-05-27 21:17:28 565352 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys

2013-05-27 21:17:28 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll

2013-05-17 03:09:56 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-05-17 03:02:29 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-05-17 03:01:13 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-05-17 02:56:09 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-05-17 02:56:00 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-05-17 02:51:27 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-05-16 22:39:39 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-05-16 22:28:26 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-05-16 22:27:30 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-05-16 22:21:37 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-05-16 22:20:30 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-05-16 22:16:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-10 06:01:54 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-04-10 06:01:53 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\System32\win32k.sys

.

============= FINISH: 16:16:41,80 ===============

 

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 2011-12-04 02:06:12

System Uptime: 2013-06-28 08:06:42 (8 hours ago)

.

Motherboard: Hewlett-Packard | | 1672

Processor: Intel® Core i5-2410M CPU @ 2.30GHz | CPU1 | 2301/1333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 448 GiB total, 163,029 GiB free.

D: is FIXED (NTFS) - 17 GiB total, 1,807 GiB free.

E: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP240: 2013-06-13 15:25:53 - Windows Update

RP242: 2013-06-18 17:37:39 - HPSF Applying updates

RP241: 2013-06-18 17:37:39 - HPSF Applying updates

RP243: 2013-06-18 17:41:05 - Windows Update

RP244: 2013-06-18 18:12:12 - Installerad Ralink Wireless LAN

RP245: 2013-06-22 12:22:33 - Windows Update

RP246: 2013-06-26 11:01:48 - Windows Update

RP247: 2013-06-28 07:39:49 - Återställningsåtgärd

RP248: 2013-06-28 07:55:47 - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh

Ad-Aware Antivirus

Ad-Aware Security Add-on

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.5) MUI

Adobe Shockwave Player 12.0

Agatha Christie - Peril at End House

ATI Catalyst Install Manager

µTorrent

BankID säkerhetsprogram

Bejeweled 2 Deluxe

Bejeweled 3

Betsafe Poker 1.0.0

BetSafe Poker Black

Bing Bar

Blackhawk Striker 2

Blackhawk Striker 2 from WildTangent (remove only)

Blasterball 3

Bounce Symphony

Build-a-lot 2

Cake Mania

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

Catalyst Control Center Profiles Mobile

ccc-core-static

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

Chuzzle Deluxe

CyberLink YouCam

D3DX10

DAEMON Tools Lite

Diner Dash 2 Restaurant Rescue

Dora's World Adventure

Dora Djuräventyr

Dora Ryggsäcksäventyret

Energy Star Digital Logo

ESU for Microsoft Windows 7 SP1

Evernote v. 4.2.2

Facebook Messenger 2.1.4814.0

Farm Frenzy

FATE - The Traitor Soul

Final Drive Nitro

Garmin Communicator Plugin

Garmin Communicator Plugin x64

Google Chrome Frame

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Hewlett-Packard ACLM.NET v1.2.1.1

HP Auto

HP Client Services

HP Connection Manager

HP Customer Experience Enhancements

HP Documentation

HP Games

HP On Screen Display

HP Power Manager

HP Quick Launch

HP Setup

HP Setup Manager

HP Software Framework

HP Support Assistant

HTC BMP USB Driver

HTC Driver Installer

HTC Sync

IDT Audio

Intel® Display Audio Driver

Intel® Management Engine Components

Intel® Rapid Storage Technology

Java Auto Updater

Java 6 Update 24 (64-bit)

Java 6 Update 38

Junk Mail filter update

Körkortsteoriprogrammet A-Behörighet

Magic Desktop

Mah Jong Medley

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile Language Pack - SVE

Microsoft .NET Framework 4 Client Profile SVE Language Pack

Microsoft Antimalware Service SV-SE Language Pack

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010

Microsoft Office Access MUI (Swedish) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel 2007 Help Uppdatering (KB963678)

Microsoft Office Excel MUI (Swedish) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Swedish) 2007

Microsoft Office InfoPath MUI (Swedish) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (Swedish) 2007

Microsoft Office Outlook MUI (Swedish) 2007

Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669)

Microsoft Office PowerPoint MUI (Swedish) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Finnish) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Swedish) 2007

Microsoft Office Proofing (Swedish) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Swedish) 2007

Microsoft Office Shared 64-bit MUI (Swedish) 2007

Microsoft Office Shared MUI (Swedish) 2007

Microsoft Office Word 2007 Help Uppdatering (KB963665)

Microsoft Office Word MUI (Swedish) 2007

Microsoft Security Client

Microsoft Security Client SV-SE Language Pack

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319

Mozilla Firefox 18.0.2 (x86 sv-SE)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

Mystery P.I. - Stolen in San Francisco

Namco All-Stars PAC-MAN

Penguins!

Plants vs. Zombies - Game of the Year

Poker Superstars III

Polar Bowler

Polar Golfer

PX Profile Update

Ralink RT5390 802.11b/g/n WiFi Adapter

Realtek Ethernet Controller Driver

Realtek PCIE Card Reader

Recovery Manager

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile Language Pack - SVE (KB2518870)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Skype™ 6.3

Slingo Supreme

Spotify

Svenska Spels Poker

swMSM

Synaptics Pointing Device Driver

Trafikskolan TEO

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition

Update Installer for WildTangent Games App

uTorrentBar Toolbar

WildTangent Games App (HP Games)

WildTangent Web Driver

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live Fotogalleri

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger

Windows Live Mesh ActiveX-objekt til fjernforbindelser

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Meshin etäyhteyksien ActiveX-komponentti

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Liven asennustyökalu

Windows Liven sähköposti

Windows Liven valokuvavalikoima

WinRAR 4.10 beta 4 (32-bit)

WinRAR 4.10 beta 4 (64-bit)

Virtual Villagers 4 - The Tree of Life

VLC media player 1.1.11

Zuma Deluxe

.

==== End Of File ===========================

Link to comment
Share on other sites

Bra!

 

1. Avinstallera:

uTorrentBar Toolbar pga http://www.systemlookup.com/CLSID/71935-tbuTor_dll_tbuTo0_dll_tbuTo1_dll_tbuTo2_dll_prxtbuTor_dll_prxtbuTo0_dll_prxtbuTo1_dll_prxtbuTo2_dll_prxtbuTo3_dll.html

 

Följande program är gamla versioner med kända säkerhetshål som gör det lätt att infektera datorn från en webbsida, t ex med polistrojanen. De ska förstås avinstalleras.

Adobe Reader X (10.1.5) MUI (om du ska ha Adobe Reader ska du ha senaste versionen av säkerhetsskäl)

Java™ 6 Update 24 (64-bit) (Om du verkligen behöver ha Java, ha senaste versionen)

Java™ 6 Update 38

 

2. Inget spår av polistrojanen i loggen men kör en kontroll även på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet Remove found threats

Bocka för Scan Archives

 

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Scan

 

När skanningen är klar kopiera resultatet och klistra sedan in det i ditt svar.

Link to comment
Share on other sites

denna lista fick jag upp av "hot"

 

 

 

C:\Microgaming\Poker\BetSafePokerBlackMPP\install.exe probably a variant of Win32/PrimeCasino application

C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll a variant of Win32/SweetIM.F application

C:\Users\Fredrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2DPRDMIF\hardcoresmoothies_net[1].htm HTML/Iframe.B.Gen virus

C:\Users\Fredrik\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\7fe4c1b4-1ed17108 Java/Exploit.Agent.OSE trojan

C:\Users\Fredrik\Downloads\Adaware_Installer.exe Win32/OpenCandy application

C:\Users\Fredrik\Downloads\DTLite4451-0236 (1).exe Win32/OpenCandy application

C:\Users\Fredrik\Downloads\DTLite4451-0236.exe Win32/OpenCandy application

Link to comment
Share on other sites

C:\Users\Fredrik\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\7fe4c1b4-1ed17108 Java/Exploit.Agent.OSE trojan

Visar att polistrojanen nog kom in via den gamla Java-versionen. Om du har avinstallerat alla Java kan du ta bort mappen C:\Users\Fredrik\AppData\LocalLow\Sun\Java. Hittar du den eller ska vi till till något program för att ta bort den?

 

C:\Users\Fredrik\Downloads\Adaware_Installer.exe Win32/OpenCandy application

C:\Users\Fredrik\Downloads\DTLite4451-0236 (1).exe Win32/OpenCandy application

C:\Users\Fredrik\Downloads\DTLite4451-0236.exe Win32/OpenCandy application

Tre nedladdade program som även innehåller kod för att installera en toolbar. Det visar hur viktigt det är att vara noga när man installerar program.

 

Några fler frågor innan det är dags att avinstallera DDS?

Link to comment
Share on other sites

Jaha, då har jag avistallerat alla Java under, kontrollpanelen avistallera Java (fanns 2 st)

mappen : C:\Users\Fredrik\AppData\LocalLow\Sun\Java har jag deletat mappen,

C:\Users\Fredrik\AppData\LocalLow\Sun, finns ju kvar men det kanske den ska/gör .

 

Dom övriga programm, ska jag avinstallera dom med? Hur ska jag i framtiden veta att jag inte installerar dessa typ program. Det var ju så att jag fick lite panik när jag inte kom in i datorn och installerade Ad Aware och var inte så noga utan ville mest köra igång antivirus, (trodde inte att Ad Aware skickade med små program som kan resultera i att datorn kan bli skadad av det.

 

Det med toolbar, är det dom frågorna man får upp på slutet i en installation, om dom ska lägga till en toolbar och en genväg på skrivbordet. Är det isf det så ska man inte ha några genvägar eller toolbars!?

 

Jag får ofta upp frågan om Java, om installation. Är det ett program som man inte ska ha i sin dator?

Link to comment
Share on other sites

Datorn blir inte skadad av dessa OpenCandy-markerade program utan det handlar om program som skickar med toolbars, precis som du skriver. De gör det därför att när någon installerar toolbaren så får programmeraren/programföretaget några kronor i ersättning. Visst kan man installera någon toolbar och t ex den från Ad-Aware innehåller inget skadligt, men har man många kommer det att påverka surfhastigheten.

 

Det är inget fel på Java-programmet i sig men eftersom det har hittats många säkerhetsproblem i det och de flesta har (gamla versioner av) Java installerat så har det varit populärt för de kriminella att utnyttja de funna säkerhetshålen. Därför är den allmänna rekommendationen att inte ha Java installerat om man inte behöver det.

Link to comment
Share on other sites

DDS, är ju färdig använt för denna gång !?

Är det ett program som jag måste avinstallera?

 

Sen verkar det som om jag (eller Du förståss) fått ordning på datorn.

Känns om om den börjat gå lite fortare och det är ju trevligt :)

Link to comment
Share on other sites

Vad bra att datorn fungerar bättre :thumbsup:

 

Finns ingen anledning att ha kvar DDS. Om du behöver det någon annan gång så kan det finnas en uppdaterad version.

 

Ladda ner avinstallationsprogrammet OTC till Skrivbordet.

http://oldtimer.geekstogo.com/OTC.exe

Dubbelklicka på filen för att starta programmet.

Tryck på knappen CleanUp! och DDS kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.

 

Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/

Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...