Jump to content

  • Log in with Facebook Log in with Twitter Log In with Google      Logga in   
  • Registrera konto


Foto
- - - - -

Resident shield alert?


Den här tråden har arkiverats. Det innebär att du inte längre kan svara på inlägg i tråden. Vänligen starta en ny tråd vid behov.
10 svar i den här tråden

#1 anileve

anileve
  • Medlem
  • Pip
  • 7 inlägg

Skrivet 07 februari 2012 - 23:43

Jag är absolut ingen datorexpert över huvudtaget och behöver hjälp med vad jag tror är ett virus. Börjat poppa upp en ruta som det står Resident shield alert på och den påstår att jag har "trojan horse" infektioner eller något. Den har även samma logga som mitt AVG virysskydd program, därför blev jag först väldigt osäker.. Jag har städat datorn med hjälp av CC-cleaner 3 gånger nu, skannat med Malwarebytes Anti Malware programmet där den inte hittar någonting, jag skannade också med mitt AVG program och där hittade den infektioner men jag kunde inte ta bort dom.... Någon som kan ge mig en hjälpande hand med det här? skulle verkligen uppskattas! Är inte den mest tekniska tjej när det kommer till sådant här... Mvh Evelina


ANNONS:

#2 Cecilia

Cecilia
  • Hedersmedlem
  • 4 763 inlägg

Skrivet 07 februari 2012 - 23:51

Följ anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn så gott det går.

Om du kan få fram vad AVG hittar så blir jag glad om du klistrar in det också.

#3 anileve

anileve
  • Medlem
  • Pip
  • 7 inlägg

Skrivet 07 februari 2012 - 23:52

Tack!! menar du vad den hittar för infektioner ?

#4 anileve

anileve
  • Medlem
  • Pip
  • 7 inlägg

Skrivet 07 februari 2012 - 23:55

nu känner jag mig lagom korkad... ska jag ladda hem det programmet du nämner i den länken?

#5 Cecilia

Cecilia
  • Hedersmedlem
  • 4 763 inlägg

Skrivet 08 februari 2012 - 00:01

Ja, vad AVG hittar för infektioner respektive du ska ladda hem DDS.

#6 anileve

anileve
  • Medlem
  • Pip
  • 7 inlägg

Skrivet 08 februari 2012 - 00:09

från vilken hemsida kan jag hämta hem det ?

#7 anileve

anileve
  • Medlem
  • Pip
  • 7 inlägg

Skrivet 08 februari 2012 - 00:17

På AVG står det att den hittat 3 infections som heter

"C:\ProgramData\DatacardService\DCSHelper.exe (3300) Trojan horse PSW.Generic9.BIVE Infected"

#8 anileve

anileve
  • Medlem
  • Pip
  • 7 inlägg

Skrivet 08 februari 2012 - 00:28

Detta var vad jag fick fram ifrån DDS :



.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Evelina at 0:25:35 on 2012-02-08
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.46.1053.18.4091.1131 [GMT 1:00]
.
AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\AgentService\AgentService.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG9\avgfws9.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\ProgramData\DatacardService\DCService.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Personal\bin\Personal.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\prevhost.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
C:\Program Files (x86)\AVG\AVG9\avgemc.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\PROGRA~2\MICROS~2\Office12\WINWORD.EXE
C:\Windows\splwow64.exe
C:\Program Files\Microsoft Games\solitaire\solitaire.exe
C:\Program Files\Windows Media Player\wmprph.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\AVG\AVG9\avgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\AVG9\avgsrmaa.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.qword.com/?s=1
uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&m=aspire_5738&r=273603107706l0438z1k5t44i1h243
uSearch Page = hxxp://www.qword.com/?s=1
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&m=aspire_5738&r=273603107706l0438z1k5t44i1h243
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&m=aspire_5738&r=273603107706l0438z1k5t44i1h243
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: InternetDownloadToolBar: {376ca00c-3f95-46f7-8f04-e69906e52a1f} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO: QWBandToolBar: {8270927a-fb8b-4647-8e21-c9459bb2610d} - C:\Program Files (x86)\EE5E0334BDBA4E4CBC542806A6B25CB1\QWS.dll
BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: QWBandToolBar: {8270927a-fb8b-4647-8e21-c9459bb2610d} - C:\Program Files (x86)\EE5E0334BDBA4E4CBC542806A6B25CB1\QWS.dll
TB: InternetDownloadToolBar: {376ca00c-3f95-46f7-8f04-e69906e52a1f} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [Facebook Update] "C:\Users\Evelina\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
mRun: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
mRun: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
mRun: [YouTubeDownloader_upgrade] "C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\YouTubeDownloader.exe" /upgrade
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
StartupFolder: C:\Users\Evelina\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
Trusted Zone: qword.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: Interfaces\{136A07AF-E43A-4268-ABDB-324E75B02FD7} : NameServer = 80.251.201.177 80.251.201.178
TCP: Interfaces\{26D5CE17-DB45-49B7-88E0-37571CA4D152} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{26D5CE17-DB45-49B7-88E0-37571CA4D152}\1446F6C6663737F6E6 : DhcpNameServer = 192.168.2.1 192.168.0.1
TCP: Interfaces\{26D5CE17-DB45-49B7-88E0-37571CA4D152}\45F60736F6D6F5033326263683 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{26D5CE17-DB45-49B7-88E0-37571CA4D152}\4656661657C647 : DhcpNameServer = 195.67.199.24 192.168.0.1
TCP: Interfaces\{26D5CE17-DB45-49B7-88E0-37571CA4D152}\65142514D2B4F4D4D455E4D254C45465 : DhcpNameServer = 172.22.255.157
TCP: Interfaces\{4962352D-8F6D-47D2-B8F1-1F79ADAA0AB1} : DhcpNameServer = 192.168.2.1 192.168.0.1
TCP: Interfaces\{8BF03893-6FA4-4068-8F5E-132B654CDA54} : DhcpNameServer = 80.251.201.177 80.251.201.178
TCP: Interfaces\{E468B5C5-BEA0-44C0-AE18-C33F44732A87} : NameServer = 80.251.201.177 80.251.201.178
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{376CA00C-3F95-46F7-8F04-E69906E52A1F}
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
{8270927A-FB8B-4647-8E21-C9459BB2610D}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{95B7759C-8C7F-4BF1-B163-73684A933233}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
{8270927A-FB8B-4647-8E21-C9459BB2610D}
{376CA00C-3F95-46F7-8F04-E69906E52A1F}
{95B7759C-8C7F-4BF1-B163-73684A933233}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
mRun-x64: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
mRun-x64: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
mRun-x64: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
mRun-x64: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
mRun-x64: [YouTubeDownloader_upgrade] "C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\YouTubeDownloader.exe" /upgrade
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSErHrw7a;AVG9IDSErHr;C:\Windows\system32\Drivers\AVGIDSwa.sys --> C:\Windows\system32\Drivers\AVGIDSwa.sys [?]
R0 AvgRkx64;avgrkx64.sys;C:\Windows\system32\Drivers\avgrkx64.sys --> C:\Windows\system32\Drivers\avgrkx64.sys [?]
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 AvgLdx64;AVG AVI Loader Driver x64;C:\Windows\system32\Drivers\avgldx64.sys --> C:\Windows\system32\Drivers\avgldx64.sys [?]
R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;C:\Windows\system32\Drivers\avgmfx64.sys --> C:\Windows\system32\Drivers\avgmfx64.sys [?]
R1 AvgTdiA;AVG Network Redirector x64;C:\Windows\system32\Drivers\avgtdia.sys --> C:\Windows\system32\Drivers\avgtdia.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AgentService;PC Agent Service;C:\Program Files (x86)\AgentService\AgentService.exe [2010-11-25 73216]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 avg9emc;AVG E-mail Scanner;C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-7-17 921952]
R2 avg9wd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-7-17 308136]
R2 avgfws9;AVG Firewall;C:\Program Files (x86)\AVG\AVG9\avgfws9.exe [2010-7-17 2331544]
R2 DCService.exe;DCService.exe;C:\ProgramData\DatacardService\DCService.exe [2010-5-8 229376]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-3-30 844320]
R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-2-4 1355968]
R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-11 305448]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-9-24 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-18 144640]
R2 OMSI download service;Sony Ericsson OMSI download service;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2010-10-5 90112]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-10-28 240160]
R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-1-24 909152]
R3 AVGIDSDriverw7a;AVG9IDSDriver;C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSDriver.sys [2010-3-30 132688]
R3 AVGIDSFilterw7a;AVG9IDSFilter;C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSFilter.sys [2010-3-30 35920]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 AVGIDSAgent;AVG9IDSAgent;C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-7-17 5897808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-30 135664]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-4-28 167264]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?]
S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\system32\DRIVERS\ggflt.sys --> C:\Windows\system32\DRIVERS\ggflt.sys [?]
S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-30 135664]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-18 50432]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);C:\Windows\system32\DRIVERS\s0017bus.sys --> C:\Windows\system32\DRIVERS\s0017bus.sys [?]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s0017mdfl.sys --> C:\Windows\system32\DRIVERS\s0017mdfl.sys [?]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s0017mdm.sys --> C:\Windows\system32\DRIVERS\s0017mdm.sys [?]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s0017mgmt.sys --> C:\Windows\system32\DRIVERS\s0017mgmt.sys [?]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);C:\Windows\system32\DRIVERS\s0017nd5.sys --> C:\Windows\system32\DRIVERS\s0017nd5.sys [?]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s0017obex.sys --> C:\Windows\system32\DRIVERS\s0017obex.sys [?]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);C:\Windows\system32\DRIVERS\s0017unic.sys --> C:\Windows\system32\DRIVERS\s0017unic.sys [?]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-3-8 155344]
S3 Tdsshbecr;Handelsbanken card reader;C:\Windows\system32\DRIVERS\shbecr.sys --> C:\Windows\system32\DRIVERS\shbecr.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-01-11 12:33:06 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-11 12:33:06 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-11 12:33:05 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-11 12:33:05 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-11 12:33:01 1739160 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-11 12:33:01 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-11 12:33:00 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-11 12:33:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll
.
==================== Find3M ====================
.
2011-11-24 05:00:47 3141632 ----a-w- C:\Windows\System32\win32k.sys
2011-11-17 07:17:03 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 07:17:02 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 07:15:08 460296 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 07:12:02 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 07:11:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 07:11:33 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 07:11:02 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 07:10:58 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 07:08:18 1446912 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 07:05:16 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:39:28 314368 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:39:21 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:39:21 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:35:13 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 0:26:19,53 ===============

#9 Cecilia

Cecilia
  • Hedersmedlem
  • 4 763 inlägg

Skrivet 08 februari 2012 - 00:48

Har du mobilt bredband? För i så fall är det falsklarm av AVG. Det vore bra om du kan rapportera in det till AVG så att de kan uppdatera sina defitioner. Du gör det på webbsidan http://samplesubmit....false-detection Skriv i rutan "Huawei modem file".

Det finns däremot en del andra misstänkta filer i loggen, men jag får ta och titta närmare på dem i morgon.

#10 anileve

anileve
  • Medlem
  • Pip
  • 7 inlägg

Skrivet 08 februari 2012 - 08:45

Ja, jag har ett mobilt bredband, okej då testar jag det :)

#11 Cecilia

Cecilia
  • Hedersmedlem
  • 4 763 inlägg

Skrivet 08 februari 2012 - 13:07

QWBandToolBar bör avinstalleras, se http://www.systemloo..._QWS_t_dll.html
Installationen av den har även ändrat din start- och söksida till en sida med dåligt rykte, se http://www.mywot.com...ecard/qword.com så jag föreslår att du ändrar (om nu inte avinstallationen ändrar tillbaka men det brukar inte räcka). Det gör du i Kontrollpanelen - Internet-alternativ.

En sak till att ändra i Internet-alternativ, på fliken Säkerhet klickar du först på Tillförlitliga zonen och sedan på Platser. Ta bort platsen qword som finns där.

Du har en gammal version av AVG och för bästa säkerhet ska man ha den senaste versionen så installera version 2012 i stället.

Du har två gamla Java-versioner installerade. Dessa innehåller kända säkerhetshål som gör det lätt att infektera datorn från en webbsida. Eftersom du har Javas uppdateringsprogram igång bör du ha fått upp meddelanden om att det finns en uppdatering att hämta. Följ uppdateringen och se till efter installationen att där bara finns en Java-version installerad.