Gå till innehåll

hhanni

Medlem
 Visa profil  Visa deras aktivitet

  • Innehållsantal

    1

  • Gick med

  • Besökte senast

 Innehållstyp 

Inlägg postade av hhanni

    [LÖST] Windows security alerts

    i Borttagning av virus och andra skadliga program

    Postad

    hm, jag har också fått ett sånt virus, malware lyckades jag ta bort själv.

    Cecilia här är en DDS-logg

    DDS (Ver_09-12-01.01) - NTFSx86

    Run by gare at 10:06:35,20 on 2010-01-07

    Internet Explorer: 8.0.6001.18702

    Microsoft Windows XP Professional 5.1.2600.3.1252.46.1053.18.1015.544 [GMT 1:00]

    AV: PC Tools AntiVirus 6.0.0.19 *On-access scanning enabled* (Outdated) {832E7172-E406-4bb2-8B19-6D29F2C93A98}

    AV: Malware Defense *On-access scanning enabled* (Outdated) {28e00e3b-806e-4533-925c-f4c3d79514b9}

    ============== Running Processes ===============

    C:\WINDOWS\system32\svchost -k DcomLaunch

    C:\WINDOWS\system32\svchost -k rpcss

    C:\WINDOWS\System32\svchost.exe -k netsvcs

    C:\Program\WIDCOMM\Bluetooth Software\bin\btwdins.exe

    C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

    C:\WINDOWS\system32\svchost.exe -k NetworkService

    C:\WINDOWS\system32\svchost.exe -k LocalService

    C:\WINDOWS\system32\spoolsv.exe

    C:\WINDOWS\System32\SCardSvr.exe

    C:\WINDOWS\Explorer.EXE

    C:\Program\Analog Devices\SoundMAX\SMax4PNP.exe

    C:\WINDOWS\AGRSMMSG.exe

    C:\WINDOWS\system32\igfxtray.exe

    C:\WINDOWS\system32\igfxpers.exe

    C:\Program\Microsoft Office\Office12\GrooveMonitor.exe

    C:\Program\Java\jre6\bin\jusched.exe

    C:\Program\PC Tools AntiVirus\PCTAV.exe

    C:\Program\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe

    C:\Program\iTunes\iTunesHelper.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Program\Electronic Arts\EADM\Core.exe

    C:\DOCUME~1\GARE~1\LOKALA~1\Temp\settdebugx.exe

    C:\Program\WIDCOMM\Bluetooth Software\BTTray.exe

    C:\DOCUME~1\GARE~1\LOKALA~1\Temp\wscsvc32.exe

    C:\Program\WIDCOMM\BLUETO~1\BTSTAC~1.EXE

    C:\WINDOWS\system32\svchost.exe -k LocalService

    C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

    C:\Program\Bonjour\mDNSResponder.exe

    C:\Program\Java\jre6\bin\jqs.exe

    C:\Program\PC Tools AntiVirus\PCTAVSvc.exe

    C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

    C:\Program\Analog Devices\SoundMAX\SMAgent.exe

    C:\WINDOWS\system32\svchost.exe -k imgsvc

    C:\Program\Hewlett-Packard\Shared\hpqwmiex.exe

    C:\WINDOWS\system32\wbem\wmiprvse.exe

    C:\Program\iPod\bin\iPodService.exe

    C:\WINDOWS\System32\alg.exe

    C:\Program\Internet Explorer\iexplore.exe

    C:\Program\Windows Live\Toolbar\wltuser.exe

    C:\WINDOWS\system32\wbem\wmiprvse.exe

    C:\Documents and Settings\ägare\Skrivbord\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://facebook.se/

    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll

    BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program\bitcomet\tools\BitCometBHO_1.2.8.7.dll

    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll

    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program\microsoft office\office12\GrooveShellExtensions.dll

    BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll

    BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll

    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program\windows live\toolbar\wltcore.dll

    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program\windows live\toolbar\wltcore.dll

    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

    uRun: [EA Core] "c:\program\electronic arts\eadm\Core.exe" -silent

    uRun: [settdebugx.exe] c:\docume~1\gare~1\lokala~1\temp\settdebugx.exe

    uRun: [Malware Defense] "c:\program\malware defense\mdefense.exe" -noscan

    mRun: [soundMAXPnP] c:\program\analog devices\soundmax\SMax4PNP.exe

    mRun: [soundMAX] c:\program\analog devices\soundmax\Smax4.exe /tray

    mRun: [AGRSMMSG] AGRSMMSG.exe

    mRun: [igfxtray] c:\windows\system32\igfxtray.exe

    mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

    mRun: [igfxpers] c:\windows\system32\igfxpers.exe

    mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe"

    mRun: [GrooveMonitor] "c:\program\microsoft office\office12\GrooveMonitor.exe"

    mRun: [EPSON Stylus C48 Series] c:\windows\system32\spool\drivers\w32x86\3\E_S4I091.EXE /P23 "EPSON Stylus C48 Series" /O6 "USB001" /M "Stylus C48"

    mRun: [sunJavaUpdateSched] "c:\program\java\jre6\bin\jusched.exe"

    mRun: [PCTAVApp] "c:\program\pc tools antivirus\PCTAV.exe" /MONITORSCAN

    mRun: [QlbCtrl.exe] c:\program\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start

    mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime

    mRun: [iTunesHelper] "c:\program\itunes\iTunesHelper.exe"

    dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

    StartupFolder: c:\docume~1\gare~1\start-~1\program\autost~1\skrmur~1.lnk - c:\program\microsoft office\office12\ONENOTEM.EXE

    StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\bttray.lnk - c:\program\widcomm\bluetooth software\BTTray.exe

    IE: &D&ownload &with BitComet - c:\program\bitcomet\BitComet.exe/AddLink.htm

    IE: &D&ownload all video with BitComet - c:\program\bitcomet\BitComet.exe/AddVideo.htm

    IE: &D&ownload all with BitComet - c:\program\bitcomet\BitComet.exe/AddAllLink.htm

    IE: E&xportera till Microsoft Excel - c:\program\micros~2\office12\EXCEL.EXE/3000

    IE: Skicka till &Bluetooth-enhet... - c:\program\widcomm\bluetooth software\btsendto_ie_ctx.htm

    IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program\widcomm\bluetooth software\btsendto_ie.htm

    IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program\bitcomet\tools\BitCometBHO_1.2.8.7.dll/206

    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe

    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program\micros~2\office12\ONBttnIE.dll

    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program\micros~2\office12\REFIEBAR.DLL

    LSP: c:\program\delade filer\pc tools\lsp\PCTLsp.dll

    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

    DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab

    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1225903211231

    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

    DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

    DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

    DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab

    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program\microsoft office\office12\GrooveSystemServices.dll

    Notify: igfxcui - igfxdev.dll

    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program\microsoft office\office12\GrooveShellExtensions.dll

    ============= SERVICES / DRIVERS ===============

    R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-8-10 130936]

    R2 AVFilter;AVFilter;c:\windows\system32\drivers\AVFilter.sys [2008-11-25 21904]

    R2 PCTAVSvc;PC Tools AntiVirus Engine;c:\program\pc tools antivirus\PCTAVSvc.exe [2008-11-25 826600]

    R3 AVHook;AVHook;c:\windows\system32\drivers\AVHook.sys [2008-11-25 28560]

    R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2008-11-5 88192]

    =============== Created Last 30 ================

    2010-01-07 09:01:13 0 d--h--r- c:\documents and settings\ägare\Recent

    2010-01-07 07:46:51 856 ----a-w- c:\windows\system32\krl32mainweq.dll

    2010-01-07 07:35:25 55056 ---ha-w- c:\windows\system32\mlfcache.dat

    2010-01-03 14:30:59 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

    2010-01-03 14:30:59 107368 ----a-w- c:\windows\system32\GEARAspi.dll

    2010-01-03 14:29:38 0 d-----w- c:\program\iPod

    2010-01-03 14:29:31 0 d-----w- c:\program\iTunes

    2010-01-03 14:29:31 0 d-----w- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}

    2010-01-03 14:28:50 0 d-----w- c:\program\Bonjour

    2010-01-03 14:26:41 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys

    2010-01-03 14:26:41 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll

    2010-01-03 14:25:43 0 d-----w- c:\program\delade filer\Apple

    ==================== Find3M ====================

    2010-01-07 08:55:18 80260 ----a-w- c:\windows\system32\perfc01D.dat

    2010-01-07 08:55:18 437918 ----a-w- c:\windows\system32\perfh01D.dat

    2010-01-07 08:50:02 4980736 ---ha-w- c:\documents and settings\ägare\NTUSER.DAT

    2009-10-29 07:44:35 916480 ----a-w- c:\windows\system32\wininet.dll

    2009-10-21 05:40:44 75776 ----a-w- c:\windows\system32\strmfilt.dll

    2009-10-21 05:40:44 25088 ----a-w- c:\windows\system32\httpapi.dll

    2009-10-13 10:38:09 270848 ----a-w- c:\windows\system32\oakley.dll

    2009-10-12 13:40:17 79872 ----a-w- c:\windows\system32\raschap.dll

    2009-10-12 13:40:17 150016 ----a-w- c:\windows\system32\rastls.dll

    2008-11-06 11:41:42 32768 --sha-w- c:\windows\system32\config\systemprofile\lokala inställningar\tidigare\history.ie5\mshist012008102720081103\index.dat

    2008-11-06 11:41:42 32768 --sha-w- c:\windows\system32\config\systemprofile\lokala inställningar\tidigare\history.ie5\mshist012008110620081107\index.dat

    ============= FINISH: 10:07:36,96 ===============

×
×
  • Skapa nytt...