Musten

Medlem

Visa profil Visa deras aktivitet

Innehållsantal
7
Gick med
December 11, 2010
Besökte senast
Juni 7, 2012

Musten's Achievements

(1/8)

Security Shield!

Musten svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Och den där rutan kom inte upp denna gången, och den gav ingen respons när man tryckte på "växla till" tidigare....
- Juni 7, 2012
- 101 svar
Security Shield!

Musten svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Hej! Tog bort Ask Toolbar, något som någon annan måste råkat klicka i.... Detta är inte min egna dator så.Här är output från DDS . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30 Run by Sevket at 22:27:09 on 2012-06-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.4010.2014 [GMT 2:00] . AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\ProgramData\DatacardService\HWDeviceService64.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\WebcamMax\wcmmon.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe C:\ProgramData\Telenor Mobile Partner\OnlineUpdate\ouc.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\alg.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.sivilmanset.com/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll uRun: [Voipwise] "C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe" -nosplash -minimized uRun: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a uRun: [Octoshape Streaming Services] "C:\Users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Sevket\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{03D5B791-6B1E-4D79-AAB6-0FE61462B7E4} : NameServer = 195.54.122.221 195.54.122.211 TCP: Interfaces\{6CDFA328-59D2-4F23-AA8D-F3B4A2751FF7}\4493350575A50513D22393130303 : DhcpNameServer = 192.168.0.1 192.168.0.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\2456C6B696E6F5E4F575962756C6563737F5032354533444 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\3747164656E6127657563747 : DhcpNameServer = 62.88.141.5 62.88.141.6 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\4556C6562394E6475627E65647D25383534463 : DhcpNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\45E4F507279667164756F5131324032373 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\57C647271437C616E69437675636 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{C56D62E1-2A3C-440D-8DD5-F68FFAA20F97} : NameServer = 195.54.122.221 195.54.122.211 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {27B4851A-3207-45A2-B947-BE8AFE6163AB} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9FDDE16B-836F-4806-AB1F-1455CBEFF289} {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} {DBC80044-A445-435b-BC74-9C25C1C588A9} mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun-x64: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Sevket\AppData\Roaming\Mozilla\Firefox\Profiles\exgyoeyf.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Sevket\AppData\Roaming\Mozilla\plugins\npoctoshape.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-9-5 64952] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-4-30 98208] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-30 1997416] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-30 1692480] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-2-17 3027840] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\system32\DRIVERS\wcmvcam64.sys --> C:\Windows\system32\DRIVERS\wcmvcam64.sys [?] R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/04/30 00:12:56;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S2 Telenor Mobile Partner. RunOuc;Telenor Mobile Partner. OUC;C:\Program Files (x86)\Telenor Mobile Partner\UpdateDog\ouc.exe [2012-2-28 246112] S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-30 2656280] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-7 257696] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?] S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys --> C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [?] S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\system32\DRIVERS\ewusbwwan.sys --> C:\Windows\system32\DRIVERS\ewusbwwan.sys [?] S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176] S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter_hs.sys --> C:\Windows\system32\drivers\massfilter_hs.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 113120] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\DRIVERS\nvstusb.sys --> C:\Windows\system32\DRIVERS\nvstusb.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2012-06-07 19:39:42 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EF1B6B55-2677-4E6D-AF72-FE0BDA252F29}\mpengine.dll 2012-06-07 19:38:07 -------- d-sh--w- C:\$RECYCLE.BIN 2012-06-07 19:20:09 98816 ----a-w- C:\Windows\sed.exe 2012-06-07 19:20:09 518144 ----a-w- C:\Windows\SWREG.exe 2012-06-07 19:20:09 256000 ----a-w- C:\Windows\PEV.exe 2012-06-07 19:20:09 208896 ----a-w- C:\Windows\MBR.exe 2012-06-07 16:35:29 -------- d-----w- C:\Users\Sevket\AppData\Roaming\Malwarebytes 2012-06-07 16:35:12 -------- d-----w- C:\ProgramData\Malwarebytes 2012-06-07 16:35:11 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-07 16:35:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-06-07 15:46:10 -------- d-----w- C:\Users\Sevket\AppData\Local\{B94A15F4-8F2F-43D3-935E-A20419E2D8BA} 2012-06-07 15:45:29 -------- d-----w- C:\Users\Sevket\AppData\Local\{1701EAF8-18BA-45D3-BE76-14A685538CEB} 2012-06-06 19:31:28 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-06 19:31:28 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-06 16:00:22 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-06 10:59:37 -------- d-----w- C:\Users\Sevket\AppData\Local\{87866375-B9C4-410D-8C16-906D44EA036C} 2012-06-06 10:59:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{55CF67D8-73C5-4A71-8DB5-F65253163136} 2012-06-04 21:03:36 -------- d-----w- C:\Users\Sevket\AppData\Local\{FB04F855-8E1E-480A-9792-F39F34E96976} 2012-06-04 21:03:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{012F0FCA-313A-4A99-97CF-8F79EB7AC829} 2012-06-03 12:20:52 -------- d-----w- C:\Users\Sevket\AppData\Local\{9BFA623E-3E01-4641-843C-520DC3E974FD} 2012-06-03 00:20:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{DA5A3079-8D43-45F9-9E50-924A7FFC00DC} 2012-06-03 00:20:00 -------- d-----w- C:\Users\Sevket\AppData\Local\{D5E90BA6-B796-4969-8E32-CE0A54846075} 2012-06-02 08:00:36 -------- d-----w- C:\Users\Sevket\AppData\Local\{9F4072B7-C916-43D6-9FA6-6E386A262359} 2012-06-02 08:00:25 -------- d-----w- C:\Users\Sevket\AppData\Local\{AAD60CC8-9196-4A8C-92BC-1BD25AC4485A} 2012-06-01 14:01:10 -------- d-----w- C:\Users\Sevket\AppData\Local\{C8A8F95B-ECA9-410E-A03D-FD6306B1A2A4} 2012-06-01 14:00:44 -------- d-----w- C:\Users\Sevket\AppData\Local\{718EDF62-C0E6-4B9D-A0F8-0AB569C11337} 2012-05-31 06:37:53 -------- d-----w- C:\Users\Sevket\AppData\Local\{6FC95CB2-9CC5-4294-8A97-0EF72B396308} 2012-05-31 06:37:42 -------- d-----w- C:\Users\Sevket\AppData\Local\{7FC442B5-6002-4CFF-AA3A-31157B9D0790} 2012-05-29 12:49:56 -------- d-----w- C:\Users\Sevket\AppData\Local\{0B3544D2-1ACE-486A-9CB2-AE3F4A1DAAB0} 2012-05-29 12:49:45 -------- d-----w- C:\Users\Sevket\AppData\Local\{0E63C6F5-26BF-4A9D-BD1F-54CAA9EC4965} 2012-05-28 21:39:21 -------- d-----w- C:\Users\Sevket\AppData\Local\{A2D5CEFC-2E3E-4F94-BAE2-569E08E7C5C9} 2012-05-28 21:39:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{A41159FE-482F-4CA0-87FD-B23967808D6A} 2012-05-24 09:10:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{C332719F-3B05-4F32-9B7C-C4C358F12265} 2012-05-24 09:09:52 -------- d-----w- C:\Users\Sevket\AppData\Local\{A1020D66-E11F-4DC2-B02A-7D31244115EA} 2012-05-21 12:12:05 -------- d-----w- C:\Users\Sevket\AppData\Local\{852E3D51-0401-40B9-B53A-EE23E6E67F82} 2012-05-21 12:11:54 -------- d-----w- C:\Users\Sevket\AppData\Local\{D6B5CC97-1127-450E-97AD-1D7C254836F7} 2012-05-21 00:11:37 -------- d-----w- C:\Users\Sevket\AppData\Local\{DD2D1B6D-C551-4855-AFA0-C66213B06BE2} 2012-05-21 00:11:20 -------- d-----w- C:\Users\Sevket\AppData\Local\{2A5210E7-0312-4DE2-B1FB-5F281FCAE935} 2012-05-20 12:10:49 -------- d-----w- C:\Users\Sevket\AppData\Local\{F74B5FCD-03E0-425B-98DD-220A9D962171} 2012-05-20 12:10:35 -------- d-----w- C:\Users\Sevket\AppData\Local\{60EAB4DF-C35F-456F-84A4-D78252B08A64} 2012-05-20 11:28:36 -------- d---a-w- C:\Users\Sevket\.android 2012-05-20 11:28:32 38424 ----a-w- C:\Windows\System32\drivers\androidusb.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsvousb.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsnmea.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsdiag.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsat.sys 2012-05-20 11:28:32 127056 ----a-w- C:\Windows\System32\drivers\zghsmdm.sys 2012-05-20 11:28:32 11776 ----a-w- C:\Windows\System32\drivers\massfilter_hs.sys 2012-05-20 11:28:27 96256 ----a-w- C:\Windows\AdbWinApi.dll 2012-05-20 11:28:27 584584 ----a-w- C:\Windows\adb.exe 2012-05-20 11:28:27 -------- d-----w- C:\Program Files\ZTE Handset USB Driver 2012-05-19 10:19:56 -------- d-----w- C:\Users\Sevket\AppData\Local\{E6621AF1-7DBA-4D5F-A576-D39A81383D70} 2012-05-19 10:19:44 -------- d-----w- C:\Users\Sevket\AppData\Local\{9B438B85-8BE5-4B6F-A7A3-744A044A050A} 2012-05-18 20:19:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{63B72367-6370-45DD-B158-CC3FF1B86768} 2012-05-18 20:18:48 -------- d-----w- C:\Users\Sevket\AppData\Local\{93A720B9-0D42-4ED6-8AD5-5938FDF5769B} 2012-05-17 17:30:19 -------- d-----w- C:\Users\Sevket\AppData\Local\{C1E69500-D1B4-44CA-B366-322EBEB2E7F7} 2012-05-17 17:30:08 -------- d-----w- C:\Users\Sevket\AppData\Local\{E7E6D606-0184-4810-88D8-504702B1B9DD} 2012-05-16 22:04:13 -------- d-----w- C:\Users\Sevket\AppData\Local\{478F15A1-0568-4A9F-97F9-83718AF278CE} 2012-05-16 22:04:01 -------- d-----w- C:\Users\Sevket\AppData\Local\{220199A6-ACF7-425F-A979-64F0441DEB3B} 2012-05-14 13:06:42 -------- d-----w- C:\Users\Sevket\AppData\Local\{B1F88348-CFE8-43F5-94AB-80BDD652EFDC} 2012-05-14 13:06:31 -------- d-----w- C:\Users\Sevket\AppData\Local\{C1AA0329-45F9-43EE-9BFD-0790766B8D5C} 2012-05-12 23:12:43 -------- d-----w- C:\Users\Sevket\AppData\Local\{7A55E381-DEA8-46F3-91A8-6DA10BBF35F5} 2012-05-12 23:12:32 -------- d-----w- C:\Users\Sevket\AppData\Local\{743497AD-6788-403F-8E90-66776FF7D850} 2012-05-12 19:57:24 -------- d-----w- C:\Users\Sevket\AppData\Local\{4D6D8F6E-FC07-41CD-96B5-A17AFED93972} 2012-05-12 19:56:59 -------- d-----w- C:\Users\Sevket\AppData\Local\{344A5395-59CE-4333-9A0D-295430B4AE55} 2012-05-11 19:02:12 -------- d-----w- C:\Users\Sevket\AppData\Local\{B16D0A71-CB5B-4198-BC01-2B563FB8500D} 2012-05-11 19:01:53 -------- d-----w- C:\Users\Sevket\AppData\Local\{9BAC8E84-9E0B-4575-B42E-32F41256F5B3} 2012-05-10 02:01:29 -------- d-----w- C:\Users\Sevket\AppData\Local\{B92B4582-A1D1-4FE3-BEE7-2796DD35A13B} 2012-05-10 02:01:18 -------- d-----w- C:\Users\Sevket\AppData\Local\{73AF87B3-D701-4A4D-8203-BCCEF98CE1E3} 2012-05-09 22:12:11 1544704 ----a-w- C:\Windows\System32\DWrite.dll 2012-05-09 22:12:11 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-05-09 22:12:10 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-09 22:12:09 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-09 22:12:09 3146240 ----a-w- C:\Windows\System32\win32k.sys 2012-05-09 22:12:08 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-09 22:11:09 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-05-09 22:10:30 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-05-09 22:10:23 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 22:10:23 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2012-05-09 22:10:23 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 22:10:22 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2012-05-09 22:10:22 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2012-05-09 11:51:24 -------- d-----w- C:\Users\Sevket\AppData\Local\{3C6057E0-A54F-44D6-AA8A-80085FDF884A} 2012-05-09 11:51:13 -------- d-----w- C:\Users\Sevket\AppData\Local\{F5AD9EDE-73B6-4D15-8B94-1A461B3D8369} . ==================== Find3M ==================== . 2012-05-05 14:58:35 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 14:58:35 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-05 14:58:23 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-03-20 18:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2012-03-20 18:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys . ============= FINISH: 22:28:22,69 ===============
- Juni 7, 2012
- 101 svar
Security Shield!

Musten svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Det var jobbigt med ComboFix.... gick inte med internet sen blev en omstart istället.... Nu är det klart iaf ComboFix 12-06-07.03 - Sevket 2012-06-07 21:21:40.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.4010.2336 [GMT 2:00] Körs från: c:\users\Sevket\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Skapade en ny återställningspunkt . . ((((((((((((((((((((((((((((((((((((((( Andra raderingar )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming c:\users\Sevket\AppData\Local\uhzpwswpwi.exe c:\windows\system32\drivers\etc\hosts.ics . . (((((((((((((((((((((((( Filer skapade från 2012-05-07 till 2012-06-07 )))))))))))))))))))))))))))))) . . 2012-06-07 19:25 . 2012-06-07 19:25 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-07 19:25 . 2012-06-07 19:25 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-06-07 19:15 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4166747A-73C9-4B05-A497-8A2919ECA440}\mpengine.dll 2012-06-07 16:35 . 2012-06-07 16:35 -------- d-----w- c:\users\Sevket\AppData\Roaming\Malwarebytes 2012-06-07 16:35 . 2012-06-07 16:35 -------- d-----w- c:\programdata\Malwarebytes 2012-06-07 16:35 . 2012-06-07 16:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-06-07 16:35 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-06 19:31 . 2012-06-06 19:31 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-06 19:31 . 2012-06-06 19:31 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-06 16:00 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-05-20 11:28 . 2012-05-20 11:28 -------- d---a-w- c:\users\Sevket\.android 2012-05-20 11:28 . 2010-10-20 14:10 11776 ----a-w- c:\windows\system32\drivers\massfilter_hs.sys 2012-05-20 11:28 . 2010-10-18 12:29 129304 ----a-w- c:\windows\system32\drivers\zghsvousb.sys 2012-05-20 11:28 . 2010-10-18 12:28 129304 ----a-w- c:\windows\system32\drivers\zghsnmea.sys 2012-05-20 11:28 . 2010-10-18 12:26 127056 ----a-w- c:\windows\system32\drivers\zghsmdm.sys 2012-05-20 11:28 . 2010-10-18 12:26 129304 ----a-w- c:\windows\system32\drivers\zghsdiag.sys 2012-05-20 11:28 . 2010-10-18 12:26 129304 ----a-w- c:\windows\system32\drivers\zghsat.sys 2012-05-20 11:28 . 2010-10-18 12:24 38424 ----a-w- c:\windows\system32\drivers\androidusb.sys 2012-05-20 11:28 . 2012-05-20 11:28 -------- d-----w- c:\program files\ZTE Handset USB Driver 2012-05-20 11:28 . 2011-01-07 07:43 584584 ----a-w- c:\windows\adb.exe 2012-05-20 11:28 . 2010-05-07 09:48 96256 ----a-w- c:\windows\AdbWinApi.dll 2012-05-09 22:12 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-05-09 22:12 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-09 22:12 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-09 22:12 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-09 22:12 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-05-09 22:12 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-09 22:11 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-09 22:10 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-09 22:10 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-09 22:10 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 22:10 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 22:10 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-09 22:10 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-05 14:58 . 2012-04-07 19:43 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-05 14:58 . 2011-12-19 22:38 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 14:58 . 2012-04-07 19:58 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-03-20 18:44 . 2011-04-27 14:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 18:44 . 2011-04-18 12:18 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-03-15 02:03 . 2011-12-21 14:05 2136512 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll . . (((((((((((((((((((((((((((((((((( Startpunkter i registret ))))))))))))))))))))))))))))))))))))))))))))))) . . *Not* tomma poster & legitima standardposter visas inte. REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152] . [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2012-01-03 15:31 1514152 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Voipwise"="c:\program files (x86)\Voipwise.com\Voipwise\voipwise.exe" [2012-04-12 17792376] "WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\wcmmon.exe" [2011-07-17 1038848] "Octoshape Streaming Services"="c:\users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2011-03-24 107800] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-09-05 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562] "Dell Registration"="c:\program files (x86)\System Registration\prodreg.exe" [2010-11-10 4144448] "RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336] "PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472] "BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-10-29 75048] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-01-03 1391272] . c:\users\Sevket\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/04/30 00:12;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Tjänsten Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 136176] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R2 Telenor Mobile Partner. RunOuc;Telenor Mobile Partner. OUC;c:\program files (x86)\Telenor Mobile Partner\UpdateDog\ouc.exe [2012-02-28 246112] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x] R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x] R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x] R3 gupdatem;Tjänsten Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 136176] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [x] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-06 113120] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2011-03-14 346976] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-11-30 1997416] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys [x] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x] S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x] . . --- Övriga tjänster/drivrutiner i minnet --- . *NewlyCreated* - WS2IFSL *Deregistered* - CLKMDRV10_9EC60124 . Innehåll i mappen 'Schemalagda aktiviteter': . 2012-06-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 14:58] . 2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 17:01] . 2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 17:01] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-12-14 6561384] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-11 2186856] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-11-29 312936] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 418328] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704] "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584] "QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-01-25 4479648] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Extra genomsökning ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.sivilmanset.com/ mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{03D5B791-6B1E-4D79-AAB6-0FE61462B7E4}: NameServer = 195.54.122.221 195.54.122.211 TCP: Interfaces\{C56D62E1-2A3C-440D-8DD5-F68FFAA20F97}: NameServer = 195.54.122.221 195.54.122.211 FF - ProfilePath - c:\users\Sevket\AppData\Roaming\Mozilla\Firefox\Profiles\exgyoeyf.default\ . - - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . --------------------- LÅSTA REGISTERNYCKLAR --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andra processer som körs ------------------------ . c:\programdata\Telenor Mobile Partner\OnlineUpdate\ouc.exe c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe . ************************************************************************** . Sluttid: 2012-06-07 21:31:15 - datorn startades om. ComboFix-quarantined-files.txt 2012-06-07 19:31 . Före genomsökningen: 421 728 002 048 byte ledigt Efter genomsökningen: 422 151 114 752 byte ledigt . - - End Of File - - 4209532BDC824AF2DA5857D5728FFB34 Det dyker dessutom upp en bildruta nu när man startar datorn. Bifogar en bild.
- Juni 7, 2012
- 101 svar
Security Shield!

Musten svarade på Musten's ämne i Borttagning av virus och andra skadliga program

MBAM hittar inget fel? Behöver jag köra den i felsäkert läge kanske? Var så länge sen jag rensade virus...
- Juni 7, 2012
- 101 svar
Security Shield!

Musten svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Hej! Den funkar bra, och rent i allmänhet så funkar datorn just nu utan problem och jag får inte upp något skit. T.ex. kollade jag det med proxy inställningen på din länk och det var inte så trots att jag inte kört MalWarebytes ännu... Jag har inte riktigt gjort något mot viruset men inte heller något för att installera det liksom så vill vara säker på att det inte finns nåt kvar alls.
- Juni 7, 2012
- 101 svar
Security Shield!

Musten svarade på Musten's ämne i Borttagning av virus och andra skadliga program

Hej Cecilia! Tack för ett snabbt svar. Jag körde precis DDS och fick fram detta: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30 Run by Sevket at 18:23:55 on 2012-06-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.4010.1783 [GMT 2:00] . AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\ProgramData\DatacardService\HWDeviceService64.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe C:\Program Files (x86)\WebcamMax\wcmmon.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\ProgramData\Telenor Mobile Partner\OnlineUpdate\ouc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\UI0Detect.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\alg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.sivilmanset.com/ uDefault_Page_URL = hxxp://www.dell.com uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll uRun: [Voipwise] "C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe" -nosplash -minimized uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a uRun: [Octoshape Streaming Services] "C:\Users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe mRun: [<NO NAME>] mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" StartupFolder: C:\Users\Sevket\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{03D5B791-6B1E-4D79-AAB6-0FE61462B7E4} : NameServer = 195.54.122.221 195.54.122.211 TCP: Interfaces\{6CDFA328-59D2-4F23-AA8D-F3B4A2751FF7}\4493350575A50513D22393130303 : DhcpNameServer = 192.168.0.1 192.168.0.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\2456C6B696E6F5E4F575962756C6563737F5032354533444 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\3747164656E6127657563747 : DhcpNameServer = 62.88.141.5 62.88.141.6 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\4556C6562394E6475627E65647D25383534463 : DhcpNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\45E4F507279667164756F5131324032373 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\57C647271437C616E69437675636 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{AC58B719-048A-46CF-9BD3-7F70777CD774} : DhcpNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{C56D62E1-2A3C-440D-8DD5-F68FFAA20F97} : NameServer = 195.54.122.221 195.54.122.211 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {27B4851A-3207-45A2-B947-BE8AFE6163AB} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9FDDE16B-836F-4806-AB1F-1455CBEFF289} {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} {D4027C7F-154A-4066-A1AD-4243D8127440} {DBC80044-A445-435b-BC74-9C25C1C588A9} {D4027C7F-154A-4066-A1AD-4243D8127440} mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun-x64: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe mRun-x64: [(Standard)] mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Sevket\AppData\Roaming\Mozilla\Firefox\Profiles\exgyoeyf.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Sevket\AppData\Roaming\Mozilla\plugins\npoctoshape.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-9-5 64952] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-4-30 98208] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-30 1997416] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-30 1692480] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-2-17 3027840] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-30 2656280] R2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\system32\DRIVERS\wcmvcam64.sys --> C:\Windows\system32\DRIVERS\wcmvcam64.sys [?] R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/04/30 00:12:56;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S2 Telenor Mobile Partner. RunOuc;Telenor Mobile Partner. OUC;C:\Program Files (x86)\Telenor Mobile Partner\UpdateDog\ouc.exe [2012-2-28 246112] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-7 257696] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?] S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys --> C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [?] S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\system32\DRIVERS\ewusbwwan.sys --> C:\Windows\system32\DRIVERS\ewusbwwan.sys [?] S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176] S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter_hs.sys --> C:\Windows\system32\drivers\massfilter_hs.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 113120] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\DRIVERS\nvstusb.sys --> C:\Windows\system32\DRIVERS\nvstusb.sys [?] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2012-06-07 15:53:43 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37860474-1D9C-4D17-8391-C1C3EE791DDB}\offreg.dll 2012-06-07 15:46:10 -------- d-----w- C:\Users\Sevket\AppData\Local\{B94A15F4-8F2F-43D3-935E-A20419E2D8BA} 2012-06-07 15:45:29 -------- d-----w- C:\Users\Sevket\AppData\Local\{1701EAF8-18BA-45D3-BE76-14A685538CEB} 2012-06-07 15:37:20 306176 ----a-w- C:\Users\Sevket\AppData\Local\uhzpwswpwi.exe 2012-06-06 19:31:28 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-06 19:31:28 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-06 16:00:22 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37860474-1D9C-4D17-8391-C1C3EE791DDB}\mpengine.dll 2012-06-06 10:59:37 -------- d-----w- C:\Users\Sevket\AppData\Local\{87866375-B9C4-410D-8C16-906D44EA036C} 2012-06-06 10:59:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{55CF67D8-73C5-4A71-8DB5-F65253163136} 2012-06-05 13:03:02 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-04 21:03:36 -------- d-----w- C:\Users\Sevket\AppData\Local\{FB04F855-8E1E-480A-9792-F39F34E96976} 2012-06-04 21:03:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{012F0FCA-313A-4A99-97CF-8F79EB7AC829} 2012-06-03 12:20:52 -------- d-----w- C:\Users\Sevket\AppData\Local\{9BFA623E-3E01-4641-843C-520DC3E974FD} 2012-06-03 00:20:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{DA5A3079-8D43-45F9-9E50-924A7FFC00DC} 2012-06-03 00:20:00 -------- d-----w- C:\Users\Sevket\AppData\Local\{D5E90BA6-B796-4969-8E32-CE0A54846075} 2012-06-02 08:00:36 -------- d-----w- C:\Users\Sevket\AppData\Local\{9F4072B7-C916-43D6-9FA6-6E386A262359} 2012-06-02 08:00:25 -------- d-----w- C:\Users\Sevket\AppData\Local\{AAD60CC8-9196-4A8C-92BC-1BD25AC4485A} 2012-06-01 14:01:10 -------- d-----w- C:\Users\Sevket\AppData\Local\{C8A8F95B-ECA9-410E-A03D-FD6306B1A2A4} 2012-06-01 14:00:44 -------- d-----w- C:\Users\Sevket\AppData\Local\{718EDF62-C0E6-4B9D-A0F8-0AB569C11337} 2012-05-31 06:37:53 -------- d-----w- C:\Users\Sevket\AppData\Local\{6FC95CB2-9CC5-4294-8A97-0EF72B396308} 2012-05-31 06:37:42 -------- d-----w- C:\Users\Sevket\AppData\Local\{7FC442B5-6002-4CFF-AA3A-31157B9D0790} 2012-05-29 12:49:56 -------- d-----w- C:\Users\Sevket\AppData\Local\{0B3544D2-1ACE-486A-9CB2-AE3F4A1DAAB0} 2012-05-29 12:49:45 -------- d-----w- C:\Users\Sevket\AppData\Local\{0E63C6F5-26BF-4A9D-BD1F-54CAA9EC4965} 2012-05-28 21:39:21 -------- d-----w- C:\Users\Sevket\AppData\Local\{A2D5CEFC-2E3E-4F94-BAE2-569E08E7C5C9} 2012-05-28 21:39:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{A41159FE-482F-4CA0-87FD-B23967808D6A} 2012-05-24 09:10:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{C332719F-3B05-4F32-9B7C-C4C358F12265} 2012-05-24 09:09:52 -------- d-----w- C:\Users\Sevket\AppData\Local\{A1020D66-E11F-4DC2-B02A-7D31244115EA} 2012-05-21 12:12:05 -------- d-----w- C:\Users\Sevket\AppData\Local\{852E3D51-0401-40B9-B53A-EE23E6E67F82} 2012-05-21 12:11:54 -------- d-----w- C:\Users\Sevket\AppData\Local\{D6B5CC97-1127-450E-97AD-1D7C254836F7} 2012-05-21 00:11:37 -------- d-----w- C:\Users\Sevket\AppData\Local\{DD2D1B6D-C551-4855-AFA0-C66213B06BE2} 2012-05-21 00:11:20 -------- d-----w- C:\Users\Sevket\AppData\Local\{2A5210E7-0312-4DE2-B1FB-5F281FCAE935} 2012-05-20 12:10:49 -------- d-----w- C:\Users\Sevket\AppData\Local\{F74B5FCD-03E0-425B-98DD-220A9D962171} 2012-05-20 12:10:35 -------- d-----w- C:\Users\Sevket\AppData\Local\{60EAB4DF-C35F-456F-84A4-D78252B08A64} 2012-05-20 11:28:36 -------- d---a-w- C:\Users\Sevket\.android 2012-05-20 11:28:32 38424 ----a-w- C:\Windows\System32\drivers\androidusb.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsvousb.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsnmea.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsdiag.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsat.sys 2012-05-20 11:28:32 127056 ----a-w- C:\Windows\System32\drivers\zghsmdm.sys 2012-05-20 11:28:32 11776 ----a-w- C:\Windows\System32\drivers\massfilter_hs.sys 2012-05-20 11:28:27 96256 ----a-w- C:\Windows\AdbWinApi.dll 2012-05-20 11:28:27 584584 ----a-w- C:\Windows\adb.exe 2012-05-20 11:28:27 -------- d-----w- C:\Program Files\ZTE Handset USB Driver 2012-05-19 10:19:56 -------- d-----w- C:\Users\Sevket\AppData\Local\{E6621AF1-7DBA-4D5F-A576-D39A81383D70} 2012-05-19 10:19:44 -------- d-----w- C:\Users\Sevket\AppData\Local\{9B438B85-8BE5-4B6F-A7A3-744A044A050A} 2012-05-18 20:19:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{63B72367-6370-45DD-B158-CC3FF1B86768} 2012-05-18 20:18:48 -------- d-----w- C:\Users\Sevket\AppData\Local\{93A720B9-0D42-4ED6-8AD5-5938FDF5769B} 2012-05-17 17:30:19 -------- d-----w- C:\Users\Sevket\AppData\Local\{C1E69500-D1B4-44CA-B366-322EBEB2E7F7} 2012-05-17 17:30:08 -------- d-----w- C:\Users\Sevket\AppData\Local\{E7E6D606-0184-4810-88D8-504702B1B9DD} 2012-05-16 22:04:13 -------- d-----w- C:\Users\Sevket\AppData\Local\{478F15A1-0568-4A9F-97F9-83718AF278CE} 2012-05-16 22:04:01 -------- d-----w- C:\Users\Sevket\AppData\Local\{220199A6-ACF7-425F-A979-64F0441DEB3B} 2012-05-14 13:06:42 -------- d-----w- C:\Users\Sevket\AppData\Local\{B1F88348-CFE8-43F5-94AB-80BDD652EFDC} 2012-05-14 13:06:31 -------- d-----w- C:\Users\Sevket\AppData\Local\{C1AA0329-45F9-43EE-9BFD-0790766B8D5C} 2012-05-12 23:12:43 -------- d-----w- C:\Users\Sevket\AppData\Local\{7A55E381-DEA8-46F3-91A8-6DA10BBF35F5} 2012-05-12 23:12:32 -------- d-----w- C:\Users\Sevket\AppData\Local\{743497AD-6788-403F-8E90-66776FF7D850} 2012-05-12 19:57:24 -------- d-----w- C:\Users\Sevket\AppData\Local\{4D6D8F6E-FC07-41CD-96B5-A17AFED93972} 2012-05-12 19:56:59 -------- d-----w- C:\Users\Sevket\AppData\Local\{344A5395-59CE-4333-9A0D-295430B4AE55} 2012-05-11 19:02:12 -------- d-----w- C:\Users\Sevket\AppData\Local\{B16D0A71-CB5B-4198-BC01-2B563FB8500D} 2012-05-11 19:01:53 -------- d-----w- C:\Users\Sevket\AppData\Local\{9BAC8E84-9E0B-4575-B42E-32F41256F5B3} 2012-05-10 02:01:29 -------- d-----w- C:\Users\Sevket\AppData\Local\{B92B4582-A1D1-4FE3-BEE7-2796DD35A13B} 2012-05-10 02:01:18 -------- d-----w- C:\Users\Sevket\AppData\Local\{73AF87B3-D701-4A4D-8203-BCCEF98CE1E3} 2012-05-09 22:12:11 1544704 ----a-w- C:\Windows\System32\DWrite.dll 2012-05-09 22:12:11 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-05-09 22:12:10 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-09 22:12:09 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-09 22:12:09 3146240 ----a-w- C:\Windows\System32\win32k.sys 2012-05-09 22:12:08 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-09 22:11:09 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-05-09 22:10:30 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-05-09 22:10:23 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 22:10:23 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2012-05-09 22:10:23 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 22:10:22 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2012-05-09 22:10:22 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2012-05-09 11:51:24 -------- d-----w- C:\Users\Sevket\AppData\Local\{3C6057E0-A54F-44D6-AA8A-80085FDF884A} 2012-05-09 11:51:13 -------- d-----w- C:\Users\Sevket\AppData\Local\{F5AD9EDE-73B6-4D15-8B94-1A461B3D8369} . ==================== Find3M ==================== . 2012-05-05 14:58:35 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 14:58:35 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-05 14:58:23 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-03-20 18:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2012-03-20 18:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys . ============= FINISH: 18:24:40,45 =============== Attach.txt
- Juni 7, 2012
- 101 svar
Security Shield!

ett ämne postade Musten i Borttagning av virus och andra skadliga program

Tjena Datorn blev precis smittad av Security Shield... Jag undvek att trycka på nåt och försökte stänga processen vilket inte gick. Jag startade om datorn utan internet och dödade processen och gör just nu en scan med Microsoft Sec.Ess. men jag tvivlar på att det kommer räcka. JAg har googlat mig fram till att lösningen finns på denna länken, http://www.bleepingcomputer.com/virus-removal/remove-my-security-shield men den ligger tyvärr nere just nu. Så kan någon hjälpa mig bli av med skiten? Tack!
- Juni 7, 2012
- 101 svar

Logga in

Musten

Innehållsantal

Gick med

Besökte senast

Musten's Achievements

(1/8)

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Security Shield!

Bläddra

Aktivitet