Tony
-
Innehållsantal
137 -
Gick med
-
Besökte senast
Allt postat av Tony
-
Virus eller annat skräp i datorn
Tony svarade på Tony's ämne i Borttagning av virus och andra skadliga program
Hej Malou. Här kommer loggorna. Mvh. Tony. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:48:38, on 2008-11-09 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32csrss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32NOTEPAD.EXE C:WINDOWSSOUNDMAN.EXE C:ProgramMicrosoft IntelliType Proitype.exe C:ProgramMicrosoft IntelliPointipoint.exe C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE C:WINDOWSsystem32ctfmon.exe C:ProgramPersonalbinPersonal.exe C:WINDOWSSystem32alg.exe C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe C:WINDOWSSystem32svchost.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE C:ProgramTeliaTelias sakerhetstjansterAnti-VirusFSGK32.EXE C:ProgramTeliaTelias sakerhetstjansterCommonFSMB32.EXE C:WINDOWSSystem32svchost.exe C:ProgramJavajre6binjqs.exe C:ProgramTeliaTelias sakerhetstjansterCommonFCH32.EXE C:ProgramMcAfeeSiteAdvisorMcSACore.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsqh.exe C:ProgramTeliaTelias sakerhetstjansterCommonFAMEH32.EXE C:ProgramDelade filerMicrosoft SharedVS7DEBUGmdm.exe C:ProgramTeliaTelias sakerhetstjansterFSPCfspc.exe C:ProgramTeliaTelias sakerhetstjansterFSGUIfsguidll.exe C:WINDOWSsystem32msiexec.exe C:ProgramCDBurnerXPNMSAccessU.exe C:WINDOWSsystem32nvsvc32.exe C:ProgramRaxcoPerfectDisk2008PD91Agent.exe C:WINDOWSsystem32HPZipm12.exe C:WINDOWSsystem32PnkBstrA.exe C:WINDOWSsystem32PnkBstrB.exe C:WINDOWSsystem32locator.exe C:WINDOWSsystem32tcpsvcs.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32dllhost.exe C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfssm32.exe C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe C:WINDOWSsystem32dllhost.exe C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsus.exe C:WINDOWSsystem32msdtc.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsav32.exe C:WINDOWSsystem32wuauclt.exe C:ProgramTeliaTelias sakerhetstjansterFSGUIscanwizard.exe C:WINDOWSexplorer.exe C:ProgramTrend MicroHijackThisTonys.exe.exe C:WINDOWSsystem32wbemwmiprvse.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://se.msn.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgramSpybot - Search & DestroySDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:programmcafeesiteadvisormcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:programmcafeesiteadvisormcieplg.dll O4 - HKLM..Run: [amd_dc_opt] C:ProgramAMDDual-Core Optimizeramd_dc_opt.exe O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE O4 - HKLM..Run: [itype] "c:ProgramMicrosoft IntelliType Proitype.exe" O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [intelliPoint] "c:ProgramMicrosoft IntelliPointipoint.exe" O4 - HKLM..Run: [F-Secure Manager] "C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE" /nosplash O4 - HKLM..Run: [F-Secure TNB] "C:ProgramTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - Global Startup: Personal.lnk = C:ProgramPersonalbinPersonal.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll O9 - Extra button: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra 'Tools' menuitem: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMI1933~1Office12REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1223566486796 O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.framkalla.com/iu/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222626909125 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222626942546 O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...427/mcfscan.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:programmcafeesiteadvisormcieplg.dll O20 - AppInit_DLLs: C:WINDOWSSystem32dpcdll32.dll O20 - Winlogon Notify: a441e429502 - C:WINDOWSSystem32dpcdll32.dll O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:ProgramMcAfeeSiteAdvisorMcSACore.exe O23 - Service: NMSAccessU - Unknown owner - C:ProgramCDBurnerXPNMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Engine.exe O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:WINDOWSSystem32TuneUpDefragService.exe -- End of file - 10024 bytes Logfile of The Avenger Version 2.0, © by Swandog46 http://swandog46.geekstogo.com Platform: Windows XP ******************* Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:Avenger ******************* Beginning to process script file: Rootkit scan active. No rootkits found! File "c:windowssystem321543.tmp" deleted successfully. File "c:windows_DETMP.1" deleted successfully. Completed script processing. ******************* Finished! Terminate. -
Virus eller annat skräp i datorn
Tony svarade på Tony's ämne i Borttagning av virus och andra skadliga program
Här kommer del två. ------- Sigcheck ------- 2008-06-23 16:42 827904 763148c042469c197933ac956e566226 c:windows$hf_mig$KB953838-IE7SP2QFEwininet.dll 2008-08-26 10:12 827904 27431705f27b772f4f7903e4bf96efb2 c:windows$hf_mig$KB956390-IE7SP2QFEwininet.dll 2004-08-04 13:00 656896 9f721bd834534e75661d8f9bd1efdcd7 c:windows$NtServicePackUninstall$wininet.dll 2008-04-14 20:34 666624 b8d98f0cdf9b1429cd95497ad9995078 c:windowsie7wininet.dll 2007-08-13 17:54 818688 a4a0fc92358f39538a6494c42ef99fe9 c:windowsie7updatesKB953838-IE7wininet.dll 2008-06-23 17:42 826368 ce365a16790ec5c5dddc78820949c02e c:windowsie7updatesKB956390-IE7wininet.dll 2008-08-26 09:27 817152 7bd592ed5ff783bf9984dc5fce7288d4 c:windowsServicePackFilesi386wininet.dll 2008-08-26 09:27 817152 7bd592ed5ff783bf9984dc5fce7288d4 c:windowssystem32wininet.dll 2008-08-26 09:27 826368 91a76d98b206723d21612aecbc1d65ce c:windowssystem32dllcachewininet.dll 2008-04-14 20:35 976384 bcda7a0bd489b6cf8427bd37026d7f0d c:windowsexplorer.exe 2004-08-04 13:00 1032704 87a3c8ead27cf3591713d629d8bcb990 c:windows$NtServicePackUninstall$explorer.exe 2008-04-14 20:35 976384 bcda7a0bd489b6cf8427bd37026d7f0d c:windowsServicePackFilesi386explorer.exe . ((((((((((((((((((((((((((((( snapshot@2008-11-08_10.50.26,03 ))))))))))))))))))))))))))))))))))))))))) . + 2007-07-13 09:54:40 24,576 ----a-w c:windowsMcAfee.comFreeScanavdat.exe + 2008-07-09 03:30:00 5,444 ----a-w c:windowsMcAfee.comFreeScanconfig.dat + 2008-11-07 14:47:52 156,936 ----a-w c:windowsMcAfee.comFreeScanmcfscan.dll + 2008-07-09 03:30:00 3,092,646 ----a-w c:windowsMcAfee.comFreeScanmcscan32.dll + 2008-11-07 04:30:00 942,396 ----a-w c:windowsMcAfee.comFreeScannames.DAT + 2006-12-18 09:03:00 7,449 ----a-w c:windowsMcAfee.comFreeScanrwabs16.dll + 2006-12-18 09:03:10 16,921 ----a-w c:windowsMcAfee.comFreeScanrwabs32.dll + 2008-11-07 04:30:00 56,335,896 ----a-w c:windowsMcAfee.comFreeScanscan.DAT - 2008-11-02 11:42:42 76,862 ----a-w c:windowssystem32perfc009.dat + 2008-11-08 10:30:41 76,862 ----a-w c:windowssystem32perfc009.dat - 2008-11-02 11:42:42 88,992 ----a-w c:windowssystem32perfc01D.dat + 2008-11-08 10:30:41 88,992 ----a-w c:windowssystem32perfc01D.dat - 2008-11-02 11:42:42 454,716 ----a-w c:windowssystem32perfh009.dat + 2008-11-08 10:30:41 454,716 ----a-w c:windowssystem32perfh009.dat - 2008-11-02 11:42:42 456,648 ----a-w c:windowssystem32perfh01D.dat + 2008-11-08 10:30:41 456,648 ----a-w c:windowssystem32perfh01D.dat + 2008-11-09 10:13:49 16,384 ----atw c:windowsTempPerflib_Perfdata_138.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "ctfmon.exe"="c:windowssystem32ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "amd_dc_opt"="c:programAMDDual-Core Optimizeramd_dc_opt.exe" [2007-07-23 77824] "itype"="c:programMicrosoft IntelliType Proitype.exe" [2008-06-10 1442888] "NvCplDaemon"="c:windowssystem32NvCpl.dll" [2008-10-23 13672448] "IntelliPoint"="c:programMicrosoft IntelliPointipoint.exe" [2008-06-10 1406024] "F-Secure Manager"="c:programTeliaTelias sakerhetstjansterCommonFSM32.EXE" [2008-09-23 182936] "F-Secure TNB"="c:programTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" [2008-09-23 957024] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:windowssoundman.exe] c:documents and settingsAll UsersStart-menyProgramAutostart Personal.lnk - c:programPersonalbinPersonal.exe [2008-09-29 910864] [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "NoResolveSearch"= 1 (0x1) [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "MaxRecentDocs"= 2 (0x2) [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifya441e429502] 2008-11-06 09:23 135168 c:windowssystem32dpcdll32.dll [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwindows] "AppInit_DLLs"=c:windowsSystem32dpcdll32.dll [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-] "ctfmon.exe"=c:windowssystem32ctfmon.exe [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center] "UpdatesDisableNotify"=dword:00000001 [HKLM~servicessharedaccessparametersfirewallpolicystandardprofile] "EnableFirewall"= 0 (0x0) [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList] "%windir%Network Diagnosticxpnetdiag.exe"= "c:ProgramMicrosoft OfficeOffice12OUTLOOK.EXE"= "c:ProgramMicrosoft OfficeOffice12GROOVE.EXE"= "c:ProgramuTorrentuTorrent.exe"= "c:ProgramHPDigital Imagingbinhpqtra08.exe"= "c:ProgramHPDigital Imagingbinhpqste08.exe"= "c:ProgramHPDigital Imagingbinhpofxm08.exe"= "c:ProgramHPDigital Imagingbinhposfx08.exe"= "c:ProgramHPDigital Imagingbinhposid01.exe"= "c:ProgramHPDigital Imagingbinhpqscnvw.exe"= "c:ProgramHPDigital Imagingbinhpqkygrp.exe"= "c:ProgramHPDigital ImagingbinhpqCopy.exe"= "c:ProgramHPDigital Imagingbinhpfccopy.exe"= "c:ProgramHPDigital Imagingbinhpzwiz01.exe"= "c:ProgramHPDigital ImagingUnloadHpqPhUnl.exe"= "c:ProgramHPDigital ImagingUnloadHpqDIA.exe"= "c:ProgramHPDigital Imagingbinhpoews01.exe"= "c:ProgramHPDigital Imagingbinhpqnrs08.exe"= "c:ProgramMicrosoft GamesGears of WarBinariesWarGame-G4WLive.exe"= "c:WINDOWSsystem32PnkBstrA.exe"= "c:WINDOWSsystem32PnkBstrB.exe"= "c:ProgramElectronic ArtsCrytekCrysisBin32Crysis.exe"= "c:ProgramElectronic ArtsCrytekCrysisBin32CrysisDedicatedServer.exe"= "c:ProgramElectronic ArtsMedal of Honor AirborneUnrealEngine3BinariesMOHA.exe"= "c:ProgramTHQFrontlines-Fuel of WarBinariesFFOW.exe"= "c:ProgramUbisoftFar Cry 2binFarCry2.exe"= "c:ProgramUbisoftFar Cry 2binFC2Launcher.exe"= "c:ProgramUbisoftFar Cry 2binFC2Editor.exe"= "c:WINDOWSsystem32sessmgr.exe"= "c:ProgramUbisoftTom Clancy's Rainbow Six Vegas 2BinariesR6Vegas2_Game.exe"= "c:ProgramUbisoftTom Clancy's Rainbow Six Vegas 2BinariesR6Vegas2_Launcher.exe"= "c:ProgramActivisionCall of Duty 4 - Modern Warfareiw3mp.exe"= [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileIcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 fsbts;fsbts;c:windowssystem32Driversfsbts.sys [2008-11-02 30856] R0 FSFW;F-Secure Firewall Driver;c:windowssystem32driversfsdfw.sys [2008-09-23 79904] R0 nvgts;nvgts;c:windowssystem32DRIVERSnvgts.sys [2008-08-18 145952] R0 pavboot;pavboot;c:windowssystem32driverspavboot.sys [2008-06-19 28544] R2 JavaQuickStarterService;Java Quick Starter;c:programJavajre6binjqs.exe [2008-10-30 152984] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:programMcAfeeSiteAdvisorMcSACore.exe [2008-10-08 203280] R2 NMSAccessU;NMSAccessU;c:programCDBurnerXPNMSAccessU.exe [2008-06-15 71096] R2 PD91Agent;PD91Agent;c:programRaxcoPerfectDisk2008PD91Agent.exe [2008-09-09 693512] R2 UxTuneUp;TuneUp Theme Extension;c:windowsSystem32svchost.exe [2008-04-14 14336] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:programTeliaTelias sakerhetstjansterAnti-Virusminifilterfsgk.sys [2008-09-23 72288] R3 FSORSPClient;F-Secure ORSP Client;c:programTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe [2008-09-23 55904] S3 PD91Engine;PD91Engine;c:programRaxcoPerfectDisk2008PD91Engine.exe [2008-09-09 906504] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:windowsSystem32TuneUpDefragService.exe [2008-10-01 355584] S4 F-Secure Filter;F-Secure File System Filter;c:programTeliaTelias sakerhetstjansterAnti-VirusWin2KFSfilter.sys [2008-09-23 39776] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:programTeliaTelias sakerhetstjansterAnti-VirusWin2KFSrec.sys [2008-09-23 25184] HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSvchost - NetSvcs UxTuneUp [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2G] ShellAutoRuncommand - G:LaunchU3.exe -a [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ace7479c-aa5e-11dd-a583-001a921dc4b4}] ShellAutoRuncommand - G:LaunchU3.exe -a . Contents of the 'Scheduled Tasks' folder 2008-10-31 c:windowsTasksMicrosoft_Hardware_Launch_IType_exe.job - c:programMicrosoft IntelliType Proitype.exe [2008-06-10 12:56] . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-09 11:28:00 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: c:windowssystem32winlogon.exe -> c:windowsSystem32dpcdll32.dll PROCESS: c:windowssystem32lsass.exe -> c:windowsSystem32dpcdll32.dll PROCESS: c:windowsexplorer.exe -> c:programMcAfeeSiteAdvisorsaHook.dll -> c:windowsSystem32dpcdll32.dll -> c:windowssystem321543.tmp . Completion time: 2008-11-09 11:29:28 ComboFix-quarantined-files.txt 2008-11-09 10:29:24 ComboFix2.txt 2008-11-09 10:10:34 ComboFix3.txt 2008-11-08 13:10:43 ComboFix4.txt 2008-11-08 09:50:44 Pre-Run: 294 424 633 344 byte ledigt Post-Run: 294,409,621,504 byte ledigt 394 -
Virus eller annat skräp i datorn
Tony svarade på Tony's ämne i Borttagning av virus och andra skadliga program
Här kommer loggan. Den är så stor att jag måste dela den i två. ComboFix 08-11-07.01 - Administratör 2008-11-09 11:25:27.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1053.18.2482 [GMT 1:00] Running from: c:documents and settingsAdministratörSkrivbordComboFix.exe Command switches used :: c:documents and settingsAdministratörSkrivbordCFScript.txt * Created a new restore point * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-10-09 to 2008-11-09 ))))))))))))))))))))))))))))))) . 2008-11-08 11:56 . 2008-11-08 11:56 <KAT> d-------- c:windowsMcAfee.com 2008-11-08 11:29 . 2008-11-08 11:33 <KAT> d-a------ c:documents and settingsAll UsersApplication DataTEMP 2008-11-07 11:37 . 2008-11-07 11:37 <KAT> d-------- c:programTrend Micro 2008-11-07 07:09 . 2008-11-07 07:09 <KAT> d--hs---- c:windowssystem32GroupPolicyManifest 2008-11-06 21:30 . 2008-11-07 11:11 <KAT> d-------- c:programPanda Security 2008-11-06 21:30 . 2008-06-19 17:24 28,544 --a------ c:windowssystem32driverspavboot.sys 2008-11-06 20:34 . 2008-11-06 20:36 <KAT> d-------- c:programSpybot - Search & Destroy 2008-11-06 09:35 . 2008-11-07 07:26 8,230 --a------ c:windowsGnuHashes.ini 2008-11-06 09:23 . 2008-11-06 09:23 318,976 --ahs---- c:windowssystem321543.tmp 2008-11-06 09:23 . 2008-11-06 09:23 135,168 --a------ c:windowssystem32dpcdll32.dll 2008-11-06 09:23 . 2008-11-07 07:09 1,397 --ahs---- c:windowssystem32GroupPolicy000.dat 2008-11-06 07:55 . 2008-11-09 11:23 39,175 --a------ c:windows_DETMP.1 2008-11-05 07:05 . 2008-11-05 13:06 <KAT> d-------- c:programMcAfee 2008-11-05 07:05 . 2008-11-05 07:05 <KAT> d-------- c:programDelade filerMcAfee 2008-11-04 14:09 . 2008-11-04 14:11 <KAT> d-------- c:documents and settingsAdministratörApplication DataU3 2008-11-02 12:47 . 2008-11-02 12:47 30,856 --a------ c:windowssystem32driversfsbts.sys 2008-11-02 12:42 . 2008-11-02 12:42 <KAT> d-------- c:programTelia 2008-11-02 12:42 . 2008-09-23 14:35 79,904 --a------ c:windowssystem32driversfsdfw.sys 2008-11-02 12:05 . 2008-11-07 17:58 <KAT> d-------- c:documents and settingsAdministratörSecurityScans 2008-11-02 12:05 . 2008-11-07 17:58 <KAT> d-------- c:documents and settingsAdministratörSecurityScans 2008-11-02 12:04 . 2008-11-02 12:04 <KAT> d-------- c:programMicrosoft Baseline Security Analyzer 2 2008-11-02 10:55 . 2008-11-02 10:55 <KAT> d-------- c:programMicrosoft IntelliPoint 2008-11-02 10:55 . 2008-06-10 13:04 31,048 --a------ c:windowssystem32driverspoint32.sys 2008-11-02 10:41 . 2008-11-02 10:41 <KAT> d-------- c:programIObit 2008-11-01 16:52 . 2008-11-01 16:52 <KAT> d-------- c:programCCleaner 2008-11-01 13:13 . 2008-11-01 13:13 <KAT> d-------- c:programUniblue 2008-11-01 13:13 . 2008-11-01 13:13 <KAT> d--h-c--- c:documents and settingsAll UsersApplication Data{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2008-11-01 13:13 . 2008-11-01 13:13 <KAT> d-------- c:documents and settingsAdministratörApplication DataUniblue 2008-10-31 10:23 . 2008-10-31 10:23 <KAT> d-------- c:programMicrosoft IntelliType Pro 2008-10-30 21:17 . 2008-10-30 21:17 410,976 --a------ c:windowssystem32deploytk.dll 2008-10-30 20:56 . 2008-10-30 20:56 <KAT> d-------- c:documents and settingsAdministratörApplication DataInstallShield 2008-10-30 20:56 . 2006-07-01 23:21 43,520 --a------ c:windowssystem32driversAmdK8.sys 2008-10-30 11:14 . 2008-10-30 11:20 20 --a------ c:windowssystem32PDBootState 2008-10-30 10:12 . 2008-10-30 10:12 <KAT> d-------- c:programRealtek AC97 2008-10-29 13:23 . 2005-07-26 07:02 923,520 --a------ c:windowssystem32driversnvmcp.sys 2008-10-29 13:23 . 2005-07-26 07:01 415,360 --a------ c:windowssystem32driversnvapu.sys 2008-10-29 13:23 . 2005-07-26 07:02 66,688 --a------ c:windowssystem32driversnvarm.sys 2008-10-29 13:23 . 2005-07-26 07:02 54,272 --a------ c:windowssystem32nvopenal.dll 2008-10-29 13:23 . 2005-07-26 06:58 53,376 --a------ c:windowssystem32driversnvax.sys 2008-10-29 13:23 . 2005-07-20 17:08 33,280 --a------ c:windowssystem32NVCOAD.DLL 2008-10-29 13:23 . 2005-07-26 07:02 30,208 --a------ c:windowssystem32nvasio.dll 2008-10-29 13:23 . 2005-07-26 07:02 21,504 --a------ c:windowssystem32OpenAL32.dll 2008-10-29 13:23 . 2005-07-26 07:02 7,680 --a------ c:windowssystem32nvack.dll 2008-10-29 13:23 . 2005-07-26 07:02 5,120 --a------ c:windowssystem32ALut.dll 2008-10-29 09:37 . 2008-10-29 09:37 <KAT> d-------- c:windows74224F8D4A1748169EDB7BB854DE532C.TMP 2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:windowssystem32divx_xx0c.dll 2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:windowssystem32divx_xx07.dll 2008-10-28 23:35 . 2008-10-28 23:35 815,104 --a------ c:windowssystem32divx_xx0a.dll 2008-10-28 23:35 . 2008-10-28 23:35 802,816 --a------ c:windowssystem32divx_xx11.dll 2008-10-28 23:35 . 2008-10-28 23:35 729,088 --a------ c:windowssystem32divxdec.ax 2008-10-28 23:35 . 2008-10-28 23:35 684,032 --a------ c:windowssystem32DivX.dll 2008-10-28 11:06 . 2008-10-28 11:06 107,888 --a------ c:windowssystem32CmdLineExt.dll 2008-10-28 10:41 . 2008-10-30 10:34 <KAT> d-------- c:programUbisoft 2008-10-28 08:12 . 2008-10-28 08:12 <KAT> dr-h----- c:documents and settingsAdministratörApplication DataSecuROM 2008-10-27 20:35 . 2008-10-22 16:10 38,496 --a------ c:windowssystem32driversmbamswissarmy.sys 2008-10-27 20:35 . 2008-10-22 16:10 15,504 --a------ c:windowssystem32driversmbam.sys 2008-10-27 19:59 . 2007-06-29 14:47 34,304 --a------ c:windowssystem32driversAmdLLD.sys 2008-10-27 19:29 . 2008-10-27 19:29 <KAT> d-------- c:programHDD Health 2008-10-25 11:35 . 2008-10-27 19:29 <KAT> d-------- c:programMicrosoft CAPICOM 2.1.0.2 2008-10-24 16:06 . 2008-10-27 20:36 <KAT> d-------- c:programMalwarebytes' Anti-Malware 2008-10-24 16:06 . 2008-10-24 16:06 <KAT> d-------- c:documents and settingsAll UsersApplication DataMalwarebytes 2008-10-24 16:06 . 2008-10-24 16:06 <KAT> d-------- c:documents and settingsAdministratörApplication DataMalwarebytes 2008-10-16 19:42 . 2008-10-16 19:42 <KAT> d--h----- c:windowsPIF 2008-10-14 10:17 . 2008-10-14 10:17 <KAT> d-------- c:documents and settingsAdministratörApplication DataApple Computer 2008-10-14 08:45 . 2008-04-14 20:34 221,184 --a------ c:windowssystem32wmpns.dll 2008-10-14 06:40 . 2008-10-14 06:40 <KAT> d-------- c:programJoshMadison 2008-10-13 09:56 . 2008-10-13 09:56 70,936 --a------ c:windowssystem32PhysXLoader.dll 2008-10-13 06:16 . 2008-10-13 06:16 250 --a------ c:windowsgmer.ini 2008-10-12 10:10 . 2008-10-27 19:59 <KAT> d-------- c:programAMD 2008-10-12 08:28 . 2008-10-23 07:42 203,146 --a------ c:windowssystem32nvapps.nvb 2008-10-11 17:30 . 2008-10-11 17:30 <KAT> d-------- c:programWebshots 2008-10-11 17:23 . 2008-10-11 17:23 <KAT> d-------- c:programAGI 2008-10-10 06:42 . 2008-04-14 20:34 116,224 --a--c--- c:windowssystem32dllcachexrxwiadr.dll 2008-10-10 06:42 . 2001-08-18 05:37 99,865 --a--c--- c:windowssystem32dllcachexlog.exe 2008-10-10 06:42 . 2001-09-06 19:33 27,648 --a--c--- c:windowssystem32dllcachexrxftplt.exe 2008-10-10 06:42 . 2001-09-06 19:33 23,040 --a--c--- c:windowssystem32dllcachexrxwbtmp.dll 2008-10-10 06:42 . 2008-04-13 21:04 19,455 --a--c--- c:windowssystem32dllcachewvchntxx.sys 2008-10-10 06:42 . 2008-04-13 23:16 19,200 --a--c--- c:windowssystem32dllcachewstcodec.sys 2008-10-10 06:42 . 2008-04-14 20:34 18,944 --a--c--- c:windowssystem32dllcachexrxscnui.dll 2008-10-10 06:42 . 2001-08-17 19:11 16,970 --a--c--- c:windowssystem32dllcachexem336n5.sys 2008-10-10 06:42 . 2008-04-13 21:04 12,063 --a--c--- c:windowssystem32dllcachewsiintxx.sys 2008-10-10 06:42 . 2008-04-14 20:34 8,192 --a--c--- c:windowssystem32dllcachewshirda.dll 2008-10-10 06:42 . 2001-09-06 19:33 4,608 --a--c--- c:windowssystem32dllcachexrxflnch.exe 2008-10-10 06:40 . 2001-08-17 20:28 794,399 --a--c--- c:windowssystem32dllcacheusr1806v.sys 2008-10-10 06:39 . 2001-08-17 20:28 794,654 --a--c--- c:windowssystem32dllcacheusr1801.sys 2008-10-10 06:38 . 2001-09-06 19:33 525,568 --a--c--- c:windowssystem32dllcachetridxp.dll 2008-10-10 06:37 . 2001-09-06 19:33 172,768 --a--c--- c:windowssystem32dllcachet2r4disp.dll 2008-10-10 06:36 . 2001-09-06 18:47 285,760 --a--c--- c:windowssystem32dllcachestlnata.sys 2008-10-10 06:35 . 2001-09-06 19:33 147,200 --a--c--- c:windowssystem32dllcachesmidispb.dll 2008-10-10 06:34 . 2001-09-06 19:33 386,560 --a--c--- c:windowssystem32dllcachesgiul50.dll 2008-10-10 06:33 . 2001-09-06 19:32 495,616 --a--c--- c:windowssystem32dllcachesblfx.dll 2008-10-10 06:32 . 2001-09-06 19:09 714,858 --a--c--- c:windowssystem32dllcacher2mdmkxx.sys 2008-10-10 06:31 . 2001-09-06 19:09 899,274 --a--c--- c:windowssystem32dllcacher2mdkxga.sys 2008-10-10 06:31 . 2008-04-14 20:34 159,232 --a--c--- c:windowssystem32dllcacheptpusd.dll 2008-10-10 06:31 . 2001-08-17 20:28 130,942 --a--c--- c:windowssystem32dllcacheptserlv.sys 2008-10-10 06:31 . 2001-08-17 20:28 128,286 --a--c--- c:windowssystem32dllcacheptserli.sys 2008-10-10 06:31 . 2001-08-17 20:28 112,574 --a--c--- c:windowssystem32dllcacheptserlp.sys 2008-10-10 06:31 . 2001-08-17 20:52 49,024 --a--c--- c:windowssystem32dllcacheql1280.sys 2008-10-10 06:31 . 2001-08-17 20:52 45,312 --a--c--- c:windowssystem32dllcacheql12160.sys 2008-10-10 06:31 . 2001-09-06 19:33 41,472 --a--c--- c:windowssystem32dllcacheqvusd.dll 2008-10-10 06:31 . 2001-08-17 20:52 40,448 --a--c--- c:windowssystem32dllcacheql1240.sys 2008-10-10 06:31 . 2001-08-17 20:52 40,320 --a--c--- c:windowssystem32dllcacheql1080.sys 2008-10-10 06:31 . 2001-08-17 20:52 33,152 --a--c--- c:windowssystem32dllcacheql10wnt.sys 2008-10-10 06:31 . 2008-04-13 23:10 6,016 --a--c--- c:windowssystem32dllcacheqic157.sys 2008-10-10 06:31 . 2001-08-17 20:53 3,328 --a--c--- c:windowssystem32dllcacheqv2kux.sys 2008-10-10 06:29 . 2001-08-17 21:05 351,616 --a--c--- c:windowssystem32dllcacheovcodek2.sys 2008-10-10 06:28 . 2008-08-14 14:27 2,066,816 --a--c--- c:windowssystem32dllcachentkrnlpa.exe 2008-10-10 06:28 . 2001-08-17 19:50 198,144 --a--c--- c:windowssystem32dllcachenv3.sys 2008-10-10 06:28 . 2008-04-14 20:13 132,695 --a--c--- c:windowssystem32dllcachenetwlan5.sys 2008-10-10 06:28 . 2001-08-17 19:20 126,080 --a--c--- c:windowssystem32dllcachenm5a2wdm.sys 2008-10-10 06:28 . 2001-09-06 19:32 123,776 --a--c--- c:windowssystem32dllcachenv3.dll 2008-10-10 06:28 . 2001-08-17 19:20 87,040 --a--c--- c:windowssystem32dllcachenm6wdm.sys 2008-10-10 06:28 . 2001-09-06 19:01 65,278 --a--c--- c:windowssystem32dllcachenetflx3.sys 2008-10-10 06:28 . 2001-08-17 19:20 54,528 --a--c--- c:windowssystem32dllcacheopl3sax.sys 2008-10-10 06:28 . 2001-08-17 19:49 51,552 --a--c--- c:windowssystem32dllcachentgrip.sys 2008-10-10 06:28 . 2001-08-17 19:12 32,840 --a--c--- c:windowssystem32dllcachengrpci.sys 2008-10-10 06:28 . 2008-04-13 23:24 28,672 --a--c--- c:windowssystem32dllcachenscirda.sys 2008-10-10 06:28 . 2001-09-06 19:02 9,472 --a--c--- c:windowssystem32dllcachentapm.sys 2008-10-10 06:28 . 2001-08-17 20:53 7,552 --a--c--- c:windowssystem32dllcachensmmc.sys 2008-10-10 06:26 . 2008-04-14 20:35 56,832 --a--c--- c:windowssystem32dllcachemsdvbnp.ax 2008-10-10 06:26 . 2008-04-13 23:16 51,200 --a--c--- c:windowssystem32dllcachemsdv.sys 2008-10-10 06:26 . 2008-04-13 23:16 49,024 --a--c--- c:windowssystem32dllcachemstape.sys 2008-10-10 06:26 . 2001-08-17 21:02 35,200 --a--c--- c:windowssystem32dllcachemsgame.sys 2008-10-10 06:26 . 2008-04-13 23:24 22,016 --a--c--- c:windowssystem32dllcachemsircomm.sys 2008-10-10 06:26 . 2001-08-17 20:52 17,280 --a--c--- c:windowssystem32dllcachemraid35x.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-08 12:51 --------- d-----w c:documents and settingsNetworkServiceApplication DataSACore 2008-11-07 16:55 --------- d-----w c:documents and settingsAll UsersApplication DataSpybot - Search & Destroy 2008-11-07 10:33 --------- d-----w c:programVista Inspirat 2 2008-11-06 08:20 --------- d-----w c:documents and settingsAdministratörApplication DataLimeWire 2008-11-06 06:55 --------- d-----w c:programTYPEFACE 2008-11-06 06:55 --------- d-----w c:programSYMBOLS 2008-11-06 06:55 --------- d-----w c:programPALETTES 2008-11-06 06:55 --------- d-----w c:programFONTS 2008-11-06 06:55 --------- d-----w c:programFILTERS 2008-11-06 06:55 --------- d-----w c:programCUSTOM 2008-11-06 06:55 --------- d-----w c:programBANNERS 2008-11-06 06:55 --------- d-----w c:programACTIVITY 2008-11-05 12:09 --------- d-----r c:programPrivat 2008-11-05 06:05 --------- d-----w c:documents and settingsAll UsersApplication DataSiteAdvisor 2008-11-05 06:05 --------- d-----w c:documents and settingsAll UsersApplication DataMcAfee 2008-11-04 20:02 --------- d-----w c:documents and settingsAdministratörApplication DatauTorrent 2008-11-04 19:56 --------- d-----w c:programSystemRequirementsLab 2008-11-04 13:37 --------- d-----w c:programDivX 2008-11-02 18:01 --------- d-----w c:programLimeWire 2008-11-02 11:42 --------- d-----w c:documents and settingsAll UsersApplication DataF-Secure 2008-11-02 11:41 --------- d-----w c:documents and settingsAll UsersApplication Datafssg 2008-11-01 15:41 --------- d--h--w c:programInstallShield Installation Information 2008-10-31 12:39 --------- d-----w c:programApple Software Update 2008-10-31 11:46 --------- d-----w c:programHP 2008-10-31 09:49 --------- d-----w c:programCDBurnerXP 2008-10-31 09:20 --------- d-----w c:programJava 2008-10-30 15:24 --------- d-----w c:programStadkart 2008-10-30 15:22 --------- d-----w c:programUnlocker 2008-10-30 09:41 66,872 ----a-w c:windowssystem32PnkBstrA.exe 2008-10-30 09:41 22,328 ----a-w c:windowssystem32driversPnkBstrK.sys 2008-10-30 09:41 22,328 ----a-w c:documents and settingsAdministratörApplication DataPnkBstrK.sys 2008-10-30 09:41 2,337,865 ----a-w c:windowssystem32pbsvc.exe 2008-10-30 09:41 107,832 ----a-w c:windowssystem32PnkBstrB.exe 2008-10-29 08:37 --------- d-----w c:programDelade filerWise Installation Wizard 2008-10-29 08:03 --------- d-----w c:programAGEIA Technologies 2008-10-28 16:21 --------- d-----w c:programTuneUp Utilities 2008 2008-10-27 18:33 --------- d-----w c:programMicrosoft Silverlight 2008-10-27 18:29 --------- d-----w c:documents and settingsAll UsersApplication DataMicrosoft Help 2008-10-25 10:30 --------- d-----w c:programMicrosoft Visual Studio 8 2008-10-22 15:55 453,152 ----a-w c:windowssystem32NVUNINST.EXE 2008-10-18 10:50 --------- d-----w c:documents and settingsAll UsersApplication DatanView_Profiles 2008-10-18 10:05 --------- d-----w c:programASUS 2008-10-11 16:30 --------- d-----w c:documents and settingsAdministratörApplication DataWebshots 2008-10-10 05:55 --------- d-----w c:programIZArc 2008-10-07 11:33 286,720 ----a-w c:windowssystem32nvnt4cpl.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelTraditionalChinese.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelSwedish.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelSpanish.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelSimplifiedChinese.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelPortugese.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelKorean.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelJapanese.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelGerman.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelFrench.dll 2008-10-07 08:13 288,024 ----a-w c:windowssystem32PhysXCplUI.exe 2008-10-07 08:13 288,024 ----a-w c:windowssystem32PhysXCompatCplUI.exe 2008-10-07 08:13 23,320 ----a-w c:windowssystem32PhysXDevice.dll 2008-10-05 18:52 --------- d-----w c:programQuickTime 2008-10-05 18:52 --------- d-----w c:programDelade filerApple 2008-10-05 18:52 --------- d-----w c:documents and settingsAll UsersApplication DataApple Computer 2008-10-05 18:51 --------- d-----w c:documents and settingsAll UsersApplication DataApple 2008-10-05 12:23 --------- d-----w c:programTHQ 2008-10-04 13:16 --------- d-----w c:documents and settingsAdministratörApplication DataMicrosoft Games 2008-10-03 16:09 --------- d-----w c:programuTorrent 2008-10-01 13:13 --------- d-----w c:documents and settingsLocalServiceApplication DataSACore 2008-10-01 12:23 355,584 ----a-w c:windowssystem32TuneUpDefragService.exe 2008-10-01 07:17 --------- d-----w c:documents and settingsAdministratörApplication DataDivX 2008-09-30 18:44 --------- d-----w c:programElectronic Arts 2008-09-30 15:45 --------- d-----w c:programReference Assemblies 2008-09-30 15:45 --------- d-----w c:programMSBuild 2008-09-30 07:05 --------- d-----w c:documents and settingsAdministratörApplication DataF-Secure 2008-09-29 17:26 --------- d-----w c:programMSXML 4.0 2008-09-29 13:56 215,144 ----a-w c:windowspatchw32.dll 2008-09-29 11:59 --------- d-----w c:programActivision 2008-09-29 11:05 --------- d-----w c:documents and settingsAll UsersApplication DataUbisoft 2008-09-29 10:29 --------- d-----w c:programMicrosoft Games 2008-09-29 10:23 --------- dc-h--w c:documents and settingsAll UsersApplication Data{0691F710-1ECA-4B5A-9727-25554F1BFDC6} 2008-09-29 10:20 --------- d-----w c:programEADM 2008-09-29 10:19 --------- d-----w c:programDelade filerInstallShield 2008-09-29 10:09 --------- d-----w c:programFoxit Software 2008-09-29 10:07 --------- d-----w c:documents and settingsAdministratörApplication DataHP 2008-09-29 10:05 --------- d-----w c:documents and settingsAll UsersApplication DataHP 2008-09-29 10:03 --------- d-----w c:programDelade filerSonic Shared 2008-09-29 10:03 --------- d-----w c:programDelade filerHP 2008-09-29 10:03 --------- d-----w c:documents and settingsAll UsersApplication DataSonic 2008-09-29 10:01 --------- d-----w c:programHewlett-Packard 2008-09-29 10:01 --------- d-----w c:programDelade filerHewlett-Packard 2008-09-29 09:36 --------- d-----w c:programDIFX 2008-09-29 09:27 --------- d-----w c:programGoogle 2008-09-29 09:26 39,397 ----a-w c:programDEISL1.ISU 2008-09-29 09:22 --------- d-----w c:programfilehippo.com 2008-09-29 07:54 60,080 ----a-w c:windowsBricoPackUninst.cmd 2008-09-29 07:54 5,308 ----a-w c:windowsBricoPackFoldersDelete.cmd 2008-09-29 07:54 219,136 ----a-w c:windowssystem32uxtheme.dll 2008-09-29 07:43 --------- d-----w c:documents and settingsAll UsersApplication DataTuneUp Software 2008-09-29 07:43 --------- d-----w c:documents and settingsAdministratörApplication DataTuneUp Software 2008-09-29 07:34 --------- d-----w c:programNätLex 2008-09-29 07:29 --------- d-----w c:programRaxco 2008-09-29 07:29 --------- d-----w c:documents and settingsAll UsersApplication DataRaxco 2008-09-29 07:19 --------- d-----w c:programDAEMON Tools Lite 2008-04-14 19:35 60,416 --sha-w c:windowsBricoPacksSysFiles80_msimn.exe -
Virus eller annat skräp i datorn
Tony svarade på Tony's ämne i Borttagning av virus och andra skadliga program
Hej igen Malou. Vet inte riktigt vad du menade med"File:: /Registry:: men jag gör så gott jak kan eftersom jag inte är någon "Dataguru". Skickar Hijackisloggan först för att skicka den andra loggan direkt efter. Tony. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:38:33, on 2008-11-09 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32spoolsv.exe C:ProgramMicrosoft IntelliType Proitype.exe C:ProgramMicrosoft IntelliPointipoint.exe C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE C:WINDOWSsystem32ctfmon.exe C:ProgramPersonalbinPersonal.exe C:WINDOWSSystem32svchost.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE C:ProgramTeliaTelias sakerhetstjansterAnti-VirusFSGK32.EXE C:ProgramTeliaTelias sakerhetstjansterCommonFSMB32.EXE C:WINDOWSSystem32svchost.exe C:ProgramJavajre6binjqs.exe C:ProgramTeliaTelias sakerhetstjansterCommonFCH32.EXE C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsqh.exe C:ProgramTeliaTelias sakerhetstjansterCommonFAMEH32.EXE C:ProgramTeliaTelias sakerhetstjansterFSPCfspc.exe C:ProgramTeliaTelias sakerhetstjansterFSGUIfsguidll.exe C:ProgramMcAfeeSiteAdvisorMcSACore.exe C:ProgramDelade filerMicrosoft SharedVS7DEBUGmdm.exe C:ProgramCDBurnerXPNMSAccessU.exe C:WINDOWSsystem32nvsvc32.exe C:ProgramRaxcoPerfectDisk2008PD91Agent.exe C:WINDOWSsystem32HPZipm12.exe C:WINDOWSsystem32PnkBstrA.exe C:WINDOWSsystem32PnkBstrB.exe C:WINDOWSsystem32tcpsvcs.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32dllhost.exe C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfssm32.exe C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsus.exe C:WINDOWSsystem32dllhost.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsav32.exe C:WINDOWSexplorer.exe C:ProgramTeliaTelias sakerhetstjansterFSGUIscanwizard.exe C:WINDOWSexplorer.exe C:ProgramTrend MicroHijackThisTonys.exe.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://se.msn.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgramSpybot - Search & DestroySDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:programmcafeesiteadvisormcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:programmcafeesiteadvisormcieplg.dll O4 - HKLM..Run: [amd_dc_opt] C:ProgramAMDDual-Core Optimizeramd_dc_opt.exe O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE O4 - HKLM..Run: [itype] "c:ProgramMicrosoft IntelliType Proitype.exe" O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [intelliPoint] "c:ProgramMicrosoft IntelliPointipoint.exe" O4 - HKLM..Run: [F-Secure Manager] "C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE" /nosplash O4 - HKLM..Run: [F-Secure TNB] "C:ProgramTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - Global Startup: Personal.lnk = C:ProgramPersonalbinPersonal.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll O9 - Extra button: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra 'Tools' menuitem: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMI1933~1Office12REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1223566486796 O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.framkalla.com/iu/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222626909125 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222626942546 O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...427/mcfscan.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:programmcafeesiteadvisormcieplg.dll O20 - AppInit_DLLs: C:WINDOWSSystem32dpcdll32.dll O20 - Winlogon Notify: a441e429502 - C:WINDOWSSystem32dpcdll32.dll O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:ProgramMcAfeeSiteAdvisorMcSACore.exe O23 - Service: NMSAccessU - Unknown owner - C:ProgramCDBurnerXPNMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Engine.exe O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:WINDOWSSystem32TuneUpDefragService.exe -- End of file - 9653 bytes -
Virus eller annat skräp i datorn
Tony svarade på Tony's ämne i Borttagning av virus och andra skadliga program
Här kommer nästa. (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-08 12:51 --------- d-----w c:documents and settingsNetworkServiceApplication DataSACore 2008-11-07 16:55 --------- d-----w c:documents and settingsAll UsersApplication DataSpybot - Search & Destroy 2008-11-07 10:33 --------- d-----w c:programVista Inspirat 2 2008-11-06 08:20 --------- d-----w c:documents and settingsAdministratörApplication DataLimeWire 2008-11-06 06:55 --------- d-----w c:programTYPEFACE 2008-11-06 06:55 --------- d-----w c:programSYMBOLS 2008-11-06 06:55 --------- d-----w c:programPALETTES 2008-11-06 06:55 --------- d-----w c:programFONTS 2008-11-06 06:55 --------- d-----w c:programFILTERS 2008-11-06 06:55 --------- d-----w c:programCUSTOM 2008-11-06 06:55 --------- d-----w c:programBANNERS 2008-11-06 06:55 --------- d-----w c:programACTIVITY 2008-11-05 12:09 --------- d-----r c:programPrivat 2008-11-05 06:05 --------- d-----w c:documents and settingsAll UsersApplication DataSiteAdvisor 2008-11-05 06:05 --------- d-----w c:documents and settingsAll UsersApplication DataMcAfee 2008-11-04 20:02 --------- d-----w c:documents and settingsAdministratörApplication DatauTorrent 2008-11-04 19:56 --------- d-----w c:programSystemRequirementsLab 2008-11-04 13:37 --------- d-----w c:programDivX 2008-11-02 18:01 --------- d-----w c:programLimeWire 2008-11-02 11:42 --------- d-----w c:documents and settingsAll UsersApplication DataF-Secure 2008-11-02 11:41 --------- d-----w c:documents and settingsAll UsersApplication Datafssg 2008-11-01 15:41 --------- d--h--w c:programInstallShield Installation Information 2008-10-31 12:39 --------- d-----w c:programApple Software Update 2008-10-31 11:46 --------- d-----w c:programHP 2008-10-31 09:49 --------- d-----w c:programCDBurnerXP 2008-10-31 09:20 --------- d-----w c:programJava 2008-10-30 15:24 --------- d-----w c:programStadkart 2008-10-30 15:22 --------- d-----w c:programUnlocker 2008-10-30 09:41 66,872 ----a-w c:windowssystem32PnkBstrA.exe 2008-10-30 09:41 22,328 ----a-w c:windowssystem32driversPnkBstrK.sys 2008-10-30 09:41 22,328 ----a-w c:documents and settingsAdministratörApplication DataPnkBstrK.sys 2008-10-30 09:41 2,337,865 ----a-w c:windowssystem32pbsvc.exe 2008-10-30 09:41 107,832 ----a-w c:windowssystem32PnkBstrB.exe 2008-10-29 08:37 --------- d-----w c:programDelade filerWise Installation Wizard 2008-10-29 08:03 --------- d-----w c:programAGEIA Technologies 2008-10-28 16:21 --------- d-----w c:programTuneUp Utilities 2008 2008-10-27 18:33 --------- d-----w c:programMicrosoft Silverlight 2008-10-27 18:29 --------- d-----w c:documents and settingsAll UsersApplication DataMicrosoft Help 2008-10-25 10:30 --------- d-----w c:programMicrosoft Visual Studio 8 2008-10-22 15:55 453,152 ----a-w c:windowssystem32NVUNINST.EXE 2008-10-18 10:50 --------- d-----w c:documents and settingsAll UsersApplication DatanView_Profiles 2008-10-18 10:05 --------- d-----w c:programASUS 2008-10-11 16:30 --------- d-----w c:documents and settingsAdministratörApplication DataWebshots 2008-10-10 05:55 --------- d-----w c:programIZArc 2008-10-07 11:33 286,720 ----a-w c:windowssystem32nvnt4cpl.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelTraditionalChinese.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelSwedish.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelSpanish.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelSimplifiedChinese.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelPortugese.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelKorean.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelJapanese.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelGerman.dll 2008-10-07 08:13 58,648 ----a-w c:windowssystem32AgCPanelFrench.dll 2008-10-07 08:13 288,024 ----a-w c:windowssystem32PhysXCplUI.exe 2008-10-07 08:13 288,024 ----a-w c:windowssystem32PhysXCompatCplUI.exe 2008-10-07 08:13 23,320 ----a-w c:windowssystem32PhysXDevice.dll 2008-10-05 18:52 --------- d-----w c:programQuickTime 2008-10-05 18:52 --------- d-----w c:programDelade filerApple 2008-10-05 18:52 --------- d-----w c:documents and settingsAll UsersApplication DataApple Computer 2008-10-05 18:51 --------- d-----w c:documents and settingsAll UsersApplication DataApple 2008-10-05 12:23 --------- d-----w c:programTHQ 2008-10-04 13:16 --------- d-----w c:documents and settingsAdministratörApplication DataMicrosoft Games 2008-10-03 16:09 --------- d-----w c:programuTorrent 2008-10-01 13:13 --------- d-----w c:documents and settingsLocalServiceApplication DataSACore 2008-10-01 12:23 355,584 ----a-w c:windowssystem32TuneUpDefragService.exe 2008-10-01 07:17 --------- d-----w c:documents and settingsAdministratörApplication DataDivX 2008-09-30 18:44 --------- d-----w c:programElectronic Arts 2008-09-30 15:45 --------- d-----w c:programReference Assemblies 2008-09-30 15:45 --------- d-----w c:programMSBuild 2008-09-30 07:05 --------- d-----w c:documents and settingsAdministratörApplication DataF-Secure 2008-09-29 17:26 --------- d-----w c:programMSXML 4.0 2008-09-29 13:56 215,144 ----a-w c:windowspatchw32.dll 2008-09-29 11:59 --------- d-----w c:programActivision 2008-09-29 11:05 --------- d-----w c:documents and settingsAll UsersApplication DataUbisoft 2008-09-29 10:29 --------- d-----w c:programMicrosoft Games 2008-09-29 10:23 --------- dc-h--w c:documents and settingsAll UsersApplication Data{0691F710-1ECA-4B5A-9727-25554F1BFDC6} 2008-09-29 10:20 --------- d-----w c:programEADM 2008-09-29 10:19 --------- d-----w c:programDelade filerInstallShield 2008-09-29 10:09 --------- d-----w c:programFoxit Software 2008-09-29 10:07 --------- d-----w c:documents and settingsAdministratörApplication DataHP 2008-09-29 10:05 --------- d-----w c:documents and settingsAll UsersApplication DataHP 2008-09-29 10:03 --------- d-----w c:programDelade filerSonic Shared 2008-09-29 10:03 --------- d-----w c:programDelade filerHP 2008-09-29 10:03 --------- d-----w c:documents and settingsAll UsersApplication DataSonic 2008-09-29 10:01 --------- d-----w c:programHewlett-Packard 2008-09-29 10:01 --------- d-----w c:programDelade filerHewlett-Packard 2008-09-29 09:36 --------- d-----w c:programDIFX 2008-09-29 09:27 --------- d-----w c:programGoogle 2008-09-29 09:26 39,397 ----a-w c:programDEISL1.ISU 2008-09-29 09:22 --------- d-----w c:programfilehippo.com 2008-09-29 07:54 60,080 ----a-w c:windowsBricoPackUninst.cmd 2008-09-29 07:54 5,308 ----a-w c:windowsBricoPackFoldersDelete.cmd 2008-09-29 07:54 219,136 ----a-w c:windowssystem32uxtheme.dll 2008-09-29 07:43 --------- d-----w c:documents and settingsAll UsersApplication DataTuneUp Software 2008-09-29 07:43 --------- d-----w c:documents and settingsAdministratörApplication DataTuneUp Software 2008-09-29 07:34 --------- d-----w c:programNätLex 2008-09-29 07:29 --------- d-----w c:programRaxco 2008-09-29 07:29 --------- d-----w c:documents and settingsAll UsersApplication DataRaxco 2008-09-29 07:19 --------- d-----w c:programDAEMON Tools Lite 2008-04-14 19:35 60,416 --sha-w c:windowsBricoPacksSysFiles80_msimn.exe . ------- Sigcheck ------- 2008-06-23 16:42 827904 763148c042469c197933ac956e566226 c:windows$hf_mig$KB953838-IE7SP2QFEwininet.dll 2008-08-26 10:12 827904 27431705f27b772f4f7903e4bf96efb2 c:windows$hf_mig$KB956390-IE7SP2QFEwininet.dll 2004-08-04 13:00 656896 9f721bd834534e75661d8f9bd1efdcd7 c:windows$NtServicePackUninstall$wininet.dll 2008-04-14 20:34 666624 b8d98f0cdf9b1429cd95497ad9995078 c:windowsie7wininet.dll 2007-08-13 17:54 818688 a4a0fc92358f39538a6494c42ef99fe9 c:windowsie7updatesKB953838-IE7wininet.dll 2008-06-23 17:42 826368 ce365a16790ec5c5dddc78820949c02e c:windowsie7updatesKB956390-IE7wininet.dll 2008-08-26 09:27 817152 7bd592ed5ff783bf9984dc5fce7288d4 c:windowsServicePackFilesi386wininet.dll 2008-08-26 09:27 817152 7bd592ed5ff783bf9984dc5fce7288d4 c:windowssystem32wininet.dll 2008-08-26 09:27 826368 91a76d98b206723d21612aecbc1d65ce c:windowssystem32dllcachewininet.dll 2008-04-14 20:35 976384 bcda7a0bd489b6cf8427bd37026d7f0d c:windowsexplorer.exe 2004-08-04 13:00 1032704 87a3c8ead27cf3591713d629d8bcb990 c:windows$NtServicePackUninstall$explorer.exe 2008-04-14 20:35 976384 bcda7a0bd489b6cf8427bd37026d7f0d c:windowsServicePackFilesi386explorer.exe . ((((((((((((((((((((((((((((( snapshot@2008-11-08_10.50.26,03 ))))))))))))))))))))))))))))))))))))))))) . + 2007-07-13 09:54:40 24,576 ----a-w c:windowsMcAfee.comFreeScanavdat.exe + 2008-07-09 03:30:00 5,444 ----a-w c:windowsMcAfee.comFreeScanconfig.dat + 2008-11-07 14:47:52 156,936 ----a-w c:windowsMcAfee.comFreeScanmcfscan.dll + 2008-07-09 03:30:00 3,092,646 ----a-w c:windowsMcAfee.comFreeScanmcscan32.dll + 2008-11-07 04:30:00 942,396 ----a-w c:windowsMcAfee.comFreeScannames.DAT + 2006-12-18 09:03:00 7,449 ----a-w c:windowsMcAfee.comFreeScanrwabs16.dll + 2006-12-18 09:03:10 16,921 ----a-w c:windowsMcAfee.comFreeScanrwabs32.dll + 2008-11-07 04:30:00 56,335,896 ----a-w c:windowsMcAfee.comFreeScanscan.DAT - 2008-11-02 11:42:42 76,862 ----a-w c:windowssystem32perfc009.dat + 2008-11-08 10:30:41 76,862 ----a-w c:windowssystem32perfc009.dat - 2008-11-02 11:42:42 88,992 ----a-w c:windowssystem32perfc01D.dat + 2008-11-08 10:30:41 88,992 ----a-w c:windowssystem32perfc01D.dat - 2008-11-02 11:42:42 454,716 ----a-w c:windowssystem32perfh009.dat + 2008-11-08 10:30:41 454,716 ----a-w c:windowssystem32perfh009.dat - 2008-11-02 11:42:42 456,648 ----a-w c:windowssystem32perfh01D.dat + 2008-11-08 10:30:41 456,648 ----a-w c:windowssystem32perfh01D.dat + 2008-11-08 10:36:06 16,384 ----atw c:windowsTempPerflib_Perfdata_170.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "ctfmon.exe"="c:windowssystem32ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "amd_dc_opt"="c:programAMDDual-Core Optimizeramd_dc_opt.exe" [2007-07-23 77824] "itype"="c:programMicrosoft IntelliType Proitype.exe" [2008-06-10 1442888] "NvCplDaemon"="c:windowssystem32NvCpl.dll" [2008-10-23 13672448] "IntelliPoint"="c:programMicrosoft IntelliPointipoint.exe" [2008-06-10 1406024] "F-Secure Manager"="c:programTeliaTelias sakerhetstjansterCommonFSM32.EXE" [2008-09-23 182936] "F-Secure TNB"="c:programTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" [2008-09-23 957024] "SoundMan"="SOUNDMAN.EXE" [2007-04-16 c:windowssoundman.exe] c:documents and settingsAll UsersStart-menyProgramAutostart Personal.lnk - c:programPersonalbinPersonal.exe [2008-09-29 910864] [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "NoResolveSearch"= 1 (0x1) [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciesexplorer] "MaxRecentDocs"= 2 (0x2) [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwinlogonnotifya441e429502] 2008-11-06 09:23 135168 c:windowssystem32dpcdll32.dll [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindows ntcurrentversionwindows] "AppInit_DLLs"=c:windowsSystem32dpcdll32.dll [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionrun-] "ctfmon.exe"=c:windowssystem32ctfmon.exe [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center] "UpdatesDisableNotify"=dword:00000001 [HKLM~servicessharedaccessparametersfirewallpolicystandardprofile] "EnableFirewall"= 0 (0x0) [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList] "%windir%Network Diagnosticxpnetdiag.exe"= "c:ProgramMicrosoft OfficeOffice12OUTLOOK.EXE"= "c:ProgramMicrosoft OfficeOffice12GROOVE.EXE"= "c:ProgramuTorrentuTorrent.exe"= "c:ProgramHPDigital Imagingbinhpqtra08.exe"= "c:ProgramHPDigital Imagingbinhpqste08.exe"= "c:ProgramHPDigital Imagingbinhpofxm08.exe"= "c:ProgramHPDigital Imagingbinhposfx08.exe"= "c:ProgramHPDigital Imagingbinhposid01.exe"= "c:ProgramHPDigital Imagingbinhpqscnvw.exe"= "c:ProgramHPDigital Imagingbinhpqkygrp.exe"= "c:ProgramHPDigital ImagingbinhpqCopy.exe"= "c:ProgramHPDigital Imagingbinhpfccopy.exe"= "c:ProgramHPDigital Imagingbinhpzwiz01.exe"= "c:ProgramHPDigital ImagingUnloadHpqPhUnl.exe"= "c:ProgramHPDigital ImagingUnloadHpqDIA.exe"= "c:ProgramHPDigital Imagingbinhpoews01.exe"= "c:ProgramHPDigital Imagingbinhpqnrs08.exe"= "c:ProgramMicrosoft GamesGears of WarBinariesWarGame-G4WLive.exe"= "c:WINDOWSsystem32PnkBstrA.exe"= "c:WINDOWSsystem32PnkBstrB.exe"= "c:ProgramElectronic ArtsCrytekCrysisBin32Crysis.exe"= "c:ProgramElectronic ArtsCrytekCrysisBin32CrysisDedicatedServer.exe"= "c:ProgramElectronic ArtsMedal of Honor AirborneUnrealEngine3BinariesMOHA.exe"= "c:ProgramTHQFrontlines-Fuel of WarBinariesFFOW.exe"= "c:ProgramUbisoftFar Cry 2binFarCry2.exe"= "c:ProgramUbisoftFar Cry 2binFC2Launcher.exe"= "c:ProgramUbisoftFar Cry 2binFC2Editor.exe"= "c:WINDOWSsystem32sessmgr.exe"= "c:ProgramUbisoftTom Clancy's Rainbow Six Vegas 2BinariesR6Vegas2_Game.exe"= "c:ProgramUbisoftTom Clancy's Rainbow Six Vegas 2BinariesR6Vegas2_Launcher.exe"= "c:ProgramActivisionCall of Duty 4 - Modern Warfareiw3mp.exe"= [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileIcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R0 fsbts;fsbts;c:windowssystem32Driversfsbts.sys [2008-11-02 30856] R0 FSFW;F-Secure Firewall Driver;c:windowssystem32driversfsdfw.sys [2008-09-23 79904] R0 nvgts;nvgts;c:windowssystem32DRIVERSnvgts.sys [2008-08-18 145952] R0 pavboot;pavboot;c:windowssystem32driverspavboot.sys [2008-06-19 28544] R2 JavaQuickStarterService;Java Quick Starter;c:programJavajre6binjqs.exe [2008-10-30 152984] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:programMcAfeeSiteAdvisorMcSACore.exe [2008-10-08 203280] R2 NMSAccessU;NMSAccessU;c:programCDBurnerXPNMSAccessU.exe [2008-06-15 71096] R2 PD91Agent;PD91Agent;c:programRaxcoPerfectDisk2008PD91Agent.exe [2008-09-09 693512] R2 UxTuneUp;TuneUp Theme Extension;c:windowsSystem32svchost.exe [2008-04-14 14336] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:programTeliaTelias sakerhetstjansterAnti-Virusminifilterfsgk.sys [2008-09-23 72288] S3 FSORSPClient;F-Secure ORSP Client;c:programTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe [2008-09-23 55904] S3 PD91Engine;PD91Engine;c:programRaxcoPerfectDisk2008PD91Engine.exe [2008-09-09 906504] S3 TuneUp.Defrag;TuneUp Drive Defrag Service;c:windowsSystem32TuneUpDefragService.exe [2008-10-01 355584] S4 F-Secure Filter;F-Secure File System Filter;c:programTeliaTelias sakerhetstjansterAnti-VirusWin2KFSfilter.sys [2008-09-23 39776] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:programTeliaTelias sakerhetstjansterAnti-VirusWin2KFSrec.sys [2008-09-23 25184] HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionSvchost - NetSvcs UxTuneUp [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2G] ShellAutoRuncommand - G:LaunchU3.exe -a [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{ace7479c-aa5e-11dd-a583-001a921dc4b4}] ShellAutoRuncommand - G:LaunchU3.exe -a . Contents of the 'Scheduled Tasks' folder 2008-10-31 c:windowsTasksMicrosoft_Hardware_Launch_IType_exe.job - c:programMicrosoft IntelliType Proitype.exe [2008-06-10 12:56] . . ------- Supplementary Scan ------- . O16 -: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab c:windowsDownloaded Program Filessysreqlab.osd c:windowsDownloaded Program Filessysreqlab3.dll c:windowsDownloaded Program Filessysreqlab_srl.dll O16 -: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.framkalla.com/iu/ImageUploader5.cab c:windowsDownloaded Program FilesImageUploader5.inf c:windowssystem32unicows.dll c:windowsDownloaded Program FilesImageUploader5.ocx . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-11-08 14:10:02 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: c:windowssystem32winlogon.exe -> c:windowsSystem32dpcdll32.dll PROCESS: c:windowssystem32lsass.exe -> c:windowsSystem32dpcdll32.dll . Completion time: 2008-11-08 14:10:43 ComboFix-quarantined-files.txt 2008-11-08 13:10:40 ComboFix2.txt 2008-11-08 09:50:44 Pre-Run: 294,487,400,448 byte ledigt Post-Run: 294,476,308,480 byte ledigt 397 ommer loggan på det andra -
Virus eller annat skräp i datorn
Tony svarade på Tony's ämne i Borttagning av virus och andra skadliga program
Hej. Här kommer ComboFix. måste dela det på två. Tony. ComboFix 08-11-07.01 - Administratör 2008-11-08 14:08:49.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1053.18.2474 [GMT 1:00] Running from: c:documents and settingsAdministratörSkrivbordComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-10-08 to 2008-11-08 ))))))))))))))))))))))))))))))) . 2008-11-08 11:56 . 2008-11-08 11:56 <KAT> d-------- c:windowsMcAfee.com 2008-11-08 11:56 . 2008-11-08 11:56 <KAT> d-------- c:windowsLastGood 2008-11-08 11:29 . 2008-11-08 11:33 <KAT> d-a------ c:documents and settingsAll UsersApplication DataTEMP 2008-11-07 11:37 . 2008-11-07 11:37 <KAT> d-------- c:programTrend Micro 2008-11-07 07:09 . 2008-11-07 07:09 <KAT> d--hs---- c:windowssystem32GroupPolicyManifest 2008-11-06 21:30 . 2008-11-07 11:11 <KAT> d-------- c:programPanda Security 2008-11-06 21:30 . 2008-06-19 17:24 28,544 --a------ c:windowssystem32driverspavboot.sys 2008-11-06 20:34 . 2008-11-06 20:36 <KAT> d-------- c:programSpybot - Search & Destroy 2008-11-06 09:35 . 2008-11-07 07:26 8,230 --a------ c:windowsGnuHashes.ini 2008-11-06 09:23 . 2008-11-06 09:23 318,976 --ahs---- c:windowssystem321543.tmp 2008-11-06 09:23 . 2008-11-06 09:23 135,168 --a------ c:windowssystem32dpcdll32.dll 2008-11-06 09:23 . 2008-11-07 07:09 1,397 --ahs---- c:windowssystem32GroupPolicy000.dat 2008-11-06 07:55 . 2008-11-04 18:24 39,157 --a------ c:windows_DETMP.1 2008-11-05 07:05 . 2008-11-05 13:06 <KAT> d-------- c:programMcAfee 2008-11-05 07:05 . 2008-11-05 07:05 <KAT> d-------- c:programDelade filerMcAfee 2008-11-04 14:09 . 2008-11-04 14:11 <KAT> d-------- c:documents and settingsAdministratörApplication DataU3 2008-11-02 12:47 . 2008-11-02 12:47 30,856 --a------ c:windowssystem32driversfsbts.sys 2008-11-02 12:42 . 2008-11-02 12:42 <KAT> d-------- c:programTelia 2008-11-02 12:42 . 2008-09-23 14:35 79,904 --a------ c:windowssystem32driversfsdfw.sys 2008-11-02 12:05 . 2008-11-07 17:58 <KAT> d-------- c:documents and settingsAdministratörSecurityScans 2008-11-02 12:05 . 2008-11-07 17:58 <KAT> d-------- c:documents and settingsAdministratörSecurityScans 2008-11-02 12:04 . 2008-11-02 12:04 <KAT> d-------- c:programMicrosoft Baseline Security Analyzer 2 2008-11-02 10:55 . 2008-11-02 10:55 <KAT> d-------- c:programMicrosoft IntelliPoint 2008-11-02 10:55 . 2008-06-10 13:04 31,048 --a------ c:windowssystem32driverspoint32.sys 2008-11-02 10:41 . 2008-11-02 10:41 <KAT> d-------- c:programIObit 2008-11-01 16:52 . 2008-11-01 16:52 <KAT> d-------- c:programCCleaner 2008-11-01 13:13 . 2008-11-01 13:13 <KAT> d-------- c:programUniblue 2008-11-01 13:13 . 2008-11-01 13:13 <KAT> d--h-c--- c:documents and settingsAll UsersApplication Data{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} 2008-11-01 13:13 . 2008-11-01 13:13 <KAT> d-------- c:documents and settingsAdministratörApplication DataUniblue 2008-10-31 10:23 . 2008-10-31 10:23 <KAT> d-------- c:programMicrosoft IntelliType Pro 2008-10-30 21:17 . 2008-10-30 21:17 410,976 --a------ c:windowssystem32deploytk.dll 2008-10-30 20:56 . 2008-10-30 20:56 <KAT> d-------- c:documents and settingsAdministratörApplication DataInstallShield 2008-10-30 20:56 . 2006-07-01 23:21 43,520 --a------ c:windowssystem32driversAmdK8.sys 2008-10-30 11:14 . 2008-10-30 11:20 20 --a------ c:windowssystem32PDBootState 2008-10-30 10:12 . 2008-10-30 10:12 <KAT> d-------- c:programRealtek AC97 2008-10-29 13:23 . 2005-07-26 07:02 923,520 --a------ c:windowssystem32driversnvmcp.sys 2008-10-29 13:23 . 2005-07-26 07:01 415,360 --a------ c:windowssystem32driversnvapu.sys 2008-10-29 13:23 . 2005-07-26 07:02 66,688 --a------ c:windowssystem32driversnvarm.sys 2008-10-29 13:23 . 2005-07-26 07:02 54,272 --a------ c:windowssystem32nvopenal.dll 2008-10-29 13:23 . 2005-07-26 06:58 53,376 --a------ c:windowssystem32driversnvax.sys 2008-10-29 13:23 . 2005-07-20 17:08 33,280 --a------ c:windowssystem32NVCOAD.DLL 2008-10-29 13:23 . 2005-07-26 07:02 30,208 --a------ c:windowssystem32nvasio.dll 2008-10-29 13:23 . 2005-07-26 07:02 21,504 --a------ c:windowssystem32OpenAL32.dll 2008-10-29 13:23 . 2005-07-26 07:02 7,680 --a------ c:windowssystem32nvack.dll 2008-10-29 13:23 . 2005-07-26 07:02 5,120 --a------ c:windowssystem32ALut.dll 2008-10-29 09:37 . 2008-10-29 09:37 <KAT> d-------- c:windows74224F8D4A1748169EDB7BB854DE532C.TMP 2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:windowssystem32divx_xx0c.dll 2008-10-28 23:36 . 2008-10-28 23:36 823,296 --a------ c:windowssystem32divx_xx07.dll 2008-10-28 23:35 . 2008-10-28 23:35 815,104 --a------ c:windowssystem32divx_xx0a.dll 2008-10-28 23:35 . 2008-10-28 23:35 802,816 --a------ c:windowssystem32divx_xx11.dll 2008-10-28 23:35 . 2008-10-28 23:35 729,088 --a------ c:windowssystem32divxdec.ax 2008-10-28 23:35 . 2008-10-28 23:35 684,032 --a------ c:windowssystem32DivX.dll 2008-10-28 11:06 . 2008-10-28 11:06 107,888 --a------ c:windowssystem32CmdLineExt.dll 2008-10-28 10:41 . 2008-10-30 10:34 <KAT> d-------- c:programUbisoft 2008-10-28 08:12 . 2008-10-28 08:12 <KAT> dr-h----- c:documents and settingsAdministratörApplication DataSecuROM 2008-10-27 20:35 . 2008-10-22 16:10 38,496 --a------ c:windowssystem32driversmbamswissarmy.sys 2008-10-27 20:35 . 2008-10-22 16:10 15,504 --a------ c:windowssystem32driversmbam.sys 2008-10-27 19:59 . 2007-06-29 14:47 34,304 --a------ c:windowssystem32driversAmdLLD.sys 2008-10-27 19:29 . 2008-10-27 19:29 <KAT> d-------- c:programHDD Health 2008-10-25 11:35 . 2008-10-27 19:29 <KAT> d-------- c:programMicrosoft CAPICOM 2.1.0.2 2008-10-24 16:06 . 2008-10-27 20:36 <KAT> d-------- c:programMalwarebytes' Anti-Malware 2008-10-24 16:06 . 2008-10-24 16:06 <KAT> d-------- c:documents and settingsAll UsersApplication DataMalwarebytes 2008-10-24 16:06 . 2008-10-24 16:06 <KAT> d-------- c:documents and settingsAdministratörApplication DataMalwarebytes 2008-10-16 19:42 . 2008-10-16 19:42 <KAT> d--h----- c:windowsPIF 2008-10-14 10:17 . 2008-10-14 10:17 <KAT> d-------- c:documents and settingsAdministratörApplication DataApple Computer 2008-10-14 08:45 . 2008-04-14 20:34 221,184 --a------ c:windowssystem32wmpns.dll 2008-10-14 06:40 . 2008-10-14 06:40 <KAT> d-------- c:programJoshMadison 2008-10-13 09:56 . 2008-10-13 09:56 70,936 --a------ c:windowssystem32PhysXLoader.dll 2008-10-13 06:16 . 2008-10-13 06:16 250 --a------ c:windowsgmer.ini 2008-10-12 10:10 . 2008-10-27 19:59 <KAT> d-------- c:programAMD 2008-10-12 08:28 . 2008-10-23 07:42 203,146 --a------ c:windowssystem32nvapps.nvb 2008-10-11 17:30 . 2008-10-11 17:30 <KAT> d-------- c:programWebshots 2008-10-11 17:23 . 2008-10-11 17:23 <KAT> d-------- c:programAGI 2008-10-10 06:42 . 2008-04-14 20:34 116,224 --a--c--- c:windowssystem32dllcachexrxwiadr.dll 2008-10-10 06:42 . 2001-08-18 05:37 99,865 --a--c--- c:windowssystem32dllcachexlog.exe 2008-10-10 06:42 . 2001-09-06 19:33 27,648 --a--c--- c:windowssystem32dllcachexrxftplt.exe 2008-10-10 06:42 . 2001-09-06 19:33 23,040 --a--c--- c:windowssystem32dllcachexrxwbtmp.dll 2008-10-10 06:42 . 2008-04-13 21:04 19,455 --a--c--- c:windowssystem32dllcachewvchntxx.sys 2008-10-10 06:42 . 2008-04-13 23:16 19,200 --a--c--- c:windowssystem32dllcachewstcodec.sys 2008-10-10 06:42 . 2008-04-14 20:34 18,944 --a--c--- c:windowssystem32dllcachexrxscnui.dll 2008-10-10 06:42 . 2001-08-17 19:11 16,970 --a--c--- c:windowssystem32dllcachexem336n5.sys 2008-10-10 06:42 . 2008-04-13 21:04 12,063 --a--c--- c:windowssystem32dllcachewsiintxx.sys 2008-10-10 06:42 . 2008-04-14 20:34 8,192 --a--c--- c:windowssystem32dllcachewshirda.dll 2008-10-10 06:42 . 2001-09-06 19:33 4,608 --a--c--- c:windowssystem32dllcachexrxflnch.exe 2008-10-10 06:40 . 2001-08-17 20:28 794,399 --a--c--- c:windowssystem32dllcacheusr1806v.sys 2008-10-10 06:39 . 2001-08-17 20:28 794,654 --a--c--- c:windowssystem32dllcacheusr1801.sys 2008-10-10 06:38 . 2001-09-06 19:33 525,568 --a--c--- c:windowssystem32dllcachetridxp.dll 2008-10-10 06:37 . 2001-09-06 19:33 172,768 --a--c--- c:windowssystem32dllcachet2r4disp.dll 2008-10-10 06:36 . 2001-09-06 18:47 285,760 --a--c--- c:windowssystem32dllcachestlnata.sys 2008-10-10 06:35 . 2001-09-06 19:33 147,200 --a--c--- c:windowssystem32dllcachesmidispb.dll 2008-10-10 06:34 . 2001-09-06 19:33 386,560 --a--c--- c:windowssystem32dllcachesgiul50.dll 2008-10-10 06:33 . 2001-09-06 19:32 495,616 --a--c--- c:windowssystem32dllcachesblfx.dll 2008-10-10 06:32 . 2001-09-06 19:09 714,858 --a--c--- c:windowssystem32dllcacher2mdmkxx.sys 2008-10-10 06:31 . 2001-09-06 19:09 899,274 --a--c--- c:windowssystem32dllcacher2mdkxga.sys 2008-10-10 06:31 . 2008-04-14 20:34 159,232 --a--c--- c:windowssystem32dllcacheptpusd.dll 2008-10-10 06:31 . 2001-08-17 20:28 130,942 --a--c--- c:windowssystem32dllcacheptserlv.sys 2008-10-10 06:31 . 2001-08-17 20:28 128,286 --a--c--- c:windowssystem32dllcacheptserli.sys 2008-10-10 06:31 . 2001-08-17 20:28 112,574 --a--c--- c:windowssystem32dllcacheptserlp.sys 2008-10-10 06:31 . 2001-08-17 20:52 49,024 --a--c--- c:windowssystem32dllcacheql1280.sys 2008-10-10 06:31 . 2001-08-17 20:52 45,312 --a--c--- c:windowssystem32dllcacheql12160.sys 2008-10-10 06:31 . 2001-09-06 19:33 41,472 --a--c--- c:windowssystem32dllcacheqvusd.dll 2008-10-10 06:31 . 2001-08-17 20:52 40,448 --a--c--- c:windowssystem32dllcacheql1240.sys 2008-10-10 06:31 . 2001-08-17 20:52 40,320 --a--c--- c:windowssystem32dllcacheql1080.sys 2008-10-10 06:31 . 2001-08-17 20:52 33,152 --a--c--- c:windowssystem32dllcacheql10wnt.sys 2008-10-10 06:31 . 2008-04-13 23:10 6,016 --a--c--- c:windowssystem32dllcacheqic157.sys 2008-10-10 06:31 . 2001-08-17 20:53 3,328 --a--c--- c:windowssystem32dllcacheqv2kux.sys 2008-10-10 06:29 . 2001-08-17 21:05 351,616 --a--c--- c:windowssystem32dllcacheovcodek2.sys 2008-10-10 06:28 . 2008-08-14 14:27 2,066,816 --a--c--- c:windowssystem32dllcachentkrnlpa.exe 2008-10-10 06:28 . 2001-08-17 19:50 198,144 --a--c--- c:windowssystem32dllcachenv3.sys 2008-10-10 06:28 . 2008-04-14 20:13 132,695 --a--c--- c:windowssystem32dllcachenetwlan5.sys 2008-10-10 06:28 . 2001-08-17 19:20 126,080 --a--c--- c:windowssystem32dllcachenm5a2wdm.sys 2008-10-10 06:28 . 2001-09-06 19:32 123,776 --a--c--- c:windowssystem32dllcachenv3.dll 2008-10-10 06:28 . 2001-08-17 19:20 87,040 --a--c--- c:windowssystem32dllcachenm6wdm.sys 2008-10-10 06:28 . 2001-09-06 19:01 65,278 --a--c--- c:windowssystem32dllcachenetflx3.sys 2008-10-10 06:28 . 2001-08-17 19:20 54,528 --a--c--- c:windowssystem32dllcacheopl3sax.sys 2008-10-10 06:28 . 2001-08-17 19:49 51,552 --a--c--- c:windowssystem32dllcachentgrip.sys 2008-10-10 06:28 . 2001-08-17 19:12 32,840 --a--c--- c:windowssystem32dllcachengrpci.sys 2008-10-10 06:28 . 2008-04-13 23:24 28,672 --a--c--- c:windowssystem32dllcachenscirda.sys 2008-10-10 06:28 . 2001-09-06 19:02 9,472 --a--c--- c:windowssystem32dllcachentapm.sys 2008-10-10 06:28 . 2001-08-17 20:53 7,552 --a--c--- c:windowssystem32dllcachensmmc.sys 2008-10-10 06:26 . 2008-04-14 20:35 56,832 --a--c--- c:windowssystem32dllcachemsdvbnp.ax 2008-10-10 06:26 . 2008-04-13 23:16 51,200 --a--c--- c:windowssystem32dllcachemsdv.sys 2008-10-10 06:26 . 2008-04-13 23:16 49,024 --a--c--- c:windowssystem32dllcachemstape.sys 2008-10-10 06:26 . 2001-08-17 21:02 35,200 --a--c--- c:windowssystem32dllcachemsgame.sys 2008-10-10 06:26 . 2008-04-13 23:24 22,016 --a--c--- c:windowssystem32dllcachemsircomm.sys . -
Virus eller annat skräp i datorn
Tony svarade på Tony's ämne i Borttagning av virus och andra skadliga program
Hej igen Malou. Har kört programmet igen och sparat loggan på en annan Hd. Så här kommer den Hoppas det går bättre nu. Skicka även loggan på Hijackis. Måste skicka det var för sig när det blev för stort Tony. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:19:43, on 2008-11-08 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32csrss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSExplorer.EXE C:WINDOWSSOUNDMAN.EXE C:ProgramMicrosoft IntelliType Proitype.exe C:ProgramMicrosoft IntelliPointipoint.exe C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE C:WINDOWSsystem32ctfmon.exe C:ProgramPersonalbinPersonal.exe C:WINDOWSSystem32alg.exe C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe C:WINDOWSSystem32svchost.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE C:ProgramTeliaTelias sakerhetstjansterAnti-VirusFSGK32.EXE C:ProgramTeliaTelias sakerhetstjansterCommonFSMB32.EXE C:WINDOWSSystem32svchost.exe C:ProgramTeliaTelias sakerhetstjansterCommonFCH32.EXE C:ProgramJavajre6binjqs.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsqh.exe C:ProgramTeliaTelias sakerhetstjansterCommonFAMEH32.EXE C:ProgramTeliaTelias sakerhetstjansterFSPCfspc.exe C:ProgramMcAfeeSiteAdvisorMcSACore.exe C:ProgramTeliaTelias sakerhetstjansterFSGUIfsguidll.exe C:ProgramDelade filerMicrosoft SharedVS7DEBUGmdm.exe C:WINDOWSsystem32msiexec.exe C:ProgramCDBurnerXPNMSAccessU.exe C:WINDOWSsystem32nvsvc32.exe C:ProgramRaxcoPerfectDisk2008PD91Agent.exe C:WINDOWSsystem32HPZipm12.exe C:WINDOWSsystem32PnkBstrA.exe C:WINDOWSsystem32PnkBstrB.exe C:WINDOWSsystem32locator.exe C:WINDOWSsystem32tcpsvcs.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32dllhost.exe C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfssm32.exe C:WINDOWSsystem32dllhost.exe C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsus.exe C:WINDOWSsystem32msdtc.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsav32.exe C:WINDOWSsystem32wuauclt.exe C:WINDOWSexplorer.exe C:ProgramTrend MicroHijackThisTonys.exe.exe C:WINDOWSsystem32wbemwmiprvse.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://se.msn.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgramSpybot - Search & DestroySDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:programmcafeesiteadvisormcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:programmcafeesiteadvisormcieplg.dll O4 - HKLM..Run: [amd_dc_opt] C:ProgramAMDDual-Core Optimizeramd_dc_opt.exe O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE O4 - HKLM..Run: [itype] "c:ProgramMicrosoft IntelliType Proitype.exe" O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [intelliPoint] "c:ProgramMicrosoft IntelliPointipoint.exe" O4 - HKLM..Run: [F-Secure Manager] "C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE" /nosplash O4 - HKLM..Run: [F-Secure TNB] "C:ProgramTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - Global Startup: Personal.lnk = C:ProgramPersonalbinPersonal.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll O9 - Extra button: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra 'Tools' menuitem: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMI1933~1Office12REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1223566486796 O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.framkalla.com/iu/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222626909125 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222626942546 O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...427/mcfscan.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:programmcafeesiteadvisormcieplg.dll O20 - AppInit_DLLs: C:WINDOWSSystem32dpcdll32.dll O20 - Winlogon Notify: a441e429502 - C:WINDOWSSystem32dpcdll32.dll O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:ProgramMcAfeeSiteAdvisorMcSACore.exe O23 - Service: NMSAccessU - Unknown owner - C:ProgramCDBurnerXPNMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Engine.exe O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:WINDOWSSystem32TuneUpDefragService.exe -- End of file - 10072 bytes -
Virus eller annat skräp i datorn
Tony svarade på Tony's ämne i Borttagning av virus och andra skadliga program
Hej igen. Orsaken till omstarten var att jag inte kunde starta om "Telia säker surf", det var helt kört. Därför ville jag inte starta internet heller. Har letat i Combo Fix mapp men tyvärr inte hittat txt-filen. Det börjar att luta åt att formatera Hd Mvh. Tony -
Virus eller annat skräp i datorn
Tony svarade på Tony's ämne i Borttagning av virus och andra skadliga program
Hej igen Malou. Nu är jag igång igen. Här kommer loggan. Jag blev tvingad att starta om datorn för att få allt att fungera igen, därför vet jag inte var loggan för Combofix tog vägen. hoppas att det är denna som jag skickar med. 2007 Microsoft Office Suite Service Pack 1 (SP1) Adobe Flash Player 10 ActiveX Adobe Shockwave Player 11 Advanced WindowsCare Personal AI Booster AiO_Scan_CDA AiOSoftwareNPI AMD Processor Driver Apple Software Update ASUSUpdate µTorrent Brothers in Arms: Hell's Highway BufferChm C4100 c4100_Help Call of Duty® 2 Call of Duty® 2 Patch 1.2 Call of Duty® 2 Patch 1.3 Call of Duty® 4 - Modern Warfare Call of Duty® 4 - Modern Warfare 1.1 Patch Call of Duty® 4 - Modern Warfare 1.2 Patch Call of Duty® 4 - Modern Warfare 1.4 Patch Call of Duty® 4 - Modern Warfare 1.6 Patch Call of Duty® 4 - Modern Warfare 1.7 Patch CCleaner (remove only) CDBurnerXP Convert Cool & Quiet CP_CalendarTemplates1 cp_OnlineProjectsConfig CP_Package_Basic1 CP_Panorama1Config cp_PosterPrintConfig Crysis WARHEAD® Crysis® CueTour CustomerResearchQFolder Destinations DeviceManagementQFolder DivX Codec DivX Converter DivX Player DivX Web Player DocProc DocProcQFolder DocumentViewer DocumentViewerQFolder Dual-Core Optimizer EA Download Manager eSupportQFolder Far Cry Far Cry (Patch 1) Far Cry (Patch 1.4) Far Cry 2 Fax_CDA filehippo.com Update Checker Foxit Reader Frontlines: Fuel of War FullDPAppQFolder Gears of War Google Earth Harry Potter och Fenixorden HDD Health v3.3 Beta Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB915800-v4) HP Update HPPhotoSmartExpress HPProductAssistant InstantShareDevices InstantShareDevicesMFC IZArc 3.81 Java 6 Update 10 Kartex LimeWire PRO 4.18.8 Malwarebytes' Anti-Malware MarketResearch McAfee SiteAdvisor Medal of Honor Airborne Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 1.1 Swedish Language Pack Microsoft .NET Framework 2.0 Service Pack 1 Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - SVE Microsoft .NET Framework 3.0 Service Pack 1 Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - SVE Microsoft .NET Framework 3.5 Microsoft .NET Framework 3.5 Language Pack - sve Microsoft Application Error Reporting Microsoft Baseline Security Analyzer 2.1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Games for Windows - LIVE Redistributable Microsoft IntelliPoint 6.3 Microsoft IntelliType Pro 6.3 Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Access MUI (Swedish) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Swedish) 2007 Microsoft Office Groove MUI (Swedish) 2007 Microsoft Office InfoPath MUI (Swedish) 2007 Microsoft Office OneNote MUI (Swedish) 2007 Microsoft Office Outlook MUI (Swedish) 2007 Microsoft Office PowerPoint MUI (Swedish) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (Finnish) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Swedish) 2007 Microsoft Office Proofing (Swedish) 2007 Microsoft Office Publisher MUI (Swedish) 2007 Microsoft Office Shared MUI (Swedish) 2007 Microsoft Office Word MUI (Swedish) 2007 Microsoft Silverlight Microsoft Software Update for Web Folders (Swedish) 12 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable MSXML 4.0 SP2 (KB936181) NewCopy_CDA NätLex 1.1.11 NVIDIA Drivers NVIDIA PhysX v8.10.13 Pack Vista Inspirat 2 1.0 Panda ActiveScan 2.0 PanoStandAlone PerfectDisk 2008 Professional Personal 4.9.3 PhotoGallery ProductContextNPI PunkBuster Services QuickTime RandMap Readme Realtek AC'97 Audio Scan ScannerCopy Security Update for 2007 Microsoft Office System (KB951944) Security Update for 2007 Microsoft Office System (KB955936) Security Update for Microsoft Office Excel 2007 (KB955470) Security Update for Microsoft Office OneNote 2007 (KB950130) Security Update for Microsoft Office PowerPoint 2007 (KB951338) Security Update for Microsoft Office Publisher 2007 (KB950114) Security Update for Microsoft Office system 2007 (KB951808) Security Update for Microsoft Office system 2007 (KB954326) Security Update for Microsoft Office Word 2007 (KB950113) SkinsHP1 SlideShow Snabbkorrigering för Windows Media Player 11 (KB939683) Snabbkorrigering för Windows XP (KB952287) Säkerhetsuppdatering för Windows Internet Explorer 7 (KB938127-v2) Säkerhetsuppdatering för Windows Internet Explorer 7 (KB953838) Säkerhetsuppdatering för Windows Internet Explorer 7 (KB956390) Säkerhetsuppdatering för Windows Media Player 11 (KB936782) Säkerhetsuppdatering för Windows Media Player 11 (KB954154) Säkerhetsuppdatering för Windows XP (KB923789) Säkerhetsuppdatering för Windows XP (KB938464) Säkerhetsuppdatering för Windows XP (KB941569) Säkerhetsuppdatering för Windows XP (KB946648) Säkerhetsuppdatering för Windows XP (KB950762) Säkerhetsuppdatering för Windows XP (KB950974) Säkerhetsuppdatering för Windows XP (KB951066) Säkerhetsuppdatering för Windows XP (KB951376-v2) Säkerhetsuppdatering för Windows XP (KB951698) Säkerhetsuppdatering för Windows XP (KB951748) Säkerhetsuppdatering för Windows XP (KB952954) Säkerhetsuppdatering för Windows XP (KB953839) Säkerhetsuppdatering för Windows XP (KB954211) Säkerhetsuppdatering för Windows XP (KB956391) Säkerhetsuppdatering för Windows XP (KB956803) Säkerhetsuppdatering för Windows XP (KB956841) Säkerhetsuppdatering för Windows XP (KB957095) Säkerhetsuppdatering för Windows XP (KB958644) SolutionCenter Sonic_PrimoSDK Språkpaket för Microsoft .NET Framework 3.5 - Swedish Spybot - Search & Destroy Stadskartan Status System Requirements Lab Telia Säker Surf Tom Clancy's Rainbow Six Vegas 2 Toolbox TrayApp TuneUp Utilities 2008 Uniblue RegistryBooster 2009 Unload Unlocker 1.8.7 Update for Microsoft Office Outlook 2007 (KB952142) Update for Office 2007 (KB946691) Update for Outlook 2007 Junk Email Filter (kb957258) Uppdatering för Windows XP (KB898461) Uppdatering för Windows XP (KB943729) Uppdatering för Windows XP (KB951072-v2) Uppdatering för Windows XP (KB951978) Uppgradering till Kartex 5.02.42 WebFldrs XP WebReg Webshots Desktop Windows Internet Explorer 7 Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 WinRAR archiver XML Paper Specification Shared Components Language Pack 1.0 XML Paper Specification Shared Components Pack 1.0 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:07:49, on 2008-11-08 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32csrss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSExplorer.EXE C:WINDOWSSOUNDMAN.EXE C:ProgramMicrosoft IntelliType Proitype.exe C:ProgramMicrosoft IntelliPointipoint.exe C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE C:WINDOWSsystem32ctfmon.exe C:ProgramPersonalbinPersonal.exe C:WINDOWSSystem32alg.exe C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe C:WINDOWSSystem32svchost.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE C:ProgramTeliaTelias sakerhetstjansterAnti-VirusFSGK32.EXE C:ProgramTeliaTelias sakerhetstjansterCommonFSMB32.EXE C:WINDOWSSystem32svchost.exe C:ProgramJavajre6binjqs.exe C:ProgramMcAfeeSiteAdvisorMcSACore.exe C:ProgramTeliaTelias sakerhetstjansterCommonFCH32.EXE C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsqh.exe C:ProgramTeliaTelias sakerhetstjansterCommonFAMEH32.EXE C:ProgramTeliaTelias sakerhetstjansterFSPCfspc.exe C:ProgramTeliaTelias sakerhetstjansterFSGUIfsguidll.exe C:ProgramDelade filerMicrosoft SharedVS7DEBUGmdm.exe C:ProgramCDBurnerXPNMSAccessU.exe C:WINDOWSsystem32nvsvc32.exe C:ProgramRaxcoPerfectDisk2008PD91Agent.exe C:WINDOWSsystem32HPZipm12.exe C:WINDOWSsystem32PnkBstrA.exe C:WINDOWSsystem32PnkBstrB.exe C:WINDOWSsystem32locator.exe C:WINDOWSsystem32tcpsvcs.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32dllhost.exe C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfssm32.exe C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsus.exe C:WINDOWSsystem32dllhost.exe C:WINDOWSsystem32msdtc.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsav32.exe C:ProgramTeliaTelias sakerhetstjansterFSGUIscanwizard.exe C:WINDOWSexplorer.exe C:ProgramTrend MicroHijackThisTonys.exe.exe C:WINDOWSsystem32wbemwmiprvse.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://se.msn.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgramSpybot - Search & DestroySDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:programmcafeesiteadvisormcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:programmcafeesiteadvisormcieplg.dll O4 - HKLM..Run: [amd_dc_opt] C:ProgramAMDDual-Core Optimizeramd_dc_opt.exe O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE O4 - HKLM..Run: [itype] "c:ProgramMicrosoft IntelliType Proitype.exe" O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [intelliPoint] "c:ProgramMicrosoft IntelliPointipoint.exe" O4 - HKLM..Run: [F-Secure Manager] "C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE" /nosplash O4 - HKLM..Run: [F-Secure TNB] "C:ProgramTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - Global Startup: Personal.lnk = C:ProgramPersonalbinPersonal.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll O9 - Extra button: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra 'Tools' menuitem: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMI1933~1Office12REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1223566486796 O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.framkalla.com/iu/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222626909125 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222626942546 O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:programmcafeesiteadvisormcieplg.dll O20 - AppInit_DLLs: C:WINDOWSSystem32dpcdll32.dll O20 - Winlogon Notify: a441e429502 - C:WINDOWSSystem32dpcdll32.dll O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:ProgramMcAfeeSiteAdvisorMcSACore.exe O23 - Service: NMSAccessU - Unknown owner - C:ProgramCDBurnerXPNMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Engine.exe O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:WINDOWSSystem32TuneUpDefragService.exe -- End of file - 9925 bytes -
Virus eller annat skräp i datorn
Tony svarade på Tony's ämne i Borttagning av virus och andra skadliga program
Hej Malou. Tack för att du hjälper mig. Här kommer resultatet Antivirus Version Senaste Uppdatering Resultat AhnLab-V3 2008.11.7.1 2008.11.07 - AntiVir 7.9.0.26 2008.11.07 TR/Spy.Gen Authentium 5.1.0.4 2008.11.07 W32/Heuristic-KPP!Eldorado Avast 4.8.1248.0 2008.11.06 - AVG 8.0.0.161 2008.11.07 Agent.AJDA BitDefender 7.2 2008.11.07 - CAT-QuickHeal 9.50 2008.11.07 - ClamAV 0.94.1 2008.11.07 - DrWeb 4.44.0.09170 2008.11.07 DLOADER.Trojan eSafe 7.0.17.0 2008.11.06 - eTrust-Vet 31.6.6198 2008.11.07 - Ewido 4.0 2008.11.07 - F-Prot 4.4.4.56 2008.11.06 W32/Heuristic-KPP!Eldorado F-Secure 8.0.14332.0 2008.11.07 Trojan-Downloader.Win32.Agent.aoal Fortinet 3.117.0.0 2008.11.07 - GData 19 2008.11.07 - Ikarus T3.1.1.45.0 2008.11.07 - K7AntiVirus 7.10.519 2008.11.07 - Kaspersky 7.0.0.125 2008.11.07 Trojan-Downloader.Win32.Agent.aoal McAfee 5426 2008.11.06 - Microsoft 1.4104 2008.11.07 - NOD32 3595 2008.11.07 a variant of Win32/Agent.OAF Norman 5.80.02 2008.11.07 - Panda 9.0.0.4 2008.11.07 Suspicious file PCTools 4.4.2.0 2008.11.07 - Prevx1 V2 2008.11.07 Malware Downloader Rising 21.02.42.00 2008.11.07 - SecureWeb-Gateway 6.7.6 2008.11.07 Trojan.Spy.Gen Sophos 4.35.0 2008.11.07 Mal/Behav-027 Sunbelt 3.1.1783.2 2008.11.05 - Symantec 10 2008.11.07 - TheHacker 6.3.1.1.143 2008.11.07 - TrendMicro 8.700.0.1004 2008.11.07 - VBA32 3.12.8.9 2008.11.06 - ViRobot 2008.11.7.1457 2008.11.07 - VirusBuster 4.5.11.0 2008.11.06 - Övrig information File size: 135168 bytes MD5...: 5f4fb6b0baa1543ee73f134a2339703d SHA1..: 27f92d7b8fd511af00f1b284b39a06fedb48d823 SHA256: 83f56612479b8f4a339b6f35e45d1b58a229da1dc7a77e9d2904f0a1d93102b2 SHA512: fb10974493d45f66125a31d9726b442e31bad3891e5bdc8aa52a80e267194c0d 39d8bd7977f41267f5e0fa16806f34044c2e5eb9e3f3de26b1096f47b84f304d PEiD..: - TrID..: File type identification Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x10001fc1 timedatestamp.....: 0x49113276 (Wed Nov 05 05:43:18 2008) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x150d4 0x16000 6.44 b566629051391d7469f5b66ba1d58b9f .rdata 0x17000 0x62f9 0x7000 6.29 a4653a5c80268c9a4c38e341392316ca .data 0x1e000 0x1498 0x1000 2.08 46eb391337a4ff9ec00d45f11c73b00a .reloc 0x20000 0x1a94 0x2000 5.84 29b3f505ac36c7db13d25f8d7b2e0813 ( 11 imports ) > ntdll.dll: _snprintf, _strnicmp, strlen, strstr, _stricmp, memcmp, atoi, _itoa, memcpy, _ultoa, tolower, memset, _chkstk, _allmul, _alldiv > msvcrt.dll: strtok > WS2_32.dll: -, -, WSAIoctl, -, WSAGetOverlappedResult, -, WSACreateEvent, -, WSAWaitForMultipleEvents, WSASend, WSASocketW, -, -, -, -, -, -, WSARecv > WININET.dll: InternetConnectA, HttpAddRequestHeadersA, HttpOpenRequestA, HttpSendRequestA, InternetOpenA, HttpQueryInfoA, InternetReadFile, InternetCloseHandle, InternetOpenUrlA, InternetSetOptionA > OLEAUT32.dll: -, - > SHLWAPI.dll: PathFileExistsA > KERNEL32.dll: EnterCriticalSection, GetVolumeInformationA, GetWindowsDirectoryA, GetFileTime, HeapFree, WaitNamedPipeA, FindNextFileA, SetNamedPipeHandleState, HeapAlloc, GetSystemDirectoryA, GetVersionExA, FindClose, RemoveDirectoryA, TransactNamedPipe, HeapSetInformation, HeapCreate, FindFirstFileA, HeapDestroy, FreeLibrary, CreateFileMappingA, OpenFileMappingA, UnmapViewOfFile, MapViewOfFile, ExitProcess, GetFileAttributesExA, SetFileAttributesA, CreateDirectoryA, TlsGetValue, TlsAlloc, CreateEventA, TlsSetValue, ProcessIdToSessionId, Process32Next, Process32First, WriteProcessMemory, VirtualAllocEx, Thread32Next, GetModuleHandleA, Thread32First, CreateToolhelp32Snapshot, InterlockedIncrement, InterlockedDecrement, GetCurrentThreadId, GetProcAddress, CloseHandle, OpenThread, GetCurrentProcessId, lstrcpyA, CreateFileA, WaitForMultipleObjects, GetFileSize, ReadFile, GetModuleFileNameA, GetModuleFileNameW, InitializeCriticalSection, ResetEvent, lstrcatA, GetLocalTime, WaitForSingleObject, OpenMutexA, InterlockedCompareExchange, CreateMutexA, lstrlenA, SetEvent, TerminateThread, OutputDebugStringA, Sleep, DuplicateHandle, GetExitCodeThread, ReleaseMutex, FlushFileBuffers, OpenEventA, SetUnhandledExceptionFilter, LeaveCriticalSection, GetCurrentThread, VirtualFree, GetFileInformationByHandle, GetLastError, SystemTimeToFileTime, lstrcmpiA, GetSystemTime, GetCurrentProcess, WriteFile, CreateThread, VirtualFreeEx, DisconnectNamedPipe, CreateNamedPipeA, ConnectNamedPipe, PeekNamedPipe, lstrcmpA, SetFilePointer, SetEndOfFile, GetTempFileNameA, DeleteCriticalSection, GetTempPathA, VirtualProtect, FlushInstructionCache, VirtualQuery, VirtualAlloc, SuspendThread, ResumeThread, GetThreadContext, SetThreadContext, SetLastError, lstrcmpW, MultiByteToWideChar, DeleteFileA, CreateProcessA, GetTickCount, GetFileAttributesA, LoadLibraryA, CreateRemoteThread, OpenProcess > USER32.dll: SetForegroundWindow, ShowWindow, PeekMessageA, WaitForInputIdle, MsgWaitForMultipleObjects, GetSystemMetrics, wsprintfA, DispatchMessageA > ADVAPI32.dll: ControlService, RegDeleteKeyA, OpenSCManagerA, RegCreateKeyExA, CloseServiceHandle, OpenServiceA, RegQueryValueExA, ChangeServiceConfigA, RegQueryInfoKeyA, RegEnumKeyExA, RegSetValueExA, RegCloseKey, RegOpenKeyExA > SHELL32.dll: ShellExecuteA, SHGetFolderPathA > ole32.dll: CoUninitialize, CoInitializeEx, CoCreateInstance ( 2 exports ) DllGetClassObject, EventStartup Prevx info: http://info.prevx.com/aboutprogramtext.asp...A56E900A6DDBF82 Antivirus Version Senaste Uppdatering Resultat AhnLab-V3 2008.11.7.1 2008.11.07 - AntiVir 7.9.0.26 2008.11.07 - Authentium 5.1.0.4 2008.11.07 - Avast 4.8.1248.0 2008.11.06 - AVG 8.0.0.161 2008.11.07 - BitDefender 7.2 2008.11.07 - CAT-QuickHeal 9.50 2008.11.07 - ClamAV 0.94.1 2008.11.07 - DrWeb 4.44.0.09170 2008.11.07 - eSafe 7.0.17.0 2008.11.06 - eTrust-Vet 31.6.6198 2008.11.07 - Ewido 4.0 2008.11.07 - F-Prot 4.4.4.56 2008.11.06 - F-Secure 8.0.14332.0 2008.11.07 - Fortinet 3.117.0.0 2008.11.07 - GData 19 2008.11.07 - Ikarus T3.1.1.45.0 2008.11.07 - K7AntiVirus 7.10.519 2008.11.07 - Kaspersky 7.0.0.125 2008.11.07 - McAfee 5426 2008.11.06 - Microsoft 1.4104 2008.11.07 - NOD32 3595 2008.11.07 - Norman 5.80.02 2008.11.07 - Panda 9.0.0.4 2008.11.07 - PCTools 4.4.2.0 2008.11.07 - Prevx1 V2 2008.11.07 - Rising 21.02.42.00 2008.11.07 - SecureWeb-Gateway 6.7.6 2008.11.07 - Sophos 4.35.0 2008.11.07 - Sunbelt 3.1.1783.2 2008.11.05 - Symantec 10 2008.11.07 - TheHacker 6.3.1.1.143 2008.11.07 - TrendMicro 8.700.0.1004 2008.11.07 - VBA32 3.12.8.9 2008.11.06 - ViRobot 2008.11.7.1457 2008.11.07 - VirusBuster 4.5.11.0 2008.11.06 - Övrig information File size: 6144 bytes MD5...: 7a73fdeef6cf45d27edd73220eaf1c8f SHA1..: e3484c64bff319b0fa2618bb2f77c557dde85c55 SHA256: 83374c15875264e8e5595172b9690711928b1a27a4736506a9a8b21821fd8e53 SHA512: 02b3da927cc64a9bbc82b2888f511e2f16ccbac3b86de2e65d770d60e26f511a e0b8952cd26dabe76dd1868a8fb225de494f6049c6e12c138858316a1c869b58 PEiD..: - TrID..: File type identification Win32 Dynamic Link Library (generic) (65.4%) Generic Win/DOS Executable (17.2%) DOS Executable Generic (17.2%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x40127c timedatestamp.....: 0x46647733 (Mon Jun 04 20:33:55 2007) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x754 0x800 5.60 a550b0bc8ee8e390532fdec4aa7abeb4 .data 0x2000 0x24 0x200 0.06 03cbffffede4434fbef2f26e0d64c6de .rsrc 0x3000 0x840 0xa00 3.31 6d932478ac97bfd7cf753ed0ccd7ca77 ( 3 imports ) > KERNEL32.dll: GetCommandLineW, GetModuleHandleA, GetStartupInfoW > msvcrt.dll: __2@YAPAXI@Z, _c_exit, _exit, _XcptFilter, _cexit, exit, _wcmdln, __wgetmainargs, wcstok, wcslen, _adjust_fdiv, __p__commode, __p__fmode, __set_app_type, _except_handler3, _controlfp, __setusermatherr, wcscpy, __3@YAXPAX@Z, _initterm > MSDTCTM.dll: - -
Virus eller annat skräp i datorn
Tony svarade på Tony's ämne i Borttagning av virus och andra skadliga program
Hej igen. Har nu följt Malous eminenta sida för HijackThis och tror att jag gjort rätt Skickar med logganså ev.Malou kan titta på den. Tack på förhandLogfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:42:59, on 2008-11-07 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32csrss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSExplorer.EXE C:WINDOWSSOUNDMAN.EXE C:ProgramMicrosoft IntelliType Proitype.exe C:ProgramMicrosoft IntelliPointipoint.exe C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE C:WINDOWSsystem32ctfmon.exe C:ProgramPersonalbinPersonal.exe C:WINDOWSSystem32alg.exe C:WINDOWSMicrosoft.NETFrameworkv2.0.50727aspnet_state.exe C:WINDOWSSystem32svchost.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE C:ProgramTeliaTelias sakerhetstjansterAnti-VirusFSGK32.EXE C:WINDOWSSystem32svchost.exe C:ProgramTeliaTelias sakerhetstjansterCommonFSMB32.EXE C:ProgramJavajre6binjqs.exe C:ProgramMcAfeeSiteAdvisorMcSACore.exe C:ProgramDelade filerMicrosoft SharedVS7DEBUGmdm.exe C:ProgramTeliaTelias sakerhetstjansterCommonFCH32.EXE C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsqh.exe C:ProgramTeliaTelias sakerhetstjansterCommonFAMEH32.EXE C:ProgramTeliaTelias sakerhetstjansterFSPCfspc.exe C:ProgramTeliaTelias sakerhetstjansterFSGUIfsguidll.exe C:ProgramCDBurnerXPNMSAccessU.exe C:WINDOWSsystem32nvsvc32.exe C:ProgramRaxcoPerfectDisk2008PD91Agent.exe C:WINDOWSsystem32HPZipm12.exe C:WINDOWSsystem32PnkBstrA.exe C:WINDOWSsystem32PnkBstrB.exe C:WINDOWSsystem32locator.exe C:WINDOWSsystem32tcpsvcs.exe C:WINDOWSsystem32svchost.exe C:WINDOWSsystem32dllhost.exe C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfssm32.exe C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsus.exe C:WINDOWSsystem32dllhost.exe C:WINDOWSsystem32msdtc.exe C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsav32.exe C:ProgramInternet Exploreriexplore.exe C:ProgramTeliaTelias sakerhetstjansterFSGUIscanwizard.exe C:WINDOWSexplorer.exe C:ProgramTrend MicroHijackThisTonys.exe.exe C:WINDOWSsystem32wbemwmiprvse.exe R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://se.msn.com/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:ProgramSpybot - Search & DestroySDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:ProgramMicrosoft OfficeOffice12GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:ProgramJavajre6binssv.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:programmcafeesiteadvisormcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:programmcafeesiteadvisormcieplg.dll O4 - HKLM..Run: [amd_dc_opt] C:ProgramAMDDual-Core Optimizeramd_dc_opt.exe O4 - HKLM..Run: [soundMan] SOUNDMAN.EXE O4 - HKLM..Run: [itype] "c:ProgramMicrosoft IntelliType Proitype.exe" O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [intelliPoint] "c:ProgramMicrosoft IntelliPointipoint.exe" O4 - HKLM..Run: [F-Secure Manager] "C:ProgramTeliaTelias sakerhetstjansterCommonFSM32.EXE" /nosplash O4 - HKLM..Run: [F-Secure TNB] "C:ProgramTeliaTelias sakerhetstjansterFSGUITNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe O4 - Global Startup: Personal.lnk = C:ProgramPersonalbinPersonal.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgramJavajre6binjp2iexp.dll O9 - Extra button: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra 'Tools' menuitem: Föräldra-... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:ProgramTeliaTelias sakerhetstjansterFSPCfspcmsie.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMI1933~1Office12REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:ProgramSpybot - Search & DestroySDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://www.pandasecurity.com/activescan/cabs/as2stubie.cab O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://test.catalog.update.microsoft.com/v...b?1223566486796 O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.framkalla.com/iu/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1222626909125 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1222626942546 O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:ProgramMicrosoft OfficeOffice12GrooveSystemServices.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:programmcafeesiteadvisormcieplg.dll O20 - AppInit_DLLs: C:WINDOWSSystem32dpcdll32.dll O20 - Winlogon Notify: a441e429502 - C:WINDOWSSystem32dpcdll32.dll O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterAnti-Virusfsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFSAUAprogramfsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterFWESProgramfsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterCommonFSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:ProgramTeliaTelias sakerhetstjansterORSP Clientfsorsp.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:ProgramMcAfeeSiteAdvisorMcSACore.exe O23 - Service: NMSAccessU - Unknown owner - C:ProgramCDBurnerXPNMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe O23 - Service: PD91Agent - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Agent.exe O23 - Service: PD91Engine - Raxco Software, Inc. - C:ProgramRaxcoPerfectDisk2008PD91Engine.exe O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:WINDOWSSystem32TuneUpDefragService.exe -- End of file - 10335 bytes -
Virus eller annat skräp i datorn
ett ämne postade Tony i Borttagning av virus och andra skadliga program
********************************************* 2009-01-08: Tråden är nu låst. Tycker du att den är felaktigt låst, var god kontakta Malou ********************************************* Har fått något konstigt i min dator. när jag öppnar webbläsaren -IE- så öppnas flera andra sidor samtidigt. Efter en kort stund försvinner de och min riktiga hemsida öppnas. Har McAffe site advisor och den flaggar rött på dessa sidor. Mitt bredbandsmodem verkar att gå hela tiden, lampan blinkar oupphörligt. Datorn är också väldigt långsam, och det är svårt att få något att fungera. Har "Telia säker surf" som jag har kört flera gånger men inte hittat något. Har även kört Malwarebytes, CCleaner och Spybot- search and destroy utan resultat. Tony. -
Går inte att installera Framework 2 språkpaket från Microsoft update. Står bara att installationen misslyckas. Vad göra?. Har även försökt att installera den direkt från Microsfts egen sida, men misslyckats. Har det någon större betydels då min dator fungerar bra. Tony.
-
Tack för all hjälp. Satte i kontakten till ljudet fram, och ljudet fungerar! Fantastiskt att jag glömde detta. men det är väl åldern (62). Tack än en gång. vad skulle man göra utan er hjälp. Tony.
-
Alla kort som satt i gamla lådan sitter på samma plats. Kabeln till ljuduttaget fram har jag inte kopplat in. i övrigt sitter alla saker på samma plats som tidigare. skall kanske prova med att ta ur alla kort för att se om det blir någon ändring.
-
Har bytt till en ny datorlåda och efter det har jag inget ljud i högtalarna. I övrigt fungerar allt. Har kört "Sound manager" , det är ASUS AC 97 ljuddrivrutiner, och den säger att alla anslutningar är okej. Har inte gjort några förändringar med datorn förutom att ha flyttat över allt till den nya lådan. Har kontrollera i ljuddrivrutinerna att allt är okej. När jag drar ut kontakten ur datorn så hörs det ett litet "brumljud" precis när den ska åka ut. det verkar som om allt är okej, men det låter inget Vad är det för fel. Tony
-
Tack Waxinator. Har läst igenom detta, och jag tror att jag avvaktar tills vidare för att se om det kommer något från Asus eller Microsoft. Tack för hjälpen, ni är oerhört duktiga och hjälpsamma i detta forum som jag besöker varje dag. Tack igen. Tony.
-
Hej. Ja det är det. tyvärr blev jag tvungen till det, då inget annat gick oavsett vad jag provade med. Vad är APCI för något. det är tydligen det som krånglar hela tiden, även fast jag formaterat och lagt in nytt XP Pro. Hoppas någon kan gjälpa mig med detta
-
Hej. För mig startar inte datorn överhuvudtaget efter att ha installerat Xp Sp 3. Har AMD Athlon 64 x2 4.200+ och ett A8N32-SLI Delux moderkort från Asus med tre gb ram. Går inte att komma in i felsäkert läge, kan inte backa, går inte att reparera med XP-skvan, utan det enda är att formatera om Hd. Har nu gjort det tre gånger och ger nu upp. Det står på blåskärmen att jag ska uppdatera BIOS och att jag har fel alt. gammal ACPI, men jag har det senaste BIOS som finns att hämta hos ASUS för detta moderkort. Datorn har tidigare fungerat klockrent. Vad gör man? Ytterligt tacksam för hjälp från er. Tony.
-
Hej. Jag har XP- pro, och jag har samma problem, men det finns inget Intelppm i mitt register. vad gör jag?
-
(LÖST) Hej. Har efter att ha haft lite problem med Winows XP SP2. försökt att köra en reparation med "SFC /scannow" men har inte lyckats. När jag startar om efter att ha kört detta får jag blåskärm. Får gå till "felsäkert läge" för att backa systemet, för att få datorn att fungera. Vad är det som gör att det inte fungerar? Mvh. Tony. Ämnet redigerat av stenis, har förtydligat ämnet/rubriken Ämnet flyttat av stenis
-
Ja, det är en liten "krok" på uttagskontakten samt någon"fjäder" i miniatyr för att passa i den speciella kontakten, samma på externa lådan också. det passar bara i det speciella uttaget på datorn, men enligt den manual som följde med Hd-kassetten står det att det är USB. I manualen för moderkortet står det att kontakten heter "External SATA port. This port connects to an external SATA box or a serial ATA port multiplier". I BIOS är allt påslaget gällande "USB support". Tony.
-
Alla tre Hd har NTFS. USB-kontakterna är lite speciella. det finns bara två stycken USB-kontakter på Pc´n som passar på externHd. har provat bägge två utan resultat. Tony.
-
Det står ingentig, för den finns inte där. Jag har dragit ur sladdarna och satt i dom igen, men ingen reaktion. Har varit in i datorhanteringen för att se om den finns där, men icke. Har fungerat klockrent tidigare. Tony.
-
Glömde tillägga att de andra USB-anslutningarna fungerar, som t.ex. digitalkameraanslutningen och tangentbordet. Tony.