anileve Postad Februari 7, 2012 Dela Postad Februari 7, 2012 Jag är absolut ingen datorexpert över huvudtaget och behöver hjälp med vad jag tror är ett virus. Börjat poppa upp en ruta som det står Resident shield alert på och den påstår att jag har "trojan horse" infektioner eller något. Den har även samma logga som mitt AVG virysskydd program, därför blev jag först väldigt osäker.. Jag har städat datorn med hjälp av CC-cleaner 3 gånger nu, skannat med Malwarebytes Anti Malware programmet där den inte hittar någonting, jag skannade också med mitt AVG program och där hittade den infektioner men jag kunde inte ta bort dom.... Någon som kan ge mig en hjälpande hand med det här? skulle verkligen uppskattas! Är inte den mest tekniska tjej när det kommer till sådant här... Mvh Evelina Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Februari 7, 2012 Dela Postad Februari 7, 2012 Följ anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn så gott det går. Om du kan få fram vad AVG hittar så blir jag glad om du klistrar in det också. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
anileve Postad Februari 7, 2012 Författare Dela Postad Februari 7, 2012 Tack!! menar du vad den hittar för infektioner ? Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
anileve Postad Februari 7, 2012 Författare Dela Postad Februari 7, 2012 nu känner jag mig lagom korkad... ska jag ladda hem det programmet du nämner i den länken? Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Februari 7, 2012 Dela Postad Februari 7, 2012 Ja, vad AVG hittar för infektioner respektive du ska ladda hem DDS. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
anileve Postad Februari 7, 2012 Författare Dela Postad Februari 7, 2012 från vilken hemsida kan jag hämta hem det ? Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
anileve Postad Februari 7, 2012 Författare Dela Postad Februari 7, 2012 På AVG står det att den hittat 3 infections som heter "C:\ProgramData\DatacardService\DCSHelper.exe (3300) Trojan horse PSW.Generic9.BIVE Infected" Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
anileve Postad Februari 7, 2012 Författare Dela Postad Februari 7, 2012 Detta var vad jag fick fram ifrån DDS : . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 Run by Evelina at 0:25:35 on 2012-02-08 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.46.1053.18.4091.1131 [GMT 1:00] . AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Program Files (x86)\AVG\AVG9\avgchsva.exe C:\Program Files (x86)\AVG\AVG9\avgrsa.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\AgentService\AgentService.exe C:\Program Files\LSI SoftModem\agr64svc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG9\avgfws9.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\ProgramData\DatacardService\DCService.exe C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe C:\Program Files (x86)\Acer\Registration\GregHSRW.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\ProgramData\DatacardService\DCSHelper.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Apoint2K\Apoint.exe C:\Windows\PLFSetI.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\System32\StikyNot.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\HidFind.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Personal\bin\Personal.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\prevhost.exe C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe C:\Program Files (x86)\AVG\AVG9\avgnsa.exe C:\Program Files (x86)\AVG\AVG9\avgemc.exe C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe C:\Program Files (x86)\AVG\AVG9\avgtray.exe C:\PROGRA~2\MICROS~2\Office12\WINWORD.EXE C:\Windows\splwow64.exe C:\Program Files\Microsoft Games\solitaire\solitaire.exe C:\Program Files\Windows Media Player\wmprph.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\AVG\AVG9\avgui.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\AVG\AVG9\avgsrmaa.exe C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10k_ActiveX.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.qword.com/?s=1 uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&m=aspire_5738&r=273603107706l0438z1k5t44i1h243 uSearch Page = hxxp://www.qword.com/?s=1 mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&m=aspire_5738&r=273603107706l0438z1k5t44i1h243 mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=041d&m=aspire_5738&r=273603107706l0438z1k5t44i1h243 mURLSearchHooks: H - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: InternetDownloadToolBar: {376ca00c-3f95-46f7-8f04-e69906e52a1f} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll BHO: QWBandToolBar: {8270927a-fb8b-4647-8e21-c9459bb2610d} - C:\Program Files (x86)\EE5E0334BDBA4E4CBC542806A6B25CB1\QWS.dll BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB: QWBandToolBar: {8270927a-fb8b-4647-8e21-c9459bb2610d} - C:\Program Files (x86)\EE5E0334BDBA4E4CBC542806A6B25CB1\QWS.dll TB: InternetDownloadToolBar: {376ca00c-3f95-46f7-8f04-e69906e52a1f} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe uRun: [Facebook Update] "C:\Users\Evelina\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver mRun: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k mRun: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" mRun: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe mRun: [YouTubeDownloader_upgrade] "C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\YouTubeDownloader.exe" /upgrade mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 StartupFolder: C:\Users\Evelina\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL Trusted Zone: qword.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab TCP: Interfaces\{136A07AF-E43A-4268-ABDB-324E75B02FD7} : NameServer = 80.251.201.177 80.251.201.178 TCP: Interfaces\{26D5CE17-DB45-49B7-88E0-37571CA4D152} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{26D5CE17-DB45-49B7-88E0-37571CA4D152}\1446F6C6663737F6E6 : DhcpNameServer = 192.168.2.1 192.168.0.1 TCP: Interfaces\{26D5CE17-DB45-49B7-88E0-37571CA4D152}\45F60736F6D6F5033326263683 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{26D5CE17-DB45-49B7-88E0-37571CA4D152}\4656661657C647 : DhcpNameServer = 195.67.199.24 192.168.0.1 TCP: Interfaces\{26D5CE17-DB45-49B7-88E0-37571CA4D152}\65142514D2B4F4D4D455E4D254C45465 : DhcpNameServer = 172.22.255.157 TCP: Interfaces\{4962352D-8F6D-47D2-B8F1-1F79ADAA0AB1} : DhcpNameServer = 192.168.2.1 192.168.0.1 TCP: Interfaces\{8BF03893-6FA4-4068-8F5E-132B654CDA54} : DhcpNameServer = 80.251.201.177 80.251.201.178 TCP: Interfaces\{E468B5C5-BEA0-44C0-AE18-C33F44732A87} : NameServer = 80.251.201.177 80.251.201.178 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {376CA00C-3F95-46F7-8F04-E69906E52A1F} {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} {8270927A-FB8B-4647-8E21-C9459BB2610D} {9030D464-4C02-4ABF-8ECC-5164760863C6} {95B7759C-8C7F-4BF1-B163-73684A933233} {AA58ED58-01DD-4d91-8333-CF10577473F7} {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} {DBC80044-A445-435b-BC74-9C25C1C588A9} TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File {8270927A-FB8B-4647-8E21-C9459BB2610D} {376CA00C-3F95-46F7-8F04-E69906E52A1F} {95B7759C-8C7F-4BF1-B163-73684A933233} {2318C2B1-4965-11d4-9B18-009027A5CD4F} TB-X64: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File mRun-x64: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun-x64: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k mRun-x64: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun-x64: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" mRun-x64: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" mRun-x64: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe mRun-x64: [YouTubeDownloader_upgrade] "C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\YouTubeDownloader.exe" /upgrade mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 . ============= SERVICES / DRIVERS =============== . R0 AVGIDSErHrw7a;AVG9IDSErHr;C:\Windows\system32\Drivers\AVGIDSwa.sys --> C:\Windows\system32\Drivers\AVGIDSwa.sys [?] R0 AvgRkx64;avgrkx64.sys;C:\Windows\system32\Drivers\avgrkx64.sys --> C:\Windows\system32\Drivers\avgrkx64.sys [?] R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?] R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?] R1 AvgLdx64;AVG AVI Loader Driver x64;C:\Windows\system32\Drivers\avgldx64.sys --> C:\Windows\system32\Drivers\avgldx64.sys [?] R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;C:\Windows\system32\Drivers\avgmfx64.sys --> C:\Windows\system32\Drivers\avgmfx64.sys [?] R1 AvgTdiA;AVG Network Redirector x64;C:\Windows\system32\Drivers\avgtdia.sys --> C:\Windows\system32\Drivers\avgtdia.sys [?] R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?] R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?] R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AgentService;PC Agent Service;C:\Program Files (x86)\AgentService\AgentService.exe [2010-11-25 73216] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 avg9emc;AVG E-mail Scanner;C:\Program Files (x86)\AVG\AVG9\avgemc.exe [2010-7-17 921952] R2 avg9wd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-7-17 308136] R2 avgfws9;AVG Firewall;C:\Program Files (x86)\AVG\AVG9\avgfws9.exe [2010-7-17 2331544] R2 DCService.exe;DCService.exe;C:\ProgramData\DatacardService\DCService.exe [2010-5-8 229376] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-3-30 844320] R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-2-4 1355968] R2 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [2009-9-11 305448] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-9-24 62720] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-18 144640] R2 OMSI download service;Sony Ericsson OMSI download service;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2010-10-5 90112] R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-10-28 240160] R2 vToolbarUpdater;vToolbarUpdater;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-1-24 909152] R3 AVGIDSDriverw7a;AVG9IDSDriver;C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSDriver.sys [2010-3-30 132688] R3 AVGIDSFilterw7a;AVG9IDSFilter;C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSFilter.sys [2010-3-30 35920] R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 AVGIDSAgent;AVG9IDSAgent;C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-7-17 5897808] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-30 135664] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-4-28 167264] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?] S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\system32\DRIVERS\ggflt.sys --> C:\Windows\system32\DRIVERS\ggflt.sys [?] S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-3-30 135664] S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\system32\DRIVERS\netaapl64.sys --> C:\Windows\system32\DRIVERS\netaapl64.sys [?] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-18 50432] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);C:\Windows\system32\DRIVERS\s0017bus.sys --> C:\Windows\system32\DRIVERS\s0017bus.sys [?] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;C:\Windows\system32\DRIVERS\s0017mdfl.sys --> C:\Windows\system32\DRIVERS\s0017mdfl.sys [?] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;C:\Windows\system32\DRIVERS\s0017mdm.sys --> C:\Windows\system32\DRIVERS\s0017mdm.sys [?] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);C:\Windows\system32\DRIVERS\s0017mgmt.sys --> C:\Windows\system32\DRIVERS\s0017mgmt.sys [?] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);C:\Windows\system32\DRIVERS\s0017nd5.sys --> C:\Windows\system32\DRIVERS\s0017nd5.sys [?] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;C:\Windows\system32\DRIVERS\s0017obex.sys --> C:\Windows\system32\DRIVERS\s0017obex.sys [?] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);C:\Windows\system32\DRIVERS\s0017unic.sys --> C:\Windows\system32\DRIVERS\s0017unic.sys [?] S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-3-8 155344] S3 Tdsshbecr;Handelsbanken card reader;C:\Windows\system32\DRIVERS\shbecr.sys --> C:\Windows\system32\DRIVERS\shbecr.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-01-11 12:33:06 1572864 ----a-w- C:\Windows\System32\quartz.dll 2012-01-11 12:33:06 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll 2012-01-11 12:33:05 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-01-11 12:33:05 366592 ----a-w- C:\Windows\System32\qdvd.dll 2012-01-11 12:33:01 1739160 ----a-w- C:\Windows\System32\ntdll.dll 2012-01-11 12:33:01 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-01-11 12:33:00 77312 ----a-w- C:\Windows\System32\packager.dll 2012-01-11 12:33:00 67072 ----a-w- C:\Windows\SysWow64\packager.dll . ==================== Find3M ==================== . 2011-11-24 05:00:47 3141632 ----a-w- C:\Windows\System32\win32k.sys 2011-11-17 07:17:03 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2011-11-17 07:17:02 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2011-11-17 07:15:08 460296 ----a-w- C:\Windows\System32\drivers\cng.sys 2011-11-17 07:12:02 395776 ----a-w- C:\Windows\System32\webio.dll 2011-11-17 07:11:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll 2011-11-17 07:11:33 136192 ----a-w- C:\Windows\System32\sspicli.dll 2011-11-17 07:11:02 28160 ----a-w- C:\Windows\System32\secur32.dll 2011-11-17 07:10:58 340992 ----a-w- C:\Windows\System32\schannel.dll 2011-11-17 07:08:18 1446912 ----a-w- C:\Windows\System32\lsasrv.dll 2011-11-17 07:05:16 31232 ----a-w- C:\Windows\System32\lsass.exe 2011-11-17 05:39:28 314368 ----a-w- C:\Windows\SysWow64\webio.dll 2011-11-17 05:39:21 224768 ----a-w- C:\Windows\SysWow64\schannel.dll 2011-11-17 05:39:21 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2011-11-17 05:35:13 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll . ============= FINISH: 0:26:19,53 =============== Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Februari 7, 2012 Dela Postad Februari 7, 2012 Har du mobilt bredband? För i så fall är det falsklarm av AVG. Det vore bra om du kan rapportera in det till AVG så att de kan uppdatera sina defitioner. Du gör det på webbsidan http://samplesubmit.avg.com/eu-en/false-detection Skriv i rutan "Huawei modem file". Det finns däremot en del andra misstänkta filer i loggen, men jag får ta och titta närmare på dem i morgon. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
anileve Postad Februari 8, 2012 Författare Dela Postad Februari 8, 2012 Ja, jag har ett mobilt bredband, okej då testar jag det Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Februari 8, 2012 Dela Postad Februari 8, 2012 QWBandToolBar bör avinstalleras, se http://www.systemlookup.com/CLSID/73512-QWS_dll_QWS_t_dll.html Installationen av den har även ändrat din start- och söksida till en sida med dåligt rykte, se http://www.mywot.com/en/scorecard/qword.com så jag föreslår att du ändrar (om nu inte avinstallationen ändrar tillbaka men det brukar inte räcka). Det gör du i Kontrollpanelen - Internet-alternativ. En sak till att ändra i Internet-alternativ, på fliken Säkerhet klickar du först på Tillförlitliga zonen och sedan på Platser. Ta bort platsen qword som finns där. Du har en gammal version av AVG och för bästa säkerhet ska man ha den senaste versionen så installera version 2012 i stället. Du har två gamla Java-versioner installerade. Dessa innehåller kända säkerhetshål som gör det lätt att infektera datorn från en webbsida. Eftersom du har Javas uppdateringsprogram igång bör du ha fått upp meddelanden om att det finns en uppdatering att hämta. Följ uppdateringen och se till efter installationen att där bara finns en Java-version installerad. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Recommended Posts
Delta i dialogen
Du kan skriva svaret nu och registrera dig senare, Om du har ett konto, logga in nu för att svara på inlägget.