Virus ? CuponDropDown ?

Rolas · October 23, 2013

Har problem med popupsrutor som dyker upp så fort jag klickar på en länk. Hur blir jag av med eländet ?

Har scannat med F-secure men det programmet hittar inget virus.

Tacksam för råd/tips

Mvh /Rolas

Cecilia · October 23, 2013

Det är väl inte precis virus utan troligen ett reklamprogram som du har fått in t ex för att det har följt med något gratisprogram.

Följ anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn så gott det går så får vi se hur det ser ut och vad som är bästa sak att göra sen.

Marion · October 23, 2013

Det är väl inte precis virus utan troligen ett reklamprogram som du har fått in t ex för att det har följt med något gratisprogram.

Följ anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn så gott det går så får vi se hur det ser ut och vad som är bästa sak att göra sen.

Är det inte enklare att helt sonika avinstallera det? Vilket fungerar 9/10.

http://botcrawl.com/how-to-remove-coupondropdown-adware-and-uninstall-the-coupondropdown-extension/

Om annars backa datorn innan problemet uppstod. Sista utväg mbam.exe kastar ut det lätt.

Cecilia · October 23, 2013

Är det inte enklare att helt sonika avinstallera det? Vilket fungerar 9/10.

http://botcrawl.com/how-to-remove-coupondropdown-adware-and-uninstall-the-coupondropdown-extension/

Om annars backa datorn innan problemet uppstod. Sista utväg mbam.exe kastar ut det lätt.

Jovisst, problemet kan ju vara att veta vad som ska avinstalleras. Om man ska tro på kommentarerna på sidan du länkade till kan det vara allt möjligt (Webassistant, Yontoo, Freerecorder, Updater mm) som ska avinstalleras. Det i sin tur gör att man kanske ska ifrågasätta informationen på sidan och kommentarerna om webbplatsen på https://www.mywot.com/en/scorecard/botcrawl.com är inte precis positiva. Sedan är min erfarenhet av dessa avinstallationsprogram att de vanligen är mycket dåliga och alla möjliga rester finns kvar efteråt som AdwCleaner kan ta bort.

Marion · October 23, 2013

och kommentarerna om webbplatsen på https://www.mywot.com/en/scorecard/botcrawl.com är inte precis positiva.

Hur läste du nu? ALLA som följde hans tips tacka för att dom blev av med det.

Läser man kommentarerna så skriver de även vad programmet listas som, då det inte räknas som virus

Programmet som skall ut lär troligtvis heta:

Updater’ extension

Updater by Sweetpacks

IB Updater

IB Updater, Yontoo, Updater by sweetpacks

FB Photo Zoom

FB Zoom

1clickdownloader and Yontoo

TornT

Putlocker

Freecorder

FreeHDSport

Cecilia · October 23, 2013

Har problem med popupsrutor som dyker upp så fort jag klickar på en länk. Hur blir jag av med eländet ?

Har scannat med F-secure men det programmet hittar inget virus.

Tacksam för råd/tips

Mvh /Rolas

Om du vill ha hjälp av mig med att komma fram till vad som ska avinstalleras så är inlägg 2 en bra början. Om du själv vill pröva dig fram och hoppas på det bästa så kan du följa andra tips.

Rolas · October 24, 2013

Hej

Tack för svar. Jag vet inte riktigt om jag fattat dig rätt men jag har kört fram en fil som heter DDS.txt. I den kan jag se att det finns filer som innehåller Sweetpacks men hur blir jag av med dom ?

Jag provar att bifoga DDS.txt filen

Mvh/RL

Cecilia · October 24, 2013

Hej!

Öppna DDS.txt, kopiera allt innehåll i den och klistra sedan in det i ditt svar här i forumet. Gör samma sak med Attach.txt.

Edited October 24, 2013 by Cecilia

Rolas · October 24, 2013

Hej

Jag hoppas jag inte gjort ngt galet nu, och missförstått dig men nedan är innehållet i filerna DDS.txt och ATTACH.txt .

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.45.2
Run by RL at 10:16:03 on 2013-10-24
Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.2047.1304 [GMT 2:00]
.
AV: Datorskydd *Enabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
.
============== Running Processes ================
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\Explorer.EXE
C:\program\scansoft\paperp~1\pptd40nt.exe
C:\Program\Ask.com\Updater\Updater.exe
C:\Program\Telia\Sms och mms i datorn Desktop\mw.exe
C:\Program\UTILIT~2\bar\1.bin\49brmon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program\Telia\Telias sakerhetstjanster\fshoster32.exe
C:\Program\Telia\Supportassistenten\Client\Supportassistenten.exe
C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program\Delade filer\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Messenger\msmsgs.exe
C:\Documents and Settings\RL\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Program\Personal\bin\Personal.exe
C:\Program\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
C:\Program\Spamihilator\spamihilator.exe
C:\Program\Telia\Supportassistenten\Apps32\SupportassistentenHelper.exe
C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\Program\Delade filer\MAGIX Services\Database\bin\FABS.exe
C:\Program\Telia\Telias sakerhetstjanster\fshoster32.exe
C:\Program\Telia\Telias sakerhetstjanster\apps\CCF_Reputation\fsorsp.exe
C:\WINDOWS\system32\dmwu.exe
C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
C:\Program\Java\jre7\bin\jqs.exe
C:\Program\CDBurnerXP\NMSAccessU.exe
C:\Program\Telia\Supportassistenten\Service\SupportassistentenSvc.exe
C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\jmdp\stij.exe
C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSMA32.EXE
C:\WINDOWS\System32\alg.exe
C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\fssm32.exe
C:\Program\Microsoft Fix it Center\Matsvc.exe
C:\Outlook Express\msimn.exe
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uURLSearchHooks: <No Name>: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - c:\program\utilitychest_49\bar\1.bin\49SrcAs.dll
dURLSearchHooks: {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - <orphaned>
BHO: Search Assistant BHO: {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - c:\program\utilitychest_49\bar\1.bin\49SrcAs.dll
BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - c:\program\babylontoolbar\babylontoolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO: Toolbar BHO: {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - c:\program\utilitychest_49\bar\1.bin\49bar.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program\java\jre7\bin\ssv.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program\ask.com\GenericAskToolbar.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program\java\jre7\bin\jp2ssv.dll
BHO: TBHelper Class: {E46A2169-E328-471A-9788-F2B52BB9C681} - c:\program\telia\sms och mms i datorn desktop\miebho.dll
BHO: Softonic Helper Object: {E87806B5-E908-45FD-AF5E-957D83E58E68} - c:\program\softonic\softonic\1.8.19.3\bh\Softonic.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: The Pirate Bay Toolbar: {5B291E6C-9A74-4034-971B-A4B007A0B313} - LocalServer32 - <no file>
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program\ask.com\GenericAskToolbar.dll
TB: Utility Chest: {CF67755F-9265-449C-87CF-B945519E073B} - c:\program\utilitychest_49\bar\1.bin\49bar.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - c:\program\babylontoolbar\babylontoolbar\1.5.3.17\BabylonToolbarTlbr.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program\ask.com\GenericAskToolbar.dll
TB: eSms Verktygsfält: {6B49F76B-190A-4FC6-83EA-BAAD234BAFF8} - c:\program\telia\sms och mms i datorn desktop\mie.dll
TB: Utility Chest: {cf67755f-9265-449c-87cf-b945519e073b} - c:\program\utilitychest_49\bar\1.bin\49bar.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: Softonic Toolbar: {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - c:\program\softonic\softonic\1.8.19.3\SoftonicTlbr.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program\messenger\msmsgs.exe" /background
uRun: [spotify Web Helper] "c:\documents and settings\rl\application data\spotify\data\SpotifyWebHelper.exe"
mRun: [Easy-PrintToolBox] c:\program\canon\easy-printtoolbox\BJPSMAIN.EXE /logon
mRun: [PaperPort PTD] c:\program\scansoft\paperp~1\pptd40nt.exe
mRun: [Alcmtr] ALCMTR.EXE
mRun: [ApnUpdater] "c:\program\ask.com\updater\Updater.exe"
mRun: [sms och mms i datorn Desktop] "c:\program\telia\sms och mms i datorn desktop\mw.exe" /AutoStart
mRun: [utility Chest Search Scope Monitor] "c:\program\utilit~2\bar\1.bin\49srchmn.exe" /m=2 /w /h
mRun: [utilityChest_49 Browser Plugin Loader] c:\program\utilit~2\bar\1.bin\49brmon.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe"
mRun: [F-Secure Hoster (28332)] "c:\program\telia\telias sakerhetstjanster\fshoster32.exe" -app -hosterid:1
mRun: [Telia Supportassistenten 5.0] "c:\program\telia\supportassistenten\client\Supportassistenten.exe" /trayonly
mRun: [F-Secure Manager] "c:\program\telia\telias sakerhetstjanster\apps\computersecurity\common\FSM32.EXE" /splash
mRun: [sunJavaUpdateSched] "c:\program\delade filer\java\java update\jusched.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [sBRegRebootCleaner] "c:\program\stopzilla!\sbrc.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\rl\start-~1\program\autost~1\spamih~1.lnk - c:\program\spamihilator\spamihilator.exe
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\bankid~1.lnk - c:\program\personal\bin\Personal.exe
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\monito~1.lnk - c:\program\apache software foundation\apache2.2\bin\ApacheMonitor.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:149
uPolicies-Explorer: NoDriveAutorun = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe
Trusted Zone: nettbank-okq8.se

TCP: NameServer = 192.168.0.1
TCP: Interfaces\{DCEF6E42-485C-48A5-A2F0-A5916C32F44B} : DHCPNameServer = 192.168.0.1
Handler: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - <orphaned>
AppInit_DLLs=
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rl\application data\mozilla\firefox\profiles\j89epqhh.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: browser.search.selectedEngine - Search the web (Softonic)
FF - component: c:\documents and settings\rl\application data\mozilla\firefox\profiles\j89epqhh.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\dtTransparency.dll
FF - component: c:\documents and settings\rl\application data\mozilla\firefox\profiles\j89epqhh.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\dtTransparency3.5.dll
FF - component: c:\documents and settings\rl\application data\mozilla\firefox\profiles\j89epqhh.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\dtTransparency3.6.dll
FF - component: c:\program\windows ilivid toolbar\datamngr\firefoxextension\components\DataMngrHlpFF3.dll
FF - plugin: c:\program\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program\personal\bin\np_prsnl.dll
FF - plugin: c:\program\utilitychest_49\bar\1.bin\NP49Stub.dll
FF - plugin: c:\windows\npMSDM.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-08-29 19:00; {EEE6C361-6118-11DC-9C72-001320C79847}; c:\documents and settings\rl\application data\mozilla\firefox\profiles\j89epqhh.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
FF - ExtSQL: !HIDDEN! 2009-09-02 21:58; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2013-05-06 17:25; 49ffxtbr@UtilityChest_49.com; c:\program\utilitychest_49\bar\1.bin
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.id - 08495d3f0000000000000019663b3473
FF - user.js: extensions.BabylonToolbar_i.hardId - 08495d3f0000000000000019663b3473
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15349
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1721:25:22
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=101243
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.softonic_i.hmpg - true

FF - user.js: extensions.softonic_i.dfltSrch - true
FF - user.js: extensions.softonic_i.srchPrvdr - Search the web (Softonic)

FF - user.js: extensions.softonic_i.dnsErr - true

FF - user.js: extensions.softonic_i.newTab - false

FF - user.js: extensions.softonic_i.id - 08495d3f0000000000000019663b3473
FF - user.js: extensions.softonic_i.instlDay - 15402
FF - user.js: extensions.softonic_i.vrsn - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsni - 1.5.11.5
FF - user.js: extensions.softonic_i.vrsnTs - 1.5.11.511:22:25
FF - user.js: extensions.softonic_i.prtnrId - softonic
FF - user.js: extensions.softonic_i.prdct - softonic
FF - user.js: extensions.softonic_i.aflt - orgnl
FF - user.js: extensions.softonic_i.smplGrp - eng7
FF - user.js: extensions.softonic_i.tlbrId - eng7
FF - user.js: extensions.softonic_i.instlRef - MON00001
FF - user.js: extensions.softonic_i.dfltLng -
FF - user.js: extensions.softonic_i.excTlbr - false

FF - user.js: extensions.Softonic.id - 08495d3f0000000000000019663b3473
FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D}
FF - user.js: extensions.Softonic.instlDay - 15946
FF - user.js: extensions.Softonic.vrsn - 1.8.19.3
FF - user.js: extensions.Softonic.vrsni - 1.8.19.3
FF - user.js: extensions.Softonic.vrsnTs - 1.8.19.319:04:10
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - 2013desingbrand
FF - user.js: extensions.Softonic.instlRef - MOY00014
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.ffxUnstlRst - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic.rvrt - false
FF - user.js: extensions.Softonic.hmpg - true

FF - user.js: extensions.Softonic.hpOld0 -
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)

FF - user.js: extensions.Softonic.dnsErr - true
FF - user.js: extensions.Softonic.newTab - true

.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2013-10-14 44240]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program\telia\telias sakerhetstjanster\apps\computersecurity\hips\drivers\fshs.sys [2013-10-16 73328]
R2 acedrv10;acedrv10;c:\windows\system32\drivers\ACEDRV10.sys [2007-10-28 583128]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [2008-1-23 501560]
R2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [2007-10-26 250560]
R2 Apache2.2;Apache2.2;c:\program\apache software foundation\apache2.2\bin\httpd.exe [2009-9-28 24645]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program\delade filer\magix services\database\bin\FABS.exe [2009-2-3 1155072]
R2 fshoster;F-Secure Dll Hoster;c:\program\telia\telias sakerhetstjanster\fshoster32.exe [2013-1-18 188400]
R2 FSORSPClient;F-Secure ORSP Client;c:\program\telia\telias sakerhetstjanster\apps\ccf_reputation\fsorsp.exe [2012-8-6 61176]
R2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe [2013-8-29 1432368]
R2 supportassistenten;Telia Supportassistenten;c:\program\telia\supportassistenten\service\SupportassistentenSvc.exe [2013-9-30 332064]
R3 brfilt;Brother MFC-filterdrivrutin;c:\windows\system32\drivers\BrFilt.sys [2009-4-16 2944]
R3 BrSerWDM;Seriell Brother-drivrutin;c:\windows\system32\drivers\BrSerWdm.sys [2009-4-16 60416]
R3 BrUsbMdm;Brother MFC USB - endast faxmodem;c:\windows\system32\drivers\brusbmdm.sys [2000-2-24 11008]
R3 BrUsbScn;Drivrutin för Brother MFC USB-skanner;c:\windows\system32\drivers\BrUsbScn.sys [2009-3-21 10368]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program\telia\telias sakerhetstjanster\apps\computersecurity\anti-virus\minifilter\fsgk.sys [2013-10-14 146288]
R3 fsni;fsni;c:\program\telia\telias sakerhetstjanster\apps\ccf_scanning\fsnixp32.sys [2013-4-25 50112]
R3 fsnitdi;fsnitdi;c:\program\telia\telias sakerhetstjanster\apps\ccf_scanning\fsnitdi32.sys [2013-4-25 21952]
R3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
R3 Tdsshbecr;Handelsbanken card reader;c:\windows\system32\drivers\shbecr.sys [2010-10-25 42368]
S1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys --> c:\windows\system32\drivers\sbaphd.sys [?]
S2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys --> c:\windows\system32\drivers\sbapifs.sys [?]
S2 UtilityChest_49Service;Utility ChestService;c:\program\utilit~2\bar\1.bin\49barsvc.exe [2013-5-6 42504]
S3 cpudrv;cpudrv;c:\program\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys --> c:\windows\system32\drivers\ew_hwusbdev.sys [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys --> c:\windows\system32\drivers\ewusbnet.sys [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program\delade filer\magix services\database\bin\fbserver.exe [2008-8-7 3276800]
S3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys --> c:\windows\system32\drivers\gfiark.sys [?]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys --> c:\windows\system32\drivers\ew_jubusenum.sys [?]
S3 Ipcloibnw;Ipcloibnw; [x]
S3 ITBYAABNV;ITBYAABNV;c:\docume~1\rl\lokala~1\temp\itbyaabnv.exe --> c:\docume~1\rl\lokala~1\temp\ITBYAABNV.exe [?]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2013-4-1 34064]
S3 QIZB;QIZB;c:\docume~1\rl\lokala~1\temp\qizb.exe --> c:\docume~1\rl\lokala~1\temp\QIZB.exe [?]
S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\drivers\nordecr.sys [2013-5-1 23040]
S3 UPnPService;UPnPService;c:\program\delade filer\magix shared\upnpservice\UPnPService.exe [2009-12-19 544768]
.
=============== Created Last 30 ================
.
2013-10-24 07:29:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-24 07:29:13 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-22 15:19:19 -------- dc-h--w- c:\windows\ie8
2013-10-21 17:17:03 -------- d-----w- c:\windows\system32\jmdp
2013-10-14 14:59:49 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys
2013-10-09 06:04:56 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2013-10-09 06:04:50 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2013-10-09 06:04:50 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2013-10-09 06:04:27 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2013-10-09 06:04:27 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2013-10-09 06:04:27 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2013-10-09 06:04:27 144128 -c----w- c:\windows\system32\dllcache\usbport.sys
2013-09-30 19:02:14 -------- d-----w- c:\documents and settings\all users\application data\Telia
2013-09-26 18:00:39 208760 ----a-w- c:\program\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2013-10-15 09:05:30 1432368 ----a-w- c:\windows\system32\dmwu.exe
2013-10-15 08:58:14 27136 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-10-08 05:50:41 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-08 05:29:36 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-09-30 15:53:04 632656 ----a-w- c:\windows\system32\msvcr80.dll
2013-09-30 15:53:04 554832 ----a-w- c:\windows\system32\msvcp80.dll
2013-09-30 15:53:04 479232 ----a-w- c:\windows\system32\msvcm80.dll
2013-09-23 18:25:12 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:25:10 43520 ------w- c:\windows\system32\licmgr10.dll
2013-09-23 18:25:09 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:25:06 18944 ------w- c:\windows\system32\corpol.dll
2013-09-23 18:07:43 385024 ------w- c:\windows\system32\html.iec
2013-08-29 16:55:05 392016 ----a-w- c:\program\SoftonicDownloader_for_email-extractor.exe
2013-08-29 07:02:12 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-09 01:56:36 387584 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55:08 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55:07 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-09 00:55:06 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30:21 1289216 ----a-w- c:\windows\system32\ole32.dll
2013-08-02 23:48:38 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-01-12 12:05:25 33969688 ------w- c:\program\Sms-i-datorn-4.9.7.5-SE.exe
2012-02-02 14:26:26 316504 ------w- c:\program\cd-recovery-toolbox-free.exe
2011-12-11 09:48:12 4529299 ------w- c:\program\FileZilla_3.5.2_win32-setup.exe
2011-03-14 16:05:31 10199905 ------w- c:\program\ExpressPCBSetup.exe
2011-01-26 13:12:00 3955336 ------w- c:\program\Spotify Installer.exe
2009-03-19 08:32:21 2951802 ------w- c:\program\EClea2_0.exe
2009-03-17 12:58:38 70972952 ------w- c:\program\Telias-sakerhetstjanster.exe
2009-03-11 12:56:49 7589040 ------w- c:\program\Firefox Setup 3.0.7.exe
.
============= FINISH: 10:16:35,01 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 2009-03-27 19:33:49
System Uptime: 2013-10-24 09:48:19 (1 hours ago)
.
Motherboard: | | ConRoe1333-DVI/H.
Processor: Intel® Core2 Duo CPU E6850 @ 3.00GHz | CPUSocket | 2990/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 49 GiB total, 9,027 GiB free.
D: is FIXED (NTFS) - 88 GiB total, 75,307 GiB free.
E: is FIXED (NTFS) - 161 GiB total, 106,909 GiB free.
G: is Removable
H: is Removable
I: is Removable
J: is CDROM ()
K: is Removable
M: is FIXED (NTFS) - 298 GiB total, 98,655 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1754: 2013-07-27 08:50:34 - Systemkontrollpunkt
RP1755: 2013-07-29 08:32:40 - Systemkontrollpunkt
RP1756: 2013-07-30 10:13:54 - Systemkontrollpunkt
RP1757: 2013-07-31 10:26:03 - Systemkontrollpunkt
RP1758: 2013-08-01 19:48:30 - Systemkontrollpunkt
RP1759: 2013-08-04 12:25:23 - Systemkontrollpunkt
RP1760: 2013-08-07 19:39:10 - Systemkontrollpunkt
RP1761: 2013-08-08 19:58:44 - Systemkontrollpunkt
RP1762: 2013-08-12 09:12:53 - Systemkontrollpunkt
RP1763: 2013-08-13 12:37:04 - Systemkontrollpunkt
RP1764: 2013-08-14 18:06:15 - Systemkontrollpunkt
RP1765: 2013-08-15 07:44:44 - Software Distribution Service 3.0
RP1766: 2013-08-16 08:44:16 - Systemkontrollpunkt
RP1767: 2013-08-17 13:43:30 - Systemkontrollpunkt
RP1768: 2013-08-18 13:52:41 - Systemkontrollpunkt
RP1769: 2013-08-18 17:16:02 - Removed Adobe Reader XI (11.0.03) - Svenska.
RP1770: 2013-08-19 19:34:37 - Systemkontrollpunkt
RP1771: 2013-08-20 19:38:18 - Systemkontrollpunkt
RP1772: 2013-08-21 19:44:09 - Systemkontrollpunkt
RP1773: 2013-08-22 20:09:22 - Systemkontrollpunkt
RP1774: 2013-08-25 10:57:04 - Systemkontrollpunkt
RP1775: 2013-08-25 17:47:34 - Windows Internet Explorer 8 installerades.
RP1776: 2013-08-25 17:48:06 - Software Distribution Service 3.0
RP1777: 2013-08-25 18:01:04 - Software Distribution Service 3.0
RP1778: 2013-08-26 20:54:51 - Systemkontrollpunkt
RP1779: 2013-08-28 09:39:14 - Software Distribution Service 3.0
RP1780: 2013-08-29 12:15:03 - Systemkontrollpunkt
RP1781: 2013-08-30 19:11:31 - Systemkontrollpunkt
RP1782: 2013-08-31 19:49:43 - Systemkontrollpunkt
RP1783: 2013-09-02 17:37:47 - Systemkontrollpunkt
RP1784: 2013-09-03 17:59:00 - Systemkontrollpunkt
RP1785: 2013-09-04 18:29:27 - Systemkontrollpunkt
RP1786: 2013-09-06 10:56:32 - Systemkontrollpunkt
RP1787: 2013-09-10 08:32:25 - Systemkontrollpunkt
RP1788: 2013-09-11 09:07:25 - Systemkontrollpunkt
RP1789: 2013-09-11 22:21:52 - Software Distribution Service 3.0
RP1790: 2013-09-15 18:50:08 - Systemkontrollpunkt
RP1791: 2013-09-16 19:40:43 - Systemkontrollpunkt
RP1792: 2013-09-18 12:20:04 - Systemkontrollpunkt
RP1793: 2013-09-18 19:28:55 - Microsoft Fix it 50238 installerades
RP1794: 2013-09-19 10:13:00 - Software Distribution Service 3.0
RP1795: 2013-09-20 14:51:20 - Systemkontrollpunkt
RP1796: 2013-09-21 19:09:22 - Windows Internet Explorer 8 installerades.
RP1797: 2013-09-21 19:09:53 - Software Distribution Service 3.0
RP1798: 2013-09-22 18:41:05 - Software Distribution Service 3.0
RP1799: 2013-09-23 18:52:35 - Systemkontrollpunkt
RP1800: 2013-09-25 08:13:31 - Systemkontrollpunkt
RP1801: 2013-09-26 08:15:53 - Systemkontrollpunkt
RP1802: 2013-09-28 11:59:45 - Systemkontrollpunkt
RP1803: 2013-09-29 17:21:38 - Systemkontrollpunkt
RP1804: 2013-09-30 17:59:51 - Systemkontrollpunkt
RP1805: 2013-10-01 19:41:51 - Systemkontrollpunkt
RP1806: 2013-10-03 10:12:22 - Systemkontrollpunkt
RP1807: 2013-10-05 11:56:27 - Systemkontrollpunkt
RP1808: 2013-10-06 18:19:03 - Systemkontrollpunkt
RP1809: 2013-10-07 18:57:24 - Systemkontrollpunkt
RP1810: 2013-10-08 19:32:41 - Systemkontrollpunkt
RP1811: 2013-10-09 13:06:03 - Software Distribution Service 3.0
RP1812: 2013-10-10 13:08:00 - Systemkontrollpunkt
RP1813: 2013-10-12 17:57:13 - Systemkontrollpunkt
RP1814: 2013-10-12 23:11:24 - Software Distribution Service 3.0
RP1815: 2013-10-14 12:00:35 - Systemkontrollpunkt
RP1816: 2013-10-15 12:37:11 - Systemkontrollpunkt
RP1817: 2013-10-16 18:26:29 - Systemkontrollpunkt
RP1818: 2013-10-17 19:04:38 - Systemkontrollpunkt
RP1819: 2013-10-19 11:32:06 - Systemkontrollpunkt
RP1820: 2013-10-20 18:09:40 - Systemkontrollpunkt
RP1821: 2013-10-21 18:12:20 - Systemkontrollpunkt
RP1822: 2013-10-22 08:58:07 - Java 7 Update 45 installerades
RP1823: 2013-10-22 17:20:16 - Windows Internet Explorer 8 installerades.
RP1824: 2013-10-22 17:20:50 - Software Distribution Service 3.0
RP1825: 2013-10-22 17:26:56 - Software Distribution Service 3.0
RP1826: 2013-10-23 16:06:36 - Installed STOPzilla
RP1827: 2013-10-23 19:17:47 - Removed STOPzilla
.
==== Installed Programs ======================
.
Adobe Encore DVD 2.0
Adobe Flash Player 11 Plugin
Adobe Photoshop 5.5
Adobe Premiere Pro 1.5
Adobe Reader XI (11.0.05) - Svenska
AP Guitar Tuner
AP Tuner 3.08
Apache HTTP Server 2.2.14
Apple Application Support
Apple Software Update
Ask Toolbar
Ask Toolbar Updater
ASUS nVidia Driver
Audacity 1.2.6
BankID säkerhetsprogram
Bonjour
Brother-tillägg för Paperport
Canon iP1600
Canon Utilities Easy-PhotoPrint
Canon Utilities Easy-PrintToolBox
CCleaner
CD Recovery Toolbox Free 1.1
CDBurnerXP
Computer Security 12.77.101.0 (release)
Document Express DjVu Plug-in (autoinstall)
EasyCleaner
F-Secure CCF Reputation
F-Secure CCF Scanning 1.23.124.8831 (release)
F-Secure Network CCF 1.02.128
Förarintyg
Firebird SQL Server - MAGIX Edition
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB976002-v5)
Internet Explorer Toolbar 4.9 by SweetPacks
Java 7 Update 21
Java 7 Update 45
Java Auto Updater
LinkValidator
MAGIX 3D Maker (embeded)
MAGIX Goya burnR 1.3.1.3 (SE)
MAGIX PC Visit
MAGIX Photo Manager 2007 4.2.1.262 (SE)
MAGIX Xtreme PhotoStory on CD & DVD 7 7.0.2.0 (SE)
MAGIX Xtreme Print Studio 5.0.0.7399 (US)
Malwarebytes' Anti-Malware
McAfee Security Scan Plus
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 Language Pack SP1 - sve
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Automated Troubleshooting Services Shim
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Download Manager
Microsoft Fix it Center
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 97 Standard
Microsoft Office Converter Pack
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft XML Parser
MotionDV STUDIO 5.3E LE for DV
Mozilla Firefox 24.0 (x86 sv-SE)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nordea NCR1 Installationspaket
NVIDIA Drivers
NVIDIA nView Desktop Manager
Online Safety 2.77.1170.803
OpenOffice.org 3.3
PaperPort 6.5
Personal Ancestral File 5
Pinnacle Instant DVD Recorder
ProtectDisc Driver, Version 11
ProtectDisc Helper Driver 10
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
SeaClear II
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
SmartSound Quicktracks Plugin
Sms&mms i datorn Desktop
Snabbkorrigering för Windows XP (KB2756822)
Snabbkorrigering för Windows XP (KB2779562)
Softonic toolbar on IE and Chrome
Säker surf
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB2544521)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB2744842)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB2792100)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB2797052)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB2870699)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB938127-v2)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB956390)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB961260)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB963027)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB969897)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB972260)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB974455)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB976325)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB978207)
Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2510531)
Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2618444)
Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2744842)
Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2862772)
Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2879017)
Säkerhetsuppdatering för Windows Internet Explorer 8 (KB982381)
Säkerhetsuppdatering för Windows Media Player (KB2834904-v2)
Säkerhetsuppdatering för Windows Media Player (KB2834904)
Säkerhetsuppdatering för Windows XP (KB2510581)
Säkerhetsuppdatering för Windows XP (KB2585542)
Säkerhetsuppdatering för Windows XP (KB2621440)
Säkerhetsuppdatering för Windows XP (KB2641653)
Säkerhetsuppdatering för Windows XP (KB2647518)
Säkerhetsuppdatering för Windows XP (KB2653956)
Säkerhetsuppdatering för Windows XP (KB2655992)
Säkerhetsuppdatering för Windows XP (KB2659262)
Säkerhetsuppdatering för Windows XP (KB2660465)
Säkerhetsuppdatering för Windows XP (KB2661637)
Säkerhetsuppdatering för Windows XP (KB2676562)
Säkerhetsuppdatering för Windows XP (KB2685939)
Säkerhetsuppdatering för Windows XP (KB2686509)
Säkerhetsuppdatering för Windows XP (KB2691442)
Säkerhetsuppdatering för Windows XP (KB2695962)
Säkerhetsuppdatering för Windows XP (KB2698365)
Säkerhetsuppdatering för Windows XP (KB2705219)
Säkerhetsuppdatering för Windows XP (KB2707511)
Säkerhetsuppdatering för Windows XP (KB2709162)
Säkerhetsuppdatering för Windows XP (KB2712808)
Säkerhetsuppdatering för Windows XP (KB2718523)
Säkerhetsuppdatering för Windows XP (KB2719985)
Säkerhetsuppdatering för Windows XP (KB2723135)
Säkerhetsuppdatering för Windows XP (KB2724197)
Säkerhetsuppdatering för Windows XP (KB2727528)
Säkerhetsuppdatering för Windows XP (KB2731847)
Säkerhetsuppdatering för Windows XP (KB2753842-v2)
Säkerhetsuppdatering för Windows XP (KB2753842)
Säkerhetsuppdatering för Windows XP (KB2757638)
Säkerhetsuppdatering för Windows XP (KB2758857)
Säkerhetsuppdatering för Windows XP (KB2761226)
Säkerhetsuppdatering för Windows XP (KB2770660)
Säkerhetsuppdatering för Windows XP (KB2778344)
Säkerhetsuppdatering för Windows XP (KB2779030)
Säkerhetsuppdatering för Windows XP (KB2780091)
Säkerhetsuppdatering för Windows XP (KB2799494)
Säkerhetsuppdatering för Windows XP (KB2802968)
Säkerhetsuppdatering för Windows XP (KB2807986)
Säkerhetsuppdatering för Windows XP (KB2808735)
Säkerhetsuppdatering för Windows XP (KB2813170)
Säkerhetsuppdatering för Windows XP (KB2813345)
Säkerhetsuppdatering för Windows XP (KB2820197)
Säkerhetsuppdatering för Windows XP (KB2820917)
Säkerhetsuppdatering för Windows XP (KB2829361)
Säkerhetsuppdatering för Windows XP (KB2834886)
Säkerhetsuppdatering för Windows XP (KB2839229)
Säkerhetsuppdatering för Windows XP (KB2845187)
Säkerhetsuppdatering för Windows XP (KB2847311)
Säkerhetsuppdatering för Windows XP (KB2849470)
Säkerhetsuppdatering för Windows XP (KB2850851)
Säkerhetsuppdatering för Windows XP (KB2850869)
Säkerhetsuppdatering för Windows XP (KB2859537)
Säkerhetsuppdatering för Windows XP (KB2862330)
Säkerhetsuppdatering för Windows XP (KB2862335)
Säkerhetsuppdatering för Windows XP (KB2864063)
Säkerhetsuppdatering för Windows XP (KB2868038)
Säkerhetsuppdatering för Windows XP (KB2876217)
Säkerhetsuppdatering för Windows XP (KB2876315)
Säkerhetsuppdatering för Windows XP (KB2883150)
Säkerhetsuppdatering för Windows XP (KB923689)
Spamihilator 1.5.0 (32 bit)
Spotify
Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve
Studio 10
Studio 10 Bonus DVD
Studio 10.8 Patch
Studio DV
SweetPacks Updater Service
System Requirements Lab for Intel
Telia Supportassistenten
UnderCoverXP 1.21
Unifaun WebPrinter
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Uppdatering för Windows Internet Explorer 7 (KB976749)
Uppdatering för Windows Internet Explorer 8 (KB2598845)
Uppdatering för Windows XP (KB2661254-v2)
Uppdatering för Windows XP (KB2718704)
Uppdatering för Windows XP (KB2736233)
Uppdatering för Windows XP (KB2749655)
Uppdatering för Windows XP (KB2863058)
WebFldrs XP
Video Stream Driver for Panasonic DVC
Windows Backup Utility
Windows Driver Package - Todos Data System AB (Tdsshbecr) SmartCardReader (05/30/2008 1.0.9.2)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows PowerShell 1.0
Windows XP Service Pack 3
Visual C++ CRT 9.0 SP1
WM Recorder 14
XML Paper Specification Shared Components Language Pack 1.0
.
==== End Of File ===========================

Cecilia · October 24, 2013

1. Avinstallera i Kontrollpanelen de som finns av följande:

Ask Toolbar pga http://www.systemlookup.com/CLSID/56968-GenericAskToolbar_dll_GENERI_1_DLL.html

Ask Toolbar Updater

Internet Explorer Toolbar 4.9 by SweetPacks http://www.systemlookup.com/CLSID/8158-mgToolbarIE_dll.html

SweetPacks Updater Service

Softonic toolbar on IE and Chrome http://www.systemlookup.com/CLSID/75002-softonic_dll.html

Java 7 Update 21 eftersom det är en gammal programversion med kända säkerhetshål som gör det lätt att infektera datorn från en webbsida.

2. Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Edited October 24, 2013 by Cecilia

Rolas · October 24, 2013

Gjoort enligt dina instruktioner och det raderades åtskilliga filer när AdwClearer kördes. Borde inte datorn var rensad nu ?

RL

Cecilia · October 24, 2013

Det kan jag inte svara på utan att se en ny DDS-logg och helst loggen från när AdwCleaner tog bort saker.

Dessutom rekommenderar jag att du kör denna online-skanner: http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

Avbocka alternativet Remove found threats (eftersom falsklarm förekommer)

Bocka för Scan Archives

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

Klicka på Scan

När skanningen är klar klicka på List of threats found, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Rolas · October 24, 2013

Så var scanningen gjort och nedan kommer de infekterade filerna.

C:\AdwCleaner\Quarantine\C\Documents and Settings\RL\Lokala inställningar\Application Data\Babylon\Setup\Setup.exe.vir Win32/Toolbar.Babylon application
C:\AdwCleaner\Quarantine\C\Program\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll.vir a variant of Win32/Toolbar.Montiera.A application
C:\AdwCleaner\Quarantine\C\Program\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll.vir Win32/Toolbar.Babylon application
C:\AdwCleaner\Quarantine\C\Program\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe.vir a variant of Win32/Toolbar.Montiera.A application
C:\AdwCleaner\Quarantine\C\Program\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll.vir Win32/Toolbar.Babylon application
C:\AdwCleaner\Quarantine\C\Program\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll.vir Win32/Toolbar.Babylon application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49auxstb.dll.vir Win32/Toolbar.MyWebSearch.W application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49bar.dll.vir Win32/Toolbar.MyWebSearch.W application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49bprtct.dll.vir Win32/Toolbar.MyWebSearch.W application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49brmon.exe.vir Win32/Toolbar.MyWebSearch.W application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49datact.dll.vir a variant of Win32/Toolbar.MyWebSearch.A application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49htmlmu.dll.vir probably a variant of Win32/Toolbar.MyWebSearch.B application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49ieovr.dll.vir probably a variant of Win32/Toolbar.MyWebSearch.P application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49impipe.exe.vir Win32/Toolbar.MyWebSearch.W application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49Plugin.dll.vir probably a variant of Win32/Toolbar.MyWebSearch application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49reghk.dll.vir Win32/Toolbar.MyWebSearch.W application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49skin.dll.vir a variant of Win32/Toolbar.MyWebSearch.P application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49skplay.exe.vir Win32/Toolbar.MyWebSearch.W application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\49SrchMn.exe.vir Win32/Toolbar.MyWebSearch.W application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\AppIntegrator64.exe.vir Win64/Toolbar.MyWebSearch.A application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\AppIntegratorStub64.dll.vir Win64/Toolbar.MyWebSearch.A application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\CREXT.DLL.vir Win32/Toolbar.MyWebSearch.W application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\CrExtP49.exe.vir Win32/Toolbar.MyWebSearch.W application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\Hpg64.dll.vir Win64/Toolbar.MyWebSearch.A application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\NP49Stub.dll.vir Win32/Toolbar.MyWebSearch.T application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\T8HTML.DLL.vir probably a variant of Win32/Toolbar.MyWebSearch.F application
C:\AdwCleaner\Quarantine\C\Program\utilitychest_49\bar\1.bin\T8TICKER.DLL.vir Win32/Toolbar.MyWebSearch.W application
C:\Encore\Adobe Encore DVD 2.0\keygen.rar a variant of Win32/Keygen.AO application
C:\Encore\Adobe Encore DVD 2.0\Keygen\keygen.exe a variant of Win32/Keygen.AO application
C:\PHP\installer_php_editor.exe Win32/Toggle application
C:\Program\cd-recovery-toolbox-free.exe Win32/SoftonicDownloader.C application
C:\Program\SoftonicDownloader_for_email-extractor.exe Win32/SoftonicDownloader.E application
C:\Program\FreeFileViewer\freefileviewer_730.exe a variant of Win32/InstallIQ.A application
D:\CD_Qic_file\SoftonicDownloader_for_cdroller.exe Win32/SoftonicDownloader.D application

Jag har nya filer av dds.txt och attach.txt men avvaktar ditt besked. och instruktioner hur jag raderar de infekterade filerna

Mvh/RL

Cecilia · October 24, 2013

Det mesta som Esets skanner hittar är sånt som AdwCleaner redan tagit bort och lagt i sin karantän så de är ofarliga.

Vad ett crackat program är vet du väl redan och vad det kan innebära.

C:\PHP\installer_php_editor.exe Win32/Toggle application

C:\Program\cd-recovery-toolbox-free.exe Win32/SoftonicDownloader.C application

C:\Program\SoftonicDownloader_for_email-extractor.exe Win32/SoftonicDownloader.E application

C:\Program\FreeFileViewer\freefileviewer_730.exe a variant of Win32/InstallIQ.A application

D:\CD_Qic_file\SoftonicDownloader_for_cdroller.exe Win32/SoftonicDownloader.D application

Det är program som innehåller kod för att även installera tillägg i webbläsare, dvs sånt som AdwCleaner tog bort. Jag vet inte om det bara är installationsfiler eller om det även är själva programfilen. I det senare fallet finns det en risk för att tillägget installeras igen nästa gång du startar programmet. Du får själv avgöra om du ska ha kvar filerna.

Om du klistrar in DDS.txt så går jag igenom den och ser om det syns till något mer olämpligt/skadligt. Om du inte vill det skriv det så får du avinstallationsinstruktionerna för AdwCleaner och DDS.

Edited October 24, 2013 by Cecilia

Rolas · October 24, 2013

Hej

Tack för all hjälp hitintills, Jag vet inte vad ett crackat progrm är men tror det är ngt som är trasigt ? Jag vet inte vad det innebär.

Alla filer

C:\PHP\installer_php_editor.exe Win32/Toggle application
C:\Program\cd-recovery-toolbox-free.exe Win32/SoftonicDownloader.C application
C:\Program\SoftonicDownloader_for_email-extractor.exe Win32/SoftonicDownloader.E application
C:\Program\FreeFileViewer\freefileviewer_730.exe a variant of Win32/InstallIQ.A application
D:\CD_Qic_file\SoftonicDownloader_for_cdroller.exe Win32/SoftonicDownloader.D application

kan tas bort.

Vad gör jag med de filer som finns i karantän på AdwCleaner ?

Nedan DDS.txt

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.21.2
Run by RL at 16:09:24 on 2013-10-24
Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.2047.1171 [GMT 2:00]
.
AV: Datorskydd *Enabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
.
============== Running Processes ================
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\Explorer.EXE
C:\program\scansoft\paperp~1\pptd40nt.exe
C:\Program\Telia\Sms och mms i datorn Desktop\mw.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program\Telia\Telias sakerhetstjanster\fshoster32.exe
C:\Program\Telia\Supportassistenten\Client\Supportassistenten.exe
C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Messenger\msmsgs.exe
C:\Documents and Settings\RL\Application Data\Spotify\Data\SpotifyWebHelper.exe
C:\Program\Personal\bin\Personal.exe
C:\Program\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
C:\Program\Spamihilator\spamihilator.exe
C:\Program\Telia\Supportassistenten\Apps32\SupportassistentenHelper.exe
C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Program\Bonjour\mDNSResponder.exe
C:\Program\Delade filer\MAGIX Services\Database\bin\FABS.exe
C:\Program\Telia\Telias sakerhetstjanster\fshoster32.exe
C:\Program\Telia\Telias sakerhetstjanster\apps\CCF_Reputation\fsorsp.exe
C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
D:\Java\bin\jqs.exe
C:\Program\Apache Software Foundation\Apache2.2\bin\httpd.exe
C:\Program\CDBurnerXP\NMSAccessU.exe
C:\Program\Telia\Supportassistenten\Service\SupportassistentenSvc.exe
C:\WINDOWS\system32\BRMFRSMG.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSMA32.EXE
C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\alg.exe
C:\Outlook Express\msimn.exe
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\Program\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uURLSearchHooks: <No Name>: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} -
dURLSearchHooks: {1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - d:\java\bin\ssv.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - d:\java\bin\jp2ssv.dll
BHO: TBHelper Class: {E46A2169-E328-471A-9788-F2B52BB9C681} - c:\program\telia\sms och mms i datorn desktop\miebho.dll
TB: The Pirate Bay Toolbar: {5B291E6C-9A74-4034-971B-A4B007A0B313} - LocalServer32 - <no file>
TB: Utility Chest: {CF67755F-9265-449C-87CF-B945519E073B} -
TB: eSms Verktygsfält: {6B49F76B-190A-4FC6-83EA-BAAD234BAFF8} - c:\program\telia\sms och mms i datorn desktop\mie.dll
TB: Utility Chest: {cf67755f-9265-449c-87cf-b945519e073b} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program\messenger\msmsgs.exe" /background
uRun: [spotify Web Helper] "c:\documents and settings\rl\application data\spotify\data\SpotifyWebHelper.exe"
mRun: [Easy-PrintToolBox] c:\program\canon\easy-printtoolbox\BJPSMAIN.EXE /logon
mRun: [PaperPort PTD] c:\program\scansoft\paperp~1\pptd40nt.exe
mRun: [Alcmtr] ALCMTR.EXE
mRun: [sms och mms i datorn Desktop] "c:\program\telia\sms och mms i datorn desktop\mw.exe" /AutoStart
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe"
mRun: [F-Secure Hoster (28332)] "c:\program\telia\telias sakerhetstjanster\fshoster32.exe" -app -hosterid:1
mRun: [Telia Supportassistenten 5.0] "c:\program\telia\supportassistenten\client\Supportassistenten.exe" /trayonly
mRun: [F-Secure Manager] "c:\program\telia\telias sakerhetstjanster\apps\computersecurity\common\FSM32.EXE" /splash
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [sBRegRebootCleaner] "c:\program\stopzilla!\sbrc.exe"
mRun: [userFaultCheck] c:\windows\system32\dumprep 0 -u
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\rl\start-~1\program\autost~1\spamih~1.lnk - c:\program\spamihilator\spamihilator.exe
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\bankid~1.lnk - c:\program\personal\bin\Personal.exe
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\monito~1.lnk - c:\program\apache software foundation\apache2.2\bin\ApacheMonitor.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:149
uPolicies-Explorer: NoDriveAutorun = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe
Trusted Zone: nettbank-okq8.se

TCP: NameServer = 192.168.0.1
TCP: Interfaces\{DCEF6E42-485C-48A5-A2F0-A5916C32F44B} : DHCPNameServer = 192.168.0.1
Handler: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - <orphaned>
AppInit_DLLs=
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rl\application data\mozilla\firefox\profiles\j89epqhh.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - about:home
FF - component: c:\documents and settings\rl\application data\mozilla\firefox\profiles\j89epqhh.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\dtTransparency.dll
FF - component: c:\documents and settings\rl\application data\mozilla\firefox\profiles\j89epqhh.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\dtTransparency3.5.dll
FF - component: c:\documents and settings\rl\application data\mozilla\firefox\profiles\j89epqhh.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\dtTransparency3.6.dll
FF - component: c:\program\windows ilivid toolbar\datamngr\firefoxextension\components\DataMngrHlpFF3.dll
FF - plugin: c:\program\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program\personal\bin\np_prsnl.dll
FF - plugin: c:\program\utilitychest_49\bar\1.bin\NP49Stub.dll
FF - plugin: c:\windows\npMSDM.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-08-29 19:00; {EEE6C361-6118-11DC-9C72-001320C79847}; c:\documents and settings\rl\application data\mozilla\firefox\profiles\j89epqhh.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
FF - ExtSQL: !HIDDEN! 2009-09-02 21:58; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2013-05-06 17:25; 49ffxtbr@UtilityChest_49.com; c:\program\utilitychest_49\bar\1.bin
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2013-10-14 44240]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program\telia\telias sakerhetstjanster\apps\computersecurity\hips\drivers\fshs.sys [2013-10-16 73328]
R2 acedrv10;acedrv10;c:\windows\system32\drivers\ACEDRV10.sys [2007-10-28 583128]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [2008-1-23 501560]
R2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [2007-10-26 250560]
R2 Apache2.2;Apache2.2;c:\program\apache software foundation\apache2.2\bin\httpd.exe [2009-9-28 24645]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program\delade filer\magix services\database\bin\FABS.exe [2009-2-3 1155072]
R2 fshoster;F-Secure Dll Hoster;c:\program\telia\telias sakerhetstjanster\fshoster32.exe [2013-1-18 188400]
R2 FSORSPClient;F-Secure ORSP Client;c:\program\telia\telias sakerhetstjanster\apps\ccf_reputation\fsorsp.exe [2012-8-6 61176]
R2 supportassistenten;Telia Supportassistenten;c:\program\telia\supportassistenten\service\SupportassistentenSvc.exe [2013-9-30 332064]
R3 brfilt;Brother MFC-filterdrivrutin;c:\windows\system32\drivers\BrFilt.sys [2009-4-16 2944]
R3 BrSerWDM;Seriell Brother-drivrutin;c:\windows\system32\drivers\BrSerWdm.sys [2009-4-16 60416]
R3 BrUsbMdm;Brother MFC USB - endast faxmodem;c:\windows\system32\drivers\brusbmdm.sys [2000-2-24 11008]
R3 BrUsbScn;Drivrutin för Brother MFC USB-skanner;c:\windows\system32\drivers\BrUsbScn.sys [2009-3-21 10368]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program\telia\telias sakerhetstjanster\apps\computersecurity\anti-virus\minifilter\fsgk.sys [2013-10-14 146288]
R3 fsni;fsni;c:\program\telia\telias sakerhetstjanster\apps\ccf_scanning\fsnixp32.sys [2013-4-25 50112]
R3 fsnitdi;fsnitdi;c:\program\telia\telias sakerhetstjanster\apps\ccf_scanning\fsnitdi32.sys [2013-4-25 21952]
R3 Tdsshbecr;Handelsbanken card reader;c:\windows\system32\drivers\shbecr.sys [2010-10-25 42368]
S1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys --> c:\windows\system32\drivers\sbaphd.sys [?]
S2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys --> c:\windows\system32\drivers\sbapifs.sys [?]
S2 UtilityChest_49Service;Utility ChestService;c:\program\utilit~2\bar\1.bin\49barsvc.exe --> c:\program\utilit~2\bar\1.bin\49barsvc.exe [?]
S3 cpudrv;cpudrv;c:\program\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys --> c:\windows\system32\drivers\ew_hwusbdev.sys [?]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys --> c:\windows\system32\drivers\ewusbnet.sys [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program\delade filer\magix services\database\bin\fbserver.exe [2008-8-7 3276800]
S3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys --> c:\windows\system32\drivers\gfiark.sys [?]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys --> c:\windows\system32\drivers\ew_jubusenum.sys [?]
S3 Ipcloibnw;Ipcloibnw; [x]
S3 ITBYAABNV;ITBYAABNV;c:\docume~1\rl\lokala~1\temp\itbyaabnv.exe --> c:\docume~1\rl\lokala~1\temp\ITBYAABNV.exe [?]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2013-4-1 34064]
S3 QIZB;QIZB;c:\docume~1\rl\lokala~1\temp\qizb.exe --> c:\docume~1\rl\lokala~1\temp\QIZB.exe [?]
S3 TdsNordecr;Nordea NCR1 SmartCard Reader;c:\windows\system32\drivers\nordecr.sys [2013-5-1 23040]
S3 UPnPService;UPnPService;c:\program\delade filer\magix shared\upnpservice\UPnPService.exe [2009-12-19 544768]
.
=============== Created Last 30 ================
.
2013-10-24 11:16:28 -------- d-----w- C:\AdwCleaner
2013-10-24 07:29:13 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-24 07:29:13 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-22 15:19:19 -------- dc-h--w- c:\windows\ie8
2013-10-14 14:59:49 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys
2013-10-09 06:04:56 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2013-10-09 06:04:50 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2013-10-09 06:04:50 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2013-10-09 06:04:27 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2013-10-09 06:04:27 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2013-10-09 06:04:27 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2013-10-09 06:04:27 144128 -c----w- c:\windows\system32\dllcache\usbport.sys
2013-09-30 19:02:14 -------- d-----w- c:\documents and settings\all users\application data\Telia
2013-09-26 18:00:39 208760 ----a-w- c:\program\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2013-09-30 15:53:04 632656 ----a-w- c:\windows\system32\msvcr80.dll
2013-09-30 15:53:04 554832 ----a-w- c:\windows\system32\msvcp80.dll
2013-09-30 15:53:04 479232 ----a-w- c:\windows\system32\msvcm80.dll
2013-09-23 18:25:12 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:25:10 43520 ------w- c:\windows\system32\licmgr10.dll
2013-09-23 18:25:09 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:25:06 18944 ------w- c:\windows\system32\corpol.dll
2013-09-23 18:07:43 385024 ------w- c:\windows\system32\html.iec
2013-08-29 16:55:05 392016 ----a-w- c:\program\SoftonicDownloader_for_email-extractor.exe
2013-08-29 07:02:12 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-09 01:56:36 387584 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55:08 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55:07 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-09 00:55:06 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30:21 1289216 ----a-w- c:\windows\system32\ole32.dll
2013-08-02 23:48:38 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-01-12 12:05:25 33969688 ------w- c:\program\Sms-i-datorn-4.9.7.5-SE.exe
2012-02-02 14:26:26 316504 ------w- c:\program\cd-recovery-toolbox-free.exe
2011-12-11 09:48:12 4529299 ------w- c:\program\FileZilla_3.5.2_win32-setup.exe
2011-03-14 16:05:31 10199905 ------w- c:\program\ExpressPCBSetup.exe
2011-01-26 13:12:00 3955336 ------w- c:\program\Spotify Installer.exe
2009-03-19 08:32:21 2951802 ------w- c:\program\EClea2_0.exe
2009-03-17 12:58:38 70972952 ------w- c:\program\Telias-sakerhetstjanster.exe
2009-03-11 12:56:49 7589040 ------w- c:\program\Firefox Setup 3.0.7.exe
.
============= FINISH: 16:10:00,53 ===============

Mvh/RL

Cecilia · October 24, 2013

Bara trevligt att kunna hjälpa till

Ett crackat program är ett betalprogram som man fixar till på ett eller annat sätt så att man slipper betala för det.

C:\Encore\Adobe Encore DVD 2.0\keygen.rar a variant of Win32/Keygen.AO application

C:\Encore\Adobe Encore DVD 2.0\Keygen\keygen.exe a variant of Win32/Keygen.AO application

Kan du själv ta bort filerna, dvs slänga dem i papperskorgen?

C:\PHP\installer_php_editor.exe Win32/Toggle application

C:\Program\cd-recovery-toolbox-free.exe Win32/SoftonicDownloader.C application

C:\Program\SoftonicDownloader_for_email-extractor.exe Win32/SoftonicDownloader.E application

C:\Program\FreeFileViewer\freefileviewer_730.exe a variant of Win32/InstallIQ.A application

D:\CD_Qic_file\SoftonicDownloader_for_cdroller.exe Win32/SoftonicDownloader.D application

Du kommer att få ta bort AdwCleaners karantän när det här är klart.

Det verkar vara en hel del av olämpliga tillägg kvar i Firefox och som AdwCleaner borde kunna ta bort.

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på Report-knappen.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Edit:

Lagt dit radbrytningarna som försvann.

Edited October 25, 2013 by Cecilia

Rolas · October 25, 2013

Hej

Jag raderar filerna och lägger dem i papperskorgen.

Nedan dagen körning med Adware

Vad´jag kan se så är det inte mer ett par filer som rapporteras , eller är det mer som ska bort ?

Mvh/RL

# AdwCleaner v3.010 - Report created 25/10/2013 at 08:07:19
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : RL - R1
# Running from : C:\Documents and Settings\RL\Skrivbord\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v24.0 (sv-SE)

[ File : C:\Documents and Settings\RL\Application Data\Mozilla\Firefox\Profiles\j89epqhh.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Documents and Settings\RL\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [36332 octets] - [24/10/2013 13:16:31]
AdwCleaner[R1].txt - [1062 octets] - [24/10/2013 18:42:17]
AdwCleaner[R2].txt - [923 octets] - [25/10/2013 08:07:19]
AdwCleaner[s0].txt - [37288 octets] - [24/10/2013 13:17:14]
AdwCleaner[s1].txt - [1124 octets] - [24/10/2013 18:44:44]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1103 octets] ##########

Cecilia · October 25, 2013

Hej!

Inget som ska bort i den AdwCleaner-loggen. Då får vi ta till ett annat program.

Spara OTL på Skrivbordet: http://oldtimer.geekstogo.com/OTL.exe

Rolas · October 25, 2013

Hej

Lite problem , Telia Säker Surf rapporterar att det är varning för denna webbplats. Har du ngn annan att föreslå ?

Mvh/RL

Cecilia · October 25, 2013

Hej!

Klagar den på geekstogo?

Det är ju en av de största och välkända engelskspråkiga forumen.

Men du får filen här i stället.

Spara den på skrivbordet, högerklicka och välj "Extrahera alla". Då kommer själva programfilen fram som du kan köra.

OTL.zip

Rolas · October 25, 2013

Hej igen. Nu har jag kört OTL-programet och rapportfilen är inklistrad nedan .

Tror du verkligen att det finns virus kvar ? Jag har inte sett till någon pop-up ruta med gåvor eller liknande.

Mvh/RL

OTL logfile created on: 2013-10-25 16:34:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Program\OTL
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 65,53% Memory free
3,85 Gb Paging File | 3,16 Gb Available in Paging File | 82,09% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program
Drive C: | 48,78 Gb Total Space | 9,38 Gb Free Space | 19,24% Space Free | Partition Type: NTFS
Drive D: | 87,93 Gb Total Space | 75,31 Gb Free Space | 85,64% Space Free | Partition Type: NTFS
Drive E: | 161,37 Gb Total Space | 106,91 Gb Free Space | 66,25% Space Free | Partition Type: NTFS
Drive M: | 298,09 Gb Total Space | 98,66 Gb Free Space | 33,10% Space Free | Partition Type: NTFS

Computer Name: R1 | User Name: RL | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013-10-25 13:15:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Program\OTL\OTL.exe
PRC - [2013-10-16 08:10:09 | 001,162,280 | ---- | M] (F-Secure Corporation) -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\fssm32.exe
PRC - [2013-10-16 08:10:08 | 000,621,608 | ---- | M] (F-Secure Corporation) -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
PRC - [2013-09-19 08:10:18 | 000,332,064 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\SupportassistentenSvc.exe
PRC - [2013-09-13 09:21:00 | 001,770,272 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Client\Supportassistenten.exe
PRC - [2013-09-13 09:18:36 | 000,049,952 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Apps32\SupportassistentenHelper.exe
PRC - [2013-08-20 10:57:18 | 000,310,208 | ---- | M] (F-Secure Corporation) -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSM32.EXE
PRC - [2013-08-20 10:57:18 | 000,207,808 | ---- | M] (F-Secure Corporation) -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSMA32.EXE
PRC - [2013-07-11 07:53:03 | 001,104,384 | ---- | M] (Spotify Ltd) -- C:\Documents and Settings\RL\Application Data\Spotify\Data\SpotifyWebHelper.exe
PRC - [2013-04-07 14:41:59 | 002,024,960 | ---- | M] (Michel Krämer) -- C:\Program\Spamihilator\spamihilator.exe
PRC - [2013-04-04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) -- D:\Java\bin\jqs.exe
PRC - [2013-01-18 11:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) -- C:\Program\Telia\Telias sakerhetstjanster\fshoster32.exe
PRC - [2013-01-18 11:06:36 | 000,135,152 | ---- | M] (F-Secure Corporation) -- C:\Program\Telia\Telias sakerhetstjanster\fslauncher.exe
PRC - [2012-11-15 13:11:48 | 001,358,784 | ---- | M] (Technology Nexus AB) -- C:\Program\Personal\bin\Personal.exe
PRC - [2012-08-06 14:53:14 | 000,061,176 | ---- | M] (F-Secure Corporation) -- C:\Program\Telia\Telias sakerhetstjanster\apps\CCF_Reputation\fsorsp.exe
PRC - [2012-04-23 14:23:50 | 002,346,400 | ---- | M] (Soprano Design) -- C:\Program\Telia\Sms och mms i datorn Desktop\mw.exe
PRC - [2009-02-03 15:53:00 | 001,155,072 | ---- | M] (MAGIX AG) -- C:\Program\Delade filer\MAGIX Services\Database\bin\FABS.exe
PRC - [2008-10-20 22:18:26 | 000,071,096 | ---- | M] () -- C:\Program\CDBurnerXP\NMSAccessU.exe
PRC - [2008-04-14 18:05:06 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006-03-02 14:00:00 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Outlook Express\msimn.exe
PRC - [2001-09-06 21:33:34 | 000,032,256 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\BrmfRsmg.exe

========== Modules (No Company Name) ==========

MOD - [2013-10-16 08:10:10 | 000,277,872 | ---- | M] () -- \\?\c:\program\telia\telias sakerhetstjanster\apps\computersecurity\hips\fsumi.dll
MOD - [2013-10-16 08:10:08 | 000,949,184 | ---- | M] () -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\fm4av.dll
MOD - [2013-10-14 17:05:11 | 000,213,048 | ---- | M] () -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Spam Control\fsas.dll
MOD - [2013-10-14 17:05:11 | 000,030,888 | ---- | M] () -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
MOD - [2013-09-25 09:23:18 | 000,025,888 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\libLogger.dll
MOD - [2013-09-24 12:38:06 | 000,153,208 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\libTelia.dll
MOD - [2013-09-19 08:10:18 | 000,332,064 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\SupportassistentenSvc.exe
MOD - [2013-09-13 09:24:54 | 000,571,752 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\sqlite3.dll
MOD - [2013-09-13 09:24:46 | 000,089,376 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\libWebFeeds.dll
MOD - [2013-09-13 09:24:38 | 000,468,768 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\libUtils.dll
MOD - [2013-09-13 09:24:16 | 000,110,880 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\libOS.dll
MOD - [2013-09-13 09:24:02 | 000,110,368 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\libIPS.dll
MOD - [2013-09-13 09:23:52 | 000,736,544 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\libEmail.dll
MOD - [2013-09-13 09:23:38 | 000,058,656 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\libDatabase.dll
MOD - [2013-09-13 09:23:22 | 001,666,336 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\libConnectivity.dll
MOD - [2013-09-13 09:23:22 | 000,215,840 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\libBrowser.dll
MOD - [2013-09-13 09:23:22 | 000,039,712 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Service\jansson.dll
MOD - [2013-09-13 09:21:00 | 001,770,272 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Client\Supportassistenten.exe
MOD - [2013-09-13 09:18:36 | 000,049,952 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Apps32\SupportassistentenHelper.exe
MOD - [2013-09-13 09:18:30 | 000,468,768 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Apps32\libUtils.dll
MOD - [2013-09-13 09:18:22 | 000,046,368 | ---- | M] () -- C:\Program\Telia\Supportassistenten\Apps32\libMessageMonitor.dll
MOD - [2013-09-12 21:03:29 | 000,593,464 | ---- | M] () -- C:\WINDOWS\WinSxS\x86_F-Secure.Qt462_2e112a926211c0a3_4.6.482.65_x-ww_a8ee95a1\QtMultimediaKit1.dll
MOD - [2013-08-20 10:57:10 | 000,045,504 | ---- | M] () -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\fsavhres.eng
MOD - [2013-08-20 10:57:06 | 000,093,120 | ---- | M] () -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\FSGUI\strres.eng
MOD - [2013-08-20 10:57:04 | 000,056,256 | ---- | M] () -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\FSGUI\fsavures.eng
MOD - [2013-04-07 14:41:59 | 000,279,040 | ---- | M] () -- C:\Program\Spamihilator\sqlite3.dll
MOD - [2013-04-07 14:41:59 | 000,060,416 | ---- | M] () -- C:\Program\Spamihilator\zlib1.dll
MOD - [2013-01-18 11:06:32 | 000,208,880 | ---- | M] () -- C:\Program\Telia\Telias sakerhetstjanster\daas2.dll
MOD - [2012-02-03 09:19:44 | 000,387,488 | ---- | M] () -- C:\Program\Telia\Sms och mms i datorn Desktop\MAPIEx.dll
MOD - [2008-10-20 22:18:26 | 000,071,096 | ---- | M] () -- C:\Program\CDBurnerXP\NMSAccessU.exe
MOD - [1996-10-09 14:31:06 | 000,006,144 | ---- | M] () -- C:\Program\ScanSoft\PaperPort\Blicectr.dll

========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program\UTILIT~2\bar\1.bin\49barsvc.exe -- (UtilityChest_49Service)
SRV - File not found [On_Demand | Stopped] -- C:\DOCUME~1\RL\LOKALA~1\Temp\QIZB.exe -- (QIZB)
SRV - File not found [On_Demand | Stopped] -- C:\DOCUME~1\RL\LOKALA~1\Temp\ITBYAABNV.exe -- (ITBYAABNV)
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013-10-24 11:23:13 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-10-19 15:27:49 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-09-19 08:10:18 | 000,332,064 | ---- | M] () [Auto | Running] -- C:\Program\Telia\Supportassistenten\Service\SupportassistentenSvc.exe -- (supportassistenten)
SRV - [2013-08-20 10:57:18 | 000,207,808 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSMA32.EXE -- (FSMA)
SRV - [2013-04-04 05:32:53 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- D:\Java\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013-01-18 11:06:36 | 000,188,400 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program\Telia\Telias sakerhetstjanster\fshoster32.exe -- (fshoster)
SRV - [2012-08-06 14:53:14 | 000,061,176 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program\Telia\Telias sakerhetstjanster\apps\CCF_Reputation\fsorsp.exe -- (FSORSPClient)
SRV - [2012-04-09 18:29:18 | 000,382,320 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program\Delade filer\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2011-06-13 23:09:22 | 000,267,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2009-12-05 17:22:45 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2009-02-03 15:53:00 | 001,155,072 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program\Delade filer\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2008-10-20 22:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008-08-07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program\Delade filer\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2006-12-14 17:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand | Stopped] -- C:\Program\Delade filer\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2005-04-04 01:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\sunkfilt.sys -- (SunkFilt)
DRV - File not found [File_System | Auto | Stopped] -- system32\drivers\sbapifs.sys -- (sbapifs)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\sbaphd.sys -- (sbaphd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [File_System | On_Demand | Stopped] -- -- (Ipcloibnw)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\gfiark.sys -- (gfiark)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013-10-16 08:12:58 | 000,146,288 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys -- (F-Secure Gatekeeper)
DRV - [2013-10-16 08:10:10 | 000,073,328 | ---- | M] (F-Secure Corporation) [Kernel | System | Running] -- C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\HIPS\drivers\fshs.sys -- (F-Secure HIPS)
DRV - [2013-10-14 17:09:06 | 000,044,240 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\fsbts.sys -- (fsbts)
DRV - [2013-04-25 12:52:40 | 000,050,112 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program\Telia\Telias sakerhetstjanster\apps\CCF_Scanning\fsnixp32.sys -- (fsni)
DRV - [2013-04-25 12:52:40 | 000,021,952 | ---- | M] (F-Secure Corporation) [Kernel | On_Demand | Running] -- C:\Program\Telia\Telias sakerhetstjanster\apps\CCF_Scanning\fsnitdi32.sys -- (fsnitdi)
DRV - [2013-04-01 11:47:52 | 000,034,064 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2011-06-02 11:08:34 | 000,011,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program\SystemRequirementsLab\cpudrv.sys -- (cpudrv)
DRV - [2010-02-11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009-10-22 11:49:58 | 000,042,368 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\shbecr.sys -- (Tdsshbecr)
DRV - [2008-04-13 20:36:41 | 000,063,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mf.sys -- (mf)
DRV - [2008-01-23 10:19:44 | 000,501,560 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV11.sys -- (acedrv11)
DRV - [2007-10-30 09:57:54 | 000,023,040 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nordecr.sys -- (TdsNordecr)
DRV - [2007-10-28 17:35:14 | 000,583,128 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007-10-26 15:53:46 | 000,250,560 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2006-09-12 13:27:00 | 004,381,184 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006-08-14 15:09:48 | 000,083,200 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2006-06-14 14:44:30 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP)
DRV - [2005-06-02 20:28:38 | 000,171,008 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2005-02-09 12:59:00 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2001-08-17 22:12:22 | 000,010,368 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrUsbScn.sys -- (BrUsbScn)
DRV - [2001-08-17 21:12:12 | 000,002,944 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrFilt.sys -- (brfilt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {F394EF5E-3B21-4A6A-ADE9-DFC2EAAF0BAA}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{711B93D1-DD19-47AF-A7ED-A6E6EF7A084B}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=U3&apn_dtid=OSJ000YYSE&apn_uid=574B8A40-415F-4EC8-9EED-6315C1539F7D&apn_sauid=BB749DA2-6140-4FCD-85FC-438CFFD99443
IE - HKCU\..\SearchScopes\{D04A0136-2E34-46A3-9678-DF5A6577CA9A}: "URL" = http://www.bing.com/search?FORM=UP61DF&PC=UP61&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{F394EF5E-3B21-4A6A-ADE9-DFC2EAAF0BAA}: "URL" = http://www.google.com/search?hl=sv&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: D:\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: D:\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2013-10-25 12:54:45 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF - HKLM\Software\MozillaPlugins\@UtilityChest_49.com/Plugin: C:\Program\UtilityChest_49\bar\1.bin\NP49Stub.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\49ffxtbr@UtilityChest_49.com: C:\Program\UtilityChest_49\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program\Mozilla Firefox\plugins

[2011-08-22 15:31:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RL\Application Data\Mozilla\Extensions
[2013-10-24 13:17:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RL\Application Data\Mozilla\Firefox\Profiles\j89epqhh.default\extensions
[2012-09-14 15:42:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\RL\Application Data\Mozilla\Firefox\Profiles\j89epqhh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013-05-06 17:25:54 | 000,000,000 | ---D | M] (Utility Chest) -- C:\Documents and Settings\RL\Application Data\Mozilla\Firefox\Profiles\j89epqhh.default\extensions\49ffxtbr@UtilityChest_49.com
[2013-10-19 15:27:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\browser\extensions
[2013-10-19 15:27:50 | 000,000,000 | ---D | M] (Default) -- C:\Program\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.google.com

O1 HOSTS File: ([2006-03-02 14:00:00 | 000,000,710 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Java\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (TBHelper Class) - {E46A2169-E328-471A-9788-F2B52BB9C681} - C:\Program\Telia\Sms och mms i datorn Desktop\miebho.dll (Mobispine)
O3 - HKLM\..\Toolbar: (eSms Verktygsfält) - {6B49F76B-190A-4FC6-83EA-BAAD234BAFF8} - C:\Program\Telia\Sms och mms i datorn Desktop\mie.dll (Mobispine)
O3 - HKLM\..\Toolbar: (Utility Chest) - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program\UtilityChest_49\bar\1.bin\49bar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5B291E6C-9A74-4034-971B-A4B007A0B313} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Utility Chest) - {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program\UtilityChest_49\bar\1.bin\49bar.dll File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [F-Secure Hoster (28332)] C:\Program\Telia\Telias sakerhetstjanster\fshoster32.exe (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program\Telia\Telias sakerhetstjanster\apps\ComputerSecurity\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [sms och mms i datorn Desktop] C:\Program\Telia\Sms och mms i datorn Desktop\mw.exe (Soprano Design)
O4 - HKLM..\Run: [Telia Supportassistenten 5.0] C:\Program\Telia\Supportassistenten\Client\Supportassistenten.exe ()
O4 - HKLM..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKCU..\Run: [spotify Web Helper] C:\Documents and Settings\RL\Application Data\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)
O4 - Startup: C:\Documents and Settings\RL\Start-meny\Program\Autostart\Spamihilator.lnk = C:\Program\Spamihilator\spamihilator.exe (Michel Krämer)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: edb.com ([nettbank] https in Trusted sites)
O15 - HKCU\..Trusted Domains: flashback.org ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: google.se ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: handelsbanken.se ([secure] https in Trusted sites)
O15 - HKCU\..Trusted Domains: live.com ([account] https in Trusted sites)
O15 - HKCU\..Trusted Domains: live.com ([safety] http in Trusted sites)
O15 - HKCU\..Trusted Domains: nettbank-okq8.se ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: okq8.se ([www] http in Trusted sites)
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://www.caminova.net/en/downloads/getmodule.aspx?lang=sv (DjVuCtl Class)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1237295296046 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341821546281 (MUWebControl Class)
O16 - DPF: {83A4D5A6-E2C1-4EDD-AD48-1A1C50BD06EF} https://www-lagring.telia.se/FileUpload/Cabs/ImageUploader6.cab (Image Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} http://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab (Microsoft Download Manager ActiveX control)
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab (F-Secure Health Check 1.1)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab (SysInfo Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DCEF6E42-485C-48A5-A2F0-A5916C32F44B}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtb - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\TPSvc: DllName - (TPSvc.dll) - File not found
O24 - Desktop Components:0 (Min aktuella startsida) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Sommar.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Sommar.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-04-02 19:09:30 | 000,000,083 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{08c785de-9ab1-11e2-8608-0019663b3473}\Shell - "" = AutoRun
O33 - MountPoints2\{08c785de-9ab1-11e2-8608-0019663b3473}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{0b4c87c2-9bac-11e2-860d-ebbd7a0d3ddb}\Shell - "" = AutoRun
O33 - MountPoints2\{0b4c87c2-9bac-11e2-860d-ebbd7a0d3ddb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{d8cc16bc-9bad-11e2-860e-9ef9ec69f5e0}\Shell - "" = AutoRun
O33 - MountPoints2\{d8cc16bc-9bad-11e2-860e-9ef9ec69f5e0}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk /p \??\K:)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (SBBD.exe /d \Device\HarddiskVolume1\Documents and Settings\All Users\Application Data\STOPzilla!\VIPRE)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013-10-25 16:32:45 | 000,000,000 | ---D | C] -- C:\Program\OTL
[2013-10-24 16:14:24 | 000,000,000 | ---D | C] -- C:\Program\ESET
[2013-10-24 13:16:28 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013-10-24 10:16:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\RL\Start-meny\Program\Administrationsverktyg
[2013-10-24 09:32:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2013-10-24 09:29:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2013-10-24 09:29:13 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-10-24 09:29:13 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-10-23 16:39:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RL\Lokala inställningar\Application Data\F-Secure
[2013-10-22 17:19:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013-10-22 08:58:57 | 000,000,000 | ---D | C] -- C:\Program\Delade filer\Java
[2013-10-22 08:58:53 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013-10-22 08:58:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013-10-22 08:58:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013-10-22 08:58:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start-meny\Program\Java
[2013-10-19 15:27:43 | 000,000,000 | ---D | C] -- C:\Program\Mozilla Firefox
[2013-10-09 08:04:56 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidparse.sys
[2013-10-09 08:04:50 | 000,123,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbvideo.sys
[2013-10-09 08:04:50 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2013-10-09 08:04:27 | 000,144,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbport.sys
[2013-10-09 08:04:27 | 000,032,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2013-10-09 08:04:27 | 000,030,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbehci.sys
[2013-10-09 08:04:27 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbd.sys
[2013-09-30 21:02:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RL\Lokala inställningar\Application Data\Telia
[2013-09-30 21:02:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Telia
[2013-01-12 14:05:20 | 033,969,688 | ---- | C] (Telia) -- C:\Program\Sms-i-datorn-4.9.7.5-SE.exe
[2011-12-11 11:47:55 | 004,529,299 | ---- | C] (FileZilla Project) -- C:\Program\FileZilla_3.5.2_win32-setup.exe
[2011-03-14 18:05:27 | 010,199,905 | ---- | C] (ExpressPCB             ) -- C:\Program\ExpressPCBSetup.exe
[2009-03-19 10:32:17 | 002,951,802 | ---- | C] (InstallShield Software Corporation) -- C:\Program\EClea2_0.exe
[2009-03-17 15:11:29 | 007,589,040 | ---- | C] (Mozilla) -- C:\Program\Firefox Setup 3.0.7.exe
[2009-03-17 14:58:31 | 070,972,952 | ---- | C] (F-Secure Corporation) -- C:\Program\Telias-sakerhetstjanster.exe

========== Files - Modified Within 30 Days ==========

[2013-10-25 16:36:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-10-25 16:13:58 | 000,596,358 | ---- | M] () -- C:\Program\OTL.zip
[2013-10-25 13:57:00 | 000,000,568 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job
[2013-10-25 11:39:24 | 000,021,442 | ---- | M] () -- C:\Documents and Settings\RL\Skrivbord\SvD_nliv.url
[2013-10-25 10:09:50 | 000,468,094 | ---- | M] () -- C:\WINDOWS\System32\perfh01D.dat
[2013-10-25 10:09:50 | 000,465,958 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013-10-25 10:09:50 | 000,095,466 | ---- | M] () -- C:\WINDOWS\System32\perfc01D.dat
[2013-10-25 10:09:50 | 000,081,708 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013-10-25 10:05:49 | 000,002,651 | ---- | M] () -- C:\WINDOWS\BRMFBIDI.INI
[2013-10-25 10:05:37 | 000,262,809 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2013-10-25 10:05:35 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013-10-25 10:05:35 | 000,000,604 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job
[2013-10-25 10:05:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013-10-25 09:17:18 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\RL\Adobe Encore DVD_VUI.pref
[2013-10-24 20:37:58 | 001,060,070 | ---- | M] () -- C:\Documents and Settings\RL\Skrivbord\adwcleaner.exe
[2013-10-24 20:17:44 | 000,000,473 | ---- | M] () -- C:\Documents and Settings\RL\Skrivbord\NettBank - OKQ8.url
[2013-10-24 20:13:34 | 000,000,852 | ---- | M] () -- C:\Documents and Settings\RL\Skrivbord\Isolda.url
[2013-10-24 20:12:36 | 000,000,208 | ---- | M] () -- C:\Documents and Settings\RL\Skrivbord\Sidewalk.url
[2013-10-24 19:13:58 | 000,000,751 | ---- | M] () -- C:\Documents and Settings\RL\Skrivbord\Nordea Plusgiro.url
[2013-10-24 18:49:39 | 000,000,226 | ---- | M] () -- C:\Documents and Settings\RL\Skrivbord\Google Översätt.url
[2013-10-24 17:21:08 | 000,000,404 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{9056B353-0700-41CD-A1F2-C60063931E9C}.job
[2013-10-24 11:23:12 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013-10-24 11:23:12 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013-10-24 07:52:02 | 000,000,254 | ---- | M] () -- C:\Documents and Settings\RL\Skrivbord\SBAB.url
[2013-10-23 18:41:31 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\SBRC.dat
[2013-10-23 18:31:06 | 000,011,458 | ---- | M] () -- C:\WINDOWS\Administratör.acl
[2013-10-23 16:44:15 | 006,266,852 | ---- | M] () -- C:\Documents and Settings\All Users\Skrivbord\fsdiag.zip
[2013-10-22 17:24:14 | 000,000,785 | ---- | M] () -- C:\Documents and Settings\RL\Application Data\Microsoft\Internet Explorer\Quick Launch\Starta webbläsaren Internet Explorer.lnk
[2013-10-16 21:46:38 | 000,000,441 | ---- | M] () -- C:\Documents and Settings\RL\Skrivbord\Eniro .url
[2013-10-14 17:09:06 | 000,044,240 | ---- | M] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2013-10-14 16:59:32 | 000,019,446 | ---- | M] () -- C:\WINDOWS\prodsett_copy.ini
[2013-10-10 23:33:01 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013-10-09 15:35:08 | 000,245,512 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013-10-03 16:08:06 | 000,005,493 | ---- | M] () -- C:\Documents and Settings\RL\Skrivbord\bzz.se.url
[2013-09-30 17:53:04 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2013-09-30 17:53:04 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2013-09-30 17:53:04 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcm80.dll

========== Files Created - No Company Name ==========

[2013-10-25 16:13:46 | 000,596,358 | ---- | C] () -- C:\Program\OTL.zip
[2013-10-24 13:13:53 | 001,060,070 | ---- | C] () -- C:\Documents and Settings\RL\Skrivbord\adwcleaner.exe
[2013-10-24 09:29:14 | 000,000,868 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013-10-23 18:41:10 | 000,000,104 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat
[2013-10-23 18:31:06 | 000,011,458 | ---- | C] () -- C:\WINDOWS\Administratör.acl
[2013-10-23 16:44:15 | 006,266,852 | ---- | C] () -- C:\Documents and Settings\All Users\Skrivbord\fsdiag.zip
[2013-10-14 16:59:49 | 000,044,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\fsbts.sys
[2013-09-13 16:18:35 | 000,019,446 | ---- | C] () -- C:\WINDOWS\prodsett_copy.ini
[2012-02-15 23:40:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011-01-26 15:11:46 | 003,955,336 | ---- | C] () -- C:\Program\Spotify Installer.exe
[2010-01-23 13:35:24 | 000,006,608 | ---- | C] () -- C:\Documents and Settings\RL\UserCustomPreset_AdobeDVD.vpr
[2010-01-21 14:52:29 | 000,000,168 | ---- | C] () -- C:\Documents and Settings\RL\Adobe Encore DVD_VUI.pref
[2009-12-23 19:23:53 | 000,003,802 | ---- | C] () -- C:\Documents and Settings\RL\UserPlaceholderPreset_Adobe Premiere Pro 1.5.vpr
[2009-12-20 14:21:27 | 000,000,274 | ---- | C] () -- C:\Documents and Settings\RL\Goya.ini
[2009-10-21 14:30:33 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\RL\.java.policy
[2009-06-30 21:34:35 | 000,000,166 | ---- | C] () -- C:\Documents and Settings\RL\default.pls
[2009-04-05 09:26:19 | 000,102,912 | ---- | C] () -- C:\Documents and Settings\RL\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-03-17 22:11:23 | 000,000,131 | ---- | C] () -- C:\Documents and Settings\RL\Lokala inställningar\Application Data\fusioncache.dat
[2009-03-17 16:36:52 | 000,000,552 | ---- | C] () -- C:\Documents and Settings\RL\Lokala inställningar\Application Data\FASTWiz.html

========== ZeroAccess Check ==========

[2009-03-17 22:10:45 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008-04-14 18:04:47 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009-02-09 12:56:00 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008-04-14 18:04:54 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\drivers\usbstor.sys:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\RL\Skrivbord\adwcleaner.exe:SummaryInformation

< End of report >

Cecilia · October 25, 2013

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram så att de inte krockar med OTL.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

:OTL

IE - HKCU\..\SearchScopes\{711B93D1-DD19-47AF-A7ED-A6E6EF7A084B}: "URL" = http://websearch.ask...FC-438CFFD99443

FF - HKLM\Software\MozillaPlugins\@UtilityChest_49.com/Plugin: C:\Program\UtilityChest_49\bar\1.bin\NP49Stub.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\49ffxtbr@UtilityChest_49.com: C:\Program\UtilityChest_49\bar\1.bin

[2013-05-06 17:25:54 | 000,000,000 | ---D | M] (Utility Chest) -- C:\Documents and Settings\RL\Application Data\Mozilla\Firefox\Profiles\j89epqhh.default\extensions\49ffxtbr@UtilityChest_49.com

O3 - HKLM\..\Toolbar: (Utility Chest) - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program\UtilityChest_49\bar\1.bin\49bar.dll File not found

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5B291E6C-9A74-4034-971B-A4B007A0B313} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Utility Chest) - {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program\UtilityChest_49\bar\1.bin\49bar.dll File not found

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)

O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.21.2)

:Reg

:Files

c:\program\utilitychest_49

ipconfig /flushdns /c

:Commands

[CREATERESTOREPOINT]

[REBOOT]

Klistra in dem i rutan Custom Scans/Fixes. Kontrollera att ingen fil har delats upp på två rader.

Tryck på Run Fix.

Om du blir tillfrågad om att starta om datorn så gör det.

Det kommer upp en logg i Anteckningar. Kopiera den och klistra in i ditt svar.

Om den inte kommer automatiskt så hittar du den i mappen c:\_OTL\Moved Files med ett namn som innehåller dagens datum och klockslaget för körningen.

Se till att aktivera antivirusprogram mm innan du ansluter datorn till internet.

Rolas · October 26, 2013

========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{711B93D1-DD19-47AF-A7ED-A6E6EF7A084B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{711B93D1-DD19-47AF-A7ED-A6E6EF7A084B}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@UtilityChest_49.com/Plugin\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\49ffxtbr@UtilityChest_49.com deleted successfully.
File C:\Program\UtilityChest_49\bar\1.bin not found.
C:\Documents and Settings\RL\Application Data\Mozilla\Firefox\Profiles\j89epqhh.default\extensions\49ffxtbr@UtilityChest_49.com\chrome folder moved successfully.
C:\Documents and Settings\RL\Application Data\Mozilla\Firefox\Profiles\j89epqhh.default\extensions\49ffxtbr@UtilityChest_49.com folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cf67755f-9265-449c-87cf-b945519e073b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cf67755f-9265-449c-87cf-b945519e073b}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5B291E6C-9A74-4034-971B-A4B007A0B313} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B291E6C-9A74-4034-971B-A4B007A0B313}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CF67755F-9265-449C-87CF-B945519E073B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF67755F-9265-449C-87CF-B945519E073B}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
========== REGISTRY ==========
========== FILES ==========
File\Folder c:\program\utilitychest_49 not found.
< ipconfig /flushdns /c >
IP-konfiguration för Windows
DNS-matcharens cacheminne har rensats.
C:\Program\OTL\cmd.bat deleted successfully.
C:\Program\OTL\cmd.txt deleted successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 10262013_153434

Genomfört emligt instriktion

Klart nu ??

Mvh/RL

Cecilia · October 26, 2013

Vad bra!

Nu återstår bara en avinstallation av specialprogrammen:

1. Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Uninstall-knappen.

2. Dubbelklicka på OTL för att starta programmet.

Tryck på knappen CleanUp! och DDS och OTL kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar du har kvar.

3. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/

Det är mycket viktigt att hålla alla småprogram i datorn uppdaterade, gamla versioner av t ex Flash, Java och Adobe Reader innehåller kända säkerhetshål, vilka kan användas av en webbsida för att infektera datorn. Jag tycker att Secunias program (länk på min webbsida) är en bra hjälp för att kontrollera hur det står till med säkerhetshål i datorn och ange vad som behöver åtgärdas.

Rolas · October 26, 2013

Hej

Återstår ett stort TACK till dig !

En liten fråga i sammanhanget . Jag har F-secure och det programmet upptäckte ju ingenting. Är det bara humbug och riktigt dåligt ?

Ska ta mig en titt på dina råd om säkerhet,

Mvh/RL

Virus ? CuponDropDown ?

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation