Bruker-158599 Skrevet 11. mai 2013 Del Skrevet 11. mai 2013 (endret) Hei. Avira har ikke oppdatert seg siden mandag. Når jeg trykker skjer det ingen ting.Vil ikke scanne systemet heller, får error" The Future Control File could not be loaded!". Jeg mistenker virus. Freaker litt ut med tanke på at jeg i går var inne på hotmailen, facebook, nettbank og bestilte noe med kredittkortet fra nettet. Hva gjør jeg? ComboFix 13-05-11.01 - riskake 11.05.2013 22:54:17.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1044.18.1976.1244 [GMT 2:00] Kjører fra: c:\users\riskake\Desktop\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Opprettet nytt gjenopprettingspunkt . . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe c:\windows\system32\muzapp.exe . . ((((((((((((((((((((((((((( Filer Opprettet Fra 2013-04-11 til 2013-05-11 ))))))))))))))))))))))))))))))))) . . 2013-05-11 21:00 . 2013-05-11 21:00 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-05-06 08:27 . 2013-05-06 08:27 66656 ----a-w- c:\windows\system32\drivers\avnetflt.sys 2013-04-24 11:01 . 2013-04-12 13:45 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-21 20:33 . 2013-04-21 20:33 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin 2013-04-19 21:03 . 2013-04-19 21:03 -------- d-----w- c:\users\riskake\AppData\Local\Programs 2013-04-18 12:10 . 2013-04-18 12:10 -------- d-----w- c:\users\riskake\AppData\Roaming\Avira 2013-04-18 12:04 . 2013-04-18 12:04 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2013-04-18 12:04 . 2013-04-18 12:04 84744 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2013-04-18 12:04 . 2013-04-18 12:04 135136 ----a-w- c:\windows\system32\drivers\avipbb.sys 2013-04-18 12:04 . 2013-04-18 12:04 -------- d-----w- c:\programdata\Avira 2013-04-18 12:04 . 2013-04-18 12:04 -------- d-----w- c:\program files\Avira 2013-04-18 11:57 . 2013-04-18 11:57 -------- d-----w- c:\program files\Common Files\Java 2013-04-18 11:56 . 2013-04-18 11:56 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-04-16 16:24 . 2013-04-18 11:43 -------- d-----w- c:\users\riskake\AppData\Roaming\uTorrent 2013-04-16 10:12 . 2013-03-15 07:21 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E606346F-4D65-4C5E-8C52-A79F97B5E91F}\mpengine.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-04-18 11:56 . 2012-07-05 13:19 866720 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-04-18 11:56 . 2010-06-29 10:33 788896 ----a-w- c:\windows\system32\deployJava1.dll 2013-04-04 12:50 . 2011-06-28 09:52 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-03-19 05:04 . 2013-04-10 07:30 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-03-19 05:04 . 2013-04-10 07:30 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-03-19 04:48 . 2013-04-10 07:30 38912 ----a-w- c:\windows\system32\csrsrv.dll 2013-03-19 02:49 . 2013-04-10 07:30 69632 ----a-w- c:\windows\system32\smss.exe 2013-03-14 14:31 . 2012-09-03 10:34 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-14 14:31 . 2012-02-08 19:33 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-11 23:10 . 2010-06-29 10:39 237088 ------w- c:\windows\system32\MpSigStub.exe 2013-03-01 03:09 . 2013-04-10 07:30 2347008 ----a-w- c:\windows\system32\win32k.sys 2013-02-22 12:47 . 2013-02-22 12:47 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2013-02-22 12:47 . 2013-02-22 12:47 395600 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2013-02-15 04:37 . 2013-04-10 07:30 3217408 ----a-w- c:\windows\system32\mstscax.dll 2013-02-15 04:34 . 2013-04-10 07:30 131584 ----a-w- c:\windows\system32\aaclient.dll 2013-02-15 03:25 . 2013-04-10 07:30 36864 ----a-w- c:\windows\system32\tsgqec.dll 2013-02-12 04:48 . 2013-03-13 07:57 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-13 07:57 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-02-12 03:32 . 2013-03-26 12:27 15872 ----a-w- c:\windows\system32\drivers\usb8023x.sys 2013-02-12 03:32 . 2013-03-26 12:27 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-04-12 10:47 . 2013-04-12 10:47 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-02-13 1509232] "Spotify Web Helper"="c:\users\riskake\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-05-11 1105408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-03-31 2221352] "QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800] "COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 6756048] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-02-13 310128] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-05-06 345312] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCInstallQueue"="netman.dll" [2009-07-14 280576] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Scrybe.lnk - c:\windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\guard32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Users^riskake^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Picture Motion Browser Media Check Tool.lnk] path=c:\users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk backup=c:\windows\pss\Picture Motion Browser Media Check Tool.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe] 2012-09-10 08:17 436728 ----a-w- c:\program files\MyTomTom 3\MyTomTomSA.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2012-07-13 11:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify] 2013-05-11 16:18 4573184 ----a-w- c:\users\riskake\AppData\Roaming\Spotify\spotify.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper] 2013-05-11 16:18 1105408 ----a-w- c:\users\riskake\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe . R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x] R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x] R3 netw5v32;Intel® trådløs WiFi-kobling 5000-kortdriver for 32-biters Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x] R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x] S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x] S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x] S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [x] S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x] S2 ScrybeUpdater;Scrybe-oppdatering;c:\program files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [x] S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x] S3 NETw5s32;Intel® Wireless WiFi Link-kortdriver for Windows 7 32-bit;c:\windows\system32\DRIVERS\NETw5s32.sys [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-04-10 06:27 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) . 2013-05-11 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-03 14:31] . 2013-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-02-11 21:08] . 2013-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-02-11 21:08] . . ------- Tilleggsskanning ------- . uInternet Settings,ProxyOverride = *.local IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd til OneNote - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 192.168.37.1 FF - ProfilePath - c:\users\riskake\AppData\Roaming\Mozilla\Firefox\Profiles\6h5mrdv5.default\ FF - prefs.js: browser.startup.homepage - www.vg.no FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2013-05-05 01:25; mediahint@jetpack; c:\users\riskake\AppData\Roaming\Mozilla\Firefox\Profiles\6h5mrdv5.default\extensions\[email protected] . - - - - TOMME PEKERE FJERNET - - - - . MSConfigStartUp-uTorrent - c:\users\riskake\AppData\Roaming\uTorrent\uTorrent.exe AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe . . . --------------------- LÅSTE REGISTERNØKLER --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- . - - - - - - - > 'winlogon.exe'(604) c:\windows\system32\guard32.dll . - - - - - - - > 'lsass.exe'(568) c:\windows\system32\guard32.dll . Tidspunkt ferdig: 2013-05-11 23:02:19 ComboFix-quarantined-files.txt 2013-05-11 21:02 . Pre-Run: 117 874 302 976 byte ledig Post-Run: 117 638 529 024 byte ledig . - - End Of File - - F748AE59973E94831A7B895B75CCE941 Har kjørt avira.exe på nytt. Tok på reprasjons alternativet. Har nå siste oppdatering. Nå fungerer også alle funksjoner i Avira, men er ganske sikker på at maleware er grunnen til problemet. Har hørt at maleware kan hindre visse funksjoner i AV programmer. Ser også at combofix fant noe... Er det mer igjen? Ser at problemet startet 6 mai. "Real time protection error detected" står det på "events". Endret 11. mai 2013 av riskake90 Lenke til kommentar
mobile999 Skrevet 12. mai 2013 Del Skrevet 12. mai 2013 Post innholdet i C:\QooBox\Add-Remove Programs.txt Lenke til kommentar
Bruker-158599 Skrevet 12. mai 2013 Forfatter Del Skrevet 12. mai 2013 (endret) Er det denne du mener? ABBYY FineReader 6.0 Sprint Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.4 - Norsk Apple-programsupport Apple Mobile Device Support Apple Software Update Avira Free Antivirus Bonjour CCleaner COMODO Internet Security Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Epson Easy Photo Print 2 EPSON Scan Epson Stylus SX210_SX410_TX210_TX410 Håndbok EPSON SX410 Series Printer Uninstall Google Chrome Google Update Helper Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HP Quick Launch Buttons iTunes Java 7 Update 21 Java Auto Updater Malwarebytes Anti-Malware versjon 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (Norwegian (Bokmål)) 2010 Microsoft Office Excel MUI (Norwegian (Bokmål)) 2010 Microsoft Office Groove MUI (Norwegian (Bokmål)) 2010 Microsoft Office InfoPath MUI (Norwegian (Bokmål)) 2010 Microsoft Office OneNote MUI (Norwegian (Bokmål)) 2010 Microsoft Office Outlook MUI (Norwegian (Bokmål)) 2010 Microsoft Office PowerPoint MUI (Norwegian (Bokmål)) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Norwegian (Bokmål)) 2010 Microsoft Office Proof (Norwegian (Nynorsk)) 2010 Microsoft Office Proofing (Norwegian (Bokmål)) 2010 Microsoft Office Publisher MUI (Norwegian (Bokmål)) 2010 Microsoft Office Shared MUI (Norwegian (Bokmål)) 2010 Microsoft Office Word MUI (Norwegian (Bokmål)) 2010 Microsoft Silverlight Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 20.0.1 (x86 nb-NO) Mozilla Maintenance Service MyTomTom 3.2.0.802 QLBCASL Samsung Kies SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2760762) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Skype Click to Call Skype™ 5.10 Sony Picture Utility Sony USB Driver Spotify Synaptics Gesture Suite featuring SYNAPTICS | Scrybe Synaptics Pointing Device Driver Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Visual Studio C++ 10.0 Runtime VLC media player 1.1.0 Endret 12. mai 2013 av riskake90 Lenke til kommentar
mobile999 Skrevet 12. mai 2013 Del Skrevet 12. mai 2013 Ja det var den. Har du nylig kjørt scan med Malwarebytes Anti Malware? Post evt. denne loggen. Du finner den ved å åpne MBAM og velge Logg-tab'en. Hvis du ikke har kjørt MBAM scan etter at Avira sluttet å virke, så kjører du en ny Quick-scan. Sørg for å oppdatere databasen først! Post loggen. Lenke til kommentar
Bruker-158599 Skrevet 12. mai 2013 Forfatter Del Skrevet 12. mai 2013 (endret) Jupp Kjørte en scan i går. Fant ingen ting. Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Databaseversjon: v2013.05.11.07 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16540 riskake:: riskake-SKOLE [administrator] 11.05.2013 22:32:41 mbam-log-2013-05-11 (22-32-41).txt Skanntype: Hurtigsøk Aktiverte skanningsinnstillinger: Minne | Oppstart | Register | Filsystem | Heuristikk/Ekstra | Heuristikk/Shuriken | PUP | PUM Deaktiverte skanninnstillinger: P2P Objekter skannet: 204832 Tid tilbakelagt: 6 minutt(er), 30 sekund(er) Minneprosesser oppdaget: 0 (Ingen skadelige objekter funnet) Minnemoduler oppdaget: 0 (Ingen skadelige objekter funnet) Registernøkler oppdaget: 0 (Ingen skadelige objekter funnet) Registerverdier oppdaget: 0 (Ingen skadelige objekter funnet) Registerfiler oppdaget: 0 (Ingen skadelige objekter funnet) Mapper oppdaget: 0 (Ingen skadelige objekter funnet) Filer oppdaget 0 (Ingen skadelige objekter funnet) (klar) Endret 12. mai 2013 av riskake90 Lenke til kommentar
mobile999 Skrevet 12. mai 2013 Del Skrevet 12. mai 2013 Last ned og kjør dds.scr og post begge loggene som den lager. Ikke rediger (bort) noe i loggene. Hvis du ikke får lastet ned eller kjørt programmet så skriver du bare det. Lenke til kommentar
Bruker-158599 Skrevet 12. mai 2013 Forfatter Del Skrevet 12. mai 2013 DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2 Run by riskake at 14:52:08 on 2013-05-12 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1044.18.1976.1230 [GMT 2:00] . AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D} FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\Hpservice.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\System32\rundll32.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\Program Files\Samsung\Kies\Kies.exe C:\Users\Riskake\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Synaptics\Scrybe\scrybe.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation . ============== Pseudo HJT Report =============== . BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload uRun: [spotify Web Helper] "c:\users\riskake\appdata\roaming\spotify\data\SpotifyWebHelper.exe" uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRunOnce: [NCInstallQueue] rundll32 netman.dll,ProcessQueue StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\scrybe.lnk - c:\windows\installer\{147dfad8-34c3-4de1-9fca-acefde9ef810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&ksporter til Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000 IE: Se&nd til OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll TCP: NameServer = 192.168.37.1 TCP: Interfaces\{4B662635-47F4-4594-95A1-F60D0416E0A5} : DHCPNameServer = 192.168.37.1 TCP: Interfaces\{4B662635-47F4-4594-95A1-F60D0416E0A5}\149627C496E6B6036333443443 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{4B662635-47F4-4594-95A1-F60D0416E0A5}\14E64627F696461405 : DHCPNameServer = 192.168.43.1 TCP: Interfaces\{4B662635-47F4-4594-95A1-F60D0416E0A5}\2556C61636F6D6052796671647032433230363 : DHCPNameServer = 192.168.37.1 TCP: Interfaces\{4B662635-47F4-4594-95A1-F60D0416E0A5}\3567763774A6563747 : DHCPNameServer = 192.168.128.1 81.167.36.3 81.167.36.11 TCP: Interfaces\{4B662635-47F4-4594-95A1-F60D0416E0A5}\35B61666664696474756765647 : DHCPNameServer = 192.168.37.1 TCP: Interfaces\{4B662635-47F4-4594-95A1-F60D0416E0A5}\A65616E656474756 : DHCPNameServer = 192.168.43.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs= c:\windows\system32\guard32.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:\users\riskake\appdata\roaming\mozilla\firefox\profiles\6h5mrdv5.default\ FF - prefs.js: browser.startup.homepage - www.vg.no FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\progra~1\micros~4\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~4\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll FF - ExtSQL: 2013-05-05 01:25; mediahint@jetpack; c:\users\riskake\appdata\roaming\mozilla\firefox\profiles\6h5mrdv5.default\extensions\[email protected] . ============= SERVICES / DRIVERS =============== . R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2013-4-18 37352] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-6-30 494416] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-6-30 36072] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-5-8 119024] R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2013-4-18 86752] R2 AntiVirService;Avira Real-Time Protection;c:\program files\avira\antivir desktop\avguard.exe [2013-4-18 110816] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2013-4-18 84744] R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2011-5-13 26168] R2 ScrybeUpdater;Scrybe-oppdatering;c:\program files\synaptics\scrybe\service\ScrybeUpdater.exe [2011-5-27 1300264] R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-10-2 3064000] R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2011-8-23 227896] R3 NETw5s32;Intel® Wireless WiFi Link-kortdriver for Windows 7 32-bit;c:\windows\system32\drivers\NETw5s32.sys [2010-1-13 6755840] S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2013-2-6 83864] S3 netw5v32;Intel® trådløs WiFi-kobling 5000-kortdriver for 32-biters Windows Vista;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-8-23 15872] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-14 207360] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2013-2-6 181784] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-8-23 52224] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-6-29 1343400] . =============== Created Last 30 ================ . 2013-05-12 11:54:22 -------- d-----w- c:\users\riskake\appdata\roaming\SUPERAntiSpyware.com 2013-05-12 11:54:09 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2013-05-12 11:54:09 -------- d-----w- c:\program files\SUPERAntiSpyware 2013-05-11 21:02:24 -------- d-sh--w- C:\$RECYCLE.BIN 2013-05-11 21:02:21 -------- d-----w- c:\users\riskake\appdata\local\temp 2013-05-11 20:51:42 98816 ----a-w- c:\windows\sed.exe 2013-05-11 20:51:42 256000 ----a-w- c:\windows\PEV.exe 2013-05-11 20:51:42 208896 ----a-w- c:\windows\MBR.exe 2013-05-06 08:27:55 66656 ----a-w- c:\windows\system32\drivers\avnetflt.sys 2013-04-24 11:01:30 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys 2013-04-21 20:33:34 163504 ----a-w- c:\programdata\microsoft\windows\sqm\manifest\Sqm10144.bin 2013-04-19 21:03:01 -------- d-----w- c:\users\riskake\appdata\local\Programs 2013-04-18 12:10:35 -------- d-----w- c:\users\riskake\appdata\roaming\Avira 2013-04-18 12:04:53 84744 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2013-04-18 12:04:53 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2013-04-18 12:04:52 -------- d-----w- c:\programdata\Avira 2013-04-18 12:04:52 -------- d-----w- c:\program files\Avira 2013-04-18 11:56:38 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-04-16 16:24:55 -------- d-----w- c:\users\riskake\appdata\roaming\uTorrent 2013-04-16 10:12:18 7108640 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{e606346f-4d65-4c5e-8c52-a79f97b5e91f}\mpengine.dll . ==================== Find3M ==================== . 2013-04-18 11:56:29 866720 ----a-w- c:\windows\system32\npDeployJava1.dll 2013-04-18 11:56:29 788896 ----a-w- c:\windows\system32\deployJava1.dll 2013-04-04 12:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-03-19 05:04:13 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-03-19 04:48:45 38912 ----a-w- c:\windows\system32\csrsrv.dll 2013-03-19 02:49:16 69632 ----a-w- c:\windows\system32\smss.exe 2013-03-14 14:31:15 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-03-14 14:31:15 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-03-11 23:10:56 237088 ------w- c:\windows\system32\MpSigStub.exe 2013-03-01 03:09:59 2347008 ----a-w- c:\windows\system32\win32k.sys 2013-02-15 04:37:10 3217408 ----a-w- c:\windows\system32\mstscax.dll 2013-02-15 04:34:10 131584 ----a-w- c:\windows\system32\aaclient.dll 2013-02-15 03:25:51 36864 ----a-w- c:\windows\system32\tsgqec.dll 2013-02-12 04:48:31 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48:26 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-02-12 03:32:46 15872 ----a-w- c:\windows\system32\drivers\usb8023x.sys 2013-02-12 03:32:45 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys . ============= FINISH: 14:53:14,04 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 17.06.2011 15:05:28 System Uptime: 12.05.2013 12:30:25 (2 hours ago) . Motherboard: Hewlett-Packard | | 30DD Processor: Intel® Core2 Duo CPU P8400 @ 2.26GHz | Intel® Genuine processor | 2267/266mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 149 GiB total, 108,898 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP266: 09.04.2013 12:09:04 - Windows Update RP267: 13.04.2013 18:29:33 - Windows Update RP268: 18.04.2013 13:45:25 - Removed Java 7 Update 17 RP269: 18.04.2013 13:52:37 - Installed Java 7 Update 21 RP270: 18.04.2013 13:55:34 - Removed Java 7 Update 21 RP271: 18.04.2013 13:56:13 - Installed Java 7 Update 21 RP272: 24.04.2013 16:04:41 - Windows Update RP273: 01.05.2013 12:34:29 - Windows Update RP274: 09.05.2013 00:27:00 - Planlagt kontrollpunkt RP275: 11.05.2013 22:51:50 - ComboFix created restore point . ==== Installed Programs ====================== . ABBYY FineReader 6.0 Sprint Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.4 - Norsk Apple-programsupport Apple Mobile Device Support Apple Software Update Avira Free Antivirus Bonjour CCleaner COMODO Internet Security Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Epson Easy Photo Print 2 EPSON Scan Epson Stylus SX210_SX410_TX210_TX410 Håndbok EPSON SX410 Series Printer Uninstall Google Chrome Google Update Helper Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) HP Quick Launch Buttons iTunes Java 7 Update 21 Java Auto Updater Malwarebytes Anti-Malware versjon 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (Norwegian (Bokmål)) 2010 Microsoft Office Excel MUI (Norwegian (Bokmål)) 2010 Microsoft Office Groove MUI (Norwegian (Bokmål)) 2010 Microsoft Office InfoPath MUI (Norwegian (Bokmål)) 2010 Microsoft Office OneNote MUI (Norwegian (Bokmål)) 2010 Microsoft Office Outlook MUI (Norwegian (Bokmål)) 2010 Microsoft Office PowerPoint MUI (Norwegian (Bokmål)) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Norwegian (Bokmål)) 2010 Microsoft Office Proof (Norwegian (Nynorsk)) 2010 Microsoft Office Proofing (Norwegian (Bokmål)) 2010 Microsoft Office Publisher MUI (Norwegian (Bokmål)) 2010 Microsoft Office Shared MUI (Norwegian (Bokmål)) 2010 Microsoft Office Word MUI (Norwegian (Bokmål)) 2010 Microsoft Silverlight Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 20.0.1 (x86 nb-NO) Mozilla Maintenance Service MyTomTom 3.2.0.802 QLBCASL Samsung Kies SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2760762) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Skype Click to Call Skype™ 5.10 Sony Picture Utility Sony USB Driver Spotify SUPERAntiSpyware Synaptics Gesture Suite featuring SYNAPTICS | Scrybe Synaptics Pointing Device Driver Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Visual Studio C++ 10.0 Runtime VLC media player 1.1.0 . ==== End Of File =========================== Lenke til kommentar
mobile999 Skrevet 12. mai 2013 Del Skrevet 12. mai 2013 >AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} >SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} >Adobe Reader 9.5.4 - Norsk DDS rapporterer Avira som deaktivert var det tilfelle? Se evt. i Handlingssenter om du kan skru det på. Evt. deaktiver Avira i Avira og gå til Handlingssenter for å aktivere. Du finner Handlingssenteret ved å gå til: Start -> Kontrollpanel -> System og sikkerhet -> Kontroller datamaskinens status. Avinstaller utdatert Adobe Reader 9.5.4 - Norsk. Jeg anbefaler Foxit Reader som et fullgodt alternativ. Evt. last ned Adobe Reader fra http://get.adobe.com/no/reader/, huk vekk for å unngå å laste ned Google Chrome eller annen software som de vil at du skal installere. Det ser ikke ut som det var malware som var årsaken til at Avira var deaktivert denne gangen. Har denne pc'en noen andre symptomer på malware? Lenke til kommentar
Bruker-158599 Skrevet 12. mai 2013 Forfatter Del Skrevet 12. mai 2013 Den er litt treg. Firefox kan henge seg opp noen ganger.Ellers tror jeg ikke det er noe. Paraplyen på avira pleier å være igjen når beskyttelsen ikke er på, men den har vært oppe hele tiden, selv om jeg ikke kunne slå beskyttelsen på, eller oppdatere. Lenke til kommentar
Bruker-158599 Skrevet 12. mai 2013 Forfatter Del Skrevet 12. mai 2013 Synes det er rart at det plutselig sluttet å fungere. Det som fungerte var å innstalere det på nytt. Lenke til kommentar
mobile999 Skrevet 12. mai 2013 Del Skrevet 12. mai 2013 (endret) Kjør Harddisk sjekk og oppdater meg på om maskinen fungerer bedre. Instruksjoner på engelsk følger: Click Start and type CMD in the start search box. When CMD is found, right click it and choose "Run as Administrator" At the Command Prompt type the following: Now type in CHKDSK C: /R and hit the Enter/Return key (Note the space between C: and /R). When prompted with:CHKDSK cannot run because the volume is in use by another process. Would you like to schedule this volume to be checked next time the system restarts (Y/N) Hit the Y key. Now Reboot (Restart) your computer. Note: Upon Reboot (Restart) the CHKDSK (check-disk) will start and carry out any repairs required. Note: Do not touch either the keyboard or Mouse, otherwise the Check-Disk will be canceled and you computer will continue to boot-up as normal. Note: When CHKDSK has completed its scans, the machine will proceed to load and Boot to Windows. Endret 12. mai 2013 av mobile999 Lenke til kommentar
Dr.Geek Skrevet 12. mai 2013 Del Skrevet 12. mai 2013 Kjør Harddisk sjekk og oppdater meg på om maskinen fungerer bedre. Instruksjoner på engelsk følger: Click Start and type CMD in the start search box. When CMD is found, right click it and choose "Run as Administrator" At the Command Prompt type the following: Now type in CHKDSK C: /R and hit the Enter/Return key (Note the space between C: and /R). When prompted with: Hit the Y key. Now Reboot (Restart) your computer. Note: Upon Reboot (Restart) the CHKDSK (check-disk) will start and carry out any repairs required. Note: Do not touch either the keyboard or Mouse, otherwise the Check-Disk will be canceled and you computer will continue to boot-up as normal. Note: When CHKDSK has completed its scans, the machine will proceed to load and Boot to Windows. >AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} >SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} >Adobe Reader 9.5.4 - Norsk DDS rapporterer Avira som deaktivert var det tilfelle? Se evt. i Handlingssenter om du kan skru det på. Evt. deaktiver Avira i Avira og gå til Handlingssenter for å aktivere. Du finner Handlingssenteret ved å gå til: Start -> Kontrollpanel -> System og sikkerhet -> Kontroller datamaskinens status. Avinstaller utdatert Adobe Reader 9.5.4 - Norsk. Jeg anbefaler Foxit Reader som et fullgodt alternativ. Evt. last ned Adobe Reader fra http://get.adobe.com/no/reader/, huk vekk for å unngå å laste ned Google Chrome eller annen software som de vil at du skal installere. Det ser ikke ut som det var malware som var årsaken til at Avira var deaktivert denne gangen. Har denne pc'en noen andre symptomer på malware? Jeg vet ikke hvor du tar dette fra men det virker ikke veldig gjennomtenkt. Hvorfor skal han kjøre chkdsk som sjekker disken for feil?? Problemet hans er at Avira deaktiveres. Nå har han reinstallert og det virker igjen. Hvis du hadde hatt litt peiling ville du sett med engang hvor problemet ligger: COMODO Internet Security + Avira desktop. Ringer det noen bjeller? @riskake90 To antivirusprogrammer vil komme i konflikt med hverandre og i verste fall deaktivere/eller slette filer/prosesser fra hverandre. Deinstall en av disse to antivirusløsninger. Malware er ikke årsaken til at Avira deaktiveres. Lenke til kommentar
Bruker-158599 Skrevet 12. mai 2013 Forfatter Del Skrevet 12. mai 2013 Det er jeg klar over. Jeg bruker bare brannuren til comodo. Er bare den som er innstalert Lenke til kommentar
mobile999 Skrevet 12. mai 2013 Del Skrevet 12. mai 2013 Har du kjørt chkdsk? Ble det noe bedre? Lenke til kommentar
Dr.Geek Skrevet 13. mai 2013 Del Skrevet 13. mai 2013 (endret) Det er jeg klar over. Jeg bruker bare brannuren til comodo. Er bare den som er innstalert Der tar du feil. Det som er installert og som er oppført i loggen er COMODO Internet Security. At du bare bruker funksjonen firewall kan godt være mulig men den innebærer en funsjonalitet som er veldig nær et antivirusprogramm. Hvis du setter deg litt inn i comodo firewall programmet kommer du til å være enig med meg. Endret 13. mai 2013 av Dr.Geek Lenke til kommentar
Bruker-158599 Skrevet 14. mai 2013 Forfatter Del Skrevet 14. mai 2013 Beklager at jeg ikke har svart. Har ikke vært hjemme. Igjen er det bare brannmuren jeg har innstalert. Har kjørt comodo og avira i ca 2 år uten problemer. Når jeg åpner comodo står det "COMODO Firewall". Men er godt mulig Comodo forårsaket problemet. Lenke til kommentar
mobile999 Skrevet 14. mai 2013 Del Skrevet 14. mai 2013 Har du kjørt chkdsk nå? Gi en oppdatering på hvordan maskinen fungerer. Lenke til kommentar
Bruker-158599 Skrevet 15. mai 2013 Forfatter Del Skrevet 15. mai 2013 Jupp. Har kjørt chkdsk nå Maskinen fungerer fint Lenke til kommentar
mobile999 Skrevet 16. mai 2013 Del Skrevet 16. mai 2013 Avinstaller utdatert Adobe Reader 9.5.4 - Norsk (sikkerhetsrisiko). Jeg anbefaler å bruke Foxit Reader som et fullgodt alternativ til Adobe Reader. Under installasjonen, pass på å huke vekk for å unngå installering av Foxit Toolbar, Ask som søkemotor og Ask som hjemmeside. Du kan bruke Secunia online software inspector til å sjekke om det er noe annet som bør oppdateres. Bruk denne helst en gang i uken. Java skal ikke oppdateres via Secunia, da blir det trøbbel med nettbaken. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå