Bruker-158599 Skrevet 10. april 2014 Del Skrevet 10. april 2014 (endret) Hei Tar en rens i en pc som har pådratt seg litt virus. Var veldig treig så tenkte jeg kunne kjøre combofix. Den slettet noe. Er lenge siden jeg har vært innom denne delen av forumet, så er usikker på om dere fortsatt bruker combofix Her er loggen ComboFix 14-04-09.02 - bruker 10.04.2014 13:25:41.1.2 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.47.1044.18.4063.2675 [GMT 2:00]Kjører fra: c:\users\bruker\Desktop\ComboFix.exeAV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}FW: COMODO Firewall *Disabled* {7DB03214-694B-060B-1600-BD4715C36DBB}SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}SP: COMODO Defense+ *Disabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))..c:\windows\IsUn0414.exe..((((((((((((((((((((((((((( Filer Opprettet Fra 2014-03-10 til 2014-04-10 )))))))))))))))))))))))))))))))))..2014-04-10 12:25 . 2014-04-10 12:25 -------- d-----w- c:\users\Mcx1-TWIX-PC\AppData\Local\temp2014-04-10 12:25 . 2014-04-10 12:25 -------- d-----w- c:\users\Default\AppData\Local\temp2014-04-10 11:14 . 2014-04-10 11:14 -------- d-----w- c:\program files (x86)\SystemRequirementsLab2014-04-10 11:09 . 2014-04-10 11:09 -------- d-----w- c:\users\bruker\AppData\Roaming\Oracle2014-04-10 11:08 . 2013-12-18 19:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))).2014-04-03 22:50 . 2012-04-05 15:58 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2014-04-03 22:50 . 2011-06-07 21:47 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl..(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))..*Merk* tomme oppføringer & gyldige standardoppføringer vises ikkeREGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]2014-02-13 05:22 12240 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" [2014-02-13 12240].[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-00a7-7a786e7484d7}].[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-06-22 60464]"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-03-28 689744]"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2014-02-13 1758160].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks].[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1)"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [x]R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]S2 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]..HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcsezSharedSvc.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]2009-06-17 10:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2014-03-28 22:02 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe.Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver).2014-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 22:50].2014-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22 15:19].2014-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22 15:19]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]2014-02-13 05:22 13776 ----a-w- c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" [2014-02-13 13776].[HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-02 171520]"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2012-11-07 9577680]"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"AppInit_DLLs"=c:\windows\System32\guard64.dll.------- Tilleggsskanning -------.uStart Page = hxxp://no.yahoo.com?fr=fp-comodouLocal Page = c:\windows\system32\blank.htmmDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nb_NO&c=94&bd=Pavilion&pf=cnnbmStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nb_NO&c=94&bd=Pavilion&pf=cnnbmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = *.localIE: E&ksporter til Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dllTCP: DhcpNameServer = 192.168.37.1FF - ProfilePath - c:\users\bruker\AppData\Roaming\Mozilla\Firefox\Profiles\afvduosj.default\FF - prefs.js: browser.startup.homepage - hxxp://www.vg.no/FF - prefs.js: keyword.URL - hxxp://no.search.yahoo.com/search?fr=ytff-comodo&p=.- - - - TOMME PEKERE FJERNET - - - -.Wow6432Node-HKLM-Run- - (no file)HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exeAddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exeAddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe...--------------------- LÅSTE REGISTERNØKLER ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.10".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]@Denied: (A 2) (Everyone)@="IFlashBroker2".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Tidspunkt ferdig: 2014-04-10 14:29:13ComboFix-quarantined-files.txt 2014-04-10 12:29.Pre-Run: 430 842 568 704 byte ledigPost-Run: 430 426 566 656 byte ledig.- - End Of File - - 0BF2715F00D24A5B0C1457E7C5944D17598925F6EC79C5D82CB642DBE9A29B3A Mbam fant ingen ting Endret 10. april 2014 av -Twix- Lenke til kommentar
Dr.Geek Skrevet 10. april 2014 Del Skrevet 10. april 2014 (endret) Hei, du har en del adware på Pcen og det er installert comodo internet security som bruker veldig mye minne. Dette løse du gjennom å deinstallere comodo og bruke eks. bitdefender free: http://www.bitdefender.com/solutions/free.html Deinstall også alt av programmer som starter opp men som egentlig ikke brukes. adware fjerner du med adwcleaner: http://www.bleepingcomputer.com/download/adwcleaner/ Endret 10. april 2014 av Dr.Geek Lenke til kommentar
Bruker-158599 Skrevet 10. april 2014 Forfatter Del Skrevet 10. april 2014 (endret) Hei, du har en del adware på Pcen og det er installert comodo internet security som bruker veldig mye minne. Dette løse du gjennom å deinstallere comodo og bruke eks. bitdefender free: http://www.bitdefender.com/solutions/free.html Deinstall også alt av programmer som starter opp men som egentlig ikke brukes. adware fjerner du med adwcleaner: http://www.bleepingcomputer.com/download/adwcleaner/ Hei. Takk for svar Er det ikke anbefalt å bruke comodo lenger? Her er logg fra adwcleaner: # AdwCleaner v3.023 - Report created 10/04/2014 at 16:08:08 # Updated 01/04/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : bruker - TWIX-PC # Running from : C:\Users\bruker\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119} Key Deleted : HKCU\Software\YahooPartnerToolbar ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16421 -\\ Mozilla Firefox v28.0 (nb-NO) [ File : C:\Users\bruker\AppData\Roaming\Mozilla\Firefox\Profiles\afvduosj.default\prefs.js ] -\\ Google Chrome v33.0.1750.154 [ File : C:\Users\bruker\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2024 octets] - [10/04/2014 16:06:18] AdwCleaner[s0].txt - [1922 octets] - [10/04/2014 16:08:08] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1982 octets] ########## Endret 10. april 2014 av -Twix- Lenke til kommentar
r2d290 Skrevet 10. april 2014 Del Skrevet 10. april 2014 (endret) Heisann Jeg foretrekker å kjøre DDS fremfor ComboFix sånn i utgangspunktet. DDS gjør ingen endringer på systemet, og innebærer dermed ingen risiko. Info til å laste ned og kjøre DDS i bunnen av denne posten. Et par flere programmer for å hjelpe til med å rydde opp og få oversikt:Last ned Security Check av screen317 fra her eller her. Lagre det på Skrivebordet. Dobbelklikk på SecurityCheck.exe og følg instruksjonene i den svarte boksen. Et Notepad-dokument som heter checkup.txt vil åpnes automatisk; vennligst post innholdet av dette dokumentet. TFC er et program som vil fjerne midlertidige filer fra maskinen din.Vennligst last ned TFC til Skrivebordet, og gjør følgende: Dobbelklikk på TFC.exe på Skrivebordet for å kjøre det. Programmet vil avslutte alle øvrigre programmer automatisk mens den kjører. Pass på å la programmet kjøre uforstyrret. Klikk på Start-Knappen for å starte prosessen. Programmet skal ikke bruke lang tid på å fullføre. Når programmet er ferdig vil den restarte maskinen. Restart maskinen manuelt hvis den ikke gjør det automatisk, for å sikre en fullført opprensing. Vennligst last ned Junkware Removal Tool til Skrivebordet.Avslutt alle sikkerhetsprogrammer for å unngå potensielle konflikter.Kjør verktøyet ved å dobbeltklikke på den. Hvis du bruker Windows Vista eller 7, høyreklikk på den og velg "Kjør som administrator".Verktøyet vil åpnes og starte søk på systemet.Vær tålmodig, dette kan ta litt tid avhengig av systemets spesifikasjoner.Når programmet er ferdig vil en logg (JRT.txt) bli lagret på Skrivebordet og vil automatisk åpnes.Vennligst post innholdet av JRT.txt i ditt neste svar.Rogue Killer Last ned og lagre til Skrivebordet RogueKiller for 32bit eller RogueKiller for 64bit Avslutt alle programmer Vennligst kople ut alt av USB-minnepinner og harddisker før du kjører dette søket! For Vista eller Windows 7, høyreklikk og velg "Kjør som Administrator". For Windows XP, dobbelklikk på fila for å starte. Start RogueKiller.exe Vent til for-søket er ferdig. Klikk på Scan. Vent til statusboksen viser "Scan Finished" Klikk på Delete Vent til statusboksen viser Deleting Finished Klikk på Report og kopier/lim inn innholdet fra Notepad Loggen kan også bli funnet i RKreport[1].txt på Skrivebordet Avslutt RogueKiller DDS Vennligst last ned DDS og lagre det på Skrivebordet fra her eller her. Skru av alt av script-blokkere og dobbelklikk på dds.scr for å kjøre vekrtøyet. Når den er ferdig vil DDS åpne (2) logger: DDS.txt Attach.txt Vennligst lagre begge til Skrivebordet. Vennligst post innholdet fra DDS.txt og Attach.txt. Vi trenger disse for å diagnostisere og evt. fikse malware problemer. Så, for å oppsummere: Last ned og kjør Securyti Checker. Post logg. Last ned og kjør TFC. Last ned og kjør Junkware Removal Tool. Post logg. Last ned og kjør Rogue Killer. Post logg. Last ned og kjør DDS. Post begge loggene. Endret 10. april 2014 av r2d290 1 Lenke til kommentar
Bruker-158599 Skrevet 10. april 2014 Forfatter Del Skrevet 10. april 2014 Security check: Results of screen317's Security Check version 0.99.81Windows 7 Service Pack 1 x64Internet Explorer 11``````````````Antivirus/Firewall Check:``````````````Avira DesktopAntivirus up to date!`````````Anti-malware/Other Utilities Check:`````````Java 7 Update 51Adobe Flash Player 10 Flash Player out of Date!Adobe Flash Player 12.0.0.77Mozilla Firefox (28.0)Google Chrome 33.0.1750.146Google Chrome 33.0.1750.154````````Process Check: objlist.exe by Laurent````````Avira Antivir avgnt.exeAvira Antivir avguard.exeComodo Firewall cmdagent.exeComodo Firewall cfp.exe`````````````````System Health check`````````````````Total Fragmentation on Drive C:````````````````````End of Log`````````````````````` Lenke til kommentar
Bruker-158599 Skrevet 10. april 2014 Forfatter Del Skrevet 10. april 2014 JRT logg ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.4 (04.06.2014:1)OS: Windows 7 Home Premium x64Ran by bruker on 10.04.2014 at 22:46:19,86~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry ValuesSuccessfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmonSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start PageSuccessfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL~~~ Registry KeysSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{90014F0E-4053-4AF9-AD8A-07A1BDC03DD5}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FF599D76-3ACB-46CF-9EE5-7C3392376348}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{90014F0E-4053-4AF9-AD8A-07A1BDC03DD5}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{FF599D76-3ACB-46CF-9EE5-7C3392376348}~~~ Files~~~ FoldersSuccessfully deleted: [Folder] "C:\ProgramData\apn"~~~ FireFoxEmptied folder: C:\Users\bruker\AppData\Roaming\mozilla\firefox\profiles\afvduosj.default\minidumps [23 files]~~~ ChromeSuccessfully deleted: [Folder] C:\Users\bruker\appdata\local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjhSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 10.04.2014 at 22:59:13,58End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Lenke til kommentar
Bruker-158599 Skrevet 10. april 2014 Forfatter Del Skrevet 10. april 2014 RogueKiller: RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.comOperating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : bruker [Admin rights]Mode : Remove -- Date : 04/10/2014 23:06:02| ARK || FAK || MBR |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 6 ¤¤¤[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] Systemet finner ikke angitt fil.[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)¤¤¤ Scheduled tasks : 0 ¤¤¤¤¤¤ Startup Entries : 0 ¤¤¤¤¤¤ Web browsers : 0 ¤¤¤¤¤¤ Browser Addons : 0 ¤¤¤¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤[Address] EAT @firefox.exe (DllMain) : mdnsNSP.dll -> HOOKED (C:\Windows\SysWOW64\napinsp.dll @ 0x73EC16E4)[Address] EAT @firefox.exe (NSPStartup) : mdnsNSP.dll -> HOOKED (C:\Windows\SysWOW64\napinsp.dll @ 0x73EC1D20)¤¤¤ External Hives: ¤¤¤¤¤¤ Infection : ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000BEVT-60A0RT0 ATA Device +++++--- User ---[MBR] 7d2eb8c151f09af78bfd194a1cd15976[bSP] cc2681ab45f65a32418208f005201fda : Windows Vista/7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 461995 MB2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 946575360 | Size: 14744 MBUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[0]_D_04102014_230602.txt >>RKreport[0]_S_04102014_230517.txt Lenke til kommentar
Bruker-158599 Skrevet 10. april 2014 Forfatter Del Skrevet 10. april 2014 dds loggene : .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 22.07.2010 11:59:45System Uptime: 10.04.2014 22:38:52 (1 hours ago).Motherboard: Quanta | | 3628Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz | CPU | 1584/800mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 451 GiB total, 399,593 GiB free.D: is FIXED (NTFS) - 14 GiB total, 2,363 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP210: 28.09.2013 23:49:16 - Removed Java 6 Update 35RP211: 28.09.2013 23:51:36 - Installed Java 7 Update 40RP212: 04.03.2014 23:19:50 - Planlagt kontrollpunktRP213: 10.04.2014 13:06:53 - Installed Java 7 Update 51RP214: 10.04.2014 13:14:08 - Installed System Requirements Lab Detection.==== Installed Programs ======================.Update for Microsoft Office 2007 (KB2508958)Acrobat.comActiveCheck component for HP Active Support LibraryAdobe AIRAdobe Flash Player 10 ActiveXAdobe Flash Player 12 PluginAdobe Shockwave Player 11.5Apple Application SupportApple Mobile Device SupportApple Software UpdateATI Catalyst Install ManagerAvira Free AntivirusAvira SearchFree ToolbarBonjourBroadcom 802.11 Wireless LAN AdapterCatalyst Control Center - BrandingCatalyst Control Center Core ImplementationCatalyst Control Center Graphics Full ExistingCatalyst Control Center Graphics Full NewCatalyst Control Center Graphics LightCatalyst Control Center Graphics Previews CommonCatalyst Control Center Graphics Previews VistaCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-core-staticccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCleanerCOMODO Internet SecurityCompatibility Pack for 2007 OfficeCyberLink DVD SuiteDefragglerENE CIR Receiver DriverFoxit Reader 5.0GIMP 2.6.11Google ChromeGoogle Update HelperHP 3D DriveGuardHP AdvisorHP Customer Experience EnhancementsHP GamesHP MediaSmart DVDHP MediaSmart Internet TVHP MediaSmart Live TVHP MediaSmart Movie ThemesHP MediaSmart Music/Photo/VideoHP MediaSmart SmartMenuHP MediaSmart WebcamHP Quick Launch ButtonsHP SetupHP Support AssistantHP UpdateHP User Guides 0154HP Wireless AssistantHPAsset component for HP Active Support LibraryIDT AudioJava 7 Update 51Java Auto UpdaterJava 6 Update 14 (64-bit)JMicron Flash Media Controller DriverLabelPrintLightScribe System SoftwareMagic DesktopMalwarebytes Anti-Malware versjon 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 Client Profile NOR Language PackMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Excel 2007 Help Oppdatering (KB963678)Microsoft Office Excel MUI (Norwegian (Bokmål)) 2007Microsoft Office File Validation Add-InMicrosoft Office Home and Student 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (Norwegian (Bokmål)) 2007Microsoft Office Powerpoint 2007 Help Oppdatering (KB963669)Microsoft Office PowerPoint MUI (Norwegian (Bokmål)) 2007Microsoft Office PowerPoint Viewer 2007 (Norwegian (Bokmål))Microsoft Office Proof (English) 2007Microsoft Office Proof (German) 2007Microsoft Office Proof (Norwegian (Bokmål)) 2007Microsoft Office Proof (Norwegian (Nynorsk)) 2007Microsoft Office Proofing (Norwegian (Bokmål)) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared 64-bit MUI (Norwegian (Bokmål)) 2007Microsoft Office Shared MUI (Norwegian (Bokmål)) 2007Microsoft Office Suite Activation AssistantMicrosoft Office Word 2007 Help Oppdatering (KB963665)Microsoft Office Word MUI (Norwegian (Bokmål)) 2007Microsoft SilverlightMicrosoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft WorksMozilla Firefox 28.0 (x86 nb-NO)Mozilla Maintenance ServiceMSVC80_x64_v2MSVC80_x86_v2MSVC90_x64MSVC90_x86MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)PC Connectivity SolutionPower2GoPowerDirectorPowerRecoverQLBCASLRealtek 8136 8168 8169 Ethernet DriverSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile NOR Language Pack (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile NOR Language Pack (KB2518870)Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2598041) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSkype™ 5.3Sony Ericsson PC Companion 2.01.192SP45990 - Wallpaper Picture Position Enabler for Windows 7SpotifySynaptics Pointing Device DriverSystem Requirements Lab DetectionUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 suites (KB2596651) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596789) 32-Bit EditionUpdate for Microsoft Office Excel 2007 (KB2596596) 32-Bit EditionVLC media player 2.1.0Windows-driverpakke - Nokia pccsmcfd (08/22/2008 7.0.0.0)Windows Live Sign-in AssistantWindows Live Upload ToolWindows Media Player Firefox PluginWinRAR 5.00 (64-bit).==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.51.2Run by bruker at 23:07:52 on 2014-04-10Microsoft Windows 7 Home Premium 6.1.7601.1.1252.47.1044.18.4063.2732 [GMT 2:00].AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: COMODO Defense+ *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Program Files\COMODO\COMODO Internet Security\cmdagent.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\Hpservice.exeC:\Windows\system32\atieclxx.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Program Files (x86)\Avira\AntiVir Desktop\sched.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeC:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\SysWOW64\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exeC:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exeC:\Program Files (x86)\CyberLink\Shared files\RichVideo.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\taskeng.exec:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exec:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exeC:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXEC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exeC:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\explorer.exeC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://no.yahoo.com?fr=fp-comodomStart Page = hxxp://www.google.commDefault_Page_URL = hxxp://www.google.comBHO: {41564952-412D-5637-00A7-7A786E7484D7} - BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dlluRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenuRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunmRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exemRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exemRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /minuPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&ksporter til Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dllDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cabTCP: NameServer = 192.168.37.1TCP: Interfaces\{62871E68-88DB-403B-AD2E-75DE06889801} : DHCPNameServer = 192.168.37.1TCP: Interfaces\{62871E68-88DB-403B-AD2E-75DE06889801}\C696E6B6379737 : DHCPNameServer = 81.167.36.3 81.167.36.11TCP: Interfaces\{62871E68-88DB-403B-AD2E-75DE06889801}\E4564734F6D6D283136626 : DHCPNameServer = 192.168.1.1 192.168.1.1AppInit_DLLs= C:\Windows\SysWOW64\guard32.dllSSODL: WebCheck - SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dllmASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nb_NO&c=94&bd=Pavilion&pf=cnnbx64-BHO: Avira SearchFree Toolbar: {41564952-412D-5637-00A7-7A786E7484D7} -x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-TB: Avira SearchFree Toolbar: {41564952-412D-5637-00A7-7A786E7484D7} -x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"x64-Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -hx64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cabx64-DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cabx64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cabx64-SSODL: WebCheck - .================= FIREFOX ===================.FF - ProfilePath - C:\Users\bruker\AppData\Roaming\Mozilla\Firefox\Profiles\afvduosj.default\FF - prefs.js: browser.startup.homepage - hxxp://www.vg.no/FF - prefs.js: keyword.URL - hxxp://no.search.yahoo.com/search?fr=ytff-comodo&p=FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll.============= SERVICES / DRIVERS ===============.R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-9-28 28600]R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2011-10-7 584056]R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2011-10-7 38144]R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-7-2 203264]R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-9-28 440400]R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-9-28 440400]R2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2013-9-28 1017424]R2 APNMCP;Ask Update Service;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-2-13 166352]R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-9-28 108440]R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2009-6-29 70656]R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-7-21 140712]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-9-2 228408]S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-6-17 152064]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-4-9 59392]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-24 1255736]S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120].=============== Created Last 30 ================.2014-04-10 20:46:14 -------- d-----w- C:\Windows\ERUNT2014-04-10 14:06:16 -------- d-----w- C:\AdwCleaner2014-04-10 12:29:20 -------- d-sh--w- C:\$RECYCLE.BIN2014-04-10 11:14:26 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab2014-04-10 11:08:34 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll.==================== Find3M ====================.2014-04-03 22:50:11 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2014-04-03 22:50:11 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe.============= FINISH: 23:08:39,33 =============== Lenke til kommentar
r2d290 Skrevet 11. april 2014 Del Skrevet 11. april 2014 Hei igjen Du har noen rester av Ask Toolbar. Hvis dette ikke er noe du ønsker, kan du prøve å gå gjennom følgende veiledning for å fjerne det: http://techdows.com/2013/12/remove-java-installed-ask-toolbar-tbnotifier-exe.html Dette er en frivillig fix. Den gjør ikke noe skade, og er ikke spesielt ressurskrevende, men kommer ofte som et uønsket tillegg til f.eks. java-installasjoner. Loggene viser at en del rusk ble fjernet. DDS-loggen viser ingen tegn på virus. Hvordan opplever du at maskinen fungerer nå? Lenke til kommentar
Bruker-158599 Skrevet 11. april 2014 Forfatter Del Skrevet 11. april 2014 Hei. Takk for hjelpen PC-en fungerer utmerket nå Finner ikke asktoolbar i listen over programmer som er innstalert. Lenke til kommentar
r2d290 Skrevet 11. april 2014 Del Skrevet 11. april 2014 Da tror jeg bare vi lar restene være. De gjør ikke noen skade, så lenge de ikke er plagsomme. Ang. spørsmålet ditt om Comodo - Jeg mener at dette er et utmerket program. Hvis du ikke oppfatter det som veldig resurskrevende vil jeg anbefale deg å beholde det. Du har en utmerket sikkerhetspakke på pc-en. Du har en utdatert versjon av Adobe Flash Player. 1. For å avinstallere en gammel versjon, ta en titt her: this og last ned denne fila til Skrivebordet: uninstall_flash_player_32bit.exe 2. Avslutt ALLE kjørende programmer, inkludert alle nettlesere, og chatteprogram (som f.eks. MSN eller IRC). 3. Dobbelklikk på filen du har lastet ned for å avinstallere Flash. 4. Hvis programmet ble vellykket avinstallert, gå til Install Adobe Flash Player og velg Agree and install now. Dette vil installere den nyeste versjonen av Flash for din nettleser (merk: Flash plugins for IE, Chrome og Firefox må installeres separat). Merk: Jeg anbefaler at du huker vekk tilbudet om å installere gratis tilleggsprogram (Som Free McAfee Security Scan eller Free Google Toolbar). Du kan slette DDS og de øvrige programmene du har brukt i denne tråden fra Skrivebordet. Jeg anbefaler deg å beholde MBAM og TFC, og kjøre disse regelmessig. Combofix må avinstalleres. Gå til Start > Kjør Skriv følgende i boksen: Combofix /UninstallPS: legg merke til mellomrommet mellom x og /uninstall Du skal nå ha noe som tilsvarer bildet nedenfor: Trykk Enter. Denne kommandoen vil: Fjerne følgende: ComboFix og dets tilhørende filer og mapper. VundoFix backups, hvis de eksisterer. Mappen C:\Deckard, hvis den eksisterer Mappen C:\OtMoveIt, hvis den eksisterer Nullstille klokke-instillingene. Skjule filetternavn hvis det er nødvendig. Skjule System/Skjulte filer og mapper hvis det er nødvendig. Nullstille systemgjennoprettingspunkter. Sørg forøvrig for at Java, Flash player og Adobe reader er oppdatert, i tillegg til Windows. Lenke til kommentar
Bruker-158599 Skrevet 11. april 2014 Forfatter Del Skrevet 11. april 2014 (endret) Hei Tusen takk for all hjelp! Er noen år siden nå, men husker jeg ble anbefalt Avira og comodo. Tror kanskje det var fra deg? Jeg liker comodo kjempegodt. Har det i bakhuet at det kan ta litt ressurser så hvis jeg opplever det kan jeg jo bytte brannmur Da skal jeg oppdatere flash, og java Igjen tusen takk. Endret 11. april 2014 av -Twix- Lenke til kommentar
r2d290 Skrevet 11. april 2014 Del Skrevet 11. april 2014 Ja, er en stund siden sist jeg var aktiv her nå. Men kan nok stemme, jeg anbefalte disse programmene mye, og er fortsatt av oppfatning at de er gode. Har ikke sett så mye på tester i det siste dog, kanskje på tide å oppdatere meg litt igjen =) Merk: Du har allerede nyeste versjon av java:) -Surf trygt- Lenke til kommentar
Bruker-158599 Skrevet 11. april 2014 Forfatter Del Skrevet 11. april 2014 Ja, er en stund siden sist jeg var aktiv her nå. Men kan nok stemme, jeg anbefalte disse programmene mye, og er fortsatt av oppfatning at de er gode. Har ikke sett så mye på tester i det siste dog, kanskje på tide å oppdatere meg litt igjen =) Merk: Du har allerede nyeste versjon av java:) -Surf trygt- Du er den beste i felten Ja, jeg mener det selv. Veldig fornøyd med disse. Takk. Du får ha en fin kveld. Lenke til kommentar
r2d290 Skrevet 11. april 2014 Del Skrevet 11. april 2014 Selv takk! =) God helg, og god påske. Lenke til kommentar
Bruker-158599 Skrevet 17. april 2014 Forfatter Del Skrevet 17. april 2014 (endret) Hei igjen. Hvis det ikke er til for mye bry så har jeg en logg til. Oppdaget C:\WINDOWS\Explorer.EXELånte bort PC-en i helga, og det jeg skrudde den på var skjermen svart i 15-20 sek. Du kan se musepilen. Synes det var litt merkelig da den ikke har pleid det. Nå skjer det hver gang den startes.Finner ingen ting med mbam eller avira. Sjekka forrige dds logg som jeg postet her. Kunne ikke finne C:\WINDOWS\Explorer.EXE på forrige logg. Vet ikke om det har noe å si, har innsaltert noen spill siden forrige gang. Vet at mange virus utnytter "explorer" navnet. DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.51.2Run by bruker at 23:02:42 on 2014-04-17Microsoft Windows 7 Home Premium 6.1.7601.1.1252.47.1044.18.4063.2736 [GMT 2:00].AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Program Files\COMODO\COMODO Internet Security\cmdagent.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exeC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\atieclxx.exeC:\Windows\system32\Hpservice.exeC:\Windows\system32\WLANExt.exeC:\Windows\system32\Dwm.exeC:\Windows\System32\spoolsv.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Avira\AntiVir Desktop\sched.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeC:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\SysWOW64\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exeC:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files (x86)\CyberLink\Shared files\RichVideo.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\COMODO\COMODO Internet Security\cavwp.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exeC:\Windows\system32\taskeng.exec:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exec:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exeC:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXEC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\servicing\TrustedInstaller.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Java\jre6\bin\jusched.exeC:\Program Files\COMODO\COMODO Internet Security\cistray.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files\COMODO\COMODO Internet Security\cis.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exeC:\Windows\System32\svchost.exe -k WerSvcGroupC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://no.yahoo.com?fr=fp-comodomStart Page = hxxp://www.google.commDefault_Page_URL = hxxp://www.google.comBHO: {41564952-412D-5637-00A7-7A786E7484D7} -BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dlluRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hiddenuRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunmRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exemRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exemRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /minuPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&ksporter til Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dllDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cabDPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cabTCP: NameServer = 192.168.37.1TCP: Interfaces\{62871E68-88DB-403B-AD2E-75DE06889801} : DHCPNameServer = 192.168.37.1TCP: Interfaces\{62871E68-88DB-403B-AD2E-75DE06889801}\C696E6B6379737 : DHCPNameServer = 81.167.36.3 81.167.36.11TCP: Interfaces\{62871E68-88DB-403B-AD2E-75DE06889801}\E4564734F6D6D283136626 : DHCPNameServer = 192.168.1.1 192.168.1.1SSODL: WebCheck -SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dllmASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nb_NO&c=94&bd=Pavilion&pf=cnnbx64-BHO: Avira SearchFree Toolbar: {41564952-412D-5637-00A7-7A786E7484D7} -x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-TB: Avira SearchFree Toolbar: {41564952-412D-5637-00A7-7A786E7484D7} -x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Updatex64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cabx64-DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cabx64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cabx64-SSODL: WebCheck -.================= FIREFOX ===================.FF - ProfilePath - C:\Users\bruker\AppData\Roaming\Mozilla\Firefox\Profiles\afvduosj.default\FF - prefs.js: browser.startup.homepage - hxxp://www.vg.no/FF - prefs.js: keyword.URL - hxxp://no.search.yahoo.com/search?fr=ytff-comodo&p=FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll.============= SERVICES / DRIVERS ===============.R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-9-28 28600]R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdGuard.sys [2011-10-7 738472]R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2011-10-7 48360]R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-7-2 203264]R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-9-28 440400]R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-9-28 440400]R2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2013-9-28 1017424]R2 APNMCP;Ask Update Service;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-2-13 166352]R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-9-28 108440]R2 ezSharedSvc;Easybits Shared Services for Windows;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 27136]R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-4-1 49464]R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2009-6-29 70656]R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-7-21 140712]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-4-11 2264280]S3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-9-2 228408]S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-6-17 152064]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-4-9 59392]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-24 1255736]S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120].=============== File Associations ===============..=============== Created Last 30 ================.2014-04-15 12:49:30 -------- d-----w- C:\Users\bruker\AppData\Local\CrashDumps2014-04-15 11:24:56 -------- d-----w- C:\Users\bruker\AppData\Local\CrashRpt2014-04-14 16:23:59 517960 ----a-w- C:\Windows\System32\XAudio2_5.dll2014-04-14 16:22:59 3977496 ----a-w- C:\Windows\System32\d3dx9_31.dll2014-04-14 10:52:24 -------- d-----w- C:\Program Files (x86)\Common Files\Steam2014-04-14 10:52:22 -------- d-----w- C:\Program Files (x86)\Steam2014-04-13 11:21:07 70832 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2014-04-13 11:21:07 692400 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2014-04-11 14:59:30 -------- d-----w- C:\Users\bruker\AppData\Roaming\Guild Wars 22014-04-11 14:47:18 -------- d-sh--w- C:\$RECYCLE.BIN2014-04-11 14:44:38 -------- d-----w- C:\Users\bruker\AppData\Roaming\Comodo2014-04-11 14:42:59 -------- d-----w- C:\ProgramData\Shared Space2014-04-11 14:42:46 45784 ----a-w- C:\Windows\System32\cmdkbd64.dll2014-04-11 14:42:46 40664 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll2014-04-11 14:42:46 352984 ----a-w- C:\Windows\System32\cmdvrt64.dll2014-04-11 14:42:46 284888 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll2014-04-10 20:46:14 -------- d-----w- C:\Windows\ERUNT2014-04-10 14:06:16 -------- d-----w- C:\AdwCleaner2014-04-10 11:14:26 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab2014-04-10 11:08:34 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll.==================== Find3M ====================.2014-03-25 19:22:50 48360 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys2014-03-25 19:22:49 738472 ----a-w- C:\Windows\System32\drivers\cmdGuard.sys2014-03-25 19:22:49 23168 ----a-w- C:\Windows\System32\drivers\cmderd.sys2014-03-25 19:22:37 43216 ----a-w- C:\Windows\System32\cmdcsr.dll2014-03-25 19:22:36 363504 ----a-w- C:\Windows\SysWow64\guard32.dll2014-03-25 19:22:35 453680 ----a-w- C:\Windows\System32\guard64.dll.============= FINISH: 23:03:43,67 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 22.07.2010 11:59:45System Uptime: 17.04.2014 22:59:43 (1 hours ago).Motherboard: Quanta | | 3628Processor: Pentium® Dual-Core CPU T4400 @ 2.20GHz | CPU | 2200/800mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 451 GiB total, 353,875 GiB free.D: is FIXED (NTFS) - 14 GiB total, 2,363 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP215: 11.04.2014 16:32:30 - ComboFix created restore pointRP216: 11.04.2014 17:58:41 - Installed HP Support Solutions FrameworkRP217: 14.04.2014 18:20:59 - Installed DirectX.==== Installed Programs ======================.Update for Microsoft Office 2007 (KB2508958)Acrobat.comActiveCheck component for HP Active Support LibraryAdobe AIRAdobe Flash Player 13 PluginAdobe Shockwave Player 11.5Apple Application SupportApple Mobile Device SupportApple Software UpdateATI Catalyst Install ManagerAvira Free AntivirusAvira SearchFree ToolbarBonjourBroadcom 802.11 Wireless LAN AdapterCatalyst Control Center - BrandingCatalyst Control Center Core ImplementationCatalyst Control Center Graphics Full ExistingCatalyst Control Center Graphics Full NewCatalyst Control Center Graphics LightCatalyst Control Center Graphics Previews CommonCatalyst Control Center Graphics Previews VistaCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-core-staticccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishCCleanerCOMODO Internet SecurityCompatibility Pack for 2007 OfficeCyberLink DVD SuiteDefragglerDota 2ENE CIR Receiver DriverEuro Truck SimulatorFoxit Reader 5.0GIMP 2.6.11Google ChromeGoogle Update HelperGuild Wars 2HP 3D DriveGuardHP AdvisorHP Customer Experience EnhancementsHP GamesHP MediaSmart DVDHP MediaSmart Internet TVHP MediaSmart Live TVHP MediaSmart Movie ThemesHP MediaSmart Music/Photo/VideoHP MediaSmart SmartMenuHP MediaSmart WebcamHP Quick Launch ButtonsHP SetupHP Support AssistantHP Support Solutions FrameworkHP UpdateHP User Guides 0154HP Wireless AssistantHPAsset component for HP Active Support LibraryIDT AudioJava 7 Update 51Java Auto UpdaterJava 6 Update 14 (64-bit)JMicron Flash Media Controller DriverLabelPrintLightScribe System SoftwareMagic DesktopMalwarebytes Anti-Malware versjon 1.75.0.1300Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 Client Profile NOR Language PackMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Excel 2007 Help Oppdatering (KB963678)Microsoft Office Excel MUI (Norwegian (Bokmål)) 2007Microsoft Office File Validation Add-InMicrosoft Office Home and Student 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (Norwegian (Bokmål)) 2007Microsoft Office Powerpoint 2007 Help Oppdatering (KB963669)Microsoft Office PowerPoint MUI (Norwegian (Bokmål)) 2007Microsoft Office PowerPoint Viewer 2007 (Norwegian (Bokmål))Microsoft Office Proof (English) 2007Microsoft Office Proof (German) 2007Microsoft Office Proof (Norwegian (Bokmål)) 2007Microsoft Office Proof (Norwegian (Nynorsk)) 2007Microsoft Office Proofing (Norwegian (Bokmål)) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Shared 64-bit MUI (Norwegian (Bokmål)) 2007Microsoft Office Shared MUI (Norwegian (Bokmål)) 2007Microsoft Office Suite Activation AssistantMicrosoft Office Word 2007 Help Oppdatering (KB963665)Microsoft Office Word MUI (Norwegian (Bokmål)) 2007Microsoft SilverlightMicrosoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft WorksMozilla Firefox 28.0 (x86 nb-NO)Mozilla Maintenance ServiceMSVC80_x64_v2MSVC80_x86_v2MSVC90_x64MSVC90_x86MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)PC Connectivity SolutionPower2GoPowerDirectorPowerRecoverPrime WorldQLBCASLRealtek 8136 8168 8169 Ethernet DriverSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile NOR Language Pack (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile NOR Language Pack (KB2518870)Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2598041) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSkype™ 5.3Sony Ericsson PC Companion 2.01.192SP45990 - Wallpaper Picture Position Enabler for Windows 7SpotifySteamSynaptics Pointing Device DriverSystem Requirements Lab DetectionTeam Fortress 2The Elder Scrolls III: MorrowindUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2007 suites (KB2596651) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2596789) 32-Bit EditionUpdate for Microsoft Office Excel 2007 (KB2596596) 32-Bit EditionVLC media player 2.1.0Windows-driverpakke - Nokia pccsmcfd (08/22/2008 7.0.0.0)Windows Live Sign-in AssistantWindows Live Upload ToolWindows Media Player Firefox PluginWinRAR 5.00 (64-bit).==== Event Viewer Messages From Past Week ========..==== End Of File =========================== Endret 17. april 2014 av -Twix- Lenke til kommentar
r2d290 Skrevet 18. april 2014 Del Skrevet 18. april 2014 Heisann. Ser på det i kveld Lenke til kommentar
Bruker-158599 Skrevet 18. april 2014 Forfatter Del Skrevet 18. april 2014 Hei hei Supert, takk skal du ha Lenke til kommentar
r2d290 Skrevet 18. april 2014 Del Skrevet 18. april 2014 Explorer.exe finnes i både gammel og ny dds-fil. Begge ligger på riktig lokasjon, så det er nok ikke det som er problemet. Finner ikke noe som er knyttet mot virus, men det har skjedd noen vesentlige endringer som kan være verdt å se på. For det første er både Comodo og Avira endret fra enabled til disabled. Dette bør du kanskje skru på igjen. To nye mapper har blitt opprettet: 2014-04-15 12:49:30 -------- d-----w- C:\Users\bruker\AppData\Local\CrashDumps2014-04-15 11:24:56 -------- d-----w- C:\Users\bruker\AppData\Local\CrashRpt Se om du har noen loggfiler i disse mappene som kan være av interesse. Post dem gjerne. Steam og Guild Wars 2 har blitt innstallert. Hvis disse starter opp med maskinen så kan dette ha en effekt av forsinket oppstart. Jeg mener riktignok bestemt at det burde komme opp i loggen dersom de starter opp, noe det ikke gjør, men sjekk for sikkerhets skyld. Prøv isåfall å skru av at de starter opp med maskinen. Gi tilbakemelding. Comodo har opprettet noen nye filer: 2014-04-11 14:42:46 45784 ----a-w- C:\Windows\System32\cmdkbd64.dll2014-04-11 14:42:46 40664 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll2014-04-11 14:42:46 352984 ----a-w- C:\Windows\System32\cmdvrt64.dll2014-04-11 14:42:46 284888 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll Kanskje disse endringene har gjort noe med oppstarten. Se om du får til å deaktivere Comodo ved oppstart (eller prøv å aktivere den hvis den er standard deaktivert). Videre ser det ut til at DirectX har blitt innstallert. Dette er ofte nødvendig for å spille. Den gjør en del systemendringer, og kan derfor føres opp i lista over mulige årsaker. Det kan kanskje være verdt å prøve å avinnstallere DirectX for å se om dette gir noen endringer. Alle disse endringene skjedde 14. april, og krasj-mappene ble opprettet på morgenen dagen etter (trolig under første oppstart) klokka 11:24 og 12:49. Lenke til kommentar
r2d290 Skrevet 18. april 2014 Del Skrevet 18. april 2014 Unødvendige prosesser som kjører på oppstart kan forårsake treghet. Last ned Malwarebytes' StartUpLite og lagre det på Skrivebordet. Dobbelklikk på StartUpLite.exe for å kjøre programmet. Dette vil vise alle unødvendige oppstartsoppføringer. Velg alle alternativene du vil kjøre, og velg "Continue". Jeg anbefaler at du deaktiverer alle, og ser om det er noen forbedringer i hastigheten. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå