Jump to content

Kan inte läsa in sshnas.dll


_sebbe_

Recommended Posts

Det var ju bra att den inte hittas.... det tyder på att ditt antivirusprogram har fungerat åtminstone delvis, men du kanske kan behöva hjälp att rensa ur dom återstående filer som orsakar felmeddelandet. Något för systemrensarna! ;)

http://www.prevx.com/filenames/X706715703701084672-X1/SSHNAS.DLL.html

Edited by e-son
Link to comment
Share on other sites

Jag är inte mycket vid datorn så här under julen, men jag kan titta på t ex en DDS-logg vid tillfälle. Spara DDS på Skrivbordet.

http://download.bleepingcomputer.com/sUBs/dds.scr

Starta programmet (i Vista högerklicka och Kör som administratör).

Tryck Yes/Ja om frågan om Optional Scan dyker upp.

I ditt svar klistrar du in loggen DSS.txt medan du sparar Attach-loggen på skrivbordet utifall att jag vill se den senare.

Link to comment
Share on other sites

DDS (Ver_09-12-01.01) - NTFSx86

Run by Sebastian at 17:53:02,18 on 2009-12-26

Internet Explorer: 8.0.6001.18865

Microsoft® Windows Vista Home Premium 6.0.6002.2.1252.46.1053.18.2045.1090 [GMT 1:00]

AV: avast! antivirus 4.8.1169 [VPS 090209-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

SP: ZoneAlarm Anti-Spyware *enabled* (Outdated) {F245A209-1085-48B4-B927-35D56015EC60}

SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

SP: avast! antivirus 4.8.1169 [VPS 090209-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: COMODO Firewall Pro *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\ZoneLabs\vsmon.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\WINDOWS\system32\taskeng.exe

C:\WINDOWS\system32\taskeng.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Prevx\prevx.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Prevx\prevx.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Windows\stsystra.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe

C:\Users\Sebastian\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\PROGRA~1\iPod\bin\iPodService.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Sebastian\Documents\Downloads\dds.scr

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.google.com/ie

uSearch Page = hxxp://www.google.com

uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

uStart Page = hxxp://www.google.se/

uInternet Settings,ProxyOverride = local

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

mSearchAssistant =

uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll

mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll

BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyng.dll

TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB: {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No File

EB: Web Assistant: {66b90adb-0be3-40ae-8680-84a6f0577ca0} - c:\progra~1\hbtools\bin\4.8.0.0\HbtHostIE.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [Google Update] "c:\users\sebastian\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [AdobeBridge]

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [LosAlamos] rundll32.exe c:\windows\system32\sshnas.dll,NvTaskbarInit

uRun: [Zeldar] c:\users\sebast~1\appdata\local\temp\c.exe

uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/5.0_(Windows;_U;_Windows_NT_6.0;_en-US)_AppleWebKit/532.0_(KHTML,_like_Gecko)_Chrome/3.0.195.38_Safari/532.0" -"http://www.skunkstudios.com/gutterball2/game/gutterball2webgame.htm"

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [XDc] c:\program files\xtreme desktop\xdc\startxdc.exe

mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe

mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe

mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"

mRun: [QuickTime Task] "c:\progra~1\quickt~1\QTTask.exe" -atboottime

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"

mRun: [<NO NAME>]

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [snpstd] c:\windows\vsnpstd.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wpn111 configuration utility\wpn111.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

IE: Save YouTube Video as MP3 - c:\program files\common files\dvdvideosoft\dll\IEContextMenuY.dll/scriptY2MP3.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} - hxxp://download.microsoft.com/download/0/f/b/0fb0fab9-7f09-4bb6-86d8-8e791ba99ac5/VirtualEarth3D.cab

DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab

DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://myspacelist.spaces.live.com/PhotoUpload/VistaMsnPUpldsv-se.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - hxxp://62.181.87.189/activex/AxisCamControl.cab

DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} - hxxp://support.f-secure.com/ols/fscax.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://www.adobe.com/products/acrobat/nos/gp.cab

AppInit_DLLs: acaptuser32.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-5-10 64160]

R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [2009-12-26 30280]

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-2-8 114768]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-2-8 20560]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-2-8 53328]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-2-8 138680]

R2 CSIScanner;CSIScanner;c:\program files\prevx\prevx.exe [2009-12-26 6222312]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1028432]

R2 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [2009-12-26 47408]

R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-2-8 254040]

R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-2-8 352920]

R3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys [2009-12-26 24496]

R3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;c:\windows\system32\drivers\WPN111.sys [2007-12-25 286720]

S2 gupdate1c9860faab7fc8a;Google Update Service (gupdate1c9860faab7fc8a);c:\program files\google\update\GoogleUpdate.exe [2009-2-3 133104]

S3 ATHFMWDL;NETGEAR WPN111 Bootloader driver;c:\windows\system32\drivers\athwpn.sys [2007-12-25 43392]

S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [2006-10-21 17149]

S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-4-16 21504]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-4-3 13224]

S3 WiselinkPro;SAMSUNG WiselinkPro Service;c:\program files\samsung\samsung pc share manager\WiselinkPro.exe [2009-1-8 4136960]

=============== Created Last 30 ================

2009-12-26 12:18:48 53136 ----a-w- c:\windows\system32\PxSecure.dll

2009-12-26 12:18:48 47408 ----a-w- c:\windows\system32\drivers\pxrts.sys

2009-12-26 12:18:48 30280 ----a-w- c:\windows\system32\drivers\pxscan.sys

2009-12-26 12:18:47 24496 ----a-w- c:\windows\system32\drivers\pxkbf.sys

2009-12-26 12:18:46 0 d-----w- c:\program files\Prevx

2009-12-26 12:18:35 0 d-----w- c:\programdata\PrevxCSI

2009-12-21 10:50:56 18030130 ----a-w- c:\users\sebastian\vlc-1.0.3-win32.exe

2009-12-19 10:29:03 0 d-----w- c:\programdata\TreeCardGames

2009-12-19 10:28:36 0 d-----w- c:\users\sebast~1\appdata\roaming\TreeCardGames

2009-12-19 10:28:31 0 d-----w- c:\program files\123 Free Solitaire

2009-12-15 16:37:25 0 d-----w- c:\users\sebast~1\appdata\roaming\123 Free Solitaire

2009-12-15 12:42:43 0 d-----w- c:\program files\LDA Games

2009-12-10 18:44:57 24064 ----a-w- c:\windows\system32\nshhttp.dll

2009-12-10 18:44:51 411648 ----a-w- c:\windows\system32\drivers\http.sys

2009-12-10 18:44:50 30720 ----a-w- c:\windows\system32\httpapi.dll

2009-12-10 15:46:01 377344 ----a-w- c:\windows\system32\winhttp.dll

2009-12-10 15:40:47 243712 ----a-w- c:\windows\system32\rastls.dll

2009-12-05 13:29:56 0 d-----w- c:\program files\Livebrush

2009-11-30 18:10:05 0 d-----w- c:\windows\system32\CSP

2009-11-27 16:13:31 0 d-----w- c:\users\sebast~1\appdata\roaming\Octoshape

==================== Find3M ====================

2009-12-26 16:46:52 350191 ---ha-w- c:\windows\system32\drivers\vsconfig.xml

2009-12-17 16:38:27 408690 ----a-w- c:\windows\system32\perfc01D.dat

2009-12-17 16:38:27 1430902 ----a-w- c:\windows\system32\perfh01D.dat

2009-11-24 23:49:48 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2009-11-22 17:18:13 51200 ----a-w- c:\windows\inf\infpub.dat

2009-11-22 17:18:12 143360 ----a-w- c:\windows\inf\infstrng.dat

2009-11-22 17:18:10 86016 ----a-w- c:\windows\inf\infstor.dat

2009-11-21 06:40:20 916480 ----a-w- c:\windows\system32\wininet.dll

2009-11-21 06:34:39 71680 ----a-w- c:\windows\system32\iesetup.dll

2009-11-21 06:34:39 109056 ----a-w- c:\windows\system32\iesysprep.dll

2009-11-21 04:59:58 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-11-12 21:42:16 32768 ----a-w- c:\windows\system32\drivers\taphss.sys

2009-11-05 11:47:45 665600 ----a-w- c:\windows\inf\drvindex.dat

2009-11-05 11:47:12 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf

2009-11-02 19:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe

2009-10-29 18:28:27 73312 ----a-w- c:\windows\system32\drivers\adfs.sys

2009-10-29 09:17:42 2048 ----a-w- c:\windows\system32\tzres.dll

2009-10-11 03:17:27 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-10-10 12:13:49 38 ----a-w- c:\users\sebastian\jagex_runescape_preferences.dat

2009-10-10 11:09:10 45 ----a-w- c:\users\sebastian\jagex_runescape_preferences2.dat

2009-10-08 21:08:01 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll

2009-10-08 21:08:01 234496 ----a-w- c:\windows\system32\oleacc.dll

2009-10-08 21:07:59 4096 ----a-w- c:\windows\system32\oleaccrc.dll

2009-10-01 01:02:17 2537472 ----a-w- c:\windows\system32\wpdshext.dll

2009-10-01 01:02:05 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe

2009-10-01 01:02:04 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll

2009-10-01 01:02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll

2009-10-01 01:02:00 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll

2009-10-01 01:01:59 546816 ----a-w- c:\windows\system32\wpd_ci.dll

2009-10-01 01:01:59 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll

2009-10-01 01:01:56 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll

2009-10-01 01:01:56 350208 ----a-w- c:\windows\system32\WPDSp.dll

2009-10-01 01:01:56 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll

2009-10-01 01:01:56 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll

2009-10-01 01:01:54 81920 ----a-w- c:\windows\system32\wpdbusenum.dll

2008-04-16 14:21:39 174 --sha-w- c:\program files\desktop.ini

2007-05-09 14:50:21 774144 ----a-w- c:\program files\RngInterstitial.dll

2006-11-21 05:00:30 35978 ----a-w- c:\windows\inf\perflib\041d\perfd.dat

2006-11-21 05:00:30 35978 ----a-w- c:\windows\inf\perflib\041d\perfc.dat

2006-11-21 05:00:30 290490 ----a-w- c:\windows\inf\perflib\041d\perfi.dat

2006-11-21 05:00:30 290490 ----a-w- c:\windows\inf\perflib\041d\perfh.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2008-06-04 11:02:01 16384 --sha-w- c:\windows\temp\cookies\index.dat

2008-06-04 11:02:01 16384 --sha-w- c:\windows\temp\history\history.ie5\index.dat

2008-06-04 11:02:02 49152 --sha-w- c:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 17:54:49,40 ===============

Link to comment
Share on other sites

Hur har du det med brandvägg och antivirusprogram? Man ska bara ha ett program av varje sort för att inte få konstiga problem. Se till att avinstallera överflödiga antivirusprogram och brandvägg.

Zynga Toolbar ska avinstalleras.

Ladda ner Malwarebytes Anti-Malware (MBAM) från:

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-108

04572.html

Dubbelklicka på mbam-setup för att installera programmet.

Se till i slutet av installationen att det är bockar för:

Uppdatera Malwarebytes' Anti-Malware

Starta Malwarebytes' Anti-Malware

Tryck på Slutför

Om det finns någon uppdatering så kommer den att laddas ner och installeras.

När programmet startar så välj "Utför snabb skanning" och tryck på Skanna.

Skanningen tar ett tag.

När den är klar så tryck på OK och sedan "Visa resultat".

Bocka för allt och tryck sedan Ta bort markerade.

När borttagningen är klar så öppnar Anteckningar med en logg.

Eventuellt så kommer det upp en begäran om att starta om datorn (Restart). I så fall gör det.

Om det blir ett felmeddelande Error loading... efter omstarten så starta om datorn än en gång.

Om programmet inte kommer igång efter omstarten så starta det.

Om loggen inte kommer upp själv i Anteckningar så hittar du loggen på fliken Loggar i MBAM.

Kopiera loggen och klistra in den i ditt svar.

Link to comment
Share on other sites

Du kanske kan klistra in loggar själv i fortsättningen så jag slipper göra det.

Malwarebytes' Anti-Malware 1.42

Databasversion: 3439

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18865

2009-12-27 17:22:53

mbam-log-2009-12-27 (17-22-53).txt

Skanningstyp: Fullständig skanning (C:\|)

Antal skannade objekt: 60248

Förfluten tid: 26 minute(s), 50 second(s)

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 2

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 0

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

Infekterade registernycklar:

HKEY_CLASSES_ROOT\Interface\{8654592e-952a-4e7c-a960-304763b35fa6} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infekterade registervärden:

(Inga illasinnade poster hittades)

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

Infekterade mappar:

(Inga illasinnade poster hittades)

Infekterade filer:

(Inga illasinnade poster hittades)

Klistra in en ny DDS-logg.

Edited by Cecilia
Link to comment
Share on other sites

Senaste DDS-loggen:

DDS (Ver_09-12-01.01) - NTFSx86

Run by Sebastian at 13:53:27,77 on 2009-12-28

Internet Explorer: 8.0.6001.18865

Microsoft® Windows Vista Home Premium 6.0.6002.2.1252.46.1053.18.2045.1102 [GMT 1:00]

AV: avast! antivirus 4.8.1169 [VPS 090209-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

SP: ZoneAlarm Anti-Spyware *enabled* (Outdated) {F245A209-1085-48B4-B927-35D56015EC60}

SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

SP: avast! antivirus 4.8.1169 [VPS 090209-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: COMODO Firewall Pro *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\ZoneLabs\vsmon.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\WINDOWS\system32\taskeng.exe

C:\WINDOWS\system32\taskeng.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Prevx\prevx.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Prevx\prevx.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Windows\stsystra.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe

C:\Windows\ehome\ehmsas.exe

C:\Users\Sebastian\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\PROGRA~1\iPod\bin\iPodService.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Sebastian\Documents\Downloads\dds.scr

C:\Windows\system32\conime.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://www.google.com/ie

uSearch Page = hxxp://www.google.com

uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

uStart Page = hxxp://www.google.se/

uInternet Settings,ProxyOverride = local

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

mSearchAssistant =

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: &Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB: {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No File

EB: Web Assistant: {66b90adb-0be3-40ae-8680-84a6f0577ca0} - c:\progra~1\hbtools\bin\4.8.0.0\HbtHostIE.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [Google Update] "c:\users\sebastian\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [AdobeBridge]

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [LosAlamos] rundll32.exe c:\windows\system32\sshnas.dll,NvTaskbarInit

uRun: [Zeldar] c:\users\sebast~1\appdata\local\temp\c.exe

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [XDc] c:\program files\xtreme desktop\xdc\startxdc.exe

mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe

mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe

mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"

mRun: [QuickTime Task] "c:\progra~1\quickt~1\QTTask.exe" -atboottime

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"

mRun: [<NO NAME>]

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

mRun: [snpstd] c:\windows\vsnpstd.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wpn111 configuration utility\wpn111.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

IE: Save YouTube Video as MP3 - c:\program files\common files\dvdvideosoft\dll\IEContextMenuY.dll/scriptY2MP3.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

DPF: {0DB074F0-617E-4EE9-912C-2965CF2AA5A4} - hxxp://download.microsoft.com/download/0/f/b/0fb0fab9-7f09-4bb6-86d8-8e791ba99ac5/VirtualEarth3D.cab

DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} - hxxp://myspacelist.spaces.live.com/PhotoUpload/VistaMsnPUpldsv-se.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - hxxp://62.181.87.189/activex/AxisCamControl.cab

DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} - hxxp://support.f-secure.com/ols/fscax.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_08-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://www.adobe.com/products/acrobat/nos/gp.cab

AppInit_DLLs: acaptuser32.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-5-10 64160]

R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [2009-12-26 30280]

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-2-8 114768]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-2-8 20560]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-2-8 53328]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-2-8 138680]

R2 CSIScanner;CSIScanner;c:\program files\prevx\prevx.exe [2009-12-26 6222312]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 1028432]

R2 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [2009-12-26 47408]

R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-2-8 254040]

R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-2-8 352920]

R3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys [2009-12-26 24496]

R3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;c:\windows\system32\drivers\WPN111.sys [2007-12-25 286720]

S2 gupdate1c9860faab7fc8a;Google Update Service (gupdate1c9860faab7fc8a);c:\program files\google\update\GoogleUpdate.exe [2009-2-3 133104]

S3 ATHFMWDL;NETGEAR WPN111 Bootloader driver;c:\windows\system32\drivers\athwpn.sys [2007-12-25 43392]

S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [2006-10-21 17149]

S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-4-16 21504]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-4-3 13224]

S3 WiselinkPro;SAMSUNG WiselinkPro Service;c:\program files\samsung\samsung pc share manager\WiselinkPro.exe [2009-1-8 4136960]

=============== Created Last 30 ================

2009-12-27 15:52:39 0 d-----w- c:\users\sebast~1\appdata\roaming\Malwarebytes

2009-12-27 15:52:28 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2009-12-27 15:52:25 0 d-----w- c:\programdata\Malwarebytes

2009-12-27 15:52:24 19160 ----a-w- c:\windows\system32\drivers\mbam.sys

2009-12-27 15:52:24 0 d-----w- c:\program files\Malwarebytes' Anti-Malware

2009-12-27 15:31:16 0 d-----w- c:\program files\Media Center Plugin

2009-12-26 12:18:48 53136 ----a-w- c:\windows\system32\PxSecure.dll

2009-12-26 12:18:48 47408 ----a-w- c:\windows\system32\drivers\pxrts.sys

2009-12-26 12:18:48 30280 ----a-w- c:\windows\system32\drivers\pxscan.sys

2009-12-26 12:18:47 24496 ----a-w- c:\windows\system32\drivers\pxkbf.sys

2009-12-26 12:18:46 0 d-----w- c:\program files\Prevx

2009-12-26 12:18:35 0 d-----w- c:\programdata\PrevxCSI

2009-12-21 10:50:56 18030130 ----a-w- c:\users\sebastian\vlc-1.0.3-win32.exe

2009-12-19 10:29:03 0 d-----w- c:\programdata\TreeCardGames

2009-12-19 10:28:36 0 d-----w- c:\users\sebast~1\appdata\roaming\TreeCardGames

2009-12-19 10:28:31 0 d-----w- c:\program files\123 Free Solitaire

2009-12-15 16:37:25 0 d-----w- c:\users\sebast~1\appdata\roaming\123 Free Solitaire

2009-12-15 12:42:43 0 d-----w- c:\program files\LDA Games

2009-12-10 18:44:57 24064 ----a-w- c:\windows\system32\nshhttp.dll

2009-12-10 18:44:51 411648 ----a-w- c:\windows\system32\drivers\http.sys

2009-12-10 18:44:50 30720 ----a-w- c:\windows\system32\httpapi.dll

2009-12-10 15:46:01 377344 ----a-w- c:\windows\system32\winhttp.dll

2009-12-10 15:40:47 243712 ----a-w- c:\windows\system32\rastls.dll

2009-12-05 13:29:56 0 d-----w- c:\program files\Livebrush

2009-11-30 18:10:05 0 d-----w- c:\windows\system32\CSP

==================== Find3M ====================

2009-12-28 12:42:56 350191 ---ha-w- c:\windows\system32\drivers\vsconfig.xml

2009-12-17 16:38:27 408690 ----a-w- c:\windows\system32\perfc01D.dat

2009-12-17 16:38:27 1430902 ----a-w- c:\windows\system32\perfh01D.dat

2009-11-24 23:49:48 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2009-11-22 17:18:13 51200 ----a-w- c:\windows\inf\infpub.dat

2009-11-22 17:18:12 143360 ----a-w- c:\windows\inf\infstrng.dat

2009-11-22 17:18:10 86016 ----a-w- c:\windows\inf\infstor.dat

2009-11-21 06:40:20 916480 ----a-w- c:\windows\system32\wininet.dll

2009-11-21 06:34:39 71680 ----a-w- c:\windows\system32\iesetup.dll

2009-11-21 06:34:39 109056 ----a-w- c:\windows\system32\iesysprep.dll

2009-11-21 04:59:58 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-11-12 21:42:16 32768 ----a-w- c:\windows\system32\drivers\taphss.sys

2009-11-05 11:47:45 665600 ----a-w- c:\windows\inf\drvindex.dat

2009-11-05 11:47:12 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf

2009-11-02 19:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe

2009-10-29 18:28:27 73312 ----a-w- c:\windows\system32\drivers\adfs.sys

2009-10-29 09:17:42 2048 ----a-w- c:\windows\system32\tzres.dll

2009-10-11 03:17:27 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-10-10 12:13:49 38 ----a-w- c:\users\sebastian\jagex_runescape_preferences.dat

2009-10-10 11:09:10 45 ----a-w- c:\users\sebastian\jagex_runescape_preferences2.dat

2009-10-08 21:08:01 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll

2009-10-08 21:08:01 234496 ----a-w- c:\windows\system32\oleacc.dll

2009-10-08 21:07:59 4096 ----a-w- c:\windows\system32\oleaccrc.dll

2009-10-01 01:02:17 2537472 ----a-w- c:\windows\system32\wpdshext.dll

2009-10-01 01:02:05 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe

2009-10-01 01:02:04 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll

2009-10-01 01:02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll

2009-10-01 01:02:00 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll

2009-10-01 01:01:59 546816 ----a-w- c:\windows\system32\wpd_ci.dll

2009-10-01 01:01:59 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll

2009-10-01 01:01:56 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll

2009-10-01 01:01:56 350208 ----a-w- c:\windows\system32\WPDSp.dll

2009-10-01 01:01:56 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll

2009-10-01 01:01:56 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll

2009-10-01 01:01:54 81920 ----a-w- c:\windows\system32\wpdbusenum.dll

2008-04-16 14:21:39 174 --sha-w- c:\program files\desktop.ini

2007-05-09 14:50:21 774144 ----a-w- c:\program files\RngInterstitial.dll

2006-11-21 05:00:30 35978 ----a-w- c:\windows\inf\perflib\041d\perfd.dat

2006-11-21 05:00:30 35978 ----a-w- c:\windows\inf\perflib\041d\perfc.dat

2006-11-21 05:00:30 290490 ----a-w- c:\windows\inf\perflib\041d\perfi.dat

2006-11-21 05:00:30 290490 ----a-w- c:\windows\inf\perflib\041d\perfh.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 13:56:10,54 ===============

Bifogar filen också:

DDS2.txt

Link to comment
Share on other sites

Det är en del rester i registret och de är lätttast att få bort med HijackThis. Spara filen från en av länkarna:

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

Installera, starta och välj "Do a system scan and save a logfile", kopiera loggen som kommer upp (inget annat) och klistra in i den i ditt svar.

Klistra också in den Attach-logg som DDS skapade.

Link to comment
Share on other sites

Här är loggen:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:04:16, on 2009-12-29

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18865)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\WINDOWS\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Windows\stsystra.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe

C:\Users\Sebastian\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [XDc] C:\Program Files\Xtreme Desktop\xdc\startxdc.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\PROGRA~1\QUICKT~1\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas.dll,NvTaskbarInit

O4 - HKCU\..\Run: [Zeldar] C:\Users\SEBAST~1\AppData\Local\Temp\c.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe

O13 - Gopher Prefix:

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://myspacelist.spaces.live.com/PhotoUpload/VistaMsnPUpldsv-se.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.181.87.189/activex/AxisCamControl.cab

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O20 - AppInit_DLLs: acaptuser32.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: Google Update Service (gupdate1c9860faab7fc8a) (gupdate1c9860faab7fc8a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\PROGRA~1\iPod\bin\iPodService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

--

End of file - 9890 bytes

Kan tyvärr inte bifoga filen, eftersom "du tillåts inte ladda upp den filer av den här typen(filen är en .log)".

UPDATE: Kan man inte kopiera sshnas.dll från en annan Vista-dator och klistra in i Windowsmappen?

Edited by _sebbe_
Link to comment
Share on other sites

sshnas.dll är en skadlig fil som e-son skrev och inget man ska ha i datorn.

Jag föredrar att du klistrar in loggar så att de blir lätta att läsa och inte bifogar dem.

Skanna med HijackThis och bocka för:

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)

O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas.dll,NvTaskbarInit

O4 - HKCU\..\Run: [Zeldar] C:\Users\SEBAST~1\AppData\Local\Temp\c.exe

Avsluta alla andra program.

Tryck Fix checked.

Starta om datorn och så en ny HijackThis-logg.

Link to comment
Share on other sites

Nu är rutan borta, tusen tack för all hjälp! ;)

Här är loggen:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:04:16, on 2009-12-29

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18865)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\WINDOWS\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Windows\stsystra.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe

C:\Users\Sebastian\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [XDc] C:\Program Files\Xtreme Desktop\xdc\startxdc.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\PROGRA~1\QUICKT~1\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Windows\system32\sshnas.dll,NvTaskbarInit

O4 - HKCU\..\Run: [Zeldar] C:\Users\SEBAST~1\AppData\Local\Temp\c.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe

O13 - Gopher Prefix:

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://myspacelist.spaces.live.com/PhotoUpload/VistaMsnPUpldsv-se.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.181.87.189/activex/AxisCamControl.cab

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O20 - AppInit_DLLs: acaptuser32.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: Google Update Service (gupdate1c9860faab7fc8a) (gupdate1c9860faab7fc8a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\PROGRA~1\iPod\bin\iPodService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

--

End of file - 9890 bytes

Link to comment
Share on other sites

Det brukar bli så om man inte kör HijackThis med fullständiga rättigheter. Det brukar också lösa sig om man tar bort den befintliga loggen innan man kör HijackThis.

SP: ZoneAlarm Anti-Spyware *enabled* (Outdated) {F245A209-1085-48B4-B927-35D56015EC60}

SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

SP: avast! antivirus 4.8.1169 [VPS 090209-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: COMODO Firewall Pro *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

Ovanstående är registrerat i Windows säkerhetscenter och . Men vad är det som är installerat i datorn?

Det ser ut att finnas gamla Java-versioner med säkerhetshål installerade så det vore bra om du klistrade in en ny Attach-logg.

Link to comment
Share on other sites

Det brukar bli så om man inte kör HijackThis med fullständiga rättigheter. Det brukar också lösa sig om man tar bort den befintliga loggen innan man kör HijackThis.

SP: ZoneAlarm Anti-Spyware *enabled* (Outdated) {F245A209-1085-48B4-B927-35D56015EC60}

SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

SP: avast! antivirus 4.8.1169 [VPS 090209-0] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: COMODO Firewall Pro *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

Ovanstående är registrerat i Windows säkerhetscenter och . Men vad är det som är installerat i datorn?

Det ser ut att finnas gamla Java-versioner med säkerhetshål installerade så det vore bra om du klistrade in en ny Attach-logg.

Comodo finns inte i systemet, vad jag vet.

Senaste HijackThis-loggen:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:40:25, on 2009-12-31

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18865)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\WINDOWS\system32\taskeng.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Windows\stsystra.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Voddler\service\VNetManager.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\ehome\ehtray.exe

C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\NETGEAR\WPN111 Configuration Utility\wpn111.exe

C:\Users\Sebastian\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\wuauclt.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Sebastian\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Internet Explorer\IELowutil.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [XDc] C:\Program Files\Xtreme Desktop\xdc\startxdc.exe

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\PROGRA~1\QUICKT~1\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [snpstd] C:\Windows\vsnpstd.exe

O4 - HKLM\..\Run: [VoddlerNet Manager] C:\Program Files\Voddler\service\VNetManager.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Sebastian\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O4 - Global Startup: NETGEAR WPN111 Smart Wizard.lnk = ?

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe

O13 - Gopher Prefix:

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://myspacelist.spaces.live.com/PhotoUpload/VistaMsnPUpldsv-se.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.181.87.189/activex/AxisCamControl.cab

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab

O20 - AppInit_DLLs: acaptuser32.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\PROGRA~1\iPod\bin\iPodService.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: VoddlerNet - Voddler - C:\Program Files\Voddler\service\voddler.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

--

End of file - 9553 bytes

Bifogar senaste Attachen:

Attach3.zip

Link to comment
Share on other sites

Om du ska ha någon nytta av antispionprogrammet som ingår i ZoneAlarm så är det ju viktigt att det uppdateras. Om det är en betalvariant som du har slutat att betala för så är det bättre att du byter till gratisvarianten av ZoneAlarm så att du får eventuella fel i dess brandvägg rättade (alternativt en bättre brandvägg).

Avinstallera:

J2SE Runtime Environment 5.0 Update 10

J2SE Runtime Environment 5.0 Update 11

J2SE Runtime Environment 5.0 Update 8

Java 2 Runtime Environment, SE v1.4.2_03

Java 6 Update 2

Java 6 Update 3

Java 6 Update 4

Java 6 Update 5

Java 6 Update 7

Java SE Runtime Environment 6 Update 1

Alla är gamla versioner med säkerhetshål som innebär att datorn kan bli infekterad bara genom att besöka en illasinnad/hackad webbsida.

Det är nog bäst att kolla upp lite mer om där finns gamla versioner med säkerhetshål i datorn genom att låta Secunias Software Inspector kolla upp datorn. http://secunia.com/vulnerability_scanning/

Klistra in resultatet om du behöver hjälp med att åtgärda programmen.

Inställningarna i säkerhetscentret, angående Comodo, går att fixa så här:

Start - Kör

Skriv in

wbemtest

och tryck sedan på OK

När programmet kommer upp så gör du som i det här bildspelet med fem bilder:

http://img.photobucket.com/albums/v666/sUBs/Delete_AV_From_WMI.gif

Det vill säga:

Connect

root\SecurityCenter

Query

SELECT * FROM FirewallProduct

Apply

Markera Comodo

Delete

Starta om datorn

Är allt bra nu?

Link to comment
Share on other sites

Jag har gratisversionen av ZoneAlarm firewall.

Nästan alla Java-filer raderade(bara Java Update 17 kvar), se bild:

post-11750-1262434734,12_thumb.jpg

Har kollat upp säkerhetshål med den nedladdningsbara versionen, det var cirka fem hål, alla åtgärdade.

Kan inte fixa Comodo, se bild:

post-11750-1262435121,94_thumb.jpg

Allt har varit bra sedan inlägg #13!

Link to comment
Share on other sites

Bra att du fixat java och uppdaterat program! :)

Har du kvar något Symantec-program i datorn? Jag ser att Live Update från Symantec är installerat.

Du kanske inte har tillräckliga rättigheter när du kör wbemtest. Se om det går bättre om du startat det så här:

Start - Program - Tillbehör

högerklicka på Kommandotolken och välj Kör som administratör. Sedan skriver du wbemtest i Kommandotolken.

ZoneAlarm är registrerat som antispionprogram också. Se om du kan fixa det med wbemtest om du byter till:

SELECT * FROM AntiSpywareProduct

Men det är mindre kritiskt att det är felregistrerat för antispionprogram.

Det finns kanske annat skräp kvar efter Comodo också så gör det som står i slutet av första inlägget (rubriken For novice users...) på den här sidan:

http://forums.comodo.com/help-for-v3/full-removal-of-comodo-firewall-pro-3-with-safesurf-toolbar-if-regular-uninstall-method-fails-t17220.0.html

Link to comment
Share on other sites

Nu återstår bara en sista städomgång.

1. Ta bort samtliga systemåterställningspunkter eftersom dessa kan vara infekterade. Du gör det genom att stänga av systemåterställningsfunktionen, starta om datorn och så slå på funktionen igen. Skapa sedan en ny punkt.

Systemåterställningsfunktionen slår man av och på här:

XP: Högerklick på Den här datorn - Egenskaper - Systemåterställning

Vista: Högerklick på Datorn - Egenskaper - Avancerade systeminställningar - Systemskydd

Avbocka resp. sätt tillbaks bockar för alla hårddiskar (kom ihåg hur det såg ut innan)

2. Ta bort DDS-programmet och dess loggar.

3. Ta bort alla tillfälliga filer genom att spara ATF-Cleaner på Skrivbordet:

http://www.atribune.org/ccount/click.php?id=1

Stäng av alla andra program, särskilt webbläsare.

Dubbelklicka på ATF-Cleaner.exe för att starta programmet.

Bocka i Select All. Tryck på Empty Selected.

Om du använder Firefox: Tryck på Firefox och välj Select All. Tryck på Empty Selected. Om du vill ha kvar dina lösenord så tryck No vid frågan.

Om du använder Opera: Tryck på Opera och välj Select All. Tryck på Empty Selected. Om du vill ha kvar dina lösenord så tryck No vid frågan.

Tryck på Exit i Main-menyn för att stänga programmet.

Obs! Detta kommer att ta bort alla cookies, om du har cookies som du vill ha kvar så får du antingen spara undan dem innan eller låta bli att välja Select All och i stället markera allt annat.

4. Byt alla lösenord som du använder i datorn och på internet eftersom dessa kan ha kommit i orätta händer.

http://mnin.blogspot.com/2009/02/why-i-enjoyed-tiggersyzor.html beskriver ett skadligt program som spionerar genom att ta skärmbilder, logga tangentbordsnedtryckningar och läsa lösenord som är lagrade i webbläsare, epostprogram etc.

5. Förbättra skyddet i datorn, se mina Råd för en säkrare dator. http://ceblstockholm.googlepages.com/home

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...