Jump to content

Vita blanka hemsidor


bunkergubben
 Share

Recommended Posts

Hej,

vilken webbläsare pratar vi om här?

Har du rensat/fixat register i din dator med Advanced System Care?

Kan leda till underligheter.

Avinstallera det och kör en diskrensning, via Tillbehör\Systemverktyg\Diskrensning.

Prova sedan igen.

Mvh

Mats H

Link to comment
Share on other sites

Hej,

ett utmärkt och relativt snällt register och tempfils borttagande program är CCleaner.

Bra att Filstäda med efter dagens slut.

Registerstäda med efter avinstallationer.

http://www.piriform.com/

Så inga vita sidor efter systemåterställning?

Mvh

Mats H

Edited by Mats H
Link to comment
Share on other sites

Hej Mats.

Nu verkar allt funka. Har redan CCleaner så har kört den.

verkar dock som ASC och avast antivirus finns kvar på nått sätt. Kommer upp i listan i avinstalera program men dom går inte å ta bort.

Vilka program rekomenderar du utöver:

Window Security essenstialls

CCleaner.

Verkar som datorn går snabbare.

Tack så länge.

Johan

Link to comment
Share on other sites

Hej,

kör en DDS logg så får vi se vad som ev. döljs.

Klistra in loggen/resultatet från programmet DDS. Spara DDS på Skrivbordet.

http://download.bleepingcomputer.com/sUBs/dds.scr

Starta programmet genom att dubbelklicka på det.

Tryck Yes/Ja om frågan om Optional Scan dyker upp.

I ditt svar klistrar du in loggen DSS.txt. Medan du bifogar Attach.txt som en fil.

DDS är ett program som listar processer som kör, program och tjänster som startas automatiskt samt filer i sådana mappar som är vanliga att skadliga program och som är nya eller ändrade under senaste 1-3 månader. DDS är ett mycket vanligt program bland oss som hjälper till att rensa datorer. Resultatet ger oss en grundläggande kunskap om vad som händer och har hänt nyligen i datorn, och från det kan vi dra slutsatser om vad som är nästa lämpliga steg i rensningen av datorn.

Obs! När du klistrar in en logg eller ett resultat i ditt inlägg använd inga knappar eller taggar utan kopiera det i programmet (oftast Anteckningar) och klistra in det direkt i rutan du skriver i.

Mvh

Mats H

Link to comment
Share on other sites

Hej igen.

Ska försöka göra rätt. Här kommmer det.

DDS (Ver_10-12-12.02) - NTFSx86

Run by johan at 20:48:05,84 on 2011-01-05

Internet Explorer: 8.0.6001.18999

Microsoft® Windows Vista Home Basic 6.0.6002.2.1252.46.1053.18.1014.315 [GMT 1:00]

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

AV: avast! antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}

SP: avast! antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\System32\bcmwltry.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\sdclt.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\johan\Desktop\dds.scr

C:\Windows\system32\conime.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.se/

uWindow Title = Internet Explorer erhållet från Dell

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

dRunOnce: [DelayShred] "c:\program files\mcafee\mshr\shrcl.exe" /p7 /q c:\users\johan\appdata\local\temp\~dffb27.tmp c:\users\johan\appdata\local\temp\~dffb18.tmp c:\users\johan\appdata\local\temp\~dfee32.tmp c:\users\johan\appdata\local\temp\~dfee1c.tmp c:\users\johan\appdata\local\temp\low\hsperf~1.sh! c:\users\johan\appdata\local\temp\hsperf~1.sh! c:\users\johan\appdata\local\temp\~dff91f.tmp c:\users\johan\appdata\local\temp\~dff900.tmp c:\users\johan\appdata\local\temp\~df1a30.tmp c:\users\johan\appdata\local\temp\~df1a21.tmp c:\users\johan\appdata\local\temp\~df56ad.tmp c:\users\johan\appdata\local\temp\~df569e.tmp c:\users\johan\appdata\local\temp\~df4095.tmp c:\users\johan\appdata\local\temp\~DF3FE5.tmp

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

Trusted Zone: danskebank.se\hembanken

Trusted Zone: danskebank.se\www

Trusted Zone: google.se\www

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldsv-se.cab

Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-6-16 114768]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-6-16 20560]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2008-6-16 53328]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2008-8-12 138680]

R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-20 21504]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 54144]

R3 NisSrv;Microsoft - nätverkskontroll;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-11-11 206360]

S2 0219481231453564mcinstcleanup;McAfee Application Installer Cleanup (0219481231453564); [x]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Tjänsten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-14 136176]

S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2008-8-12 254040]

S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2008-8-12 352920]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2009-8-28 17408]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2011-01-05 19:37:46 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{30365cad-49d9-4c5b-a2e0-4eb261a7e5cc}\mpengine.dll

2010-12-28 15:39:40 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2010-12-27 21:23:23 439632 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{942162a4-ac3e-4346-b96f-108381667303}\gapaengine.dll

2010-12-27 21:10:04 -------- d-----w- c:\program files\Microsoft Security Client

2010-12-27 21:08:20 221568 ----a-w- c:\windows\system32\drivers\netio.sys

2010-12-27 21:00:11 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{e92ccc23-0672-4632-b94a-0c684c92abe0}\mpengine.dll

2010-12-27 20:17:12 -------- d-----w- C:\## aswSnx private storage

2010-12-26 08:41:38 -------- d-----w- c:\progra~2\Alwil Software

2010-12-16 06:18:55 2048 ----a-w- c:\windows\system32\tzres.dll

2010-12-16 06:18:16 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2010-12-07 20:55:17 -------- d-----w- c:\users\johan\appdata\local\BVRP Software

==================== Find3M ====================

2010-11-12 17:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll

2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec

2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-10-28 15:44:56 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-10-28 13:27:47 292352 ----a-w- c:\windows\system32\atmfd.dll

2010-10-19 20:51:33 222080 ------w- c:\windows\system32\MpSigStub.exe

2010-10-18 13:37:35 81920 ----a-w- c:\windows\system32\consent.exe

2010-10-18 13:31:24 2038272 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 20:50:11,90 ===============

Ja kanske vart rätt.

Johan

Attach.txt

Link to comment
Share on other sites

Hej,

bara att följa e-sons inlägg om Avast!

ASC hittar du antagligen som dold fil i Programmappen eller i ProgramData mappen, förhoppningsvis med en Uninstaller, kontrollera och återkom.

Mvh

Mats H

Link to comment
Share on other sites

Hej,

ytterligare så har du en massa tmp filer i ditt system,

dRunOnce: [DelayShred] "c:\program files\mcafee\mshr\shrcl.exe" /p7 /q c:\users\johan\appdata\local\temp\~dffb27.tmp c:\users\johan\appdata\local\temp\~dffb18.tmp c:\users\johan\appdata\local\temp\~dfee32.tmp c:\users\johan\appdata\local\temp\~dfee1c.tmp c:\users\johan\appdata\local\temp\low\hsperf~1.sh! c:\users\johan\appdata\local\temp\hsperf~1.sh! c:\users\johan\appdata\local\temp\~dff91f.tmp c:\users\johan\appdata\local\temp\~dff900.tmp c:\users\johan\appdata\local\temp\~df1a30.tmp c:\users\johan\appdata\local\temp\~df1a21.tmp c:\users\johan\appdata\local\temp\~df56ad.tmp c:\users\johan\appdata\local\temp\~df569e.tmp c:\users\johan\appdata\local\temp\~df4095.tmp c:\users\johan\appdata\local\temp\~DF3FE5.tmp

Prova att rensa bort dem med hjälp av Windows diskrensning, se Tillbehör, Systemverktyg - Diskrensning. Efter Diskrensning starta om datorn och kör en ny DDS, Attach.txt behövs inte mer.

Mvh

Mats H

Edited by Mats H
Link to comment
Share on other sites

Gokväll Mats.

Här kommer ny DDS:

DDS (Ver_10-12-12.02) - NTFSx86

Run by johan at 19:13:49,71 on 2011-01-06

Internet Explorer: 8.0.6001.18999

Microsoft® Windows Vista Home Basic 6.0.6002.2.1252.46.1053.18.1014.339 [GMT 1:00]

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

AV: avast! antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}

SP: avast! antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\System32\bcmwltry.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\taskeng.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\johan\Desktop\dds.scr

C:\Windows\system32\conime.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.se/

uWindow Title = Internet Explorer erhållet från Dell

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

dRunOnce: [DelayShred] "c:\program files\mcafee\mshr\shrcl.exe" /p7 /q c:\users\johan\appdata\local\temp\~dffb27.tmp c:\users\johan\appdata\local\temp\~dffb18.tmp c:\users\johan\appdata\local\temp\~dfee32.tmp c:\users\johan\appdata\local\temp\~dfee1c.tmp c:\users\johan\appdata\local\temp\low\hsperf~1.sh! c:\users\johan\appdata\local\temp\hsperf~1.sh! c:\users\johan\appdata\local\temp\~dff91f.tmp c:\users\johan\appdata\local\temp\~dff900.tmp c:\users\johan\appdata\local\temp\~df1a30.tmp c:\users\johan\appdata\local\temp\~df1a21.tmp c:\users\johan\appdata\local\temp\~df56ad.tmp c:\users\johan\appdata\local\temp\~df569e.tmp c:\users\johan\appdata\local\temp\~df4095.tmp c:\users\johan\appdata\local\temp\~DF3FE5.tmp

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

Trusted Zone: danskebank.se\hembanken

Trusted Zone: danskebank.se\www

Trusted Zone: google.se\www

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-6-16 114768]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-6-16 20560]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2008-6-16 53328]

R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-20 21504]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 54144]

R3 NisSrv;Microsoft - nätverkskontroll;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-11-11 206360]

S2 0219481231453564mcinstcleanup;McAfee Application Installer Cleanup (0219481231453564); [x]

S2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2008-8-12 138680]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Tjänsten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-14 136176]

S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2008-8-12 254040]

S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2008-8-12 352920]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2009-8-28 17408]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2011-01-06 17:34:31 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{79a29a70-5fa6-41c7-b15a-756811a01cf9}\mpengine.dll

2010-12-28 15:39:40 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2010-12-27 21:23:23 439632 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{942162a4-ac3e-4346-b96f-108381667303}\gapaengine.dll

2010-12-27 21:10:04 -------- d-----w- c:\program files\Microsoft Security Client

2010-12-27 21:08:20 221568 ----a-w- c:\windows\system32\drivers\netio.sys

2010-12-27 21:00:11 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{e92ccc23-0672-4632-b94a-0c684c92abe0}\mpengine.dll

2010-12-27 20:17:12 -------- d-----w- C:\## aswSnx private storage

2010-12-26 08:41:38 -------- d-----w- c:\progra~2\Alwil Software

2010-12-16 06:18:55 2048 ----a-w- c:\windows\system32\tzres.dll

2010-12-16 06:18:16 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2010-12-07 20:55:17 -------- d-----w- c:\users\johan\appdata\local\BVRP Software

==================== Find3M ====================

2010-11-12 17:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll

2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec

2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-10-28 15:44:56 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-10-28 13:27:47 292352 ----a-w- c:\windows\system32\atmfd.dll

2010-10-19 20:51:33 222080 ------w- c:\windows\system32\MpSigStub.exe

2010-10-18 13:37:35 81920 ----a-w- c:\windows\system32\consent.exe

2010-10-18 13:31:24 2038272 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 19:15:41,73 ===============

Diskrensade. Startade om. Autosweep funkar inte. Defender inaktiverad coh får inte igång den.

avast kommer fortfarande upp men funkar ej.

Felsäkert läge. Körde avastverktyget. Omstart fortfarande kvar.

Även provat CCcleaner avinstattalion. inget funkar.

är helt borta kan man säga

johan

Edited by bunkergubben
Link to comment
Share on other sites

Hej,

är denna DDS körd efter att du provat att ta bort Avast?

Om DDS är körd efteråt så behöver du inaktivera alla Avast tjänster, skriv msconfig i sökrutan, se sedan fliken Tjänster, markera ur dem där. Starta om datorn och kör städprogrammet.

Att Defender inte fungerar beror på att Microsoft Security Essentials stänger ned det, programkonflikter annars.

Återkom efter att du prövat detta.

Mvh

Mats H

Link to comment
Share on other sites

Hittar inget där som jag tror hör till Avast.

Försökte kopiera å lägga in här men kunde inte.

Nyss vart samma sidor vita igen och dom jag såg förut som inte svarade när jag tryckte på nått.

Har försökt med cccleaner. avast egen. microsoft också men ingen kan avistallera.

Provade å återställa till 20110103 ingen skillnad.

Väldigt tacksam är jag Mats.

johan

Link to comment
Share on other sites

hej Cecilia å Mats.

Har rensat rensat rensat å startat om flera ggr.

Hittar inte min återställning från 20101230 som gjorde att allt funka. verkar som den är bort. Finns bara kvar från 20110103 och den gör ingen skillnad. Hur som här kommer senaste:

DDS (Ver_10-12-12.02) - NTFSx86

Run by johan at 16:53:17,70 on 2011-01-07

Internet Explorer: 8.0.6001.18999

Microsoft® Windows Vista Home Basic 6.0.6002.2.1252.46.1053.18.1014.389 [GMT 1:00]

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\System32\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\johan\Desktop\dds.scr

C:\Windows\system32\conime.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.se/

uWindow Title = Internet Explorer erhållet från Dell

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

uRun: [MsnMsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

dRunOnce: [DelayShred] "c:\program files\mcafee\mshr\shrcl.exe" /p7 /q c:\users\johan\appdata\local\temp\~dffb27.tmp c:\users\johan\appdata\local\temp\~dffb18.tmp c:\users\johan\appdata\local\temp\~dfee32.tmp c:\users\johan\appdata\local\temp\~dfee1c.tmp c:\users\johan\appdata\local\temp\low\hsperf~1.sh! c:\users\johan\appdata\local\temp\hsperf~1.sh! c:\users\johan\appdata\local\temp\~dff91f.tmp c:\users\johan\appdata\local\temp\~dff900.tmp c:\users\johan\appdata\local\temp\~df1a30.tmp c:\users\johan\appdata\local\temp\~df1a21.tmp c:\users\johan\appdata\local\temp\~df56ad.tmp c:\users\johan\appdata\local\temp\~df569e.tmp c:\users\johan\appdata\local\temp\~df4095.tmp c:\users\johan\appdata\local\temp\~DF3FE5.tmp

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

Trusted Zone: danskebank.se\hembanken

Trusted Zone: danskebank.se\www

Trusted Zone: google.se\www

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldsv-se.cab

Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165264]

R3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-9-20 21504]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 54144]

R3 NisSrv;Microsoft - nätverkskontroll;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-11-11 206360]

S2 0219481231453564mcinstcleanup;McAfee Application Installer Cleanup (0219481231453564); [x]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Tjänsten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-10-14 136176]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2009-8-28 17408]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2011-01-07 15:42:28 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{db2bea08-2068-4305-b8f6-786225477633}\mpengine.dll

2010-12-28 15:39:40 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2010-12-27 21:23:23 439632 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{942162a4-ac3e-4346-b96f-108381667303}\gapaengine.dll

2010-12-27 21:10:04 -------- d-----w- c:\program files\Microsoft Security Client

2010-12-27 21:08:20 221568 ----a-w- c:\windows\system32\drivers\netio.sys

2010-12-27 21:00:11 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{e92ccc23-0672-4632-b94a-0c684c92abe0}\mpengine.dll

2010-12-26 08:41:38 -------- d-----w- c:\progra~2\Alwil Software

2010-12-16 06:18:55 2048 ----a-w- c:\windows\system32\tzres.dll

2010-12-16 06:18:16 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

==================== Find3M ====================

2010-11-12 17:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-04 18:56:07 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-04 18:55:38 352768 ----a-w- c:\windows\system32\taskschd.dll

2010-11-04 18:55:38 270336 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-04 18:55:12 601600 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-04 16:34:06 171520 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 06:01:54 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-02 05:57:41 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-02 05:57:27 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2010-11-02 05:57:11 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-11-02 05:57:11 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-11-02 05:01:31 385024 ----a-w- c:\windows\system32\html.iec

2010-11-02 04:26:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-11-02 04:24:44 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-10-28 15:44:56 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-10-28 13:27:47 292352 ----a-w- c:\windows\system32\atmfd.dll

2010-10-19 20:51:33 222080 ------w- c:\windows\system32\MpSigStub.exe

2010-10-18 13:37:35 81920 ----a-w- c:\windows\system32\consent.exe

2010-10-18 13:31:24 2038272 ----a-w- c:\windows\system32\win32k.sys

============= FINISH: 16:55:25,75 ===============

Måste man leva med varningen från autosweep vid uppstart??

Trött men väldigt tacksam, Johan

Edited by bunkergubben
Link to comment
Share on other sites

Hej,

beklagar den sena återkopplingen.

Men vad menar du med Autosweep?

Skriv msconfig i sökrutan, tryck Enter, se sedan Fliken tjänster o prova att hitta Deley Shred, om den är synlig där avmarkera den så att den inte ska starta mer.

Tryck Ok och Verkställ. Starta sedan om datorn.

Mvh

Mats H

Link to comment
Share on other sites

Hej,

testa att rensa upp Avast med CCleaner Verktyg\Avinstallation, sedan Registerstädning och avsluta med Filstädning.

Spara ändringar från Registerstäd.

Här en länk om systemåterställning i Vista.

http://windows.microsoft.com/sv-SE/windows-vista/System-Restore-frequently-asked-questions

Hoppas att detta hjälper.

Ang. Autosweep, Advanced System Care? http://www.runscanner.net/lib/autosweep.exe.html

Kontrollera här:

Kontrollpanelen - Administrationsverktyg - Schemaläggaren

Mvh

Mats H

Edited by Mats H
Link to comment
Share on other sites

  • 2 weeks later...

Hej Mats å Cecilia.

Tack för all hjälp. Blev så att de va nog dags för ominstallation.

Provade alla tips + en del andra men inget hjälpte. Verkade funka med andra

webläsare så jag städade ur allt och om.............

Har nu fått igång allt utom instälningarna till touchpaden vilket kommer.

Tack igen för all tid.

mvh

Johan

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...