Just nu i M3-nätverket
Jump to content

Möjligt virus


nataliej

Recommended Posts

Har dom senaste dagarna märkt att mitt internet har varit väldigt segt. Jag har därför funderat på om jag har fått något virus som kan vara orsak till detta, och skulle behöva lite hjälp med att kolla det.

 

Har kört en skanning med DDS, bifogar resultaten här.

 

[log]

DDS (Ver_09-12-01.01) - NTFSx86

Run by Natalie at 18:45:39.18 on 2010-02-27

Internet Explorer: 7.0.5730.11

Microsoft Windows XP Home Edition 5.1.2600.2.1252.46.1053.18.1535.759 [GMT 1:00]

 

AV: avast! antivirus 4.8.1368 [VPS 100227-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

 

============== Running Processes ===============

 

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

svchost.exe

C:\Program\Alwil Software\Avast4\aswUpdSv.exe

C:\Program\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Comodo\Firewall\cmdagent.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\System32\svchost.exe -k imgsvc

C:\Program\Canon\CAL\CALMAIN.exe

C:\Program\Alwil Software\Avast4\ashMaiSv.exe

C:\Program\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Apps\Powercinema\PCMService.exe

C:\WINDOWS\vsnpstd.exe

C:\Program\ekort\ekort.exe

C:\Program\Logitech\MouseWare\system\em_exec.exe

C:\Program\Comodo\Firewall\CPF.exe

C:\WINDOWS\system32\OBroker.exe

C:\Program\ScanSoft\PaperPort\pptd40nt.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\Delade filer\Java\Java Update\jusched.exe

C:\Program\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program\Windows Live\Messenger\msnmsgr.exe

C:\Program\Windows Live\Contacts\wlcomm.exe

C:\Program\Spotify\spotify.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Windows Live\Toolbar\wltuser.exe

C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

C:\Documents and Settings\Natalie\Skrivbord\dds.scr

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.eniro.se/

uWindow Title = Packard Bell

uSearch Bar = hxxp://format.packardbell.com/cgi-bin/redirect/?country=SW&range=AD&phase=6&key=SEARCH

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program\yahoo!\companion\installs\cpn\yt.dll

BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program\delade filer\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: EKortBrowserHelper Class: {1c900459-deef-4aa9-b260-1ef0f0c70a8d} - c:\program\ekort\Bhoekort.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program\microsoft\search enhancement pack\search helper\SearchHelper.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - c:\program\ekort\EKortHelper.dll

BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - c:\program\idm\quickfind\plugins\IEHelp.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program\java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program\windows live\toolbar\wltcore.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program\yahoo!\companion\installs\cpn\yt.dll

TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - c:\program\ekort\EKortToolbar.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program\windows live\toolbar\wltcore.dll

TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File

TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File

TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File

TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [ivacy Monitor]

uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.winzell.se/clown/addition.html"

mRun: [soundMan] SOUNDMAN.EXE

mRun: [QuickTime Task] "c:\program\quicktime\qttask.exe" -atboottime

mRun: [PCMService] "c:\apps\powercinema\PCMService.exe"

mRun: [snpstd] c:\windows\vsnpstd.exe

mRun: [Logitech Utility] Logi_MwX.Exe

mRun: [e-kort] c:\program\ekort\ekort.exe /dontopenmycards /Autostart

mRun: [COMODO Firewall Pro] "c:\program\comodo\firewall\CPF.exe" /background

mRun: [sSBkgdUpdate] "c:\program\delade filer\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot

mRun: [PaperPort PTD] c:\program\scansoft\paperport\pptd40nt.exe

mRun: [indexSearch] c:\program\scansoft\paperport\IndexSearch.exe

mRun: [setDefPrt] c:\program\brother\brmfl05a\BrStDvPt.exe

mRun: [ControlCenter2.0] c:\program\brother\controlcenter2\brctrcen.exe /autorun

mRun: [TkBellExe] "c:\program\delade filer\real\update_ob\realsched.exe" -osboot

mRun: [sunJavaUpdateSched] "c:\program\delade filer\java\java update\jusched.exe"

mRun: [startCCC] "c:\program\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [avast!] c:\program\alwils~1\avast4\ashDisp.exe

mRun: [Adobe Reader Speed Launcher] "c:\program\adobe\reader 9.0\reader\Reader_sl.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\bankid~1.lnk - c:\program\personal\bin\Personal.exe

StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\status~1.lnk - c:\program\brother\brmfcmon\BrMfcWnd.exe

uPolicies-system: DisableRegedit = 0 (0x0)

uPolicies-system: HideClock = 0 (0x0)

IE: E&xportera till Microsoft Excel - c:\program\micros~3\office11\EXCEL.EXE/3000

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program\windows live\writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\program\micros~3\office11\REFIEBAR.DLL

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/MyFunCardsInitialSetup1.0.1.1.cab

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} - hxxps://213.180.94.106/podb/elev/arview2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - hxxp://62.181.87.189/activex/AxisCamControl.cab

DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - hxxp://f007.mail.spray.se/app/uploader/FileUploader.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://88.32.121.186/activex/AMC.cab

TCP: {6D944ED8-D92C-468D-876D-82626658AA8B} = 195.67.199.12,195.67.199.13

Handler: x-owacid - {0215258f-f0a8-49de-bf1b-0ff02eda8807} - c:\program\microsoft\outlook web access smime client\mimectl.dll

Notify: !SASWinLogon - c:\program\superantispyware\SASWINLO.DLL

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program\superantispyware\SASSEH.DLL

 

============= SERVICES / DRIVERS ===============

 

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-2-1 114768]

R1 SASKUTIL;SASKUTIL;c:\program\superantispyware\SASKUTIL.SYS [2007-2-27 74480]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-2-1 20560]

R2 avast! Antivirus;avast! Antivirus;c:\program\alwil software\avast4\ashServ.exe [2009-2-1 138680]

R2 CmdAgent;Comodo Application Agent;c:\program\comodo\firewall\cmdagent.exe [2007-11-20 361040]

R3 avast! Mail Scanner;avast! Mail Scanner;c:\program\alwil software\avast4\ashMaiSv.exe [2009-2-1 254040]

R3 avast! Web Scanner;avast! Web Scanner;c:\program\alwil software\avast4\ashWebSv.exe [2009-2-1 352920]

R3 SASENUM;SASENUM;c:\program\superantispyware\SASENUM.SYS [2006-2-16 4096]

S1 SASDIFSV;SASDIFSV;c:\program\superantispyware\SASDIFSV.SYS [2006-10-10 9968]

S3 lgmcbus;LGE Mobile driver (WDM);c:\windows\system32\drivers\lgmcbus.sys [2008-7-9 83584]

S3 lgmcmdfl;LGE Mobile USB WMC Modem Filter;c:\windows\system32\drivers\lgmcmdfl.sys [2008-7-9 14976]

S3 lgmcmdm;LGE Mobile USB WMC Modem Driver;c:\windows\system32\drivers\lgmcmdm.sys [2008-7-9 110464]

S3 Tdsshbecr;Handelsbanken card reader;c:\windows\system32\drivers\shbecr.sys [2010-2-22 42368]

 

=============== Created Last 30 ================

 

2010-02-26 13:31:04 0 d-----w- c:\docume~1\alluse~1\applic~1\Birdstep Technology

2010-02-26 13:29:27 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys

2010-02-26 13:29:27 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys

2010-02-26 13:29:27 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys

2010-02-26 13:29:27 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys

2010-02-26 13:28:58 70671 ----a-w- c:\windows\Huawei ModemsUninstall.exe

2010-02-26 13:28:58 0 d-----w- c:\program\Huawei Modems

2010-02-22 11:47:20 42368 ----a-w- c:\windows\system32\drivers\shbecr.sys

2010-02-22 11:47:11 0 d-----w- c:\program\Handelsbankens kortläsare

2010-02-02 13:06:02 62976 ----a-w- c:\windows\system32\DIRECTX.CPL

2010-02-02 13:05:47 11 ----a-w- c:\windows\egypte.ini

2010-02-02 12:33:32 301568 ----a-w- c:\windows\unin041d.exe

 

==================== Find3M ====================

 

2010-02-26 18:47:02 14942208 ----a-w- c:\documents and settings\natalie\ntuser.dat

2010-01-04 18:15:24 21840 ----atw- c:\windows\system32\SIntfNT.dll

2010-01-04 18:15:24 17212 ----atw- c:\windows\system32\SIntf32.dll

2010-01-04 18:15:24 12067 ----atw- c:\windows\system32\SIntf16.dll

2009-12-17 16:14:00 411368 ----a-w- c:\windows\system32\deploytk.dll

2009-10-16 21:48:09 3241658 ----a-w- c:\program\Spotify.dmg

2001-03-28 11:02:58 122880 -c--a-w- c:\windows\inf\agfa\message.exe

2005-01-29 06:54:52 56 -csh--r- c:\windows\system32\E616F0D16A.sys

2005-01-29 06:54:52 1682 -csha-w- c:\windows\system32\KGyGaAvL.sys

2008-12-03 23:34:00 32768 --sha-w- c:\windows\temp\history\history.ie5\index.dat

 

============= FINISH: 18:46:11.46 ===============

[/log]

Attach.txt

Link to comment
Share on other sites

Har Avast eller SUPERAntiSpyware hittat något?

Är antivirusdelen av Comodo avstängd?

 

Blev internet-anslutningen seg i samband med installationen av Huaweis modem?

 

Där finns en skadlig ActiveX-komponent. Du kan ta bort den så här:

Kontrollpanelen - Internet-alternativ - Program - Hantera tillägg

Högerklicka på kolumnrubriken Namn och sätt en bock framför Klass-ID.

Leta reda på raden med denna Klass-ID:

1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB

Det kan tänkas att du behöver välja något annat i rullgardinsmenyn ovanför tabellen.

Klicka på raden så att den blir markerad och tryck på knappen Ta bort.

 

På sidan http://www.virustotal.com trycker du på Bläddra-knappen och klistrar in ett av följande filnamn i rutan, tryck på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in resultatet från de olika antivirusprogrammen (inte Övrig information) eller en länk till resultatet här. Upprepa med nästa filnamn.

c:\windows\unin041d.exe

c:\windows\inf\agfa\message.exe

Link to comment
Share on other sites

Avast hittade ingenting, och det enda SUPERAntiSpyware hittade var några tracking cookies.

När det gäller Comodos antivirusdel så vet jag inte, kan inte hitta någon sådan.

Internet var segt innan jag installerade modemet, så det är inte problemet.

 

Jag kan inte hitta ActiveX-komponenten i listan, har provat och valt olika visningsalternativ i rullgardinsmenyn, men hittar den ändå inte.

 

Här är resultaten från VirusTotal:

 

http://www.virustotal.com/sv/analisis/50059027b9543fa37169c4203cdbe0b56c1cd62e92362a57780e1bdad17352d1-1252835927

 

http://www.virustotal.com/sv/analisis/21e49f43cfb8443df5a0535d7b36038420f4597805638f3905266a81f80b06dc-1261413380

Link to comment
Share on other sites

Då får du ta bort ActiveX-komponenten med hjälp av HijackThis. Ladda ner från en av länkarna:

http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

Installera, starta och välj "Do a system scan and save a logfile", kopiera loggen som kommer upp (inget annat) och klistra in i ditt svar.

Link to comment
Share on other sites

HijackThis:

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 13:44:44, on 2010-02-28

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program\Alwil Software\Avast4\aswUpdSv.exe

C:\Program\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Comodo\Firewall\cmdagent.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Canon\CAL\CALMAIN.exe

C:\Program\Alwil Software\Avast4\ashMaiSv.exe

C:\Program\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Apps\Powercinema\PCMService.exe

C:\WINDOWS\vsnpstd.exe

C:\Program\ekort\ekort.exe

C:\Program\Logitech\MouseWare\system\em_exec.exe

C:\Program\Comodo\Firewall\CPF.exe

C:\WINDOWS\system32\OBroker.exe

C:\Program\ScanSoft\PaperPort\pptd40nt.exe

C:\Program\Delade filer\Java\Java Update\jusched.exe

C:\Program\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program\Windows Live\Messenger\msnmsgr.exe

C:\Program\Windows Live\Contacts\wlcomm.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\Windows Media Player\wmplayer.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Windows Live\Toolbar\wltuser.exe

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=SW&range=AD&phase=6&key=SEARCH

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eniro.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: e-kort Browser Helper Object - {1C900459-DEEF-4aa9-B260-1EF0F0C70A8D} - C:\Program\ekort\Bhoekort.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: e-kort Helper Class - {9065E913-4F23-4B47-9B5D-B055D32DB1F3} - C:\Program\ekort\EKortHelper.dll

O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program\IDM\QUICKfind\PlugIns\IEHelp.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O3 - Toolbar: e-kort Toolbar - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program\ekort\EKortToolbar.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"

O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [e-kort] C:\Program\ekort\ekort.exe /dontopenmycards /Autostart

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program\Comodo\Firewall\CPF.exe" /background

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] C:\Program\ScanSoft\PaperPort\pptd40nt.exe

O4 - HKLM\..\Run: [indexSearch] C:\Program\ScanSoft\PaperPort\IndexSearch.exe

O4 - HKLM\..\Run: [setDefPrt] C:\Program\Brother\Brmfl05a\BrStDvPt.exe

O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program\Brother\ControlCenter2\brctrcen.exe /autorun

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Delade filer\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.winzell.se/clown/addition.html"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe

O4 - Global Startup: Status Monitor.lnk = C:\Program\Brother\Brmfcmon\BrMfcWnd.exe

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (file missing)

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\sw.htm

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/MyFunCardsInitialSetup1.0.1.1.cab

O16 - DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} (ActiveReports Viewer2) - https://213.180.94.106/podb/elev/arview2.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.181.87.189/activex/AxisCamControl.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f007.mail.spray.se/app/uploader/FileUploader.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://88.32.121.186/activex/AMC.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{6D944ED8-D92C-468D-876D-82626658AA8B}: NameServer = 195.67.199.12,195.67.199.13

O18 - Protocol: x-owacid - {0215258F-F0A8-49DE-BF1B-0FF02EDA8807} - C:\Program\Microsoft\Outlook Web Access SMIME Client\mimectl.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program\Canon\CAL\CALMAIN.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program\Comodo\Firewall\cmdagent.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program\Delade filer\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program\Delade filer\SolidWorks Shared\Service\SolidWorksLicensing.exe

O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program\Delade filer\SupportSoft\bin\ssrc.exe

 

--

End of file - 11172 bytes

[/log]

Link to comment
Share on other sites

Inga virus i processlistan iaf, däremot har du en del tillägg för Internet Explorer. Testa kör Internet Explorer utan några tillägg aktiverade:

För Vista/Windows 7 borde du ha en genväg för det endamålet under Start -> Alla Program -> Tillbehör -> Systemverktyg -> Internet Explorer (inga tillägg).

 

Alternativt klickar du på Start-knappen och skriver iexplore -extoff, det startar Internet Explorer utan tillägg.

 

Förresten, Avast Antivirus 5 har ganska nyligen släppts ;)

Link to comment
Share on other sites

HijackThis:

 

Skanna med HijackThis och bocka för:

 

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/MyFunCardsInitialSetup1.0.1.1.cab

 

Avsluta alla andra program.

Tryck Fix checked.

 

Starta om datorn och så en ny HijackThis-logg.

 

Samt att du förstås ska installera den nya versionen av Avast för att få ett bättre skydd.

Link to comment
Share on other sites

Okej, här kommer den nya loggen från HijackThis:

 

[log]Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 14:43:53, on 2010-03-02

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program\Alwil Software\Avast4\aswUpdSv.exe

C:\Program\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\brss01a.exe

C:\Program\Bonjour\mDNSResponder.exe

C:\Program\Comodo\Firewall\cmdagent.exe

C:\Program\Java\jre6\bin\jqs.exe

C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Canon\CAL\CALMAIN.exe

C:\Program\Alwil Software\Avast4\ashMaiSv.exe

C:\Program\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SOUNDMAN.EXE

C:\Program\QuickTime\qttask.exe

C:\Apps\Powercinema\PCMService.exe

C:\WINDOWS\vsnpstd.exe

C:\Program\ekort\ekort.exe

C:\Program\Logitech\MouseWare\system\em_exec.exe

C:\Program\Comodo\Firewall\CPF.exe

C:\WINDOWS\system32\OBroker.exe

C:\Program\ScanSoft\PaperPort\pptd40nt.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\Delade filer\Java\Java Update\jusched.exe

C:\Program\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program\ALWILS~1\Avast4\ashDisp.exe

C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Personal\bin\Personal.exe

C:\Program\ATI Technologies\ATI.ACE\Core-Static\ccc.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Windows Live\Toolbar\wltuser.exe

C:\Program\Alwil Software\Avast4\setup\avast.setup

C:\Program\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=SW&range=AD&phase=6&key=SEARCH

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eniro.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157'>http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: e-kort Browser Helper Object - {1C900459-DEEF-4aa9-B260-1EF0F0C70A8D} - C:\Program\ekort\Bhoekort.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: e-kort Helper Class - {9065E913-4F23-4B47-9B5D-B055D32DB1F3} - C:\Program\ekort\EKortHelper.dll

O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program\IDM\QUICKfind\PlugIns\IEHelp.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)

O3 - Toolbar: e-kort Toolbar - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program\ekort\EKortToolbar.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"

O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [e-kort] C:\Program\ekort\ekort.exe /dontopenmycards /Autostart

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program\Comodo\Firewall\CPF.exe" /background

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program\Delade filer\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] C:\Program\ScanSoft\PaperPort\pptd40nt.exe

O4 - HKLM\..\Run: [indexSearch] C:\Program\ScanSoft\PaperPort\IndexSearch.exe

O4 - HKLM\..\Run: [setDefPrt] C:\Program\Brother\Brmfl05a\BrStDvPt.exe

O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program\Brother\ControlCenter2\brctrcen.exe /autorun

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Delade filer\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [avast!] C:\Program\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.winzell.se/clown/addition.html"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe

O4 - Global Startup: Status Monitor.lnk = C:\Program\Brother\Brmfcmon\BrMfcWnd.exe

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (file missing)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe (file missing)

O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\sw.htm

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE} (ActiveReports Viewer2) - https://213.180.94.106/podb/elev/arview2.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://62.181.87.189/activex/AxisCamControl.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab

O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f007.mail.spray.se/app/uploader/FileUploader.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://88.32.121.186/activex/AMC.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{6D944ED8-D92C-468D-876D-82626658AA8B}: NameServer = 195.67.199.12,195.67.199.13

O18 - Protocol: x-owacid - {0215258F-F0A8-49DE-BF1B-0FF02EDA8807} - C:\Program\Microsoft\Outlook Web Access SMIME Client\mimectl.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program\Bonjour\mDNSResponder.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program\Canon\CAL\CALMAIN.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program\Comodo\Firewall\cmdagent.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe

O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program\Delade filer\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program\Delade filer\SolidWorks Shared\Service\SolidWorksLicensing.exe

O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program\Delade filer\SupportSoft\bin\ssrc.exe

 

--

End of file - 11120 bytes

[/log]

 

Ska också installera en nyare version av Avast.

 

Har testat att köra Explorer utan några tillägg, men det gjorde ingen skillnad.

Link to comment
Share on other sites

Vad får du för resultat på http://www.bredbandskollen.se/ både hastighet och svarstid är intressant?

Vad är det för hastighet du betalar för?

 

Har du kontroll på vad som är godkänt i Comodos brandvägg?

Gjorde du några förändringar i den i samband med att segheten uppstod?

 

Skanna datorn online på http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html

Om något hittas så spara loggen och klistra in i ditt svar. Det tar normalt några timmar, men tiden beror på hur mycket filer du har.

Link to comment
Share on other sites

Nu funkar allt normalt igen, verkar bara ha vart något tillfälligt problem. Men tack i alla fall för all hjälp!

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...